From 0b02f6593b4d686160b7c6504755160a9dda0c11 Mon Sep 17 00:00:00 2001 From: Maxime Guyot Date: Tue, 16 Apr 2019 14:35:05 +0200 Subject: [PATCH] Split .gitlab-ci.yml into several files (#4519) --- .gitlab-ci.yml | 628 +---------------------------------- .gitlab-ci/digital-ocean.yml | 16 + .gitlab-ci/gce.yml | 440 ++++++++++++++++++++++++ .gitlab-ci/lint.yml | 33 ++ .gitlab-ci/terraform.yml | 129 +++++++ 5 files changed, 625 insertions(+), 621 deletions(-) create mode 100644 .gitlab-ci/digital-ocean.yml create mode 100644 .gitlab-ci/gce.yml create mode 100644 .gitlab-ci/lint.yml create mode 100644 .gitlab-ci/terraform.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 07ccec349..7616aebb9 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -52,29 +52,6 @@ before_script: <<: *job <<: *docker_service -.gce_variables: &gce_variables - GCE_USER: travis - SSH_USER: $GCE_USER - CLOUD_MACHINE_TYPE: "g1-small" - CI_PLATFORM: "gce" - PRIVATE_KEY: $GCE_PRIVATE_KEY - -.do_variables: &do_variables - PRIVATE_KEY: $DO_PRIVATE_KEY - CI_PLATFORM: "do" - SSH_USER: root - -.ovh_variables: &ovh_variables - OS_AUTH_URL: https://auth.cloud.ovh.net/v3 - OS_PROJECT_ID: 8d3cd5d737d74227ace462dee0b903fe - OS_PROJECT_NAME: "9361447987648822" - OS_USER_DOMAIN_NAME: Default - OS_PROJECT_DOMAIN_ID: default - OS_USERNAME: 8XuhBMfkKVrk - OS_REGION_NAME: UK1 - OS_INTERFACE: public - OS_IDENTITY_API_VERSION: "3" - .testcases: &testcases <<: *job <<: *docker_service @@ -231,453 +208,10 @@ before_script: after_script: - cd tests && make delete-${CI_PLATFORM} -s ; cd - -.gce: &gce - <<: *testcases - -.do: &do - <<: *testcases - -# Test matrix. Leave the comments for markup scripts. -.coreos_calico_aio_variables: &coreos_calico_aio_variables - # stage: deploy-part1 - MOVED_TO_GROUP_VARS: "true" - -.ubuntu18_flannel_aio_variables: &ubuntu18_flannel_aio_variables - # stage: deploy-part1 - MOVED_TO_GROUP_VARS: "true" - -.centos_weave_kubeadm_variables: ¢os_weave_kubeadm_variables - # stage: deploy-part1 - UPGRADE_TEST: "graceful" - -.ubuntu_canal_kubeadm_variables: &ubuntu_canal_kubeadm_variables - # stage: deploy-part1 - MOVED_TO_GROUP_VARS: "true" - -.ubuntu_canal_ha_variables: &ubuntu_canal_ha_variables - # stage: deploy-special - MOVED_TO_GROUP_VARS: "true" - -.ubuntu_contiv_sep_variables: &ubuntu_contiv_sep_variables - # stage: deploy-special - MOVED_TO_GROUP_VARS: "true" - -.coreos_cilium_variables: &coreos_cilium_variables - # stage: deploy-special - MOVED_TO_GROUP_VARS: "true" - -.ubuntu_cilium_sep_variables: &ubuntu_cilium_sep_variables - # stage: deploy-special - MOVED_TO_GROUP_VARS: "true" - -.rhel7_weave_variables: &rhel7_weave_variables - # stage: deploy-part1 - MOVED_TO_GROUP_VARS: "true" - -.centos7_flannel_addons_variables: ¢os7_flannel_addons_variables - # stage: deploy-part2 - MOVED_TO_GROUP_VARS: "true" - -.debian9_calico_variables: &debian9_calico_variables - # stage: deploy-part2 - MOVED_TO_GROUP_VARS: "true" - -.coreos_canal_variables: &coreos_canal_variables - # stage: deploy-part2 - MOVED_TO_GROUP_VARS: "true" - -.rhel7_canal_sep_variables: &rhel7_canal_sep_variables - # stage: deploy-special - MOVED_TO_GROUP_VARS: "true" - -.ubuntu_weave_sep_variables: &ubuntu_weave_sep_variables - # stage: deploy-special - MOVED_TO_GROUP_VARS: "true" - -.centos7_calico_ha_variables: ¢os7_calico_ha_variables - # stage: deploy-special - MOVED_TO_GROUP_VARS: "true" - -.centos7_kube_router_variables: ¢os7_kube_router_variables - # stage: deploy-special - MOVED_TO_GROUP_VARS: "true" - -.centos7_multus_calico_variables: ¢os7_multus_calico_variables - # stage: deploy-part2 - UPGRADE_TEST: "graceful" - -.coreos_alpha_weave_ha_variables: &coreos_alpha_weave_ha_variables - # stage: deploy-special - MOVED_TO_GROUP_VARS: "true" - -.coreos_kube_router_variables: &coreos_kube_router_variables - # stage: deploy-special - MOVED_TO_GROUP_VARS: "true" - -.ubuntu_rkt_sep_variables: &ubuntu_rkt_sep_variables - # stage: deploy-part1 - MOVED_TO_GROUP_VARS: "true" - -.ubuntu_flannel_variables: &ubuntu_flannel_variables - # stage: deploy-part2 - MOVED_TO_GROUP_VARS: "true" - -.ubuntu_kube_router_variables: &ubuntu_kube_router_variables - # stage: deploy-special - MOVED_TO_GROUP_VARS: "true" - -.opensuse_canal_variables: &opensuse_canal_variables - # stage: deploy-part2 - MOVED_TO_GROUP_VARS: "true" - - -# Builds for PRs only (premoderated by unit-tests step) and triggers (auto) -### PR JOBS PART1 - -gce_ubuntu18-flannel-aio: - stage: deploy-part1 - <<: *gce - variables: - <<: *gce_variables - <<: *ubuntu18_flannel_aio_variables - when: on_success - except: ['triggers'] - only: [/^pr-.*$/] - -### PR JOBS PART2 - -gce_coreos-calico-aio: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *coreos_calico_aio_variables - when: on_success - except: ['triggers'] - only: [/^pr-.*$/] - -gce_centos7-flannel-addons: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *centos7_flannel_addons_variables - when: on_success - except: ['triggers'] - only: [/^pr-.*$/] - -### MANUAL JOBS - -gce_centos-weave-kubeadm-sep: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *centos_weave_kubeadm_variables - when: on_success - only: ['triggers'] - -gce_ubuntu-weave-sep: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *ubuntu_weave_sep_variables - when: manual - only: ['triggers'] - -gce_coreos-calico-sep-triggers: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *coreos_calico_aio_variables - when: on_success - only: ['triggers'] - -gce_ubuntu-canal-ha-triggers: - stage: deploy-special - <<: *gce - variables: - <<: *gce_variables - <<: *ubuntu_canal_ha_variables - when: on_success - only: ['triggers'] - -gce_centos7-flannel-addons-triggers: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *centos7_flannel_addons_variables - when: on_success - only: ['triggers'] - -gce_ubuntu-weave-sep-triggers: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *ubuntu_weave_sep_variables - when: on_success - only: ['triggers'] - -# More builds for PRs/merges (manual) and triggers (auto) -do_ubuntu-canal-ha: - stage: deploy-part2 - <<: *do - variables: - <<: *do_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_ubuntu-canal-ha: - stage: deploy-special - <<: *gce - variables: - <<: *gce_variables - <<: *ubuntu_canal_ha_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_ubuntu-canal-kubeadm: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *ubuntu_canal_kubeadm_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_ubuntu-canal-kubeadm-triggers: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *ubuntu_canal_kubeadm_variables - when: on_success - only: ['triggers'] - -gce_ubuntu-flannel-ha: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *ubuntu_flannel_variables - when: manual - except: ['triggers'] - -gce_centos-weave-kubeadm-triggers: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *centos_weave_kubeadm_variables - when: on_success - only: ['triggers'] - -gce_ubuntu-contiv-sep: - stage: deploy-special - <<: *gce - variables: - <<: *gce_variables - <<: *ubuntu_contiv_sep_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_coreos-cilium: - stage: deploy-special - <<: *gce - variables: - <<: *gce_variables - <<: *coreos_cilium_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_ubuntu-cilium-sep: - stage: deploy-special - <<: *gce - variables: - <<: *gce_variables - <<: *ubuntu_cilium_sep_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_rhel7-weave: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *rhel7_weave_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_rhel7-weave-triggers: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *rhel7_weave_variables - when: on_success - only: ['triggers'] - -gce_debian9-calico-upgrade: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *debian9_calico_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_debian9-calico-triggers: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *debian9_calico_variables - when: on_success - only: ['triggers'] - -gce_coreos-canal: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *coreos_canal_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_coreos-canal-triggers: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *coreos_canal_variables - when: on_success - only: ['triggers'] - -gce_rhel7-canal-sep: - stage: deploy-special - <<: *gce - variables: - <<: *gce_variables - <<: *rhel7_canal_sep_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_rhel7-canal-sep-triggers: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *rhel7_canal_sep_variables - when: on_success - only: ['triggers'] - -gce_centos7-calico-ha: - stage: deploy-special - <<: *gce - variables: - <<: *gce_variables - <<: *centos7_calico_ha_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_centos7-calico-ha-triggers: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *centos7_calico_ha_variables - when: on_success - only: ['triggers'] - -gce_centos7-kube-router: - stage: deploy-special - <<: *gce - variables: - <<: *gce_variables - <<: *centos7_kube_router_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_centos7-multus-calico: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *centos7_multus_calico_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_opensuse-canal: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *opensuse_canal_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -# no triggers yet https://github.com/kubernetes-incubator/kargo/issues/613 -gce_coreos-alpha-weave-ha: - stage: deploy-special - <<: *gce - variables: - <<: *gce_variables - <<: *coreos_alpha_weave_ha_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_coreos-kube-router: - stage: deploy-special - <<: *gce - variables: - <<: *gce_variables - <<: *coreos_kube_router_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_ubuntu-rkt-sep: - stage: deploy-part2 - <<: *gce - variables: - <<: *gce_variables - <<: *ubuntu_rkt_sep_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - -gce_ubuntu-kube-router-sep: - stage: deploy-special - <<: *gce - variables: - <<: *gce_variables - <<: *ubuntu_kube_router_variables - when: manual - except: ['triggers'] - only: ['master', /^pr-.*$/] - +# For failfast, at least 1 job must be defined in .gitlab-ci.yml # Premoderated with manual actions ci-authorized: - <<: *job + extends: .job stage: moderator before_script: - apt-get -y install jq @@ -685,156 +219,8 @@ ci-authorized: - /bin/sh scripts/premoderator.sh except: ['triggers', 'master'] -syntax-check: - <<: *job - stage: unit-tests - script: - - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root cluster.yml -vvv --syntax-check - - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root upgrade-cluster.yml -vvv --syntax-check - - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root reset.yml -vvv --syntax-check - - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root extra_playbooks/upgrade-only-k8s.yml -vvv --syntax-check - except: ['triggers', 'master'] - -yamllint: - <<: *job - stage: unit-tests - script: - - yamllint . - except: ['triggers', 'master'] - -ansible-lint: - <<: *job - stage: unit-tests - # lint every yml/yaml file that looks like it contains Ansible plays - script: |- - grep -Rl '^- hosts: \|^ hosts: \|^- name: ' --include \*.yml --include \*.yaml . | xargs ansible-lint -v - except: ['triggers', 'master'] - -tox-inventory-builder: - stage: unit-tests - <<: *job - script: - - pip install tox - - cd contrib/inventory_builder && tox - when: manual - except: ['triggers', 'master'] - - -# Tests for contrib/terraform/ -.terraform_install: &terraform_install - <<: *job - before_script: - # Set Ansible config - - cp ansible.cfg ~/.ansible.cfg - # Install Terraform - - apt-get install -y unzip - - curl https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_amd64.zip > /tmp/terraform.zip - - unzip /tmp/terraform.zip && mv ./terraform /usr/local/bin/ && terraform --version - # Prepare inventory - - cp -LRp contrib/terraform/$PROVIDER/sample-inventory inventory/$CLUSTER - - cd inventory/$CLUSTER - - ln -s ../../contrib/terraform/$PROVIDER/hosts - - terraform init ../../contrib/terraform/$PROVIDER - # Copy SSH keypair - - mkdir -p ~/.ssh - - echo "$PACKET_PRIVATE_KEY" | base64 -d > ~/.ssh/id_rsa - - chmod 400 ~/.ssh/id_rsa - - echo "$PACKET_PUBLIC_KEY" | base64 -d > ~/.ssh/id_rsa.pub - only: ['master', /^pr-.*$/] - -.terraform_validate: &terraform_validate - <<: *terraform_install - stage: unit-tests - script: - - terraform validate -var-file=cluster.tf ../../contrib/terraform/$PROVIDER - - terraform fmt -check -diff ../../contrib/terraform/$PROVIDER - -.terraform_apply: &terraform_apply - <<: *terraform_install - stage: deploy-part2 - when: manual - script: - - terraform apply -auto-approve ../../contrib/terraform/$PROVIDER - - ansible-playbook -i hosts ../../cluster.yml --become - after_script: - # Cleanup regardless of exit code - - cd inventory/$CLUSTER - - terraform destroy -auto-approve ../../contrib/terraform/$PROVIDER - -tf-validate-openstack: - <<: *terraform_validate - variables: - TF_VERSION: 0.11.11 - PROVIDER: openstack - CLUSTER: $CI_COMMIT_REF_NAME - -tf-validate-packet: - <<: *terraform_validate - variables: - TF_VERSION: 0.11.11 - PROVIDER: packet - CLUSTER: $CI_COMMIT_REF_NAME - -tf-validate-aws: - <<: *terraform_validate - variables: - TF_VERSION: 0.11.11 - PROVIDER: aws - CLUSTER: $CI_COMMIT_REF_NAME - -tf-packet-ubuntu16-default: - <<: *terraform_apply - variables: - TF_VERSION: 0.11.11 - PROVIDER: packet - CLUSTER: $CI_COMMIT_REF_NAME - TF_VAR_cluster_name: $CI_COMMIT_REF_SLUG - TF_VAR_number_of_k8s_masters: "1" - TF_VAR_number_of_k8s_nodes: "1" - TF_VAR_plan_k8s_masters: t1.small.x86 - TF_VAR_plan_k8s_nodes: t1.small.x86 - TF_VAR_facility: "ewr1" - TF_VAR_public_key_path: "" - TF_VAR_operating_system: ubuntu_16_04 - -tf-packet-ubuntu18-default: - <<: *terraform_apply - variables: - TF_VERSION: 0.11.11 - PROVIDER: packet - CLUSTER: $CI_COMMIT_REF_NAME - TF_VAR_cluster_name: $CI_COMMIT_REF_SLUG - TF_VAR_number_of_k8s_masters: "1" - TF_VAR_number_of_k8s_nodes: "1" - TF_VAR_plan_k8s_masters: t1.small.x86 - TF_VAR_plan_k8s_nodes: t1.small.x86 - TF_VAR_facility: "ams1" - TF_VAR_public_key_path: "" - TF_VAR_operating_system: ubuntu_18_04 - -tf-apply-ovh: - <<: *terraform_apply - variables: - <<: *ovh_variables - TF_VERSION: 0.11.11 - PROVIDER: openstack - CLUSTER: $CI_COMMIT_REF_NAME - ANSIBLE_TIMEOUT: "60" - TF_VAR_cluster_name: $CI_COMMIT_REF_SLUG - TF_VAR_number_of_k8s_masters: "0" - TF_VAR_number_of_k8s_masters_no_floating_ip: "1" - TF_VAR_number_of_k8s_masters_no_floating_ip_no_etcd: "0" - TF_VAR_number_of_etcd: "0" - TF_VAR_number_of_k8s_nodes: "0" - TF_VAR_number_of_k8s_nodes_no_floating_ip: "1" - TF_VAR_number_of_gfs_nodes_no_floating_ip: "0" - TF_VAR_number_of_bastions: "0" - TF_VAR_number_of_k8s_masters_no_etcd: "0" - TF_VAR_use_neutron: "0" - TF_VAR_floatingip_pool: "Ext-Net" - TF_VAR_external_net: "6011fbc9-4cbf-46a4-8452-6890a340b60b" - TF_VAR_network_name: "Ext-Net" - TF_VAR_flavor_k8s_master: "defa64c3-bd46-43b4-858a-d93bbae0a229" #s1-8 - TF_VAR_flavor_k8s_node: "defa64c3-bd46-43b4-858a-d93bbae0a229" #s1-8 - TF_VAR_image: "Ubuntu 18.04" - TF_VAR_k8s_allowed_remote_ips: '["0.0.0.0/0"]' +include: + - .gitlab-ci/lint.yml + - .gitlab-ci/gce.yml + - .gitlab-ci/digital-ocean.yml + - .gitlab-ci/terraform.yml diff --git a/.gitlab-ci/digital-ocean.yml b/.gitlab-ci/digital-ocean.yml new file mode 100644 index 000000000..919abda53 --- /dev/null +++ b/.gitlab-ci/digital-ocean.yml @@ -0,0 +1,16 @@ +.do_variables: &do_variables + PRIVATE_KEY: $DO_PRIVATE_KEY + CI_PLATFORM: "do" + SSH_USER: root + +.do: &do + extends: .testcases + +do_ubuntu-canal-ha: + stage: deploy-part2 + extends: .do + variables: + <<: *do_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] diff --git a/.gitlab-ci/gce.yml b/.gitlab-ci/gce.yml new file mode 100644 index 000000000..977dd8cce --- /dev/null +++ b/.gitlab-ci/gce.yml @@ -0,0 +1,440 @@ +.gce_variables: &gce_variables + GCE_USER: travis + SSH_USER: $GCE_USER + CLOUD_MACHINE_TYPE: "g1-small" + CI_PLATFORM: "gce" + PRIVATE_KEY: $GCE_PRIVATE_KEY + +.gce: &gce + extends: .testcases + +# Test matrix. Leave the comments for markup scripts. +.coreos_calico_aio_variables: &coreos_calico_aio_variables + # stage: deploy-part1 + MOVED_TO_GROUP_VARS: "true" + +.ubuntu18_flannel_aio_variables: &ubuntu18_flannel_aio_variables + # stage: deploy-part1 + MOVED_TO_GROUP_VARS: "true" + +.centos_weave_kubeadm_variables: ¢os_weave_kubeadm_variables + # stage: deploy-part1 + UPGRADE_TEST: "graceful" + +.ubuntu_canal_kubeadm_variables: &ubuntu_canal_kubeadm_variables + # stage: deploy-part1 + MOVED_TO_GROUP_VARS: "true" + +.ubuntu_canal_ha_variables: &ubuntu_canal_ha_variables + # stage: deploy-special + MOVED_TO_GROUP_VARS: "true" + +.ubuntu_contiv_sep_variables: &ubuntu_contiv_sep_variables + # stage: deploy-special + MOVED_TO_GROUP_VARS: "true" + +.coreos_cilium_variables: &coreos_cilium_variables + # stage: deploy-special + MOVED_TO_GROUP_VARS: "true" + +.ubuntu_cilium_sep_variables: &ubuntu_cilium_sep_variables + # stage: deploy-special + MOVED_TO_GROUP_VARS: "true" + +.rhel7_weave_variables: &rhel7_weave_variables + # stage: deploy-part1 + MOVED_TO_GROUP_VARS: "true" + +.centos7_flannel_addons_variables: ¢os7_flannel_addons_variables + # stage: deploy-part2 + MOVED_TO_GROUP_VARS: "true" + +.debian9_calico_variables: &debian9_calico_variables + # stage: deploy-part2 + MOVED_TO_GROUP_VARS: "true" + +.coreos_canal_variables: &coreos_canal_variables + # stage: deploy-part2 + MOVED_TO_GROUP_VARS: "true" + +.rhel7_canal_sep_variables: &rhel7_canal_sep_variables + # stage: deploy-special + MOVED_TO_GROUP_VARS: "true" + +.ubuntu_weave_sep_variables: &ubuntu_weave_sep_variables + # stage: deploy-special + MOVED_TO_GROUP_VARS: "true" + +.centos7_calico_ha_variables: ¢os7_calico_ha_variables + # stage: deploy-special + MOVED_TO_GROUP_VARS: "true" + +.centos7_kube_router_variables: ¢os7_kube_router_variables + # stage: deploy-special + MOVED_TO_GROUP_VARS: "true" + +.centos7_multus_calico_variables: ¢os7_multus_calico_variables + # stage: deploy-part2 + UPGRADE_TEST: "graceful" + +.coreos_alpha_weave_ha_variables: &coreos_alpha_weave_ha_variables + # stage: deploy-special + MOVED_TO_GROUP_VARS: "true" + +.coreos_kube_router_variables: &coreos_kube_router_variables + # stage: deploy-special + MOVED_TO_GROUP_VARS: "true" + +.ubuntu_rkt_sep_variables: &ubuntu_rkt_sep_variables + # stage: deploy-part1 + MOVED_TO_GROUP_VARS: "true" + +.ubuntu_flannel_variables: &ubuntu_flannel_variables + # stage: deploy-part2 + MOVED_TO_GROUP_VARS: "true" + +.ubuntu_kube_router_variables: &ubuntu_kube_router_variables + # stage: deploy-special + MOVED_TO_GROUP_VARS: "true" + +.opensuse_canal_variables: &opensuse_canal_variables + # stage: deploy-part2 + MOVED_TO_GROUP_VARS: "true" + + +# Builds for PRs only (premoderated by unit-tests step) and triggers (auto) +### PR JOBS PART1 + +gce_ubuntu18-flannel-aio: + stage: deploy-part1 + <<: *gce + variables: + <<: *gce_variables + <<: *ubuntu18_flannel_aio_variables + when: on_success + except: ['triggers'] + only: [/^pr-.*$/] + +### PR JOBS PART2 + +gce_coreos-calico-aio: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *coreos_calico_aio_variables + when: on_success + except: ['triggers'] + only: [/^pr-.*$/] + +gce_centos7-flannel-addons: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *centos7_flannel_addons_variables + when: on_success + except: ['triggers'] + only: [/^pr-.*$/] + +### MANUAL JOBS + +gce_centos-weave-kubeadm-sep: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *centos_weave_kubeadm_variables + when: on_success + only: ['triggers'] + +gce_ubuntu-weave-sep: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *ubuntu_weave_sep_variables + when: manual + only: ['triggers'] + +gce_coreos-calico-sep-triggers: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *coreos_calico_aio_variables + when: on_success + only: ['triggers'] + +gce_ubuntu-canal-ha-triggers: + stage: deploy-special + <<: *gce + variables: + <<: *gce_variables + <<: *ubuntu_canal_ha_variables + when: on_success + only: ['triggers'] + +gce_centos7-flannel-addons-triggers: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *centos7_flannel_addons_variables + when: on_success + only: ['triggers'] + +gce_ubuntu-weave-sep-triggers: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *ubuntu_weave_sep_variables + when: on_success + only: ['triggers'] + +# More builds for PRs/merges (manual) and triggers (auto) + + +gce_ubuntu-canal-ha: + stage: deploy-special + <<: *gce + variables: + <<: *gce_variables + <<: *ubuntu_canal_ha_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_ubuntu-canal-kubeadm: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *ubuntu_canal_kubeadm_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_ubuntu-canal-kubeadm-triggers: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *ubuntu_canal_kubeadm_variables + when: on_success + only: ['triggers'] + +gce_ubuntu-flannel-ha: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *ubuntu_flannel_variables + when: manual + except: ['triggers'] + +gce_centos-weave-kubeadm-triggers: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *centos_weave_kubeadm_variables + when: on_success + only: ['triggers'] + +gce_ubuntu-contiv-sep: + stage: deploy-special + <<: *gce + variables: + <<: *gce_variables + <<: *ubuntu_contiv_sep_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_coreos-cilium: + stage: deploy-special + <<: *gce + variables: + <<: *gce_variables + <<: *coreos_cilium_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_ubuntu-cilium-sep: + stage: deploy-special + <<: *gce + variables: + <<: *gce_variables + <<: *ubuntu_cilium_sep_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_rhel7-weave: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *rhel7_weave_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_rhel7-weave-triggers: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *rhel7_weave_variables + when: on_success + only: ['triggers'] + +gce_debian9-calico-upgrade: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *debian9_calico_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_debian9-calico-triggers: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *debian9_calico_variables + when: on_success + only: ['triggers'] + +gce_coreos-canal: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *coreos_canal_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_coreos-canal-triggers: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *coreos_canal_variables + when: on_success + only: ['triggers'] + +gce_rhel7-canal-sep: + stage: deploy-special + <<: *gce + variables: + <<: *gce_variables + <<: *rhel7_canal_sep_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_rhel7-canal-sep-triggers: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *rhel7_canal_sep_variables + when: on_success + only: ['triggers'] + +gce_centos7-calico-ha: + stage: deploy-special + <<: *gce + variables: + <<: *gce_variables + <<: *centos7_calico_ha_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_centos7-calico-ha-triggers: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *centos7_calico_ha_variables + when: on_success + only: ['triggers'] + +gce_centos7-kube-router: + stage: deploy-special + <<: *gce + variables: + <<: *gce_variables + <<: *centos7_kube_router_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_centos7-multus-calico: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *centos7_multus_calico_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_opensuse-canal: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *opensuse_canal_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +# no triggers yet https://github.com/kubernetes-incubator/kargo/issues/613 +gce_coreos-alpha-weave-ha: + stage: deploy-special + <<: *gce + variables: + <<: *gce_variables + <<: *coreos_alpha_weave_ha_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_coreos-kube-router: + stage: deploy-special + <<: *gce + variables: + <<: *gce_variables + <<: *coreos_kube_router_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_ubuntu-rkt-sep: + stage: deploy-part2 + <<: *gce + variables: + <<: *gce_variables + <<: *ubuntu_rkt_sep_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] + +gce_ubuntu-kube-router-sep: + stage: deploy-special + <<: *gce + variables: + <<: *gce_variables + <<: *ubuntu_kube_router_variables + when: manual + except: ['triggers'] + only: ['master', /^pr-.*$/] diff --git a/.gitlab-ci/lint.yml b/.gitlab-ci/lint.yml new file mode 100644 index 000000000..8957a2977 --- /dev/null +++ b/.gitlab-ci/lint.yml @@ -0,0 +1,33 @@ +yamllint: + extends: .job + stage: unit-tests + script: + - yamllint . + except: ['triggers', 'master'] + +ansible-lint: + extends: .job + stage: unit-tests + # lint every yml/yaml file that looks like it contains Ansible plays + script: |- + grep -Rl '^- hosts: \|^ hosts: \|^- name: ' --include \*.yml --include \*.yaml . | xargs ansible-lint -v + except: ['triggers', 'master'] + +syntax-check: + extends: .job + stage: unit-tests + script: + - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root cluster.yml -vvv --syntax-check + - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root upgrade-cluster.yml -vvv --syntax-check + - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root reset.yml -vvv --syntax-check + - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root extra_playbooks/upgrade-only-k8s.yml -vvv --syntax-check + except: ['triggers', 'master'] + +tox-inventory-builder: + stage: unit-tests + extends: .job + script: + - pip install tox + - cd contrib/inventory_builder && tox + when: manual + except: ['triggers', 'master'] diff --git a/.gitlab-ci/terraform.yml b/.gitlab-ci/terraform.yml new file mode 100644 index 000000000..c1d6b5309 --- /dev/null +++ b/.gitlab-ci/terraform.yml @@ -0,0 +1,129 @@ +# Tests for contrib/terraform/ +.terraform_install: + extends: .job + before_script: + # Set Ansible config + - cp ansible.cfg ~/.ansible.cfg + # Install Terraform + - apt-get install -y unzip + - curl https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_amd64.zip > /tmp/terraform.zip + - unzip /tmp/terraform.zip && mv ./terraform /usr/local/bin/ && terraform --version + # Prepare inventory + - cp -LRp contrib/terraform/$PROVIDER/sample-inventory inventory/$CLUSTER + - cd inventory/$CLUSTER + - ln -s ../../contrib/terraform/$PROVIDER/hosts + - terraform init ../../contrib/terraform/$PROVIDER + # Copy SSH keypair + - mkdir -p ~/.ssh + - echo "$PACKET_PRIVATE_KEY" | base64 -d > ~/.ssh/id_rsa + - chmod 400 ~/.ssh/id_rsa + - echo "$PACKET_PUBLIC_KEY" | base64 -d > ~/.ssh/id_rsa.pub + only: ['master', /^pr-.*$/] + +.terraform_validate: + extends: .terraform_install + stage: unit-tests + script: + - terraform validate -var-file=cluster.tf ../../contrib/terraform/$PROVIDER + - terraform fmt -check -diff ../../contrib/terraform/$PROVIDER + +.terraform_apply: + extends: .terraform_install + stage: deploy-part2 + when: manual + script: + - terraform apply -auto-approve ../../contrib/terraform/$PROVIDER + - ansible-playbook -i hosts ../../cluster.yml --become + after_script: + # Cleanup regardless of exit code + - cd inventory/$CLUSTER + - terraform destroy -auto-approve ../../contrib/terraform/$PROVIDER + +tf-validate-openstack: + extends: .terraform_validate + variables: + TF_VERSION: 0.11.11 + PROVIDER: openstack + CLUSTER: $CI_COMMIT_REF_NAME + +tf-validate-packet: + extends: .terraform_validate + variables: + TF_VERSION: 0.11.11 + PROVIDER: packet + CLUSTER: $CI_COMMIT_REF_NAME + +tf-validate-aws: + extends: .terraform_validate + variables: + TF_VERSION: 0.11.11 + PROVIDER: aws + CLUSTER: $CI_COMMIT_REF_NAME + +tf-packet-ubuntu16-default: + extends: .terraform_apply + variables: + TF_VERSION: 0.11.11 + PROVIDER: packet + CLUSTER: $CI_COMMIT_REF_NAME + TF_VAR_cluster_name: $CI_COMMIT_REF_SLUG + TF_VAR_number_of_k8s_masters: "1" + TF_VAR_number_of_k8s_nodes: "1" + TF_VAR_plan_k8s_masters: t1.small.x86 + TF_VAR_plan_k8s_nodes: t1.small.x86 + TF_VAR_facility: "ewr1" + TF_VAR_public_key_path: "" + TF_VAR_operating_system: ubuntu_16_04 + +tf-packet-ubuntu18-default: + extends: .terraform_apply + variables: + TF_VERSION: 0.11.11 + PROVIDER: packet + CLUSTER: $CI_COMMIT_REF_NAME + TF_VAR_cluster_name: $CI_COMMIT_REF_SLUG + TF_VAR_number_of_k8s_masters: "1" + TF_VAR_number_of_k8s_nodes: "1" + TF_VAR_plan_k8s_masters: t1.small.x86 + TF_VAR_plan_k8s_nodes: t1.small.x86 + TF_VAR_facility: "ams1" + TF_VAR_public_key_path: "" + TF_VAR_operating_system: ubuntu_18_04 + +.ovh_variables: &ovh_variables + OS_AUTH_URL: https://auth.cloud.ovh.net/v3 + OS_PROJECT_ID: 8d3cd5d737d74227ace462dee0b903fe + OS_PROJECT_NAME: "9361447987648822" + OS_USER_DOMAIN_NAME: Default + OS_PROJECT_DOMAIN_ID: default + OS_USERNAME: 8XuhBMfkKVrk + OS_REGION_NAME: UK1 + OS_INTERFACE: public + OS_IDENTITY_API_VERSION: "3" + +tf-apply-ovh: + extends: .terraform_apply + variables: + <<: *ovh_variables + TF_VERSION: 0.11.11 + PROVIDER: openstack + CLUSTER: $CI_COMMIT_REF_NAME + ANSIBLE_TIMEOUT: "60" + TF_VAR_cluster_name: $CI_COMMIT_REF_SLUG + TF_VAR_number_of_k8s_masters: "0" + TF_VAR_number_of_k8s_masters_no_floating_ip: "1" + TF_VAR_number_of_k8s_masters_no_floating_ip_no_etcd: "0" + TF_VAR_number_of_etcd: "0" + TF_VAR_number_of_k8s_nodes: "0" + TF_VAR_number_of_k8s_nodes_no_floating_ip: "1" + TF_VAR_number_of_gfs_nodes_no_floating_ip: "0" + TF_VAR_number_of_bastions: "0" + TF_VAR_number_of_k8s_masters_no_etcd: "0" + TF_VAR_use_neutron: "0" + TF_VAR_floatingip_pool: "Ext-Net" + TF_VAR_external_net: "6011fbc9-4cbf-46a4-8452-6890a340b60b" + TF_VAR_network_name: "Ext-Net" + TF_VAR_flavor_k8s_master: "defa64c3-bd46-43b4-858a-d93bbae0a229" #s1-8 + TF_VAR_flavor_k8s_node: "defa64c3-bd46-43b4-858a-d93bbae0a229" #s1-8 + TF_VAR_image: "Ubuntu 18.04" + TF_VAR_k8s_allowed_remote_ips: '["0.0.0.0/0"]'