d3875c1867
This adds Gerrit 3.11 image builds an a system-config-run job for a 3.11 deployment. We don't add 3.10 to 3.11 upgrade testing yet. This will happen as a followup once we're happy with general image building and testing. This adds explicit push and force push permissions to the Administrators group via code reviewed changes. The reason for this is Gerrit 3.11 has decided that everything should be code reviewed by default including actions by Administrators. Since we're just doing this for bootstrapping of testing we quickly add the old expected permissions back via code review. This has a side effect of bumping up the change numbers for the cahnges we care about in review up by 2 integer values. The tests and screenshots are all updated to accomodate the shift in change numbers. Change-Id: Ib7090563a869577ed100ca71c496e8779e5b1010
346 lines
12 KiB
YAML
346 lines
12 KiB
YAML
- hosts: "review"
|
|
tasks:
|
|
- name: Wait for Gerrit to be up
|
|
uri:
|
|
url: http://localhost:8081/a/accounts/admin/sshkeys
|
|
method: GET
|
|
user: admin
|
|
password: secret
|
|
register: result
|
|
until: result.status == 200 and not result.redirected
|
|
delay: 1
|
|
retries: 120
|
|
|
|
- name: Create openstack-project-creator user
|
|
uri:
|
|
url: http://localhost:8081/a/accounts/openstack-project-creator
|
|
method: PUT
|
|
user: admin
|
|
password: secret
|
|
body_format: json
|
|
body:
|
|
username: 'openstack-project-creator'
|
|
name: 'Project Creator'
|
|
email: 'project.creator@example.com'
|
|
http_password: 'secret'
|
|
groups:
|
|
- Administrators
|
|
status_code: 201
|
|
|
|
- name: Create CI group
|
|
uri:
|
|
url: 'http://localhost:8081/a/groups/CI-tools'
|
|
method: PUT
|
|
user: admin
|
|
password: secret
|
|
body_format: json
|
|
body:
|
|
description: 'Continuous Integration Tools'
|
|
status_code: 201
|
|
|
|
- name: Create Zuul user
|
|
uri:
|
|
url: http://localhost:8081/a/accounts/zuul
|
|
method: PUT
|
|
user: admin
|
|
password: secret
|
|
body_format: json
|
|
body:
|
|
name: 'Zuul'
|
|
email: 'zuul@example.com'
|
|
http_password: 'secret'
|
|
status_code: 201
|
|
|
|
- name: Add Zuul to group
|
|
uri:
|
|
url: 'http://localhost:8081/a/groups/CI-tools/members/zuul'
|
|
method: PUT
|
|
user: admin
|
|
password: secret
|
|
status_code: 201
|
|
|
|
- name: Get group UUID
|
|
uri:
|
|
url: 'http://localhost:8081/a/groups/CI-tools'
|
|
method: GET
|
|
user: admin
|
|
password: secret
|
|
status_code: 200
|
|
return_content: yes
|
|
register: group_raw
|
|
|
|
- name: Debug serialized json
|
|
debug:
|
|
var: group_raw
|
|
|
|
- name: Deserialize returned data to internal variable.
|
|
set_fact:
|
|
# The first 4 bytes of the returned data are )]}' which is
|
|
# invalid json.
|
|
group_json: '{{ group_raw.content | regex_replace("^....", "") | from_json }}'
|
|
|
|
- name: Debug deserialized json
|
|
debug:
|
|
var: group_json
|
|
|
|
- name: Setup key and initial gerrit config
|
|
shell:
|
|
executable: /bin/bash
|
|
cmd: |
|
|
set -xe
|
|
|
|
ssh-keygen -t ed25519 -f /root/.ssh/id_25519 -P ""
|
|
curl -X POST --user "admin:secret" -H "Content-Type: text/plain" -d@/root/.ssh/id_25519.pub http://localhost:8081/a/accounts/admin/sshkeys
|
|
|
|
git config --global user.name "Admin"
|
|
git config --global user.email "admin@example.com"
|
|
|
|
git clone http://admin:secret@localhost:8081/a/All-Projects
|
|
|
|
pushd All-Projects
|
|
|
|
# Setup change id hook. Adapted from Zuul quickstart setup.
|
|
f="$(git rev-parse --git-dir)/hooks/commit-msg"; curl -o "$f" http://localhost:8081/tools/hooks/commit-msg ; chmod +x "$f"
|
|
|
|
echo "{{ group_json.id }} CI-tools" >> groups # noqa 203
|
|
git commit -a -m "Add CI-tools group"
|
|
git push origin HEAD:refs/for/refs/meta/config
|
|
ssh -i /root/.ssh/id_25519 -p 29418 -l 'admin' localhost gerrit review -l Code-Review=2 --submit -p All-Projects 1,1
|
|
|
|
cat >> project.config << EOF
|
|
[label "Verified"]
|
|
function = NoBlock
|
|
value = -2 Fails
|
|
value = -1 Doesn't seem to work
|
|
value = 0 No score
|
|
value = +1 Works for me
|
|
value = +2 Verified
|
|
[submit-requirement "Verified"]
|
|
description = CI result votes. Maximum required to merge and is provided by the Zuul's gate queue.
|
|
submittableIf = label:Verified=MAX AND -label:Verified=MIN
|
|
canOverrideInChildProjects = false
|
|
[access "refs/*"]
|
|
push = +force group Administrators
|
|
[access "refs/heads/*"]
|
|
label-Verified = -2..+2 group CI-tools
|
|
EOF
|
|
git commit -a -m 'Update All-Project configuration'
|
|
git push origin HEAD:refs/for/refs/meta/config
|
|
ssh -i /root/.ssh/id_25519 -p 29418 -l 'admin' localhost gerrit review -l Code-Review=2 --submit -p All-Projects 2,1
|
|
|
|
popd
|
|
|
|
# openstack-project-creator bootstrapping
|
|
curl -X POST --user "openstack-project-creator:secret" -H "Content-Type: text/plain" -d@/home/gerrit2/review_site/etc/ssh_project_rsa_key.pub http://localhost:8081/a/accounts/openstack-project-creator/sshkeys
|
|
|
|
# This is helpful on a held node when you're trying to fix/enhance
|
|
# the Zuul summary plugin. You can build it locally, scp the new
|
|
# .jar to /tmp and run this to deploy your changes.
|
|
- name: Create summary plugin helper script
|
|
shell:
|
|
executable: /bin/bash
|
|
cmd: |
|
|
set -xe
|
|
|
|
cat > /root/deploy-zuul-results-summary.sh << EOF
|
|
#!/bin/bash
|
|
echo "Copying plugin"
|
|
docker cp /tmp/zuul-results-summary.jar \
|
|
gerrit-compose_gerrit_1:/var/gerrit/plugins/
|
|
echo "Reloading"
|
|
ssh -i /root/.ssh/id_25519 -p 29418 admin@localhost \
|
|
gerrit plugin reload zuul-results-summary
|
|
echo "Done"
|
|
EOF
|
|
|
|
chmod a+x /root/deploy-zuul-results-summary.sh
|
|
|
|
- name: Create temp dir for project creation
|
|
shell: mktemp -d
|
|
register: project_tmp
|
|
|
|
- name: Create project project in Gerrit
|
|
uri:
|
|
url: http://localhost:8081/a/projects/y%2Ftestproject
|
|
method: PUT
|
|
user: admin
|
|
password: secret
|
|
status_code: 201
|
|
|
|
- name: Setup initial test project
|
|
shell:
|
|
executable: /bin/bash
|
|
chdir: "{{ project_tmp.stdout }}"
|
|
cmd: |
|
|
set -xe
|
|
|
|
git init testproject.config
|
|
pushd testproject.config
|
|
git remote add origin http://admin:secret@localhost:8081/a/y/testproject
|
|
git pull origin refs/meta/config
|
|
|
|
echo "{{ group_json.id }} CI-tools" >> groups # noqa 203
|
|
|
|
cat >project.config <<EOF
|
|
[access]
|
|
inheritFrom = All-Projects
|
|
|
|
[submit]
|
|
action = inherit
|
|
|
|
[access "refs/heads/*"]
|
|
label-Review-Priority = -1..+2 group CI-tools
|
|
label-Backport-Candidate = -1..+1 group CI-tools
|
|
|
|
[label "Review-Priority"]
|
|
copyCondition = changekind:NO_CODE_CHANGE OR changekind:TRIVIAL_REBASE OR is:MAX OR is:MIN
|
|
defaultValue = 0
|
|
function = NoBlock
|
|
value = -1 Branch Freeze
|
|
value = 0 No Priority
|
|
value = +1 Important Change
|
|
value = +2 Urgent Change
|
|
|
|
[label "Backport-Candidate"]
|
|
copyCondition = changekind:NO_CODE_CHANGE OR changekind:TRIVIAL_REBASE OR is:MAX OR is:MIN
|
|
defaultValue = 0
|
|
function = NoBlock
|
|
value = -1 Not a backport candidate
|
|
value = 0 Backport review needed
|
|
value = +1 Should backport
|
|
|
|
[submit-requirement "Review-Priority"]
|
|
description = The review priority
|
|
submittableIf = -label:Review-Priority=MIN
|
|
|
|
[submit-requirement "Backport-Candidate"]
|
|
applicableIf = is:false
|
|
description = Backport candidate status
|
|
submittableIf = is:true
|
|
EOF
|
|
|
|
git add project.config groups
|
|
git commit -m 'Updated project config'
|
|
git push origin HEAD:refs/meta/config
|
|
|
|
- name: Create initial commit and changes in testproject
|
|
shell:
|
|
executable: /bin/sh
|
|
chdir: "{{ project_tmp.stdout }}"
|
|
cmd: |
|
|
set -x
|
|
|
|
git init .
|
|
cat >.gitreview <<EOF
|
|
[gerrit]
|
|
host=localhost
|
|
port=29418
|
|
project=y/testproject
|
|
EOF
|
|
git add .gitreview
|
|
git commit -m "Initial commit"
|
|
git remote add gerrit http://admin:secret@localhost:8081/y/testproject
|
|
git push -f --set-upstream gerrit +HEAD:master
|
|
|
|
curl -Lo .git/hooks/commit-msg http://localhost:8081/tools/hooks/commit-msg
|
|
chmod u+x .git/hooks/commit-msg
|
|
|
|
cat >file-3.txt <<EOF
|
|
Hello, this is a file
|
|
EOF
|
|
git add file-3.txt
|
|
git commit -m "Sample review 3"
|
|
git push gerrit HEAD:refs/for/master
|
|
|
|
cat >file-4.txt <<EOF
|
|
Hello, this is a file
|
|
EOF
|
|
git add file-4.txt
|
|
git commit -m "Sample review 4"
|
|
git push gerrit HEAD:refs/for/master
|
|
|
|
cat >file-5.txt <<EOF
|
|
Hello, this is a file
|
|
EOF
|
|
git add file-5.txt
|
|
git commit -m "Sample review 5"
|
|
git push gerrit HEAD:refs/for/master
|
|
|
|
- name: Post a sample failure review
|
|
uri:
|
|
url: 'http://localhost:8081/a/changes/{{ item.id }}/revisions/1/review'
|
|
method: POST
|
|
user: zuul
|
|
password: secret
|
|
body_format: json
|
|
body:
|
|
tag: 'autogenerated:zuul:check'
|
|
labels:
|
|
'Verified': '{{ item.verified }}'
|
|
'Review-Priority': '{{ item.priority }}'
|
|
'Backport-Candidate': '{{ item.backport }}'
|
|
message: |
|
|
Build failed (check pipeline). For information on how to proceed, see
|
|
https://docs.opendev.org/opendev/infra-manual/latest/developers.html#automated-testing
|
|
|
|
|
|
- test-success https://zuul.opendev.org/t/openstack/build/00b1ce7d5d994339a54dd8142a6813a6 : SUCCESS in {{ range(1, 59) | random }}m 22s
|
|
- test-failure https://zuul.opendev.org/t/openstack/build/00b1ce7d5d994339a54dd8142a6813a6 : FAILURE in {{ range(1, 59) | random }}m 22s
|
|
- test-retry-limit https://zuul.opendev.org/t/openstack/build/20efbb1b6983453884103e9628a70942 : RETRY_LIMIT in {{ range(1, 59) | random }}m 24s
|
|
- test-skipped https://zuul.opendev.org/t/openstack/build/None : SKIPPED
|
|
- test-aborted https://zuul.opendev.org/t/openstack/build/bc4a4559645b4088a9f8586c043c4764 : ABORTED in {{ range(1, 59) | random }}m 19s
|
|
- test-merger-failure https://zuul.opendev.org/t/openstack/build/cb469750b250430b95a02697931d6030 : MERGER_FAILURE in {{ range(1, 59) | random }}m 14s
|
|
- test-node-failure https://zuul.opendev.org/t/openstack/build/0897fafc9652480794652fc49e3c9baf : NODE_FAILURE in {{ range(1, 59) | random }}m 48s
|
|
- test-timed-out https://zuul.opendev.org/t/openstack/build/57c4eb5174554cbfbb06fd9118eb1ae4 : TIMED_OUT in {{ range(1, 59) | random }}m 37s (non-voting)
|
|
- test-post-failure https://zuul.opendev.org/t/openstack/build/30afb96669fe4f19b6215e79615ecd90 : POST_FAILURE in {{ range(1, 59) | random }}m 58s
|
|
- test-config-error https://zuul.opendev.org/t/openstack/build/76c69b8062284d959a85b55bc460f822 : CONFIG_ERROR in {{ range(1, 59) | random }}m 27s
|
|
- test-disk-full https://zuul.opendev.org/t/openstack/build/0897fafc9743580794652fc49e3c9baf : DISK_FULL in {{ range(1, 59) | random }}m 48s
|
|
- test-error https://zuul.opendev.org/t/openstack/build/0897bedc9743580794652fc49e3c1234 : ERROR This is an error message in {{ range(1, 59) | random }}m 32s
|
|
loop:
|
|
- id: '3'
|
|
verified: '-2'
|
|
priority: '-1'
|
|
backport: '-1'
|
|
- id: '4'
|
|
verified: '+1'
|
|
priority: '+1'
|
|
backport: '0'
|
|
- id: '5'
|
|
verified: '+2'
|
|
priority: '+2'
|
|
backport: '+1'
|
|
|
|
- name: Post a sample good review in another pipeline
|
|
uri:
|
|
url: 'http://localhost:8081/a/changes/{{ item }}/revisions/1/review'
|
|
method: POST
|
|
user: zuul
|
|
password: secret
|
|
body_format: json
|
|
body:
|
|
tag: 'autogenerated:zuul:check-secondary'
|
|
message: |
|
|
Build succeeded (Secondary pipeline).
|
|
|
|
|
|
- test-second-ci https://zuul.opendev.org/t/openstack/build/f9c14856bf4e485089ca8fc8f00f324b : SUCCESS in {{ range(1, 59) | random}}m 11s
|
|
loop:
|
|
- 3
|
|
- 4
|
|
- 5
|
|
|
|
# NOTE(ianw) we do an add/delete/add cycle as we've seen issues
|
|
# with duplicate updates causing problems before; e.g.
|
|
# https://gerrit-review.googlesource.com/c/gerrit/+/312602
|
|
- name: Post a file review to confirm accountPatchDb connection
|
|
uri:
|
|
url: 'http://localhost:8081/a/changes/y%2Ftestproject~3/revisions/1/files/file-3.txt/reviewed'
|
|
method: '{{ item[0] }}'
|
|
user: admin
|
|
password: secret
|
|
status_code: '{{ item[1] }}'
|
|
loop:
|
|
- [ PUT, 201 ]
|
|
- [ DELETE, 204 ]
|
|
- [ PUT, 201 ]
|