kolla-ansible/tests/setup_gate.sh
James Kirsch 5581a28253 Add support for LetsEncrypt-managed certs
Add support for automatic provisioning and renewal of HTTPS
certificates via LetsEncrypt.

Spec is available at:
https://etherpad.opendev.org/p/kolla-ansible-letsencrypt-https

Depends-On: https://review.opendev.org/c/openstack/kolla/+/887347
Co-Authored-By: Michal Arbet <michal.arbet@ultimum.io>
Implements: blueprint letsencrypt-https
Change-Id: I35317ea0343f0db74ddc0e587862e95408e9e106
2023-11-07 10:59:51 +01:00

150 lines
4.3 KiB
Bash
Executable File

#!/bin/bash
set -o xtrace
set -o errexit
set -o pipefail
# Enable unbuffered output for Ansible in Jenkins.
export PYTHONUNBUFFERED=1
function setup_openstack_clients {
# Prepare virtualenv for openstack deployment tests
local packages=(python-openstackclient python-heatclient)
if [[ $SCENARIO == zun ]]; then
packages+=(python-zunclient)
fi
if [[ $SCENARIO == ironic ]]; then
packages+=(python-ironicclient python-ironic-inspector-client)
fi
if [[ $SCENARIO == magnum ]]; then
packages+=(python-designateclient python-magnumclient python-troveclient)
fi
if [[ $SCENARIO == octavia ]]; then
packages+=(python-octaviaclient)
fi
if [[ $SCENARIO == masakari ]]; then
packages+=(python-masakariclient)
fi
if [[ $SCENARIO == scenario_nfv ]]; then
packages+=(python-tackerclient python-barbicanclient python-mistralclient)
fi
if [[ $SCENARIO == ovn ]]; then
packages+=(python-octaviaclient)
fi
if [[ "debian" == $BASE_DISTRO ]]; then
sudo apt -y install python3-venv
fi
python3 -m venv ~/openstackclient-venv
~/openstackclient-venv/bin/pip install -U pip
~/openstackclient-venv/bin/pip install -c $UPPER_CONSTRAINTS ${packages[@]}
}
function prepare_images {
if [[ "${BUILD_IMAGE}" == "False" ]]; then
return
fi
if [[ $SCENARIO != "bifrost" ]]; then
GATE_IMAGES="^cron,^fluentd,^glance,^haproxy,^keepalived,^keystone,^kolla-toolbox,^mariadb,^memcached,^neutron,^nova-,^openvswitch,^rabbitmq,^horizon,^heat,^placement"
else
GATE_IMAGES="bifrost"
fi
if [[ $SCENARIO == "cephadm" ]]; then
GATE_IMAGES+=",^cinder"
fi
if [[ $SCENARIO == "cells" ]]; then
GATE_IMAGES+=",^proxysql"
fi
if [[ $SCENARIO == "zun" ]]; then
GATE_IMAGES+=",^zun,^kuryr,^etcd,^cinder,^iscsid"
if [[ $BASE_DISTRO != "centos" && $BASE_DISTRO != "rocky" ]]; then
GATE_IMAGES+=",^tgtd"
fi
fi
if [[ $SCENARIO == "scenario_nfv" ]]; then
GATE_IMAGES+=",^aodh,^tacker,^mistral,^redis,^barbican"
fi
if [[ $SCENARIO == "ironic" ]]; then
GATE_IMAGES+=",^dnsmasq,^ironic,^iscsid"
fi
if [[ $SCENARIO == "magnum" ]]; then
GATE_IMAGES+=",^designate,^magnum,^trove"
fi
if [[ $SCENARIO == "octavia" ]]; then
GATE_IMAGES+=",^octavia"
fi
if [[ $SCENARIO == "masakari" ]]; then
GATE_IMAGES+=",^masakari-,^hacluster-"
fi
if [[ $SCENARIO == "swift" ]]; then
GATE_IMAGES+=",^swift"
fi
if [[ $SCENARIO == "ovn" ]]; then
GATE_IMAGES+=",^octavia,^ovn"
fi
if [[ $SCENARIO == "mariadb" ]]; then
GATE_IMAGES="^cron,^fluentd,^haproxy,^keepalived,^kolla-toolbox,^mariadb"
fi
if [[ $SCENARIO == "lets-encrypt" ]]; then
GATE_IMAGES+=",^letsencrypt,^haproxy"
fi
if [[ $SCENARIO == "prometheus-opensearch" ]]; then
GATE_IMAGES="^cron,^fluentd,^grafana,^haproxy,^keepalived,^kolla-toolbox,^mariadb,^memcached,^opensearch,^prometheus,^rabbitmq"
fi
if [[ $SCENARIO == "venus" ]]; then
GATE_IMAGES="^cron,^opensearch,^fluentd,^haproxy,^keepalived,^keystone,^kolla-toolbox,^mariadb,^memcached,^rabbitmq,^venus"
fi
sudo tee -a /etc/kolla/kolla-build.conf <<EOF
[DEFAULT]
engine = ${CONTAINER_ENGINE}
[profiles]
gate = ${GATE_IMAGES}
EOF
sudo mkdir -p /tmp/logs/build
sudo mkdir -p /opt/kolla_registry
sudo $CONTAINER_ENGINE run -d --net=host -e REGISTRY_HTTP_ADDR=0.0.0.0:4000 --restart=always -v /opt/kolla_registry/:/var/lib/registry --name registry registry:2
python3 -m venv ~/kolla-venv
. ~/kolla-venv/bin/activate
pip install "${KOLLA_SRC_DIR}" ${CONTAINER_ENGINE}
sudo ~/kolla-venv/bin/kolla-build
# NOTE(yoctozepto): due to debian buster we push after images are built
# see https://github.com/docker/for-linux/issues/711
if [[ "debian" == $BASE_DISTRO ]]; then
for img in $(sudo ${CONTAINER_ENGINE} image ls --format '{{ .Repository }}:{{ .Tag }}' | grep lokolla/); do
sudo $CONTAINER_ENGINE push $img;
done
fi
deactivate
}
setup_openstack_clients
RAW_INVENTORY=/etc/kolla/inventory
source $KOLLA_ANSIBLE_VENV_PATH/bin/activate
kolla-ansible -i ${RAW_INVENTORY} -vvv bootstrap-servers &> /tmp/logs/ansible/bootstrap-servers
deactivate
prepare_images