Add tenant reconfiguration when main.yaml changed

This change adds zuul scheduler reconfiguration when the tenant config changes. Depends-On: https://review.opendev.org/715418 Change-Id: Ib405f5508f513b41f6167e86bf9abe83640d8a18
2020-01-21 14:45:59 +00:00 · 2020-01-21 14:45:59 +00:00 · bb0b0c984d
commit bb0b0c984d
parent 23a544fb35
5 changed files with 25 additions and 0 deletions
--- a/build/Dockerfile
+++ b/build/Dockerfile
@ -7,6 +7,10 @@ ARG DHALL_JSON_DIGEST=ea37627c4e19789af33def099d4cb145b874c03b4d5b98cb33ce06be1d
 ARG DHALL_LANG_REF=v14.0.0
 ARG DHALL_KUBE_REF=v3.0.0

+# kubectl versions and digests
+ARG KUBECTL_VERSION=v1.17.0
+ARG KUBECTL_DIGEST=a5eb7e2e44d858d96410937a4e4c82f9087c9d120cb2b9e92462878eda59d578
+
 # Install extra requirements
 USER root

@ -19,6 +23,12 @@ RUN pip3 install --upgrade openshift gear
 # manage configuration: git
 RUN dnf install -y bzip2 tar openssh openssl git

+# Install kubectl to mitigate https://github.com/operator-framework/operator-sdk/issues/2204
+RUN curl -OL https://dl.k8s.io/$KUBECTL_VERSION/kubernetes-client-linux-amd64.tar.gz                                                          \
+  && echo "$KUBECTL_DIGEST  kubernetes-client-linux-amd64.tar.gz" | sha256sum -c                                                              \
+  && tar -xf kubernetes-client-linux-amd64.tar.gz --strip-components=3 -z --mode='a+x' -C /usr/bin                                            \
+  && rm kubernetes-client-linux-amd64.tar.gz
+
 # Install dhall-to-json
 RUN curl -OL https://github.com/dhall-lang/dhall-haskell/releases/download/$DHALL_VERSION/dhall-json-$DHALL_JSON_VERSION-x86_64-linux.tar.bz2 \
  && echo "$DHALL_JSON_DIGEST  dhall-json-$DHALL_JSON_VERSION-x86_64-linux.tar.bz2" | sha256sum -c                                            \
--- a/deploy/rbac.yaml
+++ b/deploy/rbac.yaml
@ -14,6 +14,7 @@ rules:
  - ""
  resources:
  - pods
+  - pods/exec
  - services
  - services/finalizers
  - endpoints
--- a/roles/zuul-lookup-conf/tasks/main.yaml
+++ b/roles/zuul-lookup-conf/tasks/main.yaml
@ -1,3 +1,4 @@
 - name: Lookup zuul conf secret
  set_fact:
    zuul_conf_secret: "{{ lookup('k8s', api_version='v1', kind='Secret', namespace=namespace, resource_name=zuul_name + '-secret-zuul') }}"
+    zuul_tenants_secret: "{{ lookup('k8s', api_version='v1', kind='Secret', namespace=namespace, resource_name=zuul_name + '-secret-zuul-config') }}"
--- a/roles/zuul-reconfigure-tenant-when-conf-changed/tasks/main.yaml
+++ b/roles/zuul-reconfigure-tenant-when-conf-changed/tasks/main.yaml
@ -0,0 +1,9 @@
+- name: Lookup zuul tenant secret
+  set_fact:
+    new_zuul_tenants_secret: "{{ lookup('k8s', api_version='v1', kind='Secret', namespace=namespace, resource_name=zuul_name + '-secret-zuul-config') }}"
+
+- name: Reconfigure zuul
+  when: new_zuul_tenants_secret.data['main.yaml'] != zuul_tenants_secret.data['main.yaml']
+# Use kubectl instead of k8s_exec because of https://github.com/operator-framework/operator-sdk/issues/2204
+  command: >-
+    kubectl exec -n {{ meta.namespace }} {{ zuul_name }}-scheduler-0 -- zuul-scheduler smart-reconfigure
--- a/roles/zuul/tasks/main.yaml
+++ b/roles/zuul/tasks/main.yaml
@ -36,3 +36,7 @@
 - include_role:
    name: zuul-restart-when-zuul-conf-changed
  when: zuul_conf_secret.data is defined
+
+- include_role:
+    name: zuul-reconfigure-tenant-when-conf-changed
+  when: zuul_tenants_secret.data is defined