zuul/zuul-operator
Code Issues Proposed changes

Remove command args override and update operator-framework to v1.4.2

Browse Source 
This change fixes an issue where zuul services can't create
a lockfile.

Another issue happening with older operator-framework and newer
kubernetes version is being fixed by updating the operator-framework
following this migration documentation:
  https://sdk.operatorframework.io/docs/building-operators/ansible/migration/

Change-Id: I6adfb907184112f0b7debb050975f76cd1dd4b01
This commit is contained in:
Tristan Cacqueray 2021-03-31 22:49:21 +00:00
parent 2c367363e8
commit ee8a7b2cfb
17 changed files with 37 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -20,7 +20,7 @@ Look for operator pod and check it's output
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
zuul-operator-c64756f66-rbdmg 2/2 Running 0 3s
$ kubectl logs zuul-operator-c64756f66-rbdmg -c operator
$ kubectl logs zuul-operator-c64756f66-rbdmg
[...]
{"level":"info","ts":1554197305.5853095,"logger":"cmd","msg":"Go Version: go1.10.3"}
{"level":"info","ts":1554197305.5854425,"logger":"cmd","msg":"Go OS/Arch: linux/amd64"}

8
build/Dockerfile
View File

@ -1,4 +1,4 @@
FROM quay.io/operator-framework/ansible-operator:v0.13.0
FROM quay.io/operator-framework/ansible-operator:v1.4.2
# dhall versions and digests
ARG DHALL_VERSION=1.33.1
@ -14,9 +14,11 @@ ARG KUBECTL_DIGEST=a5eb7e2e44d858d96410937a4e4c82f9087c9d120cb2b9e92462878eda59d
# Install extra requirements
USER root
# See: https://github.com/operator-framework/operator-sdk/issues/2384
# Install gear to connect to the scheduler gearman
RUN pip3 install --upgrade openshift gear
RUN pip3 install --upgrade gear
# Install collections
RUN ansible-galaxy collection install community.kubernetes && chmod -R ug+rwx ${HOME}/.ansible
# unarchive: bzip2 and tar
# generate zuul ssh-keys or certificate: openssh and openssl

1
conf/zuul/components/Executor.dhall
View File

@ -34,7 +34,6 @@ in \(app-name : Text) ->
, container = Kubernetes.Container::{
, name = "executor"
, image = input-executor.image
, args = Some [ "zuul-executor", "-d" ]
, imagePullPolicy = Some "IfNotPresent"
, ports = Some
[ Kubernetes.ContainerPort::{

1
conf/zuul/components/Merger.dhall
View File

@ -21,7 +21,6 @@ in \(app-name : Text) ->
, container = Kubernetes.Container::{
, name = "merger"
, image = input-merger.image
, args = Some [ "zuul-merger", "-d" ]
, imagePullPolicy = Some "IfNotPresent"
, env = Some env
, volumeMounts = Some (F.mkVolumeMount (data-dir # volumes))

1
conf/zuul/components/Scheduler.dhall
View File

@ -23,7 +23,6 @@ in \(app-name : Text) ->
, container = Kubernetes.Container::{
, name = "scheduler"
, image = input-scheduler.image
, args = Some [ "zuul-scheduler", "-d" ]
, imagePullPolicy = Some "IfNotPresent"
, ports = Some
[ Kubernetes.ContainerPort::{

1
conf/zuul/components/Web.dhall
View File

@ -22,7 +22,6 @@ in \(app-name : Text) ->
, container = Kubernetes.Container::{
, name = "web"
, image = input-web.image
, args = Some [ "zuul-web", "-d" ]
, imagePullPolicy = Some "IfNotPresent"
, ports = Some
[ Kubernetes.ContainerPort::{

46
deploy/operator.yaml
View File

@ -14,34 +14,28 @@ spec:
spec:
serviceAccountName: zuul-operator
containers:
- name: ansible
command:
- /usr/local/bin/ao-logs
- /tmp/ansible-operator/runner
- stdout
image: "docker.io/zuul/zuul-operator"
imagePullPolicy: "IfNotPresent"
volumeMounts:
- mountPath: /tmp/ansible-operator/runner
name: runner
readOnly: true
- name: operator
image: "docker.io/zuul/zuul-operator"
imagePullPolicy: "IfNotPresent"
volumeMounts:
- mountPath: /tmp/ansible-operator/runner
name: runner
- name: manager
args:
- "--enable-leader-election"
- "--leader-election-id=zuul-operator"
env:
- name: ANSIBLE_GATHERING
value: explicit
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: OPERATOR_NAME
value: "zuul-operator"
volumes:
- name: runner
emptyDir: {}
image: "docker.io/zuul/zuul-operator"
imagePullPolicy: "IfNotPresent"
livenessProbe:
httpGet:
path: /readyz
port: 6789
initialDelaySeconds: 15
periodSeconds: 20
readinessProbe:
httpGet:
path: /healthz
port: 6789
initialDelaySeconds: 5
periodSeconds: 10

2
playbooks/files/update-operator.sh
View File

@ -9,7 +9,7 @@ if test -d /var/lib/silverkube/storage; then
fi
echo "Update local image"
CTX=$(sudo buildah from ${BUILDAH_OPTS} docker.io/zuul/zuul-operator:latest)
CTX=$(sudo buildah from --pull-never ${BUILDAH_OPTS} docker.io/zuul/zuul-operator:latest)
MNT=$(sudo buildah mount ${BUILDAH_OPTS} $CTX)
sudo rsync -avi --delete roles/ ${MNT}/opt/ansible/roles/

2
playbooks/zuul-operator-functional/test.yaml
View File

@ -132,7 +132,7 @@
- name: connect to console-stream
command: |
wsdump.py -r --eof-wait 5 -t '{"uuid":"{{ _job_uuid.stdout_lines[0] }}","logfile":"console.log"}' {{ zuul_ws_url }}/api/tenant/local/console-stream
python3 /usr/local/bin/wsdump.py -r --eof-wait 5 -t '{"uuid":"{{ _job_uuid.stdout_lines[0] }}","logfile":"console.log"}' {{ zuul_ws_url }}/api/tenant/local/console-stream
register: console_stream
- name: show console stream

2
roles/zuul-ensure-database-password/tasks/main.yaml
View File

@ -4,7 +4,7 @@
- name: Generate and store database password
when: _zuul_db_password.data is not defined
k8s:
community.kubernetes.k8s:
state: "{{ state }}"
namespace: "{{ namespace }}"
definition:

2
roles/zuul-ensure-gearman-tls/tasks/main.yaml
View File

@ -17,7 +17,7 @@
- "openssl x509 -req -days 3650 -in client-{{ zuul_name }}.csr -out client-{{ zuul_name }}.pem -CA ca-{{ zuul_name }}.pem -CAkey ca-{{ zuul_name }}.key -CAcreateserial"
- name: Create k8s secret
k8s:
community.kubernetes.k8s:
state: "{{ state }}"
namespace: "{{ namespace }}"
definition:

4
roles/zuul-ensure-registry-tls/tasks/main.yaml
View File

@ -15,7 +15,7 @@
- "openssl x509 -req -days 3650 -in registry-{{ zuul_name }}.csr -out registry-{{ zuul_name }}.pem -CA ca-{{ zuul_name }}.pem -CAkey ca-{{ zuul_name }}.key -CAcreateserial"
- name: Create k8s secret
k8s:
community.kubernetes.k8s:
state: "{{ state }}"
namespace: "{{ namespace }}"
definition:
@ -38,7 +38,7 @@
when: registry_user_rw.data is not defined
block:
- name: Create k8s secret
k8s:
community.kubernetes.k8s:
state: "{{ state }}"
namespace: "{{ namespace }}"
definition:

2
roles/zuul-ensure-zookeeper-tls/tasks/main.yaml
View File

@ -14,7 +14,7 @@
creates: zk-ca/keys/clientkey.pem
- name: Create k8s secret
k8s:
community.kubernetes.k8s:
state: "{{ state }}"
namespace: "{{ namespace }}"
definition:

2
roles/zuul-restart-when-zuul-conf-changed/tasks/main.yaml
View File

@ -27,7 +27,7 @@
register: zuul_changes
- name: Patch service
k8s:
community.kubernetes.k8s:
state: present
namespace: "{{ namespace }}"
merge_type: merge

2
roles/zuul/defaults/main.yaml
View File

@ -5,7 +5,7 @@ zuul_app_path: "/opt/ansible/conf/zuul"
# Here we use zuul_spec to get un-modified cr
# see: https://github.com/operator-framework/operator-sdk/issues/1770
raw_spec: "{{ vars['_operator_zuul-ci_org_zuul_spec'] | default(spec) }}"
raw_spec: "{{ vars['_operator_zuul_ci_org_zuul_spec'] | default(spec) }}"
# Let optional withCertManager bool value
cert_manager: "{{ (raw_spec['withCertManager'] | default(true)) | bool }}"

2
roles/zuul/tasks/main.yaml
View File

@ -44,7 +44,7 @@
register: _json
- name: Apply objects
k8s:
community.kubernetes.k8s:
state: "{{ state }}"
namespace: "{{ namespace }}"
definition: "{{ item }}"

2
watches.yaml
View File

@ -2,4 +2,4 @@
- version: v1alpha1
group: operator.zuul-ci.org
kind: Zuul
role: /opt/ansible/roles/zuul
role: zuul