From 0b02f6593b4d686160b7c6504755160a9dda0c11 Mon Sep 17 00:00:00 2001
From: Maxime Guyot <Miouge1@users.noreply.github.com>
Date: Tue, 16 Apr 2019 14:35:05 +0200
Subject: [PATCH] Split .gitlab-ci.yml into several files (#4519)
---
.gitlab-ci.yml | 628 +----------------------------------
.gitlab-ci/digital-ocean.yml | 16 +
.gitlab-ci/gce.yml | 440 ++++++++++++++++++++++++
.gitlab-ci/lint.yml | 33 ++
.gitlab-ci/terraform.yml | 129 +++++++
5 files changed, 625 insertions(+), 621 deletions(-)
create mode 100644 .gitlab-ci/digital-ocean.yml
create mode 100644 .gitlab-ci/gce.yml
create mode 100644 .gitlab-ci/lint.yml
create mode 100644 .gitlab-ci/terraform.yml
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 07ccec349..7616aebb9 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -52,29 +52,6 @@ before_script:
<<: *job
<<: *docker_service
-.gce_variables: &gce_variables
- GCE_USER: travis
- SSH_USER: $GCE_USER
- CLOUD_MACHINE_TYPE: "g1-small"
- CI_PLATFORM: "gce"
- PRIVATE_KEY: $GCE_PRIVATE_KEY
-
-.do_variables: &do_variables
- PRIVATE_KEY: $DO_PRIVATE_KEY
- CI_PLATFORM: "do"
- SSH_USER: root
-
-.ovh_variables: &ovh_variables
- OS_AUTH_URL: https://auth.cloud.ovh.net/v3
- OS_PROJECT_ID: 8d3cd5d737d74227ace462dee0b903fe
- OS_PROJECT_NAME: "9361447987648822"
- OS_USER_DOMAIN_NAME: Default
- OS_PROJECT_DOMAIN_ID: default
- OS_USERNAME: 8XuhBMfkKVrk
- OS_REGION_NAME: UK1
- OS_INTERFACE: public
- OS_IDENTITY_API_VERSION: "3"
-
.testcases: &testcases
<<: *job
<<: *docker_service
@@ -231,453 +208,10 @@ before_script:
after_script:
- cd tests && make delete-${CI_PLATFORM} -s ; cd -
-.gce: &gce
- <<: *testcases
-
-.do: &do
- <<: *testcases
-
-# Test matrix. Leave the comments for markup scripts.
-.coreos_calico_aio_variables: &coreos_calico_aio_variables
- # stage: deploy-part1
- MOVED_TO_GROUP_VARS: "true"
-
-.ubuntu18_flannel_aio_variables: &ubuntu18_flannel_aio_variables
- # stage: deploy-part1
- MOVED_TO_GROUP_VARS: "true"
-
-.centos_weave_kubeadm_variables: ¢os_weave_kubeadm_variables
- # stage: deploy-part1
- UPGRADE_TEST: "graceful"
-
-.ubuntu_canal_kubeadm_variables: &ubuntu_canal_kubeadm_variables
- # stage: deploy-part1
- MOVED_TO_GROUP_VARS: "true"
-
-.ubuntu_canal_ha_variables: &ubuntu_canal_ha_variables
- # stage: deploy-special
- MOVED_TO_GROUP_VARS: "true"
-
-.ubuntu_contiv_sep_variables: &ubuntu_contiv_sep_variables
- # stage: deploy-special
- MOVED_TO_GROUP_VARS: "true"
-
-.coreos_cilium_variables: &coreos_cilium_variables
- # stage: deploy-special
- MOVED_TO_GROUP_VARS: "true"
-
-.ubuntu_cilium_sep_variables: &ubuntu_cilium_sep_variables
- # stage: deploy-special
- MOVED_TO_GROUP_VARS: "true"
-
-.rhel7_weave_variables: &rhel7_weave_variables
- # stage: deploy-part1
- MOVED_TO_GROUP_VARS: "true"
-
-.centos7_flannel_addons_variables: ¢os7_flannel_addons_variables
- # stage: deploy-part2
- MOVED_TO_GROUP_VARS: "true"
-
-.debian9_calico_variables: &debian9_calico_variables
- # stage: deploy-part2
- MOVED_TO_GROUP_VARS: "true"
-
-.coreos_canal_variables: &coreos_canal_variables
- # stage: deploy-part2
- MOVED_TO_GROUP_VARS: "true"
-
-.rhel7_canal_sep_variables: &rhel7_canal_sep_variables
- # stage: deploy-special
- MOVED_TO_GROUP_VARS: "true"
-
-.ubuntu_weave_sep_variables: &ubuntu_weave_sep_variables
- # stage: deploy-special
- MOVED_TO_GROUP_VARS: "true"
-
-.centos7_calico_ha_variables: ¢os7_calico_ha_variables
- # stage: deploy-special
- MOVED_TO_GROUP_VARS: "true"
-
-.centos7_kube_router_variables: ¢os7_kube_router_variables
- # stage: deploy-special
- MOVED_TO_GROUP_VARS: "true"
-
-.centos7_multus_calico_variables: ¢os7_multus_calico_variables
- # stage: deploy-part2
- UPGRADE_TEST: "graceful"
-
-.coreos_alpha_weave_ha_variables: &coreos_alpha_weave_ha_variables
- # stage: deploy-special
- MOVED_TO_GROUP_VARS: "true"
-
-.coreos_kube_router_variables: &coreos_kube_router_variables
- # stage: deploy-special
- MOVED_TO_GROUP_VARS: "true"
-
-.ubuntu_rkt_sep_variables: &ubuntu_rkt_sep_variables
- # stage: deploy-part1
- MOVED_TO_GROUP_VARS: "true"
-
-.ubuntu_flannel_variables: &ubuntu_flannel_variables
- # stage: deploy-part2
- MOVED_TO_GROUP_VARS: "true"
-
-.ubuntu_kube_router_variables: &ubuntu_kube_router_variables
- # stage: deploy-special
- MOVED_TO_GROUP_VARS: "true"
-
-.opensuse_canal_variables: &opensuse_canal_variables
- # stage: deploy-part2
- MOVED_TO_GROUP_VARS: "true"
-
-
-# Builds for PRs only (premoderated by unit-tests step) and triggers (auto)
-### PR JOBS PART1
-
-gce_ubuntu18-flannel-aio:
- stage: deploy-part1
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *ubuntu18_flannel_aio_variables
- when: on_success
- except: ['triggers']
- only: [/^pr-.*$/]
-
-### PR JOBS PART2
-
-gce_coreos-calico-aio:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *coreos_calico_aio_variables
- when: on_success
- except: ['triggers']
- only: [/^pr-.*$/]
-
-gce_centos7-flannel-addons:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *centos7_flannel_addons_variables
- when: on_success
- except: ['triggers']
- only: [/^pr-.*$/]
-
-### MANUAL JOBS
-
-gce_centos-weave-kubeadm-sep:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *centos_weave_kubeadm_variables
- when: on_success
- only: ['triggers']
-
-gce_ubuntu-weave-sep:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *ubuntu_weave_sep_variables
- when: manual
- only: ['triggers']
-
-gce_coreos-calico-sep-triggers:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *coreos_calico_aio_variables
- when: on_success
- only: ['triggers']
-
-gce_ubuntu-canal-ha-triggers:
- stage: deploy-special
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *ubuntu_canal_ha_variables
- when: on_success
- only: ['triggers']
-
-gce_centos7-flannel-addons-triggers:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *centos7_flannel_addons_variables
- when: on_success
- only: ['triggers']
-
-gce_ubuntu-weave-sep-triggers:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *ubuntu_weave_sep_variables
- when: on_success
- only: ['triggers']
-
-# More builds for PRs/merges (manual) and triggers (auto)
-do_ubuntu-canal-ha:
- stage: deploy-part2
- <<: *do
- variables:
- <<: *do_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_ubuntu-canal-ha:
- stage: deploy-special
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *ubuntu_canal_ha_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_ubuntu-canal-kubeadm:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *ubuntu_canal_kubeadm_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_ubuntu-canal-kubeadm-triggers:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *ubuntu_canal_kubeadm_variables
- when: on_success
- only: ['triggers']
-
-gce_ubuntu-flannel-ha:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *ubuntu_flannel_variables
- when: manual
- except: ['triggers']
-
-gce_centos-weave-kubeadm-triggers:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *centos_weave_kubeadm_variables
- when: on_success
- only: ['triggers']
-
-gce_ubuntu-contiv-sep:
- stage: deploy-special
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *ubuntu_contiv_sep_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_coreos-cilium:
- stage: deploy-special
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *coreos_cilium_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_ubuntu-cilium-sep:
- stage: deploy-special
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *ubuntu_cilium_sep_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_rhel7-weave:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *rhel7_weave_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_rhel7-weave-triggers:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *rhel7_weave_variables
- when: on_success
- only: ['triggers']
-
-gce_debian9-calico-upgrade:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *debian9_calico_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_debian9-calico-triggers:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *debian9_calico_variables
- when: on_success
- only: ['triggers']
-
-gce_coreos-canal:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *coreos_canal_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_coreos-canal-triggers:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *coreos_canal_variables
- when: on_success
- only: ['triggers']
-
-gce_rhel7-canal-sep:
- stage: deploy-special
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *rhel7_canal_sep_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_rhel7-canal-sep-triggers:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *rhel7_canal_sep_variables
- when: on_success
- only: ['triggers']
-
-gce_centos7-calico-ha:
- stage: deploy-special
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *centos7_calico_ha_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_centos7-calico-ha-triggers:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *centos7_calico_ha_variables
- when: on_success
- only: ['triggers']
-
-gce_centos7-kube-router:
- stage: deploy-special
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *centos7_kube_router_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_centos7-multus-calico:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *centos7_multus_calico_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_opensuse-canal:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *opensuse_canal_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-# no triggers yet https://github.com/kubernetes-incubator/kargo/issues/613
-gce_coreos-alpha-weave-ha:
- stage: deploy-special
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *coreos_alpha_weave_ha_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_coreos-kube-router:
- stage: deploy-special
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *coreos_kube_router_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_ubuntu-rkt-sep:
- stage: deploy-part2
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *ubuntu_rkt_sep_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
-gce_ubuntu-kube-router-sep:
- stage: deploy-special
- <<: *gce
- variables:
- <<: *gce_variables
- <<: *ubuntu_kube_router_variables
- when: manual
- except: ['triggers']
- only: ['master', /^pr-.*$/]
-
+# For failfast, at least 1 job must be defined in .gitlab-ci.yml
# Premoderated with manual actions
ci-authorized:
- <<: *job
+ extends: .job
stage: moderator
before_script:
- apt-get -y install jq
@@ -685,156 +219,8 @@ ci-authorized:
- /bin/sh scripts/premoderator.sh
except: ['triggers', 'master']
-syntax-check:
- <<: *job
- stage: unit-tests
- script:
- - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root cluster.yml -vvv --syntax-check
- - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root upgrade-cluster.yml -vvv --syntax-check
- - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root reset.yml -vvv --syntax-check
- - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root extra_playbooks/upgrade-only-k8s.yml -vvv --syntax-check
- except: ['triggers', 'master']
-
-yamllint:
- <<: *job
- stage: unit-tests
- script:
- - yamllint .
- except: ['triggers', 'master']
-
-ansible-lint:
- <<: *job
- stage: unit-tests
- # lint every yml/yaml file that looks like it contains Ansible plays
- script: |-
- grep -Rl '^- hosts: \|^ hosts: \|^- name: ' --include \*.yml --include \*.yaml . | xargs ansible-lint -v
- except: ['triggers', 'master']
-
-tox-inventory-builder:
- stage: unit-tests
- <<: *job
- script:
- - pip install tox
- - cd contrib/inventory_builder && tox
- when: manual
- except: ['triggers', 'master']
-
-
-# Tests for contrib/terraform/
-.terraform_install: &terraform_install
- <<: *job
- before_script:
- # Set Ansible config
- - cp ansible.cfg ~/.ansible.cfg
- # Install Terraform
- - apt-get install -y unzip
- - curl https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_amd64.zip > /tmp/terraform.zip
- - unzip /tmp/terraform.zip && mv ./terraform /usr/local/bin/ && terraform --version
- # Prepare inventory
- - cp -LRp contrib/terraform/$PROVIDER/sample-inventory inventory/$CLUSTER
- - cd inventory/$CLUSTER
- - ln -s ../../contrib/terraform/$PROVIDER/hosts
- - terraform init ../../contrib/terraform/$PROVIDER
- # Copy SSH keypair
- - mkdir -p ~/.ssh
- - echo "$PACKET_PRIVATE_KEY" | base64 -d > ~/.ssh/id_rsa
- - chmod 400 ~/.ssh/id_rsa
- - echo "$PACKET_PUBLIC_KEY" | base64 -d > ~/.ssh/id_rsa.pub
- only: ['master', /^pr-.*$/]
-
-.terraform_validate: &terraform_validate
- <<: *terraform_install
- stage: unit-tests
- script:
- - terraform validate -var-file=cluster.tf ../../contrib/terraform/$PROVIDER
- - terraform fmt -check -diff ../../contrib/terraform/$PROVIDER
-
-.terraform_apply: &terraform_apply
- <<: *terraform_install
- stage: deploy-part2
- when: manual
- script:
- - terraform apply -auto-approve ../../contrib/terraform/$PROVIDER
- - ansible-playbook -i hosts ../../cluster.yml --become
- after_script:
- # Cleanup regardless of exit code
- - cd inventory/$CLUSTER
- - terraform destroy -auto-approve ../../contrib/terraform/$PROVIDER
-
-tf-validate-openstack:
- <<: *terraform_validate
- variables:
- TF_VERSION: 0.11.11
- PROVIDER: openstack
- CLUSTER: $CI_COMMIT_REF_NAME
-
-tf-validate-packet:
- <<: *terraform_validate
- variables:
- TF_VERSION: 0.11.11
- PROVIDER: packet
- CLUSTER: $CI_COMMIT_REF_NAME
-
-tf-validate-aws:
- <<: *terraform_validate
- variables:
- TF_VERSION: 0.11.11
- PROVIDER: aws
- CLUSTER: $CI_COMMIT_REF_NAME
-
-tf-packet-ubuntu16-default:
- <<: *terraform_apply
- variables:
- TF_VERSION: 0.11.11
- PROVIDER: packet
- CLUSTER: $CI_COMMIT_REF_NAME
- TF_VAR_cluster_name: $CI_COMMIT_REF_SLUG
- TF_VAR_number_of_k8s_masters: "1"
- TF_VAR_number_of_k8s_nodes: "1"
- TF_VAR_plan_k8s_masters: t1.small.x86
- TF_VAR_plan_k8s_nodes: t1.small.x86
- TF_VAR_facility: "ewr1"
- TF_VAR_public_key_path: ""
- TF_VAR_operating_system: ubuntu_16_04
-
-tf-packet-ubuntu18-default:
- <<: *terraform_apply
- variables:
- TF_VERSION: 0.11.11
- PROVIDER: packet
- CLUSTER: $CI_COMMIT_REF_NAME
- TF_VAR_cluster_name: $CI_COMMIT_REF_SLUG
- TF_VAR_number_of_k8s_masters: "1"
- TF_VAR_number_of_k8s_nodes: "1"
- TF_VAR_plan_k8s_masters: t1.small.x86
- TF_VAR_plan_k8s_nodes: t1.small.x86
- TF_VAR_facility: "ams1"
- TF_VAR_public_key_path: ""
- TF_VAR_operating_system: ubuntu_18_04
-
-tf-apply-ovh:
- <<: *terraform_apply
- variables:
- <<: *ovh_variables
- TF_VERSION: 0.11.11
- PROVIDER: openstack
- CLUSTER: $CI_COMMIT_REF_NAME
- ANSIBLE_TIMEOUT: "60"
- TF_VAR_cluster_name: $CI_COMMIT_REF_SLUG
- TF_VAR_number_of_k8s_masters: "0"
- TF_VAR_number_of_k8s_masters_no_floating_ip: "1"
- TF_VAR_number_of_k8s_masters_no_floating_ip_no_etcd: "0"
- TF_VAR_number_of_etcd: "0"
- TF_VAR_number_of_k8s_nodes: "0"
- TF_VAR_number_of_k8s_nodes_no_floating_ip: "1"
- TF_VAR_number_of_gfs_nodes_no_floating_ip: "0"
- TF_VAR_number_of_bastions: "0"
- TF_VAR_number_of_k8s_masters_no_etcd: "0"
- TF_VAR_use_neutron: "0"
- TF_VAR_floatingip_pool: "Ext-Net"
- TF_VAR_external_net: "6011fbc9-4cbf-46a4-8452-6890a340b60b"
- TF_VAR_network_name: "Ext-Net"
- TF_VAR_flavor_k8s_master: "defa64c3-bd46-43b4-858a-d93bbae0a229" #s1-8
- TF_VAR_flavor_k8s_node: "defa64c3-bd46-43b4-858a-d93bbae0a229" #s1-8
- TF_VAR_image: "Ubuntu 18.04"
- TF_VAR_k8s_allowed_remote_ips: '["0.0.0.0/0"]'
+include:
+ - .gitlab-ci/lint.yml
+ - .gitlab-ci/gce.yml
+ - .gitlab-ci/digital-ocean.yml
+ - .gitlab-ci/terraform.yml
diff --git a/.gitlab-ci/digital-ocean.yml b/.gitlab-ci/digital-ocean.yml
new file mode 100644
index 000000000..919abda53
--- /dev/null
+++ b/.gitlab-ci/digital-ocean.yml
@@ -0,0 +1,16 @@
+.do_variables: &do_variables
+ PRIVATE_KEY: $DO_PRIVATE_KEY
+ CI_PLATFORM: "do"
+ SSH_USER: root
+
+.do: &do
+ extends: .testcases
+
+do_ubuntu-canal-ha:
+ stage: deploy-part2
+ extends: .do
+ variables:
+ <<: *do_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
diff --git a/.gitlab-ci/gce.yml b/.gitlab-ci/gce.yml
new file mode 100644
index 000000000..977dd8cce
--- /dev/null
+++ b/.gitlab-ci/gce.yml
@@ -0,0 +1,440 @@
+.gce_variables: &gce_variables
+ GCE_USER: travis
+ SSH_USER: $GCE_USER
+ CLOUD_MACHINE_TYPE: "g1-small"
+ CI_PLATFORM: "gce"
+ PRIVATE_KEY: $GCE_PRIVATE_KEY
+
+.gce: &gce
+ extends: .testcases
+
+# Test matrix. Leave the comments for markup scripts.
+.coreos_calico_aio_variables: &coreos_calico_aio_variables
+ # stage: deploy-part1
+ MOVED_TO_GROUP_VARS: "true"
+
+.ubuntu18_flannel_aio_variables: &ubuntu18_flannel_aio_variables
+ # stage: deploy-part1
+ MOVED_TO_GROUP_VARS: "true"
+
+.centos_weave_kubeadm_variables: ¢os_weave_kubeadm_variables
+ # stage: deploy-part1
+ UPGRADE_TEST: "graceful"
+
+.ubuntu_canal_kubeadm_variables: &ubuntu_canal_kubeadm_variables
+ # stage: deploy-part1
+ MOVED_TO_GROUP_VARS: "true"
+
+.ubuntu_canal_ha_variables: &ubuntu_canal_ha_variables
+ # stage: deploy-special
+ MOVED_TO_GROUP_VARS: "true"
+
+.ubuntu_contiv_sep_variables: &ubuntu_contiv_sep_variables
+ # stage: deploy-special
+ MOVED_TO_GROUP_VARS: "true"
+
+.coreos_cilium_variables: &coreos_cilium_variables
+ # stage: deploy-special
+ MOVED_TO_GROUP_VARS: "true"
+
+.ubuntu_cilium_sep_variables: &ubuntu_cilium_sep_variables
+ # stage: deploy-special
+ MOVED_TO_GROUP_VARS: "true"
+
+.rhel7_weave_variables: &rhel7_weave_variables
+ # stage: deploy-part1
+ MOVED_TO_GROUP_VARS: "true"
+
+.centos7_flannel_addons_variables: ¢os7_flannel_addons_variables
+ # stage: deploy-part2
+ MOVED_TO_GROUP_VARS: "true"
+
+.debian9_calico_variables: &debian9_calico_variables
+ # stage: deploy-part2
+ MOVED_TO_GROUP_VARS: "true"
+
+.coreos_canal_variables: &coreos_canal_variables
+ # stage: deploy-part2
+ MOVED_TO_GROUP_VARS: "true"
+
+.rhel7_canal_sep_variables: &rhel7_canal_sep_variables
+ # stage: deploy-special
+ MOVED_TO_GROUP_VARS: "true"
+
+.ubuntu_weave_sep_variables: &ubuntu_weave_sep_variables
+ # stage: deploy-special
+ MOVED_TO_GROUP_VARS: "true"
+
+.centos7_calico_ha_variables: ¢os7_calico_ha_variables
+ # stage: deploy-special
+ MOVED_TO_GROUP_VARS: "true"
+
+.centos7_kube_router_variables: ¢os7_kube_router_variables
+ # stage: deploy-special
+ MOVED_TO_GROUP_VARS: "true"
+
+.centos7_multus_calico_variables: ¢os7_multus_calico_variables
+ # stage: deploy-part2
+ UPGRADE_TEST: "graceful"
+
+.coreos_alpha_weave_ha_variables: &coreos_alpha_weave_ha_variables
+ # stage: deploy-special
+ MOVED_TO_GROUP_VARS: "true"
+
+.coreos_kube_router_variables: &coreos_kube_router_variables
+ # stage: deploy-special
+ MOVED_TO_GROUP_VARS: "true"
+
+.ubuntu_rkt_sep_variables: &ubuntu_rkt_sep_variables
+ # stage: deploy-part1
+ MOVED_TO_GROUP_VARS: "true"
+
+.ubuntu_flannel_variables: &ubuntu_flannel_variables
+ # stage: deploy-part2
+ MOVED_TO_GROUP_VARS: "true"
+
+.ubuntu_kube_router_variables: &ubuntu_kube_router_variables
+ # stage: deploy-special
+ MOVED_TO_GROUP_VARS: "true"
+
+.opensuse_canal_variables: &opensuse_canal_variables
+ # stage: deploy-part2
+ MOVED_TO_GROUP_VARS: "true"
+
+
+# Builds for PRs only (premoderated by unit-tests step) and triggers (auto)
+### PR JOBS PART1
+
+gce_ubuntu18-flannel-aio:
+ stage: deploy-part1
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *ubuntu18_flannel_aio_variables
+ when: on_success
+ except: ['triggers']
+ only: [/^pr-.*$/]
+
+### PR JOBS PART2
+
+gce_coreos-calico-aio:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *coreos_calico_aio_variables
+ when: on_success
+ except: ['triggers']
+ only: [/^pr-.*$/]
+
+gce_centos7-flannel-addons:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *centos7_flannel_addons_variables
+ when: on_success
+ except: ['triggers']
+ only: [/^pr-.*$/]
+
+### MANUAL JOBS
+
+gce_centos-weave-kubeadm-sep:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *centos_weave_kubeadm_variables
+ when: on_success
+ only: ['triggers']
+
+gce_ubuntu-weave-sep:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *ubuntu_weave_sep_variables
+ when: manual
+ only: ['triggers']
+
+gce_coreos-calico-sep-triggers:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *coreos_calico_aio_variables
+ when: on_success
+ only: ['triggers']
+
+gce_ubuntu-canal-ha-triggers:
+ stage: deploy-special
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *ubuntu_canal_ha_variables
+ when: on_success
+ only: ['triggers']
+
+gce_centos7-flannel-addons-triggers:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *centos7_flannel_addons_variables
+ when: on_success
+ only: ['triggers']
+
+gce_ubuntu-weave-sep-triggers:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *ubuntu_weave_sep_variables
+ when: on_success
+ only: ['triggers']
+
+# More builds for PRs/merges (manual) and triggers (auto)
+
+
+gce_ubuntu-canal-ha:
+ stage: deploy-special
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *ubuntu_canal_ha_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_ubuntu-canal-kubeadm:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *ubuntu_canal_kubeadm_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_ubuntu-canal-kubeadm-triggers:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *ubuntu_canal_kubeadm_variables
+ when: on_success
+ only: ['triggers']
+
+gce_ubuntu-flannel-ha:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *ubuntu_flannel_variables
+ when: manual
+ except: ['triggers']
+
+gce_centos-weave-kubeadm-triggers:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *centos_weave_kubeadm_variables
+ when: on_success
+ only: ['triggers']
+
+gce_ubuntu-contiv-sep:
+ stage: deploy-special
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *ubuntu_contiv_sep_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_coreos-cilium:
+ stage: deploy-special
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *coreos_cilium_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_ubuntu-cilium-sep:
+ stage: deploy-special
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *ubuntu_cilium_sep_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_rhel7-weave:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *rhel7_weave_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_rhel7-weave-triggers:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *rhel7_weave_variables
+ when: on_success
+ only: ['triggers']
+
+gce_debian9-calico-upgrade:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *debian9_calico_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_debian9-calico-triggers:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *debian9_calico_variables
+ when: on_success
+ only: ['triggers']
+
+gce_coreos-canal:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *coreos_canal_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_coreos-canal-triggers:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *coreos_canal_variables
+ when: on_success
+ only: ['triggers']
+
+gce_rhel7-canal-sep:
+ stage: deploy-special
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *rhel7_canal_sep_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_rhel7-canal-sep-triggers:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *rhel7_canal_sep_variables
+ when: on_success
+ only: ['triggers']
+
+gce_centos7-calico-ha:
+ stage: deploy-special
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *centos7_calico_ha_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_centos7-calico-ha-triggers:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *centos7_calico_ha_variables
+ when: on_success
+ only: ['triggers']
+
+gce_centos7-kube-router:
+ stage: deploy-special
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *centos7_kube_router_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_centos7-multus-calico:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *centos7_multus_calico_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_opensuse-canal:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *opensuse_canal_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+# no triggers yet https://github.com/kubernetes-incubator/kargo/issues/613
+gce_coreos-alpha-weave-ha:
+ stage: deploy-special
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *coreos_alpha_weave_ha_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_coreos-kube-router:
+ stage: deploy-special
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *coreos_kube_router_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_ubuntu-rkt-sep:
+ stage: deploy-part2
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *ubuntu_rkt_sep_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
+
+gce_ubuntu-kube-router-sep:
+ stage: deploy-special
+ <<: *gce
+ variables:
+ <<: *gce_variables
+ <<: *ubuntu_kube_router_variables
+ when: manual
+ except: ['triggers']
+ only: ['master', /^pr-.*$/]
diff --git a/.gitlab-ci/lint.yml b/.gitlab-ci/lint.yml
new file mode 100644
index 000000000..8957a2977
--- /dev/null
+++ b/.gitlab-ci/lint.yml
@@ -0,0 +1,33 @@
+yamllint:
+ extends: .job
+ stage: unit-tests
+ script:
+ - yamllint .
+ except: ['triggers', 'master']
+
+ansible-lint:
+ extends: .job
+ stage: unit-tests
+ # lint every yml/yaml file that looks like it contains Ansible plays
+ script: |-
+ grep -Rl '^- hosts: \|^ hosts: \|^- name: ' --include \*.yml --include \*.yaml . | xargs ansible-lint -v
+ except: ['triggers', 'master']
+
+syntax-check:
+ extends: .job
+ stage: unit-tests
+ script:
+ - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root cluster.yml -vvv --syntax-check
+ - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root upgrade-cluster.yml -vvv --syntax-check
+ - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root reset.yml -vvv --syntax-check
+ - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root extra_playbooks/upgrade-only-k8s.yml -vvv --syntax-check
+ except: ['triggers', 'master']
+
+tox-inventory-builder:
+ stage: unit-tests
+ extends: .job
+ script:
+ - pip install tox
+ - cd contrib/inventory_builder && tox
+ when: manual
+ except: ['triggers', 'master']
diff --git a/.gitlab-ci/terraform.yml b/.gitlab-ci/terraform.yml
new file mode 100644
index 000000000..c1d6b5309
--- /dev/null
+++ b/.gitlab-ci/terraform.yml
@@ -0,0 +1,129 @@
+# Tests for contrib/terraform/
+.terraform_install:
+ extends: .job
+ before_script:
+ # Set Ansible config
+ - cp ansible.cfg ~/.ansible.cfg
+ # Install Terraform
+ - apt-get install -y unzip
+ - curl https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_amd64.zip > /tmp/terraform.zip
+ - unzip /tmp/terraform.zip && mv ./terraform /usr/local/bin/ && terraform --version
+ # Prepare inventory
+ - cp -LRp contrib/terraform/$PROVIDER/sample-inventory inventory/$CLUSTER
+ - cd inventory/$CLUSTER
+ - ln -s ../../contrib/terraform/$PROVIDER/hosts
+ - terraform init ../../contrib/terraform/$PROVIDER
+ # Copy SSH keypair
+ - mkdir -p ~/.ssh
+ - echo "$PACKET_PRIVATE_KEY" | base64 -d > ~/.ssh/id_rsa
+ - chmod 400 ~/.ssh/id_rsa
+ - echo "$PACKET_PUBLIC_KEY" | base64 -d > ~/.ssh/id_rsa.pub
+ only: ['master', /^pr-.*$/]
+
+.terraform_validate:
+ extends: .terraform_install
+ stage: unit-tests
+ script:
+ - terraform validate -var-file=cluster.tf ../../contrib/terraform/$PROVIDER
+ - terraform fmt -check -diff ../../contrib/terraform/$PROVIDER
+
+.terraform_apply:
+ extends: .terraform_install
+ stage: deploy-part2
+ when: manual
+ script:
+ - terraform apply -auto-approve ../../contrib/terraform/$PROVIDER
+ - ansible-playbook -i hosts ../../cluster.yml --become
+ after_script:
+ # Cleanup regardless of exit code
+ - cd inventory/$CLUSTER
+ - terraform destroy -auto-approve ../../contrib/terraform/$PROVIDER
+
+tf-validate-openstack:
+ extends: .terraform_validate
+ variables:
+ TF_VERSION: 0.11.11
+ PROVIDER: openstack
+ CLUSTER: $CI_COMMIT_REF_NAME
+
+tf-validate-packet:
+ extends: .terraform_validate
+ variables:
+ TF_VERSION: 0.11.11
+ PROVIDER: packet
+ CLUSTER: $CI_COMMIT_REF_NAME
+
+tf-validate-aws:
+ extends: .terraform_validate
+ variables:
+ TF_VERSION: 0.11.11
+ PROVIDER: aws
+ CLUSTER: $CI_COMMIT_REF_NAME
+
+tf-packet-ubuntu16-default:
+ extends: .terraform_apply
+ variables:
+ TF_VERSION: 0.11.11
+ PROVIDER: packet
+ CLUSTER: $CI_COMMIT_REF_NAME
+ TF_VAR_cluster_name: $CI_COMMIT_REF_SLUG
+ TF_VAR_number_of_k8s_masters: "1"
+ TF_VAR_number_of_k8s_nodes: "1"
+ TF_VAR_plan_k8s_masters: t1.small.x86
+ TF_VAR_plan_k8s_nodes: t1.small.x86
+ TF_VAR_facility: "ewr1"
+ TF_VAR_public_key_path: ""
+ TF_VAR_operating_system: ubuntu_16_04
+
+tf-packet-ubuntu18-default:
+ extends: .terraform_apply
+ variables:
+ TF_VERSION: 0.11.11
+ PROVIDER: packet
+ CLUSTER: $CI_COMMIT_REF_NAME
+ TF_VAR_cluster_name: $CI_COMMIT_REF_SLUG
+ TF_VAR_number_of_k8s_masters: "1"
+ TF_VAR_number_of_k8s_nodes: "1"
+ TF_VAR_plan_k8s_masters: t1.small.x86
+ TF_VAR_plan_k8s_nodes: t1.small.x86
+ TF_VAR_facility: "ams1"
+ TF_VAR_public_key_path: ""
+ TF_VAR_operating_system: ubuntu_18_04
+
+.ovh_variables: &ovh_variables
+ OS_AUTH_URL: https://auth.cloud.ovh.net/v3
+ OS_PROJECT_ID: 8d3cd5d737d74227ace462dee0b903fe
+ OS_PROJECT_NAME: "9361447987648822"
+ OS_USER_DOMAIN_NAME: Default
+ OS_PROJECT_DOMAIN_ID: default
+ OS_USERNAME: 8XuhBMfkKVrk
+ OS_REGION_NAME: UK1
+ OS_INTERFACE: public
+ OS_IDENTITY_API_VERSION: "3"
+
+tf-apply-ovh:
+ extends: .terraform_apply
+ variables:
+ <<: *ovh_variables
+ TF_VERSION: 0.11.11
+ PROVIDER: openstack
+ CLUSTER: $CI_COMMIT_REF_NAME
+ ANSIBLE_TIMEOUT: "60"
+ TF_VAR_cluster_name: $CI_COMMIT_REF_SLUG
+ TF_VAR_number_of_k8s_masters: "0"
+ TF_VAR_number_of_k8s_masters_no_floating_ip: "1"
+ TF_VAR_number_of_k8s_masters_no_floating_ip_no_etcd: "0"
+ TF_VAR_number_of_etcd: "0"
+ TF_VAR_number_of_k8s_nodes: "0"
+ TF_VAR_number_of_k8s_nodes_no_floating_ip: "1"
+ TF_VAR_number_of_gfs_nodes_no_floating_ip: "0"
+ TF_VAR_number_of_bastions: "0"
+ TF_VAR_number_of_k8s_masters_no_etcd: "0"
+ TF_VAR_use_neutron: "0"
+ TF_VAR_floatingip_pool: "Ext-Net"
+ TF_VAR_external_net: "6011fbc9-4cbf-46a4-8452-6890a340b60b"
+ TF_VAR_network_name: "Ext-Net"
+ TF_VAR_flavor_k8s_master: "defa64c3-bd46-43b4-858a-d93bbae0a229" #s1-8
+ TF_VAR_flavor_k8s_node: "defa64c3-bd46-43b4-858a-d93bbae0a229" #s1-8
+ TF_VAR_image: "Ubuntu 18.04"
+ TF_VAR_k8s_allowed_remote_ips: '["0.0.0.0/0"]'
--
GitLab