From 2c2c8b950429972cb1edbd172c96fb82b161f3cb Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 19 Apr 2023 16:41:42 +0100 Subject: [PATCH] Fix CI failures * new ansible-lint complaints * clamp ansible-lint to <7 * tox 4 support * switch to CentOS NFV Open vSwitch repository for OVS - rocky 9 RDO install was failing * switch from Kayobe CentOS stream 8 to Rocky Linux 9 and Ubuntu Jammy jobs - these are the current supported distros in Kayobe master Change-Id: Ic607ccccc866da65c100053bfa15ee141a98679e --- .ansible-lint | 1 + ansible/host_setup.yml | 6 ++---- ansible/hypervisor_setup.yml | 4 ++-- ansible/physical_network.yml | 19 +++++++++---------- ansible/resource_wait.yml | 2 +- ansible/roles/ironic-enrolment/tasks/main.yml | 2 +- ansible/roles/ironic-enrolment/tasks/node.yml | 16 +++++++++------- ansible/roles/ironic-enrolment/tasks/port.yml | 1 + ansible/roles/veth-pair/tasks/absent.yml | 3 ++- ansible/roles/veth-pair/tasks/present.yml | 6 ++++-- .../roles/virtualbmc-daemon/tasks/main.yml | 12 ++++++------ .../tasks/ensure_openvswitch.yml | 14 ++++++++------ .../tenks-deploy-teardown/vars/Debian.yml | 2 ++ .../tenks-deploy-teardown/vars/RedHat.yml | 4 +++- .../tenks-deploy-teardown/vars/common.yml | 2 -- test-requirements.txt | 2 +- tox.ini | 5 +++-- zuul.d/project.yaml | 15 +++++---------- 18 files changed, 60 insertions(+), 56 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index f9ccd33..90ce3e2 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -4,6 +4,7 @@ skip_list: - fqcn[action] - name[missing] - name[template] + - var-naming[no-role-prefix] warn_list: - no-changed-when diff --git a/ansible/host_setup.yml b/ansible/host_setup.yml index da5ecb6..d62884e 100644 --- a/ansible/host_setup.yml +++ b/ansible/host_setup.yml @@ -5,6 +5,7 @@ - host-setup tasks: - name: Ensure Tenks venv is properly set up + when: virtualenv_path block: - name: Init Tenks venv and upgrade pip @@ -21,8 +22,6 @@ state: latest # noqa package-latest virtualenv: "{{ virtualenv_path }}" - when: virtualenv_path - - name: Load current Tenks state hosts: localhost tags: @@ -49,6 +48,7 @@ - host-setup tasks: - name: Set up host + when: cmd == 'deploy' block: - name: Configure host for Libvirt include_role: @@ -81,5 +81,3 @@ vbmcd_virtualenv_path: "{{ virtualenv_path }}" vbmcd_python_upper_constraints_url: >- {{ python_upper_constraints_url }} - - when: cmd == 'deploy' diff --git a/ansible/hypervisor_setup.yml b/ansible/hypervisor_setup.yml index ba30ec9..6edc65a 100644 --- a/ansible/hypervisor_setup.yml +++ b/ansible/hypervisor_setup.yml @@ -24,12 +24,13 @@ file: path: "{{ log_directory }}" state: directory - mode: 0755 + mode: "0755" become: true # Don't remove log directory during teardown to preserve historical logs. when: cmd != 'teardown' - name: Check if OVS is installed + when: bridge_type == "openvswitch" block: - name: Check if ovs-vsctl command is present command: ovs-vsctl --version @@ -44,7 +45,6 @@ openvswitch. If it is installed, please report this as a bug. # Assume a non-zero return code means that openvswitch is not installed. when: ovs_vsctl_check.rc != 0 - when: bridge_type == "openvswitch" - name: Configure physical networks include_tasks: physical_network.yml diff --git a/ansible/physical_network.yml b/ansible/physical_network.yml index bdeb93e..89ed286 100644 --- a/ansible/physical_network.yml +++ b/ansible/physical_network.yml @@ -36,6 +36,7 @@ when: if_details.stdout_lines[-1].split()[0] == 'bridge' - name: Register source interface as an Open vSwitch bridge + when: if_details.stdout_lines[-1].split()[0] == 'openvswitch' block: - name: Get list of OVS bridges command: ovs-vsctl list-br @@ -48,8 +49,6 @@ source_type: openvswitch when: source_interface in ovs_bridges.stdout_lines - when: if_details.stdout_lines[-1].split()[0] == 'openvswitch' - ### Actual configuration starts here. - name: Ensure Open vSwitch bridge is in the correct state @@ -60,6 +59,7 @@ when: bridge_type == "openvswitch" - name: Create Tenks bridge + when: bridge_type == "linuxbridge" block: - name: Check if Tenks bridge exists stat: @@ -85,7 +85,6 @@ when: - state == 'present' - not stat_result.stat.exists - when: bridge_type == "linuxbridge" - name: Configure existing Linux bridge when: source_type == 'linuxbridge' @@ -147,6 +146,13 @@ become: true - name: Plug source interface into Tenks Linux bridge + when: + - bridge_type == 'linuxbridge' + - source_type == 'direct' + # If 'absent', we've already deleted the bridge earlier, so no need to + # unplug the interface. + - state != 'absent' + become: true block: - name: Speculatively check interface's master command: >- @@ -160,10 +166,3 @@ {{ tenks_ip_path }} link set dev {{ source_interface }} master {{ tenks_bridge }} changed_when: true when: master_result.rc != 0 - when: - - bridge_type == 'linuxbridge' - - source_type == 'direct' - # If 'absent', we've already deleted the bridge earlier, so no need to - # unplug the interface. - - state != 'absent' - become: true diff --git a/ansible/resource_wait.yml b/ansible/resource_wait.yml index 1e78e8e..1982667 100644 --- a/ansible/resource_wait.yml +++ b/ansible/resource_wait.yml @@ -24,6 +24,7 @@ loop_var: spec - name: Include the wait-for-resources role + when: tenks_expected_resources | length > 0 block: - name: Check that OpenStack credentials exist in the environment fail: @@ -48,4 +49,3 @@ {{ python_upper_constraints_url }} # Only attempt to wait for resources when the placement service is running when: service_list_output.stdout | from_json | selectattr('Type', 'equalto', 'placement') | list | length >= 1 - when: tenks_expected_resources | length > 0 diff --git a/ansible/roles/ironic-enrolment/tasks/main.yml b/ansible/roles/ironic-enrolment/tasks/main.yml index 689dcb1..659ec25 100644 --- a/ansible/roles/ironic-enrolment/tasks/main.yml +++ b/ansible/roles/ironic-enrolment/tasks/main.yml @@ -45,6 +45,7 @@ # argument to the os_ironic module, due to a quirk in its implementation. # Grab the endpoint from the file. - name: Set ironic_url for os_ironic module + when: lookup('env', 'OS_CLOUD') | length > 0 block: - name: Query clouds.yaml os_client_config: @@ -65,7 +66,6 @@ - name: Set a fact about the ironic API endpoint set_fact: ironic_url: "{{ openstack.clouds[0].auth.endpoint }}" - when: lookup('env', 'OS_CLOUD') | length > 0 - name: Detect ironic API version command: >- diff --git a/ansible/roles/ironic-enrolment/tasks/node.yml b/ansible/roles/ironic-enrolment/tasks/node.yml index 52d431c..10194d2 100644 --- a/ansible/roles/ironic-enrolment/tasks/node.yml +++ b/ansible/roles/ironic-enrolment/tasks/node.yml @@ -7,6 +7,9 @@ when: "'resource_class' not in node.ironic_config" - name: Collect domain NIC MAC addresses + # If the node's state is 'absent', the domain will already have been + # destroyed. + when: (node.state | default('present')) == 'present' block: - name: Get vNIC MAC addresses # The output format of this command gives two lines of header, followed by @@ -36,10 +39,6 @@ loop: "{{ iflist_res.stdout_lines[2:] }}" when: (node.state | default('present')) == 'present' - # If the node's state is 'absent', the domain will already have been - # destroyed. - when: (node.state | default('present')) == 'present' - - name: Configure node in Ironic os_ironic: auth_type: "{{ 'password' if lookup('env', 'OS_USERNAME') else omit }}" @@ -58,7 +57,7 @@ deploy_ramdisk: "{{ ironic_deploy_ramdisk_uuid | default(omit, true) }}" name: "{{ node.name }}" # The 'nics' list can be empty without a problem if state is 'absent'. - nics: "{{ nics | default([]) }}" + nics: "{{ nics | default([]) }}" # noqa args[module] state: "{{ node.state | default('present') }}" vars: # This module requires the openstacksdk package, which is installed within @@ -68,6 +67,7 @@ register: node_res - name: Perform node and port attribute manipulation + when: (node.state | default('present')) == 'present' block: # The os_ironic module automatically brings the node from 'enrol' to # 'available' state, but we still need to set more port and node attributes. @@ -76,6 +76,7 @@ command: >- '{{ ironic_virtualenv_path }}/bin/openstack' baremetal node maintenance set '{{ node_res.uuid }}' + changed_when: true - name: Set additional Ironic node attributes command: >- @@ -107,12 +108,14 @@ # If the capabilities field is provided, the boot_mode should be set # explicitly. capabilities: "boot_mode:{{ default_boot_mode }}" + changed_when: true - name: Add Ironic node traits command: >- '{{ ironic_virtualenv_path }}/bin/openstack' baremetal node add trait '{{ node_res.uuid }}' {{ " ".join(node.ironic_config.traits) }} + changed_when: true when: node.ironic_config.traits | default([]) - name: Set additional Ironic port attributes @@ -129,5 +132,4 @@ command: >- '{{ ironic_virtualenv_path }}/bin/openstack' baremetal node maintenance unset '{{ node_res.uuid }}' - - when: (node.state | default('present')) == 'present' + changed_when: true diff --git a/ansible/roles/ironic-enrolment/tasks/port.yml b/ansible/roles/ironic-enrolment/tasks/port.yml index 73de9bb..e8775e9 100644 --- a/ansible/roles/ironic-enrolment/tasks/port.yml +++ b/ansible/roles/ironic-enrolment/tasks/port.yml @@ -47,6 +47,7 @@ --local-link-connection switch_id='{{ switch_id }}' --local-link-connection switch_info='{{ bridge }}' --local-link-connection port_id='{{ port_id }}' + changed_when: true when: >- (supports_port_physnet and port_attributes.physical_network != physnet) or port_attributes.local_link_connection.get('switch_id') != switch_id or diff --git a/ansible/roles/veth-pair/tasks/absent.yml b/ansible/roles/veth-pair/tasks/absent.yml index d6ef3d1..5fe2ab9 100644 --- a/ansible/roles/veth-pair/tasks/absent.yml +++ b/ansible/roles/veth-pair/tasks/absent.yml @@ -1,5 +1,6 @@ --- - name: Unplug veth from source bridge + when: veth_pair_plug_into_source | bool block: - include_tasks: is-attached.yml vars: @@ -11,8 +12,8 @@ ip link set {{ veth_pair_source_link_name }} nomaster when: - veth_pair_is_attached + changed_when: true become: true - when: veth_pair_plug_into_source | bool - name: Delete veth pair command: >- diff --git a/ansible/roles/veth-pair/tasks/present.yml b/ansible/roles/veth-pair/tasks/present.yml index 82d8f40..84464ba 100644 --- a/ansible/roles/veth-pair/tasks/present.yml +++ b/ansible/roles/veth-pair/tasks/present.yml @@ -28,6 +28,7 @@ become: true - name: Plug veth into source bridge + when: veth_pair_peer_bridge_type == "linuxbridge" block: - include_tasks: is-attached.yml vars: @@ -40,10 +41,11 @@ {{ veth_pair_peer_bridge }} when: - not veth_pair_is_attached + changed_when: true become: true - when: veth_pair_peer_bridge_type == "linuxbridge" - name: Plug veth into source bridge + when: veth_pair_plug_into_source | bool block: - include_tasks: is-attached.yml vars: @@ -56,5 +58,5 @@ {{ veth_pair_source_bridge }} when: - not veth_pair_is_attached + changed_when: true become: true - when: veth_pair_plug_into_source | bool diff --git a/ansible/roles/virtualbmc-daemon/tasks/main.yml b/ansible/roles/virtualbmc-daemon/tasks/main.yml index 31bcc86..0a42702 100644 --- a/ansible/roles/virtualbmc-daemon/tasks/main.yml +++ b/ansible/roles/virtualbmc-daemon/tasks/main.yml @@ -36,6 +36,7 @@ get_url: url: "{{ vbmcd_python_upper_constraints_url }}" dest: "{{ u_c_file.path }}" + mode: "0644" # NOTE(yoctozepto): It is preferable to use the libvirt python binding that # is delivered with the distribution as it is guaranteed to work with the @@ -62,6 +63,9 @@ state: absent - name: "[selinux] Allow systemd to start vbmcd from venv" + when: + - ansible_facts.selinux.status | default('disabled') == 'enabled' + - vbmcd_virtualenv_path block: - name: "[selinux] Allow systemd to start vbmcd from venv - sefcontext" @@ -72,23 +76,19 @@ state: present register: sefcontext - - name: "[selinux] Allow systemd to start vbmcd from venv - restorecon" + - name: "[selinux] Allow systemd to start vbmcd from venv - restorecon" # noqa no-handler become: true command: "restorecon -r {{ vbmcd_virtualenv_path }}/bin" when: sefcontext.changed changed_when: true - when: - - ansible_facts.selinux.status | default('disabled') == 'enabled' - - vbmcd_virtualenv_path - - name: Ensure Virtual BMC systemd service is configured template: src: templates/{{ item }}.j2 dest: /etc/systemd/system/{{ item }} owner: root group: root - mode: 0644 + mode: "0644" become: true register: service_file loop: diff --git a/playbooks/tenks-deploy-teardown/tasks/ensure_openvswitch.yml b/playbooks/tenks-deploy-teardown/tasks/ensure_openvswitch.yml index 2f7860c..0356ebe 100644 --- a/playbooks/tenks-deploy-teardown/tasks/ensure_openvswitch.yml +++ b/playbooks/tenks-deploy-teardown/tasks/ensure_openvswitch.yml @@ -1,11 +1,13 @@ --- -- name: Install the Delorean dependencies repository +- name: Install Open vSwitch package repository become: true - get_url: - url: "https://trunk.rdoproject.org/centos{{ ansible_facts.distribution_major_version }}-master/delorean-deps.repo" - dest: /etc/yum.repos.d/ - when: - - ansible_facts.os_family == "RedHat" + package: + name: "{{ openvswitch_package_repo_name }}" + state: present + register: result + until: result is success + retries: 3 + when: openvswitch_package_repo_name is not none - name: Install Open vSwitch become: true diff --git a/playbooks/tenks-deploy-teardown/vars/Debian.yml b/playbooks/tenks-deploy-teardown/vars/Debian.yml index 7a6d322..6b20578 100644 --- a/playbooks/tenks-deploy-teardown/vars/Debian.yml +++ b/playbooks/tenks-deploy-teardown/vars/Debian.yml @@ -1,2 +1,4 @@ --- +openvswitch_package_repo_name: openvswitch_package_name: openvswitch-switch +openvswitch_service_name: openvswitch-switch diff --git a/playbooks/tenks-deploy-teardown/vars/RedHat.yml b/playbooks/tenks-deploy-teardown/vars/RedHat.yml index 1f89753..3906dcd 100644 --- a/playbooks/tenks-deploy-teardown/vars/RedHat.yml +++ b/playbooks/tenks-deploy-teardown/vars/RedHat.yml @@ -1,2 +1,4 @@ --- -openvswitch_package_name: openvswitch +openvswitch_package_repo_name: centos-release-nfv-openvswitch +openvswitch_package_name: openvswitch3.1 +openvswitch_service_name: openvswitch diff --git a/playbooks/tenks-deploy-teardown/vars/common.yml b/playbooks/tenks-deploy-teardown/vars/common.yml index e3160a7..d05a365 100644 --- a/playbooks/tenks-deploy-teardown/vars/common.yml +++ b/playbooks/tenks-deploy-teardown/vars/common.yml @@ -13,5 +13,3 @@ config_dir: "{{ ansible_facts.env.HOME ~ '/' ~ 'tenks-config' }}" tenks_overrides_path: "{{ config_dir ~ '/' ~ 'tenks-overrides.yml' }}" tenks_requirements_overrides_path: "{{ tenks_src_dir }}/requirements-overrides.yml" logs_dir: "/tmp/logs" - -openvswitch_service_name: "{{ openvswitch_package_name }}" diff --git a/test-requirements.txt b/test-requirements.txt index a68f9c4..0efc2ea 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -2,7 +2,7 @@ # of appearance. Changing the order has an impact on the overall integration # process, which may cause wedges in the gate later. -ansible-lint>=3.0.0 # MIT +ansible-lint>=3.0.0,<7 # MIT coverage>=4.5.1 # Apache-2.0 flake8>=3.5.0 # MIT stestr>=1.0.0 # Apache-2.0 diff --git a/tox.ini b/tox.ini index 3f0203d..faac840 100644 --- a/tox.ini +++ b/tox.ini @@ -10,7 +10,7 @@ usedevelop = True install_command = pip install {opts} {packages} passenv = HOME -whitelist_externals = +allowlist_externals = bash rm setenv = @@ -44,7 +44,7 @@ commands = sphinx-build -W -b html doc/source doc/build/html [testenv:pdf-docs] deps = {[testenv:docs]deps} -whitelist_externals = make +allowlist_externals = make commands = sphinx-build -W -b latex doc/source doc/build/pdf make -C doc/build/pdf @@ -68,6 +68,7 @@ commands = coverage xml -o cover/coverage.xml [testenv:alint] +allowlist_externals = bash # ansible-lint doesn't support custom modules, so add ours to the Ansible path. setenv = ANSIBLE_LIBRARY = {toxinidir}/ansible/action_plugins/ # Exclude roles downloaded from Galaxy (in the form 'author.role') from diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml index ab39acc..7e3335b 100644 --- a/zuul.d/project.yaml +++ b/zuul.d/project.yaml @@ -27,11 +27,9 @@ - tenks-deploy-teardown-linuxbridge-uefi-ubuntu-jammy # Until we have ironic jobs using tenks, gate on the kayobe overcloud # deploy job, which uses tenks to test bare metal compute provisioning. - - kayobe-overcloud-centos8s: - # FIXME(mgoddard): The master branch of Kolla Ansible currently - # does not support CS8/RL8, so Kayobe jobs are failing. Use the - # yoga branch for now. - override-checkout: stable/yoga + - kayobe-overcloud-rocky9: + voting: false + - kayobe-overcloud-ubuntu-jammy gate: jobs: - openstack-tox-pep8 @@ -54,8 +52,5 @@ - tenks-deploy-teardown-linuxbridge-uefi-ubuntu-jammy # Until we have ironic jobs using tenks, gate on the kayobe overcloud # deploy job, which uses tenks to test bare metal compute provisioning. - - kayobe-overcloud-centos8s: - # FIXME(mgoddard): The master branch of Kolla Ansible currently - # does not support CS8/RL8, so Kayobe jobs are failing. Use the - # yoga branch for now. - override-checkout: stable/yoga + # - kayobe-overcloud-rocky9 + - kayobe-overcloud-ubuntu-jammy