diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index e2aed4d..0000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,42 +0,0 @@ -name: Release version - -"on": - push: - tags: - - '*' - -jobs: - release: - - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v1 - - name: Checkout submodules - shell: bash - run: | - auth_header="$(git config --local --get http.https://github.com/.extraheader)" - git submodule sync --recursive - git -c "http.extraheader=$auth_header" -c protocol.version=2 submodule update --init --force --recursive - git -c "http.extraheader=$auth_header" -c protocol.version=2 submodule update --remote --recursive - - name: Setup Python - uses: actions/setup-python@v1 - with: - python-version: 3.8 - - name: Install pip - run: | - python -m pip install --upgrade pip - pip install ansible tox tox-ansible - - name: Run final lint check - run: | - tox -e lint_all - - name: Create release artifacts - run: | - ansible-galaxy collection build - ansible-galaxy collection publish *.tar.gz --api-key ${{ secrets.GALAXY_API_KEY }} - - name: Release artifacts to Git Hub - uses: ncipollo/release-action@v1 - with: - artifacts: ./oasis_roles-system*.tar.gz - allowUpdates: true - name: Rlease ${{ github.ref }} - token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/tox.yml b/.github/workflows/tox.yml index c24a067..b726edf 100644 --- a/.github/workflows/tox.yml +++ b/.github/workflows/tox.yml @@ -1,11 +1,7 @@ name: Test with Ansible on: - push: - branches: - - '*' - tags-ignore: - - '*' # A build will already happen for the commit, don't also build the tag + push: {} pull_request: {} schedule: - cron: '12 0 * * *' @@ -13,8 +9,7 @@ on: env: TOX_ANSIBLE_DRIVER: docker ANSIBLE_COLLECTIONS_PATHS: ~/.ansible/:~/work/ - COLLECTION_NAMESPACE: oasis_roles - COLLECTION: system + checkout_path: ansible_collections/oasis_roles/system jobs: build: @@ -45,13 +40,13 @@ jobs: - upload_files steps: - uses: actions/checkout@v2 - - name: Checkout submodules - shell: bash + with: + submodules: 'recursive' + path: ${{ env.checkout_path }} + - name: update submodules to latest run: | - auth_header="$(git config --local --get http.https://github.com/.extraheader)" - git submodule sync --recursive - git -c "http.extraheader=$auth_header" -c protocol.version=2 submodule update --init --force --recursive - git -c "http.extraheader=$auth_header" -c protocol.version=2 submodule update --remote --recursive + cd "${{ env.checkout_path }}" + git submodule update --remote --recursive - name: Setup pip cache uses: actions/cache@v1 with: @@ -63,6 +58,7 @@ jobs: python-version: 3.8 - name: Install dependencies run: | + set -ex sudo apt-get update sudo apt-get install -y libapt-pkg-dev build-essential python3-setuptools python -m pip install --upgrade pip @@ -70,11 +66,38 @@ jobs: pip install tox tox-ansible - name: Test with tox run: | - cd .. - dest="${HOME}/work/ansible_collections/${COLLECTION_NAMESPACE}" - mkdir -p "${dest}" - mv "$(basename "${GITHUB_REPOSITORY}")" "${dest}/${COLLECTION}" - # post actions fail if this doesn't exist - mkdir -p "$(basename "${GITHUB_REPOSITORY}")" - cd "${dest}/${COLLECTION}" + set -ex + # There is some magic in the "mv" command that makes ansible-galaxy work + # I haven't found any logic for it, but if you don't do this mv, then + # the dependency step in molecule when run from tox will fail + mv ansible_collections ~/work/ + cd ~/work/${{ env.checkout_path }} tox --ansible-role ${{ matrix.role }} + + release: + needs: build # Only release if the build is good + if: startsWith(github.ref, 'refs/tags/') # Only release if there is a tag that's been pushed to the repo + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + submodules: 'recursive' + - name: Setup Python + uses: actions/setup-python@v1 + with: + python-version: 3.8 + - name: Install pip + run: | + python -m pip install --upgrade pip + pip install ansible + - name: Create release artifacts + run: | + ansible-galaxy collection build + ansible-galaxy collection publish *.tar.gz --api-key ${{ secrets.GALAXY_API_KEY }} + - name: Release artifacts to Git Hub + uses: ncipollo/release-action@v1 + with: + artifacts: ./oasis_roles-system*.tar.gz + allowUpdates: true + name: Rlease ${{ github.ref }} + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 0000000..16196f6 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,64 @@ +podTemplate( + cloud: 'openshift', + containers: [ + containerTemplate(name: 'jnlp', + image: 'image-registry.openshift-image-registry.svc:5000/oasis/jenkins-agent-oasis:latest', + args: '${computer.jnlpmac} ${computer.name}', + envVars: [ + secretEnvVar(key: 'OASIS_RHSM_USERNAME', secretName: 'oasis-rhsm', secretKey: 'username'), + secretEnvVar(key: 'OASIS_RHSM_PASSWORD', secretName: 'oasis-rhsm', secretKey: 'password'), + secretEnvVar(key: 'OASIS_RHSM_POOL_IDS', secretName: 'oasis-rhsm', secretKey: 'pool_ids'), + secretEnvVar(key: 'OASIS_RHSM_SERVER_HOSTNAME', secretName: 'oasis-rhsm', secretKey: 'hostname'), + secretEnvVar(key: 'OCP_PULL_SECRETS_OFFLINE_TOKEN', secretName: 'oasis-ci-pull-secrets', secretKey: 'offline_token') + ], + alwaysPullImage: true) + ] +) { + node(POD_LABEL) { + def collectionDir = 'ansible_collections/oasis_roles/system' + def builders = [:] + def String[] openstackTestEnvs + checkout scm + openstackTestEnvs = sh( + script: 'tox --ansible-driver openstack -l', + returnStdout: true + ).trim().split() + for (testEnv in openstackTestEnvs) { + // bind testEnv into the local scope to ensure the correct value ends up in the build closure + def boundTestEnv = testEnv + def ghContext = "tox-ansible/${boundTestEnv}" + githubNotify( + credentialsId: 'gh-status-update', + status: 'PENDING', + description: 'Build Scheduled', + context: ghContext + ) + builders["${boundTestEnv}"] = { + node(POD_LABEL) { + stage("Checkout ${boundTestEnv}") { + sh "mkdir -p ${collectionDir}" + dir(collectionDir) { + checkout scm + } + } + stage("Test ${boundTestEnv}") { + dir(collectionDir) { + warnError(message: "tox env ${boundTestEnv} failed") { + gitStatusWrapper( + credentialsId: 'gh-status-update', + description: 'Building', + failureDescription: 'Build Failed', + successDescription: 'Build Succeeded', + gitHubContext: ghContext + ) { sh "tox -e '${boundTestEnv}'" } + } + } + } + } + } + } + throttle(['throttled']) { + parallel builders + } + } +} diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 0000000..740dd2b --- /dev/null +++ b/requirements.yml @@ -0,0 +1,2 @@ +roles: [] +collections: [] diff --git a/roles/firewalld/README.md b/roles/firewalld/README.md index 722725b..d0be4fb 100644 --- a/roles/firewalld/README.md +++ b/roles/firewalld/README.md @@ -1,5 +1,3 @@ -[![Build Status](https://travis-ci.org/oasis-roles/firewalld.svg?branch=master)](https://travis-ci.org/oasis-roles/firewalld) - firewalld =========== diff --git a/tests b/tests index d038471..b3ebdec 160000 --- a/tests +++ b/tests @@ -1 +1 @@ -Subproject commit d038471c4ea01ebf54cd830670100a25bc006f3e +Subproject commit b3ebdec7dc37b43748ee8bf3e143a6b05f88337e diff --git a/tox.ini b/tox.ini index c384751..53087fb 100644 --- a/tox.ini +++ b/tox.ini @@ -12,10 +12,6 @@ molecule_opts = parallel_show_output = true usedevelop = false skip_install = true -passenv = - TERM - HOME - OS_* - OASIS_* +passenv = * setenv = ANSIBLE_COLLECTIONS_PATHS={toxinidir}/../../../