You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

605 lines
17 KiB

8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
  1. stages:
  2. - moderator
  3. - unit-tests
  4. - deploy-gce-part1
  5. - deploy-gce-part2
  6. - deploy-gce-special
  7. variables:
  8. FAILFASTCI_NAMESPACE: 'kargo-ci'
  9. # DOCKER_HOST: tcp://localhost:2375
  10. ANSIBLE_FORCE_COLOR: "true"
  11. # asia-east1-a
  12. # asia-northeast1-a
  13. # europe-west1-b
  14. # us-central1-a
  15. # us-east1-b
  16. # us-west1-a
  17. before_script:
  18. - pip install ansible==2.2.1.0
  19. - pip install netaddr
  20. - pip install apache-libcloud==0.20.1
  21. - pip install boto==2.9.0
  22. - mkdir -p /.ssh
  23. - cp tests/ansible.cfg .
  24. .job: &job
  25. tags:
  26. - kubernetes
  27. - docker
  28. image: quay.io/ant31/kargo:master
  29. .docker_service: &docker_service
  30. services:
  31. - docker:dind
  32. .create_cluster: &create_cluster
  33. <<: *job
  34. <<: *docker_service
  35. .gce_variables: &gce_variables
  36. GCE_USER: travis
  37. SSH_USER: $GCE_USER
  38. TEST_ID: "$CI_PIPELINE_ID-$CI_BUILD_ID"
  39. CONTAINER_ENGINE: docker
  40. PRIVATE_KEY: $GCE_PRIVATE_KEY
  41. GS_ACCESS_KEY_ID: $GS_KEY
  42. GS_SECRET_ACCESS_KEY: $GS_SECRET
  43. ANSIBLE_KEEP_REMOTE_FILES: "1"
  44. ANSIBLE_CONFIG: ./tests/ansible.cfg
  45. BOOTSTRAP_OS: none
  46. DOWNLOAD_LOCALHOST: "false"
  47. DOWNLOAD_RUN_ONCE: "false"
  48. IDEMPOT_CHECK: "false"
  49. RESET_CHECK: "false"
  50. UPGRADE_TEST: "false"
  51. RESOLVCONF_MODE: docker_dns
  52. LOG_LEVEL: "-vv"
  53. ETCD_DEPLOYMENT: "docker"
  54. KUBELET_DEPLOYMENT: "docker"
  55. VAULT_DEPLOYMENT: "docker"
  56. WEAVE_CPU_LIMIT: "100m"
  57. MAGIC: "ci check this"
  58. .gce: &gce
  59. <<: *job
  60. <<: *docker_service
  61. cache:
  62. key: "$CI_BUILD_REF_NAME"
  63. paths:
  64. - downloads/
  65. - $HOME/.cache
  66. before_script:
  67. - docker info
  68. - pip install ansible==2.2.1.0
  69. - pip install netaddr
  70. - pip install apache-libcloud==0.20.1
  71. - pip install boto==2.9.0
  72. - mkdir -p /.ssh
  73. - mkdir -p $HOME/.ssh
  74. - echo $PRIVATE_KEY | base64 -d > $HOME/.ssh/id_rsa
  75. - echo $GCE_PEM_FILE | base64 -d > $HOME/.ssh/gce
  76. - echo $GCE_CREDENTIALS > $HOME/.ssh/gce.json
  77. - chmod 400 $HOME/.ssh/id_rsa
  78. - ansible-playbook --version
  79. - export PYPATH=$([ $BOOTSTRAP_OS = none ] && echo /usr/bin/python || echo /opt/bin/python)
  80. script:
  81. - pwd
  82. - ls
  83. - echo ${PWD}
  84. - >
  85. ansible-playbook tests/cloud_playbooks/create-gce.yml -i tests/local_inventory/hosts.cfg -c local
  86. ${LOG_LEVEL}
  87. -e cloud_image=${CLOUD_IMAGE}
  88. -e cloud_region=${CLOUD_REGION}
  89. -e gce_credentials_file=${HOME}/.ssh/gce.json
  90. -e gce_project_id=${GCE_PROJECT_ID}
  91. -e gce_service_account_email=${GCE_ACCOUNT}
  92. -e inventory_path=${PWD}/inventory/inventory.ini
  93. -e kube_network_plugin=${KUBE_NETWORK_PLUGIN}
  94. -e mode=${CLUSTER_MODE}
  95. -e test_id=${TEST_ID}
  96. # Check out latest tag if testing upgrade
  97. # Uncomment when gitlab kargo repo has tags
  98. #- test "${UPGRADE_TEST}" != "false" && git fetch --all && git checkout $(git describe --tags $(git rev-list --tags --max-count=1))
  99. - test "${UPGRADE_TEST}" != "false" && git checkout 031cf565ec3ccd3ebbe80eeef3454c3780e5c598 && pip install ansible==2.2.0
  100. # Create cluster
  101. - >
  102. ansible-playbook -i inventory/inventory.ini -b --become-user=root --private-key=${HOME}/.ssh/id_rsa -u $SSH_USER
  103. ${SSH_ARGS}
  104. ${LOG_LEVEL}
  105. -e ansible_python_interpreter=${PYPATH}
  106. -e ansible_ssh_user=${SSH_USER}
  107. -e bootstrap_os=${BOOTSTRAP_OS}
  108. -e cert_management=${CERT_MGMT:-script}
  109. -e cloud_provider=gce
  110. -e deploy_netchecker=true
  111. -e download_localhost=${DOWNLOAD_LOCALHOST}
  112. -e download_run_once=${DOWNLOAD_RUN_ONCE}
  113. -e etcd_deployment_type=${ETCD_DEPLOYMENT}
  114. -e kube_network_plugin=${KUBE_NETWORK_PLUGIN}
  115. -e kubelet_deployment_type=${KUBELET_DEPLOYMENT}
  116. -e local_release_dir=${PWD}/downloads
  117. -e resolvconf_mode=${RESOLVCONF_MODE}
  118. -e vault_deployment_type=${VAULT_DEPLOYMENT}
  119. --limit "all:!fake_hosts"
  120. cluster.yml
  121. # Repeat deployment if testing upgrade
  122. - >
  123. if [ "${UPGRADE_TEST}" != "false" ]; then
  124. test "${UPGRADE_TEST}" == "basic" && PLAYBOOK="cluster.yml";
  125. test "${UPGRADE_TEST}" == "graceful" && PLAYBOOK="upgrade-cluster.yml";
  126. pip install ansible==2.2.1.0;
  127. git checkout "${CI_BUILD_REF}";
  128. ansible-playbook -i inventory/inventory.ini -b --become-user=root --private-key=${HOME}/.ssh/id_rsa -u $SSH_USER
  129. ${SSH_ARGS}
  130. ${LOG_LEVEL}
  131. -e ansible_python_interpreter=${PYPATH}
  132. -e ansible_ssh_user=${SSH_USER}
  133. -e bootstrap_os=${BOOTSTRAP_OS}
  134. -e cloud_provider=gce
  135. -e deploy_netchecker=true
  136. -e download_localhost=${DOWNLOAD_LOCALHOST}
  137. -e download_run_once=${DOWNLOAD_RUN_ONCE}
  138. -e etcd_deployment_type=${ETCD_DEPLOYMENT}
  139. -e kube_network_plugin=${KUBE_NETWORK_PLUGIN}
  140. -e kubelet_deployment_type=${KUBELET_DEPLOYMENT}
  141. -e local_release_dir=${PWD}/downloads
  142. -e resolvconf_mode=${RESOLVCONF_MODE}
  143. -e weave_cpu_requests=${WEAVE_CPU_LIMIT}
  144. -e weave_cpu_limit=${WEAVE_CPU_LIMIT}
  145. --limit "all:!fake_hosts"
  146. $PLAYBOOK;
  147. fi
  148. # Tests Cases
  149. ## Test Master API
  150. - ansible-playbook -i inventory/inventory.ini -e ansible_python_interpreter=${PYPATH} -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root --limit "all:!fake_hosts" tests/testcases/010_check-apiserver.yml $LOG_LEVEL
  151. ## Ping the between 2 pod
  152. - ansible-playbook -i inventory/inventory.ini -e ansible_python_interpreter=${PYPATH} -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root --limit "all:!fake_hosts" tests/testcases/030_check-network.yml $LOG_LEVEL
  153. ## Advanced DNS checks
  154. - ansible-playbook -i inventory/inventory.ini -e ansible_python_interpreter=${PYPATH} -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root --limit "all:!fake_hosts" tests/testcases/040_check-network-adv.yml $LOG_LEVEL
  155. ## Idempotency checks 1/5 (repeat deployment)
  156. - >
  157. if [ "${IDEMPOT_CHECK}" = "true" ]; then
  158. ansible-playbook -i inventory/inventory.ini -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS
  159. -b --become-user=root -e cloud_provider=gce $LOG_LEVEL -e kube_network_plugin=${KUBE_NETWORK_PLUGIN}
  160. --private-key=${HOME}/.ssh/id_rsa
  161. -e bootstrap_os=${BOOTSTRAP_OS}
  162. -e ansible_python_interpreter=${PYPATH}
  163. -e download_localhost=${DOWNLOAD_LOCALHOST}
  164. -e download_run_once=${DOWNLOAD_RUN_ONCE}
  165. -e deploy_netchecker=true
  166. -e resolvconf_mode=${RESOLVCONF_MODE}
  167. -e local_release_dir=${PWD}/downloads
  168. -e etcd_deployment_type=${ETCD_DEPLOYMENT}
  169. -e kubelet_deployment_type=${KUBELET_DEPLOYMENT}
  170. --limit "all:!fake_hosts"
  171. cluster.yml;
  172. fi
  173. ## Idempotency checks 2/5 (Advanced DNS checks)
  174. - >
  175. if [ "${IDEMPOT_CHECK}" = "true" ]; then
  176. ansible-playbook -i inventory/inventory.ini -e ansible_python_interpreter=${PYPATH}
  177. -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root
  178. --limit "all:!fake_hosts"
  179. tests/testcases/040_check-network-adv.yml $LOG_LEVEL;
  180. fi
  181. ## Idempotency checks 3/5 (reset deployment)
  182. - >
  183. if [ "${IDEMPOT_CHECK}" = "true" AND "${RESET_CHECK}" = "true" ]; then
  184. ansible-playbook -i inventory/inventory.ini -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS
  185. -b --become-user=root -e cloud_provider=gce $LOG_LEVEL -e kube_network_plugin=${KUBE_NETWORK_PLUGIN}
  186. --private-key=${HOME}/.ssh/id_rsa
  187. -e bootstrap_os=${BOOTSTRAP_OS}
  188. -e ansible_python_interpreter=${PYPATH}
  189. -e reset_confirmation=yes
  190. --limit "all:!fake_hosts"
  191. reset.yml;
  192. fi
  193. ## Idempotency checks 4/5 (redeploy after reset)
  194. - >
  195. if [ "${IDEMPOT_CHECK}" = "true" AND "${RESET_CHECK}" = "true" ]; then
  196. ansible-playbook -i inventory/inventory.ini -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS
  197. -b --become-user=root -e cloud_provider=gce $LOG_LEVEL -e kube_network_plugin=${KUBE_NETWORK_PLUGIN}
  198. --private-key=${HOME}/.ssh/id_rsa
  199. -e bootstrap_os=${BOOTSTRAP_OS}
  200. -e ansible_python_interpreter=${PYPATH}
  201. -e download_localhost=${DOWNLOAD_LOCALHOST}
  202. -e download_run_once=${DOWNLOAD_RUN_ONCE}
  203. -e deploy_netchecker=true
  204. -e resolvconf_mode=${RESOLVCONF_MODE}
  205. -e local_release_dir=${PWD}/downloads
  206. -e etcd_deployment_type=${ETCD_DEPLOYMENT}
  207. -e kubelet_deployment_type=${KUBELET_DEPLOYMENT}
  208. --limit "all:!fake_hosts"
  209. cluster.yml;
  210. fi
  211. ## Idempotency checks 5/5 (Advanced DNS checks)
  212. - >
  213. if [ "${IDEMPOT_CHECK}" = "true" AND "${RESET_CHECK}" = "true" ]; then
  214. ansible-playbook -i inventory/inventory.ini -e ansible_python_interpreter=${PYPATH}
  215. -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root
  216. --limit "all:!fake_hosts"
  217. tests/testcases/040_check-network-adv.yml $LOG_LEVEL;
  218. fi
  219. after_script:
  220. - >
  221. ansible-playbook -i inventory/inventory.ini tests/cloud_playbooks/delete-gce.yml -c local $LOG_LEVEL
  222. -e mode=${CLUSTER_MODE}
  223. -e test_id=${TEST_ID}
  224. -e kube_network_plugin=${KUBE_NETWORK_PLUGIN}
  225. -e gce_project_id=${GCE_PROJECT_ID}
  226. -e gce_service_account_email=${GCE_ACCOUNT}
  227. -e gce_credentials_file=${HOME}/.ssh/gce.json
  228. -e cloud_image=${CLOUD_IMAGE}
  229. -e inventory_path=${PWD}/inventory/inventory.ini
  230. -e cloud_region=${CLOUD_REGION}
  231. # Test matrix. Leave the comments for markup scripts.
  232. .coreos_calico_sep_variables: &coreos_calico_sep_variables
  233. # stage: deploy-gce-part1
  234. KUBE_NETWORK_PLUGIN: calico
  235. CLOUD_IMAGE: coreos-stable-1298-6-0-v20170315
  236. CLOUD_REGION: us-west1-b
  237. CLUSTER_MODE: separate
  238. BOOTSTRAP_OS: coreos
  239. RESOLVCONF_MODE: host_resolvconf # This is required as long as the CoreOS stable channel uses docker < 1.12
  240. .debian8_canal_ha_variables: &debian8_canal_ha_variables
  241. # stage: deploy-gce-part1
  242. KUBE_NETWORK_PLUGIN: canal
  243. CLOUD_IMAGE: debian-8-kubespray
  244. CLOUD_REGION: europe-west1-b
  245. UPGRADE_TEST: "basic"
  246. CLUSTER_MODE: ha
  247. UPGRADE_TEST: "graceful"
  248. .rhel7_weave_variables: &rhel7_weave_variables
  249. # stage: deploy-gce-part1
  250. KUBE_NETWORK_PLUGIN: weave
  251. CLOUD_IMAGE: rhel-7
  252. CLOUD_REGION: europe-west1-b
  253. CLUSTER_MODE: default
  254. .centos7_flannel_variables: &centos7_flannel_variables
  255. # stage: deploy-gce-part2
  256. KUBE_NETWORK_PLUGIN: flannel
  257. CLOUD_IMAGE: centos-7
  258. CLOUD_REGION: us-west1-a
  259. CLUSTER_MODE: default
  260. .debian8_calico_variables: &debian8_calico_variables
  261. # stage: deploy-gce-part2
  262. KUBE_NETWORK_PLUGIN: calico
  263. CLOUD_IMAGE: debian-8-kubespray
  264. CLOUD_REGION: us-central1-b
  265. CLUSTER_MODE: default
  266. .coreos_canal_variables: &coreos_canal_variables
  267. # stage: deploy-gce-part2
  268. KUBE_NETWORK_PLUGIN: canal
  269. CLOUD_IMAGE: coreos-stable-1298-6-0-v20170315
  270. CLOUD_REGION: us-east1-b
  271. CLUSTER_MODE: default
  272. BOOTSTRAP_OS: coreos
  273. IDEMPOT_CHECK: "true"
  274. RESOLVCONF_MODE: host_resolvconf # This is required as long as the CoreOS stable channel uses docker < 1.12
  275. .rhel7_canal_sep_variables: &rhel7_canal_sep_variables
  276. # stage: deploy-gce-special
  277. KUBE_NETWORK_PLUGIN: canal
  278. CLOUD_IMAGE: rhel-7
  279. CLOUD_REGION: us-east1-b
  280. CLUSTER_MODE: separate
  281. .ubuntu_weave_sep_variables: &ubuntu_weave_sep_variables
  282. # stage: deploy-gce-special
  283. KUBE_NETWORK_PLUGIN: weave
  284. CLOUD_IMAGE: ubuntu-1604-xenial
  285. CLOUD_REGION: us-central1-b
  286. CLUSTER_MODE: separate
  287. IDEMPOT_CHECK: "false"
  288. .centos7_calico_ha_variables: &centos7_calico_ha_variables
  289. # stage: deploy-gce-special
  290. KUBE_NETWORK_PLUGIN: calico
  291. DOWNLOAD_LOCALHOST: "true"
  292. DOWNLOAD_RUN_ONCE: "true"
  293. CLOUD_IMAGE: centos-7
  294. CLOUD_REGION: europe-west1-b
  295. CLUSTER_MODE: ha-scale
  296. IDEMPOT_CHECK: "true"
  297. .coreos_alpha_weave_ha_variables: &coreos_alpha_weave_ha_variables
  298. # stage: deploy-gce-special
  299. KUBE_NETWORK_PLUGIN: weave
  300. CLOUD_IMAGE: coreos-alpha-1325-0-0-v20170216
  301. CLOUD_REGION: us-west1-a
  302. CLUSTER_MODE: ha-scale
  303. BOOTSTRAP_OS: coreos
  304. RESOLVCONF_MODE: host_resolvconf # This is required as long as the CoreOS stable channel uses docker < 1.12
  305. .ubuntu_rkt_sep_variables: &ubuntu_rkt_sep_variables
  306. # stage: deploy-gce-part1
  307. KUBE_NETWORK_PLUGIN: flannel
  308. CLOUD_IMAGE: ubuntu-1604-xenial
  309. CLOUD_REGION: us-central1-b
  310. CLUSTER_MODE: separate
  311. ETCD_DEPLOYMENT: rkt
  312. KUBELET_DEPLOYMENT: rkt
  313. .ubuntu_vault_sep_variables: &ubuntu_vault_sep_variables
  314. # stage: deploy-gce-part1
  315. KUBE_NETWORK_PLUGIN: canal
  316. CERT_MGMT: vault
  317. CLOUD_IMAGE: ubuntu-1604-xenial
  318. CLOUD_REGION: us-central1-b
  319. CLUSTER_MODE: separate
  320. # Builds for PRs only (premoderated by unit-tests step) and triggers (auto)
  321. coreos-calico-sep:
  322. stage: deploy-gce-part1
  323. <<: *job
  324. <<: *gce
  325. variables:
  326. <<: *gce_variables
  327. <<: *coreos_calico_sep_variables
  328. when: on_success
  329. except: ['triggers']
  330. only: [/^pr-.*$/]
  331. coreos-calico-sep-triggers:
  332. stage: deploy-gce-part1
  333. <<: *job
  334. <<: *gce
  335. variables:
  336. <<: *gce_variables
  337. <<: *coreos_calico_sep_variables
  338. when: on_success
  339. only: ['triggers']
  340. centos7-flannel:
  341. stage: deploy-gce-part2
  342. <<: *job
  343. <<: *gce
  344. variables:
  345. <<: *gce_variables
  346. <<: *centos7_flannel_variables
  347. when: on_success
  348. except: ['triggers']
  349. only: [/^pr-.*$/]
  350. centos7-flannel-triggers:
  351. stage: deploy-gce-part1
  352. <<: *job
  353. <<: *gce
  354. variables:
  355. <<: *gce_variables
  356. <<: *centos7_flannel_variables
  357. when: on_success
  358. only: ['triggers']
  359. ubuntu-weave-sep:
  360. stage: deploy-gce-special
  361. <<: *job
  362. <<: *gce
  363. variables:
  364. <<: *gce_variables
  365. <<: *ubuntu_weave_sep_variables
  366. when: on_success
  367. except: ['triggers']
  368. only: [/^pr-.*$/]
  369. ubuntu-weave-sep-triggers:
  370. stage: deploy-gce-part1
  371. <<: *job
  372. <<: *gce
  373. variables:
  374. <<: *gce_variables
  375. <<: *ubuntu_weave_sep_variables
  376. when: on_success
  377. only: ['triggers']
  378. # More builds for PRs/merges (manual) and triggers (auto)
  379. debian8-canal-ha:
  380. stage: deploy-gce-part1
  381. <<: *job
  382. <<: *gce
  383. variables:
  384. <<: *gce_variables
  385. <<: *debian8_canal_ha_variables
  386. when: manual
  387. except: ['triggers']
  388. only: ['master', /^pr-.*$/]
  389. debian8-canal-ha-triggers:
  390. stage: deploy-gce-part1
  391. <<: *job
  392. <<: *gce
  393. variables:
  394. <<: *gce_variables
  395. <<: *debian8_canal_ha_variables
  396. when: on_success
  397. only: ['triggers']
  398. rhel7-weave:
  399. stage: deploy-gce-part1
  400. <<: *job
  401. <<: *gce
  402. variables:
  403. <<: *gce_variables
  404. <<: *rhel7_weave_variables
  405. when: manual
  406. except: ['triggers']
  407. only: ['master', /^pr-.*$/]
  408. rhel7-weave-triggers:
  409. stage: deploy-gce-part1
  410. <<: *job
  411. <<: *gce
  412. variables:
  413. <<: *gce_variables
  414. <<: *rhel7_weave_variables
  415. when: on_success
  416. only: ['triggers']
  417. debian8-calico-upgrade:
  418. stage: deploy-gce-part2
  419. <<: *job
  420. <<: *gce
  421. variables:
  422. <<: *gce_variables
  423. <<: *debian8_calico_variables
  424. when: manual
  425. except: ['triggers']
  426. only: ['master', /^pr-.*$/]
  427. debian8-calico-triggers:
  428. stage: deploy-gce-part1
  429. <<: *job
  430. <<: *gce
  431. variables:
  432. <<: *gce_variables
  433. <<: *debian8_calico_variables
  434. when: on_success
  435. only: ['triggers']
  436. coreos-canal:
  437. stage: deploy-gce-part2
  438. <<: *job
  439. <<: *gce
  440. variables:
  441. <<: *gce_variables
  442. <<: *coreos_canal_variables
  443. when: manual
  444. except: ['triggers']
  445. only: ['master', /^pr-.*$/]
  446. coreos-canal-triggers:
  447. stage: deploy-gce-part1
  448. <<: *job
  449. <<: *gce
  450. variables:
  451. <<: *gce_variables
  452. <<: *coreos_canal_variables
  453. when: on_success
  454. only: ['triggers']
  455. rhel7-canal-sep:
  456. stage: deploy-gce-special
  457. <<: *job
  458. <<: *gce
  459. variables:
  460. <<: *gce_variables
  461. <<: *rhel7_canal_sep_variables
  462. when: manual
  463. except: ['triggers']
  464. only: ['master', /^pr-.*$/,]
  465. rhel7-canal-sep-triggers:
  466. stage: deploy-gce-part1
  467. <<: *job
  468. <<: *gce
  469. variables:
  470. <<: *gce_variables
  471. <<: *rhel7_canal_sep_variables
  472. when: on_success
  473. only: ['triggers']
  474. centos7-calico-ha:
  475. stage: deploy-gce-special
  476. <<: *job
  477. <<: *gce
  478. variables:
  479. <<: *gce_variables
  480. <<: *centos7_calico_ha_variables
  481. when: manual
  482. except: ['triggers']
  483. only: ['master', /^pr-.*$/]
  484. centos7-calico-ha-triggers:
  485. stage: deploy-gce-part1
  486. <<: *job
  487. <<: *gce
  488. variables:
  489. <<: *gce_variables
  490. <<: *centos7_calico_ha_variables
  491. when: on_success
  492. only: ['triggers']
  493. # no triggers yet https://github.com/kubernetes-incubator/kargo/issues/613
  494. coreos-alpha-weave-ha:
  495. stage: deploy-gce-special
  496. <<: *job
  497. <<: *gce
  498. variables:
  499. <<: *gce_variables
  500. <<: *coreos_alpha_weave_ha_variables
  501. when: manual
  502. except: ['triggers']
  503. only: ['master', /^pr-.*$/]
  504. ubuntu-rkt-sep:
  505. stage: deploy-gce-part1
  506. <<: *job
  507. <<: *gce
  508. variables:
  509. <<: *gce_variables
  510. <<: *ubuntu_rkt_sep_variables
  511. when: manual
  512. except: ['triggers']
  513. only: ['master', /^pr-.*$/]
  514. ubuntu-vault-sep:
  515. stage: deploy-gce-part1
  516. <<: *job
  517. <<: *gce
  518. variables:
  519. <<: *gce_variables
  520. <<: *ubuntu_vault_sep_variables
  521. when: manual
  522. except: ['triggers']
  523. only: ['master', /^pr-.*$/]
  524. # Premoderated with manual actions
  525. ci-authorized:
  526. <<: *job
  527. stage: moderator
  528. before_script:
  529. - apt-get -y install jq
  530. script:
  531. - /bin/sh scripts/premoderator.sh
  532. except: ['triggers', 'master']
  533. syntax-check:
  534. <<: *job
  535. stage: unit-tests
  536. script:
  537. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root cluster.yml -vvv --syntax-check
  538. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root upgrade-cluster.yml -vvv --syntax-check
  539. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root reset.yml -vvv --syntax-check
  540. except: ['triggers', 'master']
  541. tox-inventory-builder:
  542. stage: unit-tests
  543. <<: *job
  544. script:
  545. - pip install tox
  546. - cd contrib/inventory_builder && tox
  547. when: manual
  548. except: ['triggers', 'master']