richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3789 Commits
30 Branches
81 Tags
149 MiB
Tree: 6923d350f4
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6923d350f4'
${ noResults }
kubespray/.gitlab-ci.yml

764 lines
18 KiB
Raw Normal View History

add gitlabci
8 years ago
fix inventory paths
6 years ago
add gitlabci
8 years ago
rollback to a two stage CI
6 years ago
Add deployment from gitlab-ci
8 years ago
Enable multiple CI platform / Add DigitalOcean
6 years ago
Force to /usr/bin/python in CI
6 years ago
Enable multiple CI platform / Add DigitalOcean
6 years ago
Fix CI upgrade scenario by using dynamic inventory file (#2635) Also updates the commit ID we use as a basis for upgrade tests.
6 years ago
Enable multiple CI platform / Add DigitalOcean
6 years ago
fix inventory paths
6 years ago
add gitlabci
8 years ago
Add deployment from gitlab-ci
8 years ago
add gitlabci
8 years ago
Force to /usr/bin/python in CI
6 years ago
add gitlabci
8 years ago
Split deploy steps in separate playbooks: part1 (#3451) * Fix bootstrap_os/ubuntu idempotency * Update bastion role * move container_engine in sub-roles * requires ansible 2.5 * ubuntu18 as first CI job
6 years ago
add gitlabci
8 years ago
Add deployment from gitlab-ci
8 years ago
Update .gitlab-ci.yml
7 years ago
Enable multiple CI platform / Add DigitalOcean
6 years ago
Add idempotency checks for CI Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
7 years ago
fix inventory paths
6 years ago
Enable multiple CI platform / Add DigitalOcean
6 years ago
Force to /usr/bin/python in CI
6 years ago
Enable multiple CI platform / Add DigitalOcean
6 years ago
add gitlabci
8 years ago
Add deployment from gitlab-ci
8 years ago
Force to /usr/bin/python in CI
6 years ago
Add deployment from gitlab-ci
8 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
add gitlabci
8 years ago
Add deployment from gitlab-ci
8 years ago
turn off coreos updates
7 years ago
Enable multiple CI platform / Add DigitalOcean
6 years ago
add gitlabci
8 years ago
Add CI cases for testing upgrade from v2.0.1 release These are manual trigger jobs, but should be run if any PR impacts upgrades.
7 years ago
Fix CI upgrade scenario by using dynamic inventory file (#2635) Also updates the commit ID we use as a basis for upgrade tests.
6 years ago
Add graceful upgrade process Based on #718 introduced by rsmitty. Includes all roles and all options to support deployment of new hosts in case they were added to inventory. Main difference here is that master role is evaluated first so that master components get upgraded first. Fixes #694
7 years ago
Upgrade kubernetes to v1.12.0 (#3410) * Upgrade kubernetes to v1.12.0 Use kubeadm v1alpha3 config * Upgrade coredns and etcd * Upgrage docker to 18.06
6 years ago
Fix broken CI jobs (#1854) * Fix broken CI jobs Adjust image and image_family scenarios for debian. Checkout CI file for upgrades * add debugging to file download * Fix download for alternate playbooks * Update ansible ssh args to force ssh user * Update sync_container.yml
7 years ago
Update Kubernetes to v1.9.0 (#2100) Update checksum for kubeadm Use v1.9.0 kubeadm params Include hash of ca.crt for kubeadm join Update tag for testing upgrades Add workaround for testing upgrades Remove scale CI scenarios because of slow inventory parsing in ansible 2.4.x. Change region for tests to us-central1 to improve ansible performance
7 years ago
Add CI cases for testing upgrade from v2.0.1 release These are manual trigger jobs, but should be run if any PR impacts upgrades.
7 years ago
Add deployment from gitlab-ci
8 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Fix CI upgrade scenario by using dynamic inventory file (#2635) Also updates the commit ID we use as a basis for upgrade tests.
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Sorting ansible args, fixed ci cluster_mode - s/separated/separate/g for cluster_mode so it now generates the correct number of instances
7 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
Sorting ansible args, fixed ci cluster_mode - s/separated/separate/g for cluster_mode so it now generates the correct number of instances
7 years ago
Add synthetic scale deployment mode New deploy modes: scale, ha-scale, separate-scale Creates 200 fake hosts for deployment with fake hostvars. Useful for testing certificate generation and propagation to other master nodes. Updated test cases descriptions.
7 years ago
Add deployment from gitlab-ci
8 years ago
add gitlabci
8 years ago
Add CI cases for testing upgrade from v2.0.1 release These are manual trigger jobs, but should be run if any PR impacts upgrades.
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
Add graceful upgrade process Based on #718 introduced by rsmitty. Includes all roles and all options to support deployment of new hosts in case they were added to inventory. Main difference here is that master role is evaluated first so that master components get upgraded first. Fixes #694
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Fix CI upgrade scenario by using dynamic inventory file (#2635) Also updates the commit ID we use as a basis for upgrade tests.
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
Add CI cases for testing upgrade from v2.0.1 release These are manual trigger jobs, but should be run if any PR impacts upgrades.
7 years ago
Add deployment from gitlab-ci
8 years ago
Enable HA deploy of kubeadm (#1658) * Enable HA deploy of kubeadm * raise delay to 60s for starting gce hosts
7 years ago
Fix CI upgrade scenario by using dynamic inventory file (#2635) Also updates the commit ID we use as a basis for upgrade tests.
6 years ago
Enable HA deploy of kubeadm (#1658) * Enable HA deploy of kubeadm * raise delay to 60s for starting gce hosts
7 years ago
Add deployment from gitlab-ci
8 years ago
Fix CI upgrade scenario by using dynamic inventory file (#2635) Also updates the commit ID we use as a basis for upgrade tests.
6 years ago
Add deployment from gitlab-ci
8 years ago
Manual steps for Gitlab CI pipeline * Reduce default testcase to 2 nodes, add HA case. * Adjust gen_matrix script for Travis/Gitlab CIs. * Enable netchecker deploy foro gitlab CI. * Sync other things from travis matrix and reorder them as build steps for pull requests, master branch, auto/manual. * Do auto-step1 from part1 and manual step2,3 for branches/PRs. * Do manual steps from part2, special for master merges. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
Fix CI upgrade scenario by using dynamic inventory file (#2635) Also updates the commit ID we use as a basis for upgrade tests.
6 years ago
Manual steps for Gitlab CI pipeline * Reduce default testcase to 2 nodes, add HA case. * Adjust gen_matrix script for Travis/Gitlab CIs. * Enable netchecker deploy foro gitlab CI. * Sync other things from travis matrix and reorder them as build steps for pull requests, master branch, auto/manual. * Do auto-step1 from part1 and manual step2,3 for branches/PRs. * Do manual steps from part2, special for master merges. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
Add idempotency checks for CI Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
7 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Fix CI upgrade scenario by using dynamic inventory file (#2635) Also updates the commit ID we use as a basis for upgrade tests.
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
kubeadm support (#1631) * kubeadm support * move k8s master to a subtask * disable k8s secrets when using kubeadm * fix etcd cert serial var * move simple auth users to master role * make a kubeadm-specific env file for kubelet * add non-ha CI job * change ci boolean vars to json format * fixup * Update create-gce.yml * Update create-gce.yml * Update create-gce.yml
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
Add idempotency checks for CI Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
7 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Fix CI upgrade scenario by using dynamic inventory file (#2635) Also updates the commit ID we use as a basis for upgrade tests.
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
Add idempotency checks for CI Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
7 years ago
Fix logic in idempotency tests in CI (#1722)
7 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Fix CI upgrade scenario by using dynamic inventory file (#2635) Also updates the commit ID we use as a basis for upgrade tests.
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
Add synthetic scale deployment mode New deploy modes: scale, ha-scale, separate-scale Creates 200 fake hosts for deployment with fake hostvars. Useful for testing certificate generation and propagation to other master nodes. Updated test cases descriptions.
7 years ago
Add idempotency checks for CI Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
7 years ago
Fix logic in idempotency tests in CI (#1722)
7 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Fix CI upgrade scenario by using dynamic inventory file (#2635) Also updates the commit ID we use as a basis for upgrade tests.
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
kubeadm support (#1631) * kubeadm support * move k8s master to a subtask * disable k8s secrets when using kubeadm * fix etcd cert serial var * move simple auth users to master role * make a kubeadm-specific env file for kubelet * add non-ha CI job * change ci boolean vars to json format * fixup * Update create-gce.yml * Update create-gce.yml * Update create-gce.yml
7 years ago
Correct indentation and line endings for gitlab config
7 years ago
Add idempotency checks for CI Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
7 years ago
Fix logic in idempotency tests in CI (#1722)
7 years ago
Fix CI upgrade scenario by using dynamic inventory file (#2635) Also updates the commit ID we use as a basis for upgrade tests.
6 years ago
Correct indentation and line endings for gitlab config
7 years ago
Add idempotency checks for CI Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
7 years ago
Add deployment from gitlab-ci
8 years ago
Enable multiple CI platform / Add DigitalOcean
6 years ago
Add deployment from gitlab-ci
8 years ago
Enable multiple CI platform / Add DigitalOcean
6 years ago
Add digitalocean test case
7 years ago
Enable multiple CI platform / Add DigitalOcean
6 years ago
Add gitlab CI auto builds for triggers Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
Add all-in-one CI mode and make coreos test aio (#1665)
7 years ago
fix inventory paths
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Add gitlab CI auto builds for triggers Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
Add ubuntu18 job
6 years ago
Upgrade to kubernetes v1.8.0 (#1730) * Upgrade to kubernetes v1.8.0 hyperkube no longer contains rsync, so now use cp * Enable node authorization mode * change kube-proxy cert group name
7 years ago
fix inventory paths
6 years ago
Move graceful upgrade test to debian canal HA, adjust drain Graceful upgrades require 3 nodes Drain now has a command timeout of 40s
7 years ago
Add gitlab CI auto builds for triggers Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
Upgrade to kubeadm (#1667) * Enable upgrade to kubeadm * fix kubedns upgrade * try upgrade route * use init/upgrade strategy for kubeadm and ignore kubedns svc * Use bin_dir for kubeadm * delete more secrets * fix waiting for terminating pods * Manually enforce kube-proxy for kubeadm deploy * remove proxy. update to kubeadm 1.8.0rc1
7 years ago
fix inventory paths
6 years ago
Upgrade to kubeadm (#1667) * Enable upgrade to kubeadm * fix kubedns upgrade * try upgrade route * use init/upgrade strategy for kubeadm and ignore kubedns svc * Use bin_dir for kubeadm * delete more secrets * fix waiting for terminating pods * Manually enforce kube-proxy for kubeadm deploy * remove proxy. update to kubeadm 1.8.0rc1
7 years ago
kubeadm support (#1631) * kubeadm support * move k8s master to a subtask * disable k8s secrets when using kubeadm * fix etcd cert serial var * move simple auth users to master role * make a kubeadm-specific env file for kubelet * add non-ha CI job * change ci boolean vars to json format * fixup * Update create-gce.yml * Update create-gce.yml * Update create-gce.yml
7 years ago
fix inventory paths
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
kubeadm support (#1631) * kubeadm support * move k8s master to a subtask * disable k8s secrets when using kubeadm * fix etcd cert serial var * move simple auth users to master role * make a kubeadm-specific env file for kubelet * add non-ha CI job * change ci boolean vars to json format * fixup * Update create-gce.yml * Update create-gce.yml * Update create-gce.yml
7 years ago
contiv network support (#1914) * Add Contiv support Contiv is a network plugin for Kubernetes and Docker. It supports vlan/vxlan/BGP/Cisco ACI technologies. It support firewall policies, multiple networks and bridging pods onto physical networks. * Update contiv version to 1.1.4 Update contiv version to 1.1.4 and added SVC_SUBNET in contiv-config. * Load openvswitch module to workaround on CentOS7.4 * Set contiv cni version to 0.1.0 Correct contiv CNI version to 0.1.0. * Use kube_apiserver_endpoint for K8S_API_SERVER Use kube_apiserver_endpoint as K8S_API_SERVER to make contiv talks to a available endpoint no matter if there's a loadbalancer or not. * Make contiv use its own etcd Before this commit, contiv is using a etcd proxy mode to k8s etcd, this work fine when the etcd hosts are co-located with contiv etcd proxy, however the k8s peering certs are only in etcd group, as a result the etcd-proxy is not able to peering with the k8s etcd on etcd group, plus the netplugin is always trying to find the etcd endpoint on localhost, this will cause problem for all netplugins not runnign on etcd group nodes. This commit make contiv uses its own etcd, separate from k8s one. on kube-master nodes (where net-master runs), it will run as leader mode and on all rest nodes it will run as proxy mode. * Use cp instead of rsync to copy cni binaries Since rsync has been removed from hyperkube, this commit changes it to use cp instead. * Make contiv-etcd able to run on master nodes * Add rbac_enabled flag for contiv pods * Add contiv into CNI network plugin lists * migrate contiv test to tests/files Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> * Add required rules for contiv netplugin * Better handling json return of fwdMode * Make contiv etcd port configurable * Use default var instead of templating * roles/download/defaults/main.yml: use contiv 1.1.7 Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
7 years ago
fix inventory paths
6 years ago
contiv network support (#1914) * Add Contiv support Contiv is a network plugin for Kubernetes and Docker. It supports vlan/vxlan/BGP/Cisco ACI technologies. It support firewall policies, multiple networks and bridging pods onto physical networks. * Update contiv version to 1.1.4 Update contiv version to 1.1.4 and added SVC_SUBNET in contiv-config. * Load openvswitch module to workaround on CentOS7.4 * Set contiv cni version to 0.1.0 Correct contiv CNI version to 0.1.0. * Use kube_apiserver_endpoint for K8S_API_SERVER Use kube_apiserver_endpoint as K8S_API_SERVER to make contiv talks to a available endpoint no matter if there's a loadbalancer or not. * Make contiv use its own etcd Before this commit, contiv is using a etcd proxy mode to k8s etcd, this work fine when the etcd hosts are co-located with contiv etcd proxy, however the k8s peering certs are only in etcd group, as a result the etcd-proxy is not able to peering with the k8s etcd on etcd group, plus the netplugin is always trying to find the etcd endpoint on localhost, this will cause problem for all netplugins not runnign on etcd group nodes. This commit make contiv uses its own etcd, separate from k8s one. on kube-master nodes (where net-master runs), it will run as leader mode and on all rest nodes it will run as proxy mode. * Use cp instead of rsync to copy cni binaries Since rsync has been removed from hyperkube, this commit changes it to use cp instead. * Make contiv-etcd able to run on master nodes * Add rbac_enabled flag for contiv pods * Add contiv into CNI network plugin lists * migrate contiv test to tests/files Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> * Add required rules for contiv netplugin * Better handling json return of fwdMode * Make contiv etcd port configurable * Use default var instead of templating * roles/download/defaults/main.yml: use contiv 1.1.7 Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
7 years ago
changed cilium to 1.0.0-rc7. Set CI to use coreos for cilium test
6 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
6 years ago
Added GCE Cilium Ubuntu test
6 years ago
Add ubuntu18 job
6 years ago
Add gitlab CI auto builds for triggers Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
fix inventory paths
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Add gitlab CI auto builds for triggers Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
Add new addon Istio (#1744) * add istio addon * add addons to a ci job
7 years ago
fix inventory paths
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Add gitlab CI auto builds for triggers Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
fix inventory paths
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Add gitlab CI auto builds for triggers Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
fix inventory paths
6 years ago
disable idempotency tests (#1872)
7 years ago
Add gitlab CI auto builds for triggers Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
fix inventory paths
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Add gitlab CI auto builds for triggers Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
fix inventory paths
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Add gitlab CI auto builds for triggers Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
fix inventory paths
6 years ago
disable idempotency tests (#1872)
7 years ago
Add gitlab CI auto builds for triggers Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
[jjo] add kube-router support (#3339) * [jjo] add kube-router support Fixes cloudnativelabs/kube-router#147. * add kube-router as another network_plugin choice * support most used kube-router flags via `kube_router_foo` vars as other plugins * implement replacing kube-proxy (--run-service-proxy=true) via `kube_proxy_mode: none`, verified in a _non kubeadm_enabled_ install, should also work for recent kubeadm releases via `skipKubeProxyInstall: true` config * [jjo] address PR#3339 review from @woopstar * add busybox image used by kube-router to downloads * fix busybox download groups key * rework kubeadm_enabled + kube_router_run_service_proxy - verify it working ok w/the kubeadm_enabled and kube_router_run_service_proxy true or false - introduce `kube_proxy_remove` fact, to decouple logic from kube_proxy_mode (which affects kubeadm configmap settings, thus no-good to ab-use it to 'none') * improve kube-router.md re: kubeadm_enabled and kube_router_run_service_proxy * address @woopstar latest review * add inventory/sample/group_vars/k8s-cluster/k8s-net-kube-router.yml * fix kube_router_run_service_proxy conditional for kube-proxy removal * fix kube_proxy_remove fact (w/ |bool), add some needed kube-proxy tags on my and existing changes * update kube-router tolerations for 1.12 compatibility * add PriorityClass to kube-router DaemonSet
6 years ago
Add coreos-alpha weave manual CI builds Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
fix inventory paths
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Add coreos-alpha weave manual CI builds Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
[jjo] add kube-router support (#3339) * [jjo] add kube-router support Fixes cloudnativelabs/kube-router#147. * add kube-router as another network_plugin choice * support most used kube-router flags via `kube_router_foo` vars as other plugins * implement replacing kube-proxy (--run-service-proxy=true) via `kube_proxy_mode: none`, verified in a _non kubeadm_enabled_ install, should also work for recent kubeadm releases via `skipKubeProxyInstall: true` config * [jjo] address PR#3339 review from @woopstar * add busybox image used by kube-router to downloads * fix busybox download groups key * rework kubeadm_enabled + kube_router_run_service_proxy - verify it working ok w/the kubeadm_enabled and kube_router_run_service_proxy true or false - introduce `kube_proxy_remove` fact, to decouple logic from kube_proxy_mode (which affects kubeadm configmap settings, thus no-good to ab-use it to 'none') * improve kube-router.md re: kubeadm_enabled and kube_router_run_service_proxy * address @woopstar latest review * add inventory/sample/group_vars/k8s-cluster/k8s-net-kube-router.yml * fix kube_router_run_service_proxy conditional for kube-proxy removal * fix kube_proxy_remove fact (w/ |bool), add some needed kube-proxy tags on my and existing changes * update kube-router tolerations for 1.12 compatibility * add PriorityClass to kube-router DaemonSet
6 years ago
Adding kubelet in rkt
8 years ago
fix inventory paths
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Adding kubelet in rkt
8 years ago
Fixed deploy cluster with vault cert manager (#1548) * Added custom ips to etcd vault distributed certificates * Added custom ips to kube-master vault distributed certificates * Added comment about issue_cert_copy_ca var in vault/issue_cert role file * Generate kube-proxy, controller-manager and scheduler certificates by vault * Revert "Disable vault from CI (#1546)" This reverts commit 781f31d2b81b98c8aa6cfda0897d5bd4d966107c. * Fixed upgrade cluster with vault cert manager * Remove vault dir in reset playbook
7 years ago
fix inventory paths
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
Vault security hardening and role isolation
7 years ago
refactor vault role (#2733) * Move front-proxy-client certs back to kube mount We want the same CA for all k8s certs * Refactor vault to use a third party module The module adds idempotency and reduces some of the repetitive logic in the vault role Requires ansible-modules-hashivault on ansible node and hvac on the vault hosts themselves Add upgrade test scenario Remove bootstrap-os tags from tasks * fix upgrade issues * improve unseal logic * specify ca and fix etcd check * Fix initialization check bump machine size
6 years ago
Upgrade to kubernetes v1.8.0 (#1730) * Upgrade to kubernetes v1.8.0 hyperkube no longer contains rsync, so now use cp * Enable node authorization mode * change kube-proxy cert group name
7 years ago
fix inventory paths
6 years ago
Move CI vars out of gitlab and into var files (#1808)
7 years ago
add ci test for rbac
7 years ago
[jjo] add kube-router support (#3339) * [jjo] add kube-router support Fixes cloudnativelabs/kube-router#147. * add kube-router as another network_plugin choice * support most used kube-router flags via `kube_router_foo` vars as other plugins * implement replacing kube-proxy (--run-service-proxy=true) via `kube_proxy_mode: none`, verified in a _non kubeadm_enabled_ install, should also work for recent kubeadm releases via `skipKubeProxyInstall: true` config * [jjo] address PR#3339 review from @woopstar * add busybox image used by kube-router to downloads * fix busybox download groups key * rework kubeadm_enabled + kube_router_run_service_proxy - verify it working ok w/the kubeadm_enabled and kube_router_run_service_proxy true or false - introduce `kube_proxy_remove` fact, to decouple logic from kube_proxy_mode (which affects kubeadm configmap settings, thus no-good to ab-use it to 'none') * improve kube-router.md re: kubeadm_enabled and kube_router_run_service_proxy * address @woopstar latest review * add inventory/sample/group_vars/k8s-cluster/k8s-net-kube-router.yml * fix kube_router_run_service_proxy conditional for kube-proxy removal * fix kube_proxy_remove fact (w/ |bool), add some needed kube-proxy tags on my and existing changes * update kube-router tolerations for 1.12 compatibility * add PriorityClass to kube-router DaemonSet
6 years ago
Revert "Revert "Add openSUSE support" (#2697)" (#2699) This reverts commit 51f4e6585a2000bd226c42ffde813639e4154ac6.
6 years ago
Single step CI
6 years ago
Do not auto-trigger gitlab CI pipeline on PRs For security and resources utilization reasons, do not auto-start CI for opened/updated PRs. A member of the kubernetes-incubator github org has first to approve that the PR is reasonable to test by putting the "ci check this" into the PR's comments. If approved that way, the CI pipeline starts as always. Only the 1st step of the pipeline is premoderatied, the rest will follow each over on success. Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
7 years ago
rollback to a two stage CI
6 years ago
Split deploy steps in separate playbooks: part1 (#3451) * Fix bootstrap_os/ubuntu idempotency * Update bastion role * move container_engine in sub-roles * requires ansible 2.5 * ubuntu18 as first CI job
6 years ago
fix inventory paths
6 years ago
add gitlabci
8 years ago
Add deployment from gitlab-ci
8 years ago
Split deploy steps in separate playbooks: part1 (#3451) * Fix bootstrap_os/ubuntu idempotency * Update bastion role * move container_engine in sub-roles * requires ansible 2.5 * ubuntu18 as first CI job
6 years ago
Fix tests
6 years ago
Manual steps for Gitlab CI pipeline * Reduce default testcase to 2 nodes, add HA case. * Adjust gen_matrix script for Travis/Gitlab CIs. * Enable netchecker deploy foro gitlab CI. * Sync other things from travis matrix and reorder them as build steps for pull requests, master branch, auto/manual. * Do auto-step1 from part1 and manual step2,3 for branches/PRs. * Do manual steps from part2, special for master merges. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
Allow triggered gitlab CI builds Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
fix inventory paths
6 years ago
add gitlabci
8 years ago
move ubuntu18 to CI part2
6 years ago
Split deploy steps in separate playbooks: part1 (#3451) * Fix bootstrap_os/ubuntu idempotency * Update bastion role * move container_engine in sub-roles * requires ansible 2.5 * ubuntu18 as first CI job
6 years ago
move ubuntu18 to CI part2
6 years ago
Add ubuntu18 job
6 years ago
Split deploy steps in separate playbooks: part1 (#3451) * Fix bootstrap_os/ubuntu idempotency * Update bastion role * move container_engine in sub-roles * requires ansible 2.5 * ubuntu18 as first CI job
6 years ago
Add ubuntu18 job
6 years ago
Split deploy steps in separate playbooks: part1 (#3451) * Fix bootstrap_os/ubuntu idempotency * Update bastion role * move container_engine in sub-roles * requires ansible 2.5 * ubuntu18 as first CI job
6 years ago
Add ubuntu18 job
6 years ago
Single step CI
6 years ago
rollback to a two stage CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Split deploy steps in separate playbooks: part1 (#3451) * Fix bootstrap_os/ubuntu idempotency * Update bastion role * move container_engine in sub-roles * requires ansible 2.5 * ubuntu18 as first CI job
6 years ago
Enable kubeadm test Need to test the kubeadm deployment cluster, most of the functional changes, will involve kubeadm.
6 years ago
Split deploy steps in separate playbooks: part1 (#3451) * Fix bootstrap_os/ubuntu idempotency * Update bastion role * move container_engine in sub-roles * requires ansible 2.5 * ubuntu18 as first CI job
6 years ago
Single step CI
6 years ago
rollback to a two stage CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
Split deploy steps in separate playbooks: part1 (#3451) * Fix bootstrap_os/ubuntu idempotency * Update bastion role * move container_engine in sub-roles * requires ansible 2.5 * ubuntu18 as first CI job
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Remove DigitalOcean
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
6 years ago
changed cilium to 1.0.0-rc7. Set CI to use coreos for cilium test
6 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
6 years ago
changed cilium to 1.0.0-rc7. Set CI to use coreos for cilium test
6 years ago
Added cilium support (#2236) * Added cilium support * Fix typo in debian test config * Remove empty lines * Changed cilium version from <latest> to <v1.0.0-rc3> * Add missing changes for cilium * Add cilium to CI pipeline * Fix wrong file name * Check kernel version for cilium * fixed ci error * fixed cilium-ds.j2 template * added waiting for cilium pods to run * Fixed missing EOF * Fixed trailing spaces * Fixed trailing spaces * Fixed trailing spaces * Fixed too many blank lines * Updated tolerations,annotations in cilium DS template * Set cilium_version to iptables-1.9 to see if bug is fixed in CI * Update cilium image tag to v1.0.0-rc4 * Update Cilium test case CI vars filenames * Add optional prometheus flag, adjust initial readiness delay * Update README.md with cilium info
6 years ago
Added GCE Cilium Ubuntu test
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
refactor vault role (#2733) * Move front-proxy-client certs back to kube mount We want the same CA for all k8s certs * Refactor vault to use a third party module The module adds idempotency and reduces some of the repetitive logic in the vault role Requires ansible-modules-hashivault on ansible node and hvac on the vault hosts themselves Add upgrade test scenario Remove bootstrap-os tags from tasks * fix upgrade issues * improve unseal logic * specify ca and fix etcd check * Fix initialization check bump machine size
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
[jjo] add kube-router support (#3339) * [jjo] add kube-router support Fixes cloudnativelabs/kube-router#147. * add kube-router as another network_plugin choice * support most used kube-router flags via `kube_router_foo` vars as other plugins * implement replacing kube-proxy (--run-service-proxy=true) via `kube_proxy_mode: none`, verified in a _non kubeadm_enabled_ install, should also work for recent kubeadm releases via `skipKubeProxyInstall: true` config * [jjo] address PR#3339 review from @woopstar * add busybox image used by kube-router to downloads * fix busybox download groups key * rework kubeadm_enabled + kube_router_run_service_proxy - verify it working ok w/the kubeadm_enabled and kube_router_run_service_proxy true or false - introduce `kube_proxy_remove` fact, to decouple logic from kube_proxy_mode (which affects kubeadm configmap settings, thus no-good to ab-use it to 'none') * improve kube-router.md re: kubeadm_enabled and kube_router_run_service_proxy * address @woopstar latest review * add inventory/sample/group_vars/k8s-cluster/k8s-net-kube-router.yml * fix kube_router_run_service_proxy conditional for kube-proxy removal * fix kube_proxy_remove fact (w/ |bool), add some needed kube-proxy tags on my and existing changes * update kube-router tolerations for 1.12 compatibility * add PriorityClass to kube-router DaemonSet
6 years ago
Revert "Revert "Add openSUSE support" (#2697)" (#2699) This reverts commit 51f4e6585a2000bd226c42ffde813639e4154ac6.
6 years ago
fix inventory paths
6 years ago
[jjo] add kube-router support (#3339) * [jjo] add kube-router support Fixes cloudnativelabs/kube-router#147. * add kube-router as another network_plugin choice * support most used kube-router flags via `kube_router_foo` vars as other plugins * implement replacing kube-proxy (--run-service-proxy=true) via `kube_proxy_mode: none`, verified in a _non kubeadm_enabled_ install, should also work for recent kubeadm releases via `skipKubeProxyInstall: true` config * [jjo] address PR#3339 review from @woopstar * add busybox image used by kube-router to downloads * fix busybox download groups key * rework kubeadm_enabled + kube_router_run_service_proxy - verify it working ok w/the kubeadm_enabled and kube_router_run_service_proxy true or false - introduce `kube_proxy_remove` fact, to decouple logic from kube_proxy_mode (which affects kubeadm configmap settings, thus no-good to ab-use it to 'none') * improve kube-router.md re: kubeadm_enabled and kube_router_run_service_proxy * address @woopstar latest review * add inventory/sample/group_vars/k8s-cluster/k8s-net-kube-router.yml * fix kube_router_run_service_proxy conditional for kube-proxy removal * fix kube_proxy_remove fact (w/ |bool), add some needed kube-proxy tags on my and existing changes * update kube-router tolerations for 1.12 compatibility * add PriorityClass to kube-router DaemonSet
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
Single step CI
6 years ago
fix inventory paths
6 years ago
refactor vault role (#2733) * Move front-proxy-client certs back to kube mount We want the same CA for all k8s certs * Refactor vault to use a third party module The module adds idempotency and reduces some of the repetitive logic in the vault role Requires ansible-modules-hashivault on ansible node and hvac on the vault hosts themselves Add upgrade test scenario Remove bootstrap-os tags from tasks * fix upgrade issues * improve unseal logic * specify ca and fix etcd check * Fix initialization check bump machine size
6 years ago
fix inventory paths
6 years ago
[jjo] add kube-router support (#3339) * [jjo] add kube-router support Fixes cloudnativelabs/kube-router#147. * add kube-router as another network_plugin choice * support most used kube-router flags via `kube_router_foo` vars as other plugins * implement replacing kube-proxy (--run-service-proxy=true) via `kube_proxy_mode: none`, verified in a _non kubeadm_enabled_ install, should also work for recent kubeadm releases via `skipKubeProxyInstall: true` config * [jjo] address PR#3339 review from @woopstar * add busybox image used by kube-router to downloads * fix busybox download groups key * rework kubeadm_enabled + kube_router_run_service_proxy - verify it working ok w/the kubeadm_enabled and kube_router_run_service_proxy true or false - introduce `kube_proxy_remove` fact, to decouple logic from kube_proxy_mode (which affects kubeadm configmap settings, thus no-good to ab-use it to 'none') * improve kube-router.md re: kubeadm_enabled and kube_router_run_service_proxy * address @woopstar latest review * add inventory/sample/group_vars/k8s-cluster/k8s-net-kube-router.yml * fix kube_router_run_service_proxy conditional for kube-proxy removal * fix kube_proxy_remove fact (w/ |bool), add some needed kube-proxy tags on my and existing changes * update kube-router tolerations for 1.12 compatibility * add PriorityClass to kube-router DaemonSet
6 years ago
fix inventory paths
6 years ago
  1. stages:
  2. - unit-tests
  3. - moderator
  4. - deploy-part1
  5. - deploy-part2
  6. - deploy-special
  8. variables:
  9. FAILFASTCI_NAMESPACE: 'kargo-ci'
  10. GITLAB_REPOSITORY: 'kargo-ci/kubernetes-incubator__kubespray'
  11. # DOCKER_HOST: tcp://localhost:2375
  12. ANSIBLE_FORCE_COLOR: "true"
  13. MAGIC: "ci check this"
  14. TEST_ID: "$CI_PIPELINE_ID-$CI_BUILD_ID"
  15. CI_TEST_VARS: "./tests/files/${CI_JOB_NAME}.yml"
  16. GS_ACCESS_KEY_ID: $GS_KEY
  17. GS_SECRET_ACCESS_KEY: $GS_SECRET
  18. CONTAINER_ENGINE: docker
  19. SSH_USER: root
  20. GCE_PREEMPTIBLE: "false"
  21. ANSIBLE_KEEP_REMOTE_FILES: "1"
  22. ANSIBLE_CONFIG: ./tests/ansible.cfg
  23. ANSIBLE_INVENTORY: ./inventory/sample/${CI_JOB_NAME}-${BUILD_NUMBER}.ini
  24. IDEMPOT_CHECK: "false"
  25. RESET_CHECK: "false"
  26. UPGRADE_TEST: "false"
  27. KUBEADM_ENABLED: "false"
  28. LOG_LEVEL: "-vv"
  30. # asia-east1-a
  31. # asia-northeast1-a
  32. # europe-west1-b
  33. # us-central1-a
  34. # us-east1-b
  35. # us-west1-a
  37. before_script:
  38. - /usr/bin/python -m pip install -r tests/requirements.txt
  39. - mkdir -p /.ssh
  41. .job: &job
  42. tags:
  43. - kubernetes
  44. - docker
  45. image: quay.io/kubespray/kubespray:v2.7
  47. .docker_service: &docker_service
  48. services:
  49. - docker:dind
  51. .create_cluster: &create_cluster
  52. <<: *job
  53. <<: *docker_service
  55. .gce_variables: &gce_variables
  56. GCE_USER: travis
  57. SSH_USER: $GCE_USER
  58. CLOUD_MACHINE_TYPE: "g1-small"
  59. CI_PLATFORM: "gce"
  60. PRIVATE_KEY: $GCE_PRIVATE_KEY
  62. .do_variables: &do_variables
  63. PRIVATE_KEY: $DO_PRIVATE_KEY
  64. CI_PLATFORM: "do"
  65. SSH_USER: root
  68. .testcases: &testcases
  69. <<: *job
  70. <<: *docker_service
  71. cache:
  72. key: "$CI_BUILD_REF_NAME"
  73. paths:
  74. - downloads/
  75. - $HOME/.cache
  76. before_script:
  77. - docker info
  78. - /usr/bin/python -m pip install -r requirements.txt
  79. - /usr/bin/python -m pip install -r tests/requirements.txt
  80. - mkdir -p /.ssh
  81. - mkdir -p $HOME/.ssh
  82. - ansible-playbook --version
  83. - export PYPATH=$([[ ! "$CI_JOB_NAME" =~ "coreos" ]] && echo /usr/bin/python || echo /opt/bin/python)
  84. - echo "CI_JOB_NAME is $CI_JOB_NAME"
  85. - echo "PYPATH is $PYPATH"
  86. script:
  87. - pwd
  88. - ls
  89. - echo ${PWD}
  90. - echo "${STARTUP_SCRIPT}"
  91. - cd tests && make create-${CI_PLATFORM} -s ; cd -
  93. # Check out latest tag if testing upgrade
  94. # Uncomment when gitlab kubespray repo has tags
  95. #- test "${UPGRADE_TEST}" != "false" && git fetch --all && git checkout $(git describe --tags $(git rev-list --tags --max-count=1))
  96. - test "${UPGRADE_TEST}" != "false" && git checkout 53d87e53c5899d4ea2904ab7e3883708dd6363d3
  97. # Checkout the CI vars file so it is available
  98. - test "${UPGRADE_TEST}" != "false" && git checkout "${CI_BUILD_REF}" tests/files/${CI_JOB_NAME}.yml
  99. # Workaround https://github.com/kubernetes-incubator/kubespray/issues/2021
  100. - 'sh -c "echo ignore_assert_errors: true | tee -a tests/files/${CI_JOB_NAME}.yml"'
  103. # Create cluster
  104. - >
  105. ansible-playbook
  106. -i ${ANSIBLE_INVENTORY}
  107. -b --become-user=root
  108. --private-key=${HOME}/.ssh/id_rsa
  109. -u $SSH_USER
  110. ${SSH_ARGS}
  111. ${LOG_LEVEL}
  112. -e @${CI_TEST_VARS}
  113. -e ansible_ssh_user=${SSH_USER}
  114. -e local_release_dir=${PWD}/downloads
  115. --limit "all:!fake_hosts"
  116. cluster.yml
  118. # Repeat deployment if testing upgrade
  119. - >
  120. if [ "${UPGRADE_TEST}" != "false" ]; then
  121. test "${UPGRADE_TEST}" == "basic" && PLAYBOOK="cluster.yml";
  122. test "${UPGRADE_TEST}" == "graceful" && PLAYBOOK="upgrade-cluster.yml";
  123. git checkout "${CI_BUILD_REF}";
  124. ansible-playbook
  125. -i ${ANSIBLE_INVENTORY}
  126. -b --become-user=root
  127. --private-key=${HOME}/.ssh/id_rsa
  128. -u $SSH_USER
  129. ${SSH_ARGS}
  130. ${LOG_LEVEL}
  131. -e @${CI_TEST_VARS}
  132. -e ansible_ssh_user=${SSH_USER}
  133. -e local_release_dir=${PWD}/downloads
  134. --limit "all:!fake_hosts"
  135. $PLAYBOOK;
  136. fi
  138. # Tests Cases
  139. ## Test Master API
  140. - >
  141. ansible-playbook -i ${ANSIBLE_INVENTORY} -e ansible_python_interpreter=${PYPATH} -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root --limit "all:!fake_hosts" tests/testcases/010_check-apiserver.yml $LOG_LEVEL
  142. -e "{kubeadm_enabled: ${KUBEADM_ENABLED}}"
  144. ## Ping the between 2 pod
  145. - ansible-playbook -i ${ANSIBLE_INVENTORY} -e ansible_python_interpreter=${PYPATH} -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root --limit "all:!fake_hosts" tests/testcases/030_check-network.yml $LOG_LEVEL
  147. ## Advanced DNS checks
  148. - ansible-playbook -i ${ANSIBLE_INVENTORY} -e ansible_python_interpreter=${PYPATH} -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root --limit "all:!fake_hosts" tests/testcases/040_check-network-adv.yml $LOG_LEVEL
  150. ## Idempotency checks 1/5 (repeat deployment)
  151. - >
  152. if [ "${IDEMPOT_CHECK}" = "true" ]; then
  153. ansible-playbook
  154. -i ${ANSIBLE_INVENTORY}
  155. -b --become-user=root
  156. --private-key=${HOME}/.ssh/id_rsa
  157. -u $SSH_USER
  158. ${SSH_ARGS}
  159. ${LOG_LEVEL}
  160. -e @${CI_TEST_VARS}
  161. -e ansible_python_interpreter=${PYPATH}
  162. -e local_release_dir=${PWD}/downloads
  163. --limit "all:!fake_hosts"
  164. cluster.yml;
  165. fi
  167. ## Idempotency checks 2/5 (Advanced DNS checks)
  168. - >
  169. if [ "${IDEMPOT_CHECK}" = "true" ]; then
  170. ansible-playbook
  171. -i ${ANSIBLE_INVENTORY}
  172. -b --become-user=root
  173. --private-key=${HOME}/.ssh/id_rsa
  174. -u $SSH_USER
  175. ${SSH_ARGS}
  176. ${LOG_LEVEL}
  177. -e @${CI_TEST_VARS}
  178. --limit "all:!fake_hosts"
  179. tests/testcases/040_check-network-adv.yml $LOG_LEVEL;
  180. fi
  182. ## Idempotency checks 3/5 (reset deployment)
  183. - >
  184. if [ "${IDEMPOT_CHECK}" = "true" -a "${RESET_CHECK}" = "true" ]; then
  185. ansible-playbook
  186. -i ${ANSIBLE_INVENTORY}
  187. -b --become-user=root
  188. --private-key=${HOME}/.ssh/id_rsa
  189. -u $SSH_USER
  190. ${SSH_ARGS}
  191. ${LOG_LEVEL}
  192. -e @${CI_TEST_VARS}
  193. -e ansible_python_interpreter=${PYPATH}
  194. -e reset_confirmation=yes
  195. --limit "all:!fake_hosts"
  196. reset.yml;
  197. fi
  199. ## Idempotency checks 4/5 (redeploy after reset)
  200. - >
  201. if [ "${IDEMPOT_CHECK}" = "true" -a "${RESET_CHECK}" = "true" ]; then
  202. ansible-playbook
  203. -i ${ANSIBLE_INVENTORY}
  204. -b --become-user=root
  205. --private-key=${HOME}/.ssh/id_rsa
  206. -u $SSH_USER
  207. ${SSH_ARGS}
  208. ${LOG_LEVEL}
  209. -e @${CI_TEST_VARS}
  210. -e ansible_python_interpreter=${PYPATH}
  211. -e local_release_dir=${PWD}/downloads
  212. --limit "all:!fake_hosts"
  213. cluster.yml;
  214. fi
  216. ## Idempotency checks 5/5 (Advanced DNS checks)
  217. - >
  218. if [ "${IDEMPOT_CHECK}" = "true" -a "${RESET_CHECK}" = "true" ]; then
  219. ansible-playbook -i ${ANSIBLE_INVENTORY} -e ansible_python_interpreter=${PYPATH}
  220. -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root
  221. --limit "all:!fake_hosts"
  222. tests/testcases/040_check-network-adv.yml $LOG_LEVEL;
  223. fi
  225. after_script:
  226. - cd tests && make delete-${CI_PLATFORM} -s ; cd -
  228. .gce: &gce
  229. <<: *testcases
  230. variables:
  231. <<: *gce_variables
  233. .do: &do
  234. variables:
  235. <<: *do_variables
  236. <<: *testcases
  238. # Test matrix. Leave the comments for markup scripts.
  239. .coreos_calico_aio_variables: &coreos_calico_aio_variables
  240. # stage: deploy-part1
  241. MOVED_TO_GROUP_VARS: "true"
  243. .ubuntu18_flannel_aio_variables: &ubuntu18_flannel_aio_variables
  244. # stage: deploy-part1
  245. MOVED_TO_GROUP_VARS: "true"
  247. .ubuntu_canal_ha_variables: &ubuntu_canal_ha_variables
  248. # stage: deploy-part1
  249. UPGRADE_TEST: "graceful"
  251. .centos_weave_kubeadm_variables: &centos_weave_kubeadm_variables
  252. # stage: deploy-part1
  253. UPGRADE_TEST: "graceful"
  255. .ubuntu_canal_kubeadm_variables: &ubuntu_canal_kubeadm_variables
  256. # stage: deploy-part1
  257. MOVED_TO_GROUP_VARS: "true"
  259. .ubuntu_contiv_sep_variables: &ubuntu_contiv_sep_variables
  260. # stage: deploy-special
  261. MOVED_TO_GROUP_VARS: "true"
  263. .coreos_cilium_variables: &coreos_cilium_variables
  264. # stage: deploy-special
  265. MOVED_TO_GROUP_VARS: "true"
  267. .ubuntu_cilium_sep_variables: &ubuntu_cilium_sep_variables
  268. # stage: deploy-special
  269. MOVED_TO_GROUP_VARS: "true"
  271. .rhel7_weave_variables: &rhel7_weave_variables
  272. # stage: deploy-part1
  273. MOVED_TO_GROUP_VARS: "true"
  275. .centos7_flannel_addons_variables: &centos7_flannel_addons_variables
  276. # stage: deploy-part2
  277. MOVED_TO_GROUP_VARS: "true"
  279. .debian8_calico_variables: &debian8_calico_variables
  280. # stage: deploy-part2
  281. MOVED_TO_GROUP_VARS: "true"
  283. .coreos_canal_variables: &coreos_canal_variables
  284. # stage: deploy-part2
  285. MOVED_TO_GROUP_VARS: "true"
  287. .rhel7_canal_sep_variables: &rhel7_canal_sep_variables
  288. # stage: deploy-special
  289. MOVED_TO_GROUP_VARS: "true"
  291. .ubuntu_weave_sep_variables: &ubuntu_weave_sep_variables
  292. # stage: deploy-special
  293. MOVED_TO_GROUP_VARS: "true"
  295. .centos7_calico_ha_variables: &centos7_calico_ha_variables
  296. # stage: deploy-special
  297. MOVED_TO_GROUP_VARS: "true"
  299. .centos7_kube_router_variables: &centos7_kube_router_variables
  300. # stage: deploy-special
  301. MOVED_TO_GROUP_VARS: "true"
  303. .coreos_alpha_weave_ha_variables: &coreos_alpha_weave_ha_variables
  304. # stage: deploy-special
  305. MOVED_TO_GROUP_VARS: "true"
  307. .coreos_kube_router_variables: &coreos_kube_router_variables
  308. # stage: deploy-special
  309. MOVED_TO_GROUP_VARS: "true"
  311. .ubuntu_rkt_sep_variables: &ubuntu_rkt_sep_variables
  312. # stage: deploy-part1
  313. MOVED_TO_GROUP_VARS: "true"
  315. .ubuntu_vault_sep_variables: &ubuntu_vault_sep_variables
  316. # stage: deploy-part1
  317. MOVED_TO_GROUP_VARS: "true"
  319. .coreos_vault_upgrade_variables: &coreos_vault_upgrade_variables
  320. # stage: deploy-part1
  321. UPGRADE_TEST: "basic"
  323. .ubuntu_flannel_variables: &ubuntu_flannel_variables
  324. # stage: deploy-special
  325. MOVED_TO_GROUP_VARS: "true"
  327. .ubuntu_kube_router_variables: &ubuntu_kube_router_variables
  328. # stage: deploy-special
  329. MOVED_TO_GROUP_VARS: "true"
  331. .opensuse_canal_variables: &opensuse_canal_variables
  332. # stage: deploy-part2
  333. MOVED_TO_GROUP_VARS: "true"
  336. # Builds for PRs only (premoderated by unit-tests step) and triggers (auto)
  337. ### PR JOBS PART1
  339. gce_ubuntu18-flannel-aio:
  340. stage: deploy-part1
  341. <<: *job
  342. <<: *gce
  343. variables:
  344. <<: *ubuntu18_flannel_aio_variables
  345. <<: *gce_variables
  346. when: on_success
  347. except: ['triggers']
  348. only: [/^pr-.*$/]
  350. ### PR JOBS PART2
  352. gce_coreos-calico-aio:
  353. stage: deploy-part2
  354. <<: *job
  355. <<: *gce
  356. variables:
  357. <<: *coreos_calico_aio_variables
  358. <<: *gce_variables
  359. when: on_success
  360. except: ['triggers']
  361. only: [/^pr-.*$/]
  363. gce_centos7-flannel-addons:
  364. stage: deploy-part2
  365. <<: *job
  366. <<: *gce
  367. variables:
  368. <<: *gce_variables
  369. <<: *centos7_flannel_addons_variables
  370. when: on_success
  371. except: ['triggers']
  372. only: [/^pr-.*$/]
  374. gce_centos-weave-kubeadm-sep:
  375. stage: deploy-part2
  376. <<: *job
  377. <<: *gce
  378. variables:
  379. <<: *gce_variables
  380. <<: *centos_weave_kubeadm_variables
  381. when: on_success
  382. except: ['triggers']
  383. only: [/^pr-.*$/]
  385. ### MANUAL JOBS
  387. gce_ubuntu-weave-sep:
  388. stage: deploy-part2
  389. <<: *job
  390. <<: *gce
  391. variables:
  392. <<: *gce_variables
  393. <<: *ubuntu_weave_sep_variables
  394. when: manual
  395. except: ['triggers']
  396. only: [/^pr-.*$/]
  398. gce_coreos-calico-sep-triggers:
  399. stage: deploy-part2
  400. <<: *job
  401. <<: *gce
  402. variables:
  403. <<: *gce_variables
  404. <<: *coreos_calico_aio_variables
  405. when: on_success
  406. only: ['triggers']
  408. gce_ubuntu-canal-ha-triggers:
  409. stage: deploy-part2
  410. <<: *job
  411. <<: *gce
  412. variables:
  413. <<: *gce_variables
  414. <<: *ubuntu_canal_ha_variables
  415. when: on_success
  416. only: ['triggers']
  418. gce_centos7-flannel-addons-triggers:
  419. stage: deploy-part2
  420. <<: *job
  421. <<: *gce
  422. variables:
  423. <<: *gce_variables
  424. <<: *centos7_flannel_addons_variables
  425. when: on_success
  426. only: ['triggers']
  429. gce_ubuntu-weave-sep-triggers:
  430. stage: deploy-part2
  431. <<: *job
  432. <<: *gce
  433. variables:
  434. <<: *gce_variables
  435. <<: *ubuntu_weave_sep_variables
  436. when: on_success
  437. only: ['triggers']
  439. # More builds for PRs/merges (manual) and triggers (auto)
  440. do_ubuntu-canal-ha:
  441. stage: deploy-part2
  442. <<: *job
  443. <<: *do
  444. variables:
  445. <<: *do_variables
  446. when: manual
  447. except: ['triggers']
  448. only: ['master', /^pr-.*$/]
  450. gce_ubuntu-canal-ha:
  451. stage: deploy-part2
  452. <<: *job
  453. <<: *gce
  454. variables:
  455. <<: *gce_variables
  456. <<: *ubuntu_canal_ha_variables
  457. when: manual
  458. except: ['triggers']
  459. only: ['master', /^pr-.*$/]
  461. gce_ubuntu-canal-kubeadm:
  462. stage: deploy-part2
  463. <<: *job
  464. <<: *gce
  465. variables:
  466. <<: *gce_variables
  467. <<: *ubuntu_canal_kubeadm_variables
  468. when: manual
  469. except: ['triggers']
  470. only: ['master', /^pr-.*$/]
  472. gce_ubuntu-canal-kubeadm-triggers:
  473. stage: deploy-part2
  474. <<: *job
  475. <<: *gce
  476. variables:
  477. <<: *gce_variables
  478. <<: *ubuntu_canal_kubeadm_variables
  479. when: on_success
  480. only: ['triggers']
  482. gce_centos-weave-kubeadm-triggers:
  483. stage: deploy-part2
  484. <<: *job
  485. <<: *gce
  486. variables:
  487. <<: *gce_variables
  488. <<: *centos_weave_kubeadm_variables
  489. when: on_success
  490. only: ['triggers']
  492. gce_ubuntu-contiv-sep:
  493. stage: deploy-special
  494. <<: *job
  495. <<: *gce
  496. variables:
  497. <<: *gce_variables
  498. <<: *ubuntu_contiv_sep_variables
  499. when: manual
  500. except: ['triggers']
  501. only: ['master', /^pr-.*$/]
  503. gce_coreos-cilium:
  504. stage: deploy-special
  505. <<: *job
  506. <<: *gce
  507. variables:
  508. <<: *gce_variables
  509. <<: *coreos_cilium_variables
  510. when: manual
  511. except: ['triggers']
  512. only: ['master', /^pr-.*$/]
  514. gce_ubuntu-cilium-sep:
  515. stage: deploy-special
  516. <<: *job
  517. <<: *gce
  518. variables:
  519. <<: *gce_variables
  520. <<: *ubuntu_cilium_sep_variables
  521. when: manual
  522. except: ['triggers']
  523. only: ['master', /^pr-.*$/]
  525. gce_rhel7-weave:
  526. stage: deploy-part2
  527. <<: *job
  528. <<: *gce
  529. variables:
  530. <<: *gce_variables
  531. <<: *rhel7_weave_variables
  532. when: manual
  533. except: ['triggers']
  534. only: ['master', /^pr-.*$/]
  536. gce_rhel7-weave-triggers:
  537. stage: deploy-part2
  538. <<: *job
  539. <<: *gce
  540. variables:
  541. <<: *gce_variables
  542. <<: *rhel7_weave_variables
  543. when: on_success
  544. only: ['triggers']
  546. gce_debian8-calico-upgrade:
  547. stage: deploy-part2
  548. <<: *job
  549. <<: *gce
  550. variables:
  551. <<: *gce_variables
  552. <<: *debian8_calico_variables
  553. when: manual
  554. except: ['triggers']
  555. only: ['master', /^pr-.*$/]
  557. gce_debian8-calico-triggers:
  558. stage: deploy-part2
  559. <<: *job
  560. <<: *gce
  561. variables:
  562. <<: *gce_variables
  563. <<: *debian8_calico_variables
  564. when: on_success
  565. only: ['triggers']
  567. gce_coreos-canal:
  568. stage: deploy-part2
  569. <<: *job
  570. <<: *gce
  571. variables:
  572. <<: *gce_variables
  573. <<: *coreos_canal_variables
  574. when: manual
  575. except: ['triggers']
  576. only: ['master', /^pr-.*$/]
  578. gce_coreos-canal-triggers:
  579. stage: deploy-part2
  580. <<: *job
  581. <<: *gce
  582. variables:
  583. <<: *gce_variables
  584. <<: *coreos_canal_variables
  585. when: on_success
  586. only: ['triggers']
  588. gce_rhel7-canal-sep:
  589. stage: deploy-special
  590. <<: *job
  591. <<: *gce
  592. variables:
  593. <<: *gce_variables
  594. <<: *rhel7_canal_sep_variables
  595. when: manual
  596. except: ['triggers']
  597. only: ['master', /^pr-.*$/]
  599. gce_rhel7-canal-sep-triggers:
  600. stage: deploy-part2
  601. <<: *job
  602. <<: *gce
  603. variables:
  604. <<: *gce_variables
  605. <<: *rhel7_canal_sep_variables
  606. when: on_success
  607. only: ['triggers']
  609. gce_centos7-calico-ha:
  610. stage: deploy-special
  611. <<: *job
  612. <<: *gce
  613. variables:
  614. <<: *gce_variables
  615. <<: *centos7_calico_ha_variables
  616. when: manual
  617. except: ['triggers']
  618. only: ['master', /^pr-.*$/]
  620. gce_centos7-calico-ha-triggers:
  621. stage: deploy-part2
  622. <<: *job
  623. <<: *gce
  624. variables:
  625. <<: *gce_variables
  626. <<: *centos7_calico_ha_variables
  627. when: on_success
  628. only: ['triggers']
  630. gce_centos7-kube-router:
  631. stage: deploy-special
  632. <<: *job
  633. <<: *gce
  634. variables:
  635. <<: *gce_variables
  636. <<: *centos7_kube_router_variables
  637. when: manual
  638. except: ['triggers']
  639. only: ['master', /^pr-.*$/]
  641. gce_opensuse-canal:
  642. stage: deploy-part2
  643. <<: *job
  644. <<: *gce
  645. variables:
  646. <<: *gce_variables
  647. <<: *opensuse_canal_variables
  648. when: manual
  649. except: ['triggers']
  650. only: ['master', /^pr-.*$/]
  652. # no triggers yet https://github.com/kubernetes-incubator/kargo/issues/613
  653. gce_coreos-alpha-weave-ha:
  654. stage: deploy-special
  655. <<: *job
  656. <<: *gce
  657. variables:
  658. <<: *gce_variables
  659. <<: *coreos_alpha_weave_ha_variables
  660. when: manual
  661. except: ['triggers']
  662. only: ['master', /^pr-.*$/]
  664. gce_coreos-kube-router:
  665. stage: deploy-special
  666. <<: *job
  667. <<: *gce
  668. variables:
  669. <<: *gce_variables
  670. <<: *coreos_kube_router_variables
  671. when: manual
  672. except: ['triggers']
  673. only: ['master', /^pr-.*$/]
  675. gce_ubuntu-rkt-sep:
  676. stage: deploy-part2
  677. <<: *job
  678. <<: *gce
  679. variables:
  680. <<: *gce_variables
  681. <<: *ubuntu_rkt_sep_variables
  682. when: manual
  683. except: ['triggers']
  684. only: ['master', /^pr-.*$/]
  686. gce_ubuntu-vault-sep:
  687. stage: deploy-part2
  688. <<: *job
  689. <<: *gce
  690. variables:
  691. <<: *gce_variables
  692. <<: *ubuntu_vault_sep_variables
  693. when: manual
  694. except: ['triggers']
  695. only: ['master', /^pr-.*$/]
  697. gce_coreos-vault-upgrade:
  698. stage: deploy-part2
  699. <<: *job
  700. <<: *gce
  701. variables:
  702. <<: *gce_variables
  703. <<: *coreos_vault_upgrade_variables
  704. when: manual
  705. except: ['triggers']
  706. only: ['master', /^pr-.*$/]
  708. gce_ubuntu-flannel-sep:
  709. stage: deploy-special
  710. <<: *job
  711. <<: *gce
  712. variables:
  713. <<: *gce_variables
  714. <<: *ubuntu_flannel_variables
  715. when: manual
  716. except: ['triggers']
  717. only: ['master', /^pr-.*$/]
  719. gce_ubuntu-kube-router-sep:
  720. stage: deploy-special
  721. <<: *job
  722. <<: *gce
  723. variables:
  724. <<: *gce_variables
  725. <<: *ubuntu_kube_router_variables
  726. when: manual
  727. except: ['triggers']
  728. only: ['master', /^pr-.*$/]
  730. # Premoderated with manual actions
  731. ci-authorized:
  732. <<: *job
  733. stage: moderator
  734. before_script:
  735. - apt-get -y install jq
  736. script:
  737. - /bin/sh scripts/premoderator.sh
  738. except: ['triggers', 'master']
  740. syntax-check:
  741. <<: *job
  742. stage: unit-tests
  743. script:
  744. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root cluster.yml -vvv --syntax-check
  745. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root upgrade-cluster.yml -vvv --syntax-check
  746. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root reset.yml -vvv --syntax-check
  747. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root extra_playbooks/upgrade-only-k8s.yml -vvv --syntax-check
  748. except: ['triggers', 'master']
  750. yamllint:
  751. <<: *job
  752. stage: unit-tests
  753. script:
  754. - yamllint roles
  755. except: ['triggers', 'master']
  757. tox-inventory-builder:
  758. stage: unit-tests
  759. <<: *job
  760. script:
  761. - pip install tox
  762. - cd contrib/inventory_builder && tox
  763. when: manual
  764. except: ['triggers', 'master']