You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

686 lines
16 KiB

8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
contiv network support (#1914) * Add Contiv support Contiv is a network plugin for Kubernetes and Docker. It supports vlan/vxlan/BGP/Cisco ACI technologies. It support firewall policies, multiple networks and bridging pods onto physical networks. * Update contiv version to 1.1.4 Update contiv version to 1.1.4 and added SVC_SUBNET in contiv-config. * Load openvswitch module to workaround on CentOS7.4 * Set contiv cni version to 0.1.0 Correct contiv CNI version to 0.1.0. * Use kube_apiserver_endpoint for K8S_API_SERVER Use kube_apiserver_endpoint as K8S_API_SERVER to make contiv talks to a available endpoint no matter if there's a loadbalancer or not. * Make contiv use its own etcd Before this commit, contiv is using a etcd proxy mode to k8s etcd, this work fine when the etcd hosts are co-located with contiv etcd proxy, however the k8s peering certs are only in etcd group, as a result the etcd-proxy is not able to peering with the k8s etcd on etcd group, plus the netplugin is always trying to find the etcd endpoint on localhost, this will cause problem for all netplugins not runnign on etcd group nodes. This commit make contiv uses its own etcd, separate from k8s one. on kube-master nodes (where net-master runs), it will run as leader mode and on all rest nodes it will run as proxy mode. * Use cp instead of rsync to copy cni binaries Since rsync has been removed from hyperkube, this commit changes it to use cp instead. * Make contiv-etcd able to run on master nodes * Add rbac_enabled flag for contiv pods * Add contiv into CNI network plugin lists * migrate contiv test to tests/files Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> * Add required rules for contiv netplugin * Better handling json return of fwdMode * Make contiv etcd port configurable * Use default var instead of templating * roles/download/defaults/main.yml: use contiv 1.1.7 Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
7 years ago
contiv network support (#1914) * Add Contiv support Contiv is a network plugin for Kubernetes and Docker. It supports vlan/vxlan/BGP/Cisco ACI technologies. It support firewall policies, multiple networks and bridging pods onto physical networks. * Update contiv version to 1.1.4 Update contiv version to 1.1.4 and added SVC_SUBNET in contiv-config. * Load openvswitch module to workaround on CentOS7.4 * Set contiv cni version to 0.1.0 Correct contiv CNI version to 0.1.0. * Use kube_apiserver_endpoint for K8S_API_SERVER Use kube_apiserver_endpoint as K8S_API_SERVER to make contiv talks to a available endpoint no matter if there's a loadbalancer or not. * Make contiv use its own etcd Before this commit, contiv is using a etcd proxy mode to k8s etcd, this work fine when the etcd hosts are co-located with contiv etcd proxy, however the k8s peering certs are only in etcd group, as a result the etcd-proxy is not able to peering with the k8s etcd on etcd group, plus the netplugin is always trying to find the etcd endpoint on localhost, this will cause problem for all netplugins not runnign on etcd group nodes. This commit make contiv uses its own etcd, separate from k8s one. on kube-master nodes (where net-master runs), it will run as leader mode and on all rest nodes it will run as proxy mode. * Use cp instead of rsync to copy cni binaries Since rsync has been removed from hyperkube, this commit changes it to use cp instead. * Make contiv-etcd able to run on master nodes * Add rbac_enabled flag for contiv pods * Add contiv into CNI network plugin lists * migrate contiv test to tests/files Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> * Add required rules for contiv netplugin * Better handling json return of fwdMode * Make contiv etcd port configurable * Use default var instead of templating * roles/download/defaults/main.yml: use contiv 1.1.7 Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
7 years ago
6 years ago
8 years ago
6 years ago
8 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
  1. stages:
  2. - unit-tests
  3. - moderator
  4. - deploy-part1
  5. - deploy-part2
  6. - deploy-special
  7. variables:
  8. FAILFASTCI_NAMESPACE: 'kargo-ci'
  9. GITLAB_REPOSITORY: 'kargo-ci/kubernetes-incubator__kubespray'
  10. # DOCKER_HOST: tcp://localhost:2375
  11. ANSIBLE_FORCE_COLOR: "true"
  12. MAGIC: "ci check this"
  13. TEST_ID: "$CI_PIPELINE_ID-$CI_BUILD_ID"
  14. CI_TEST_VARS: "./tests/files/${CI_JOB_NAME}.yml"
  15. GS_ACCESS_KEY_ID: $GS_KEY
  16. GS_SECRET_ACCESS_KEY: $GS_SECRET
  17. CONTAINER_ENGINE: docker
  18. SSH_USER: root
  19. GCE_PREEMPTIBLE: "false"
  20. ANSIBLE_KEEP_REMOTE_FILES: "1"
  21. ANSIBLE_CONFIG: ./tests/ansible.cfg
  22. ANSIBLE_INVENTORY: ./inventory/sample/${CI_JOB_NAME}-${BUILD_NUMBER}.ini
  23. IDEMPOT_CHECK: "false"
  24. RESET_CHECK: "false"
  25. UPGRADE_TEST: "false"
  26. KUBEADM_ENABLED: "false"
  27. LOG_LEVEL: "-vv"
  28. # asia-east1-a
  29. # asia-northeast1-a
  30. # europe-west1-b
  31. # us-central1-a
  32. # us-east1-b
  33. # us-west1-a
  34. before_script:
  35. - /usr/bin/python -m pip install -r tests/requirements.txt
  36. - mkdir -p /.ssh
  37. .job: &job
  38. tags:
  39. - kubernetes
  40. - docker
  41. image: quay.io/kubespray/kubespray:latest
  42. .docker_service: &docker_service
  43. services:
  44. - docker:dind
  45. .create_cluster: &create_cluster
  46. <<: *job
  47. <<: *docker_service
  48. .gce_variables: &gce_variables
  49. GCE_USER: travis
  50. SSH_USER: $GCE_USER
  51. CLOUD_MACHINE_TYPE: "g1-small"
  52. CI_PLATFORM: "gce"
  53. PRIVATE_KEY: $GCE_PRIVATE_KEY
  54. .do_variables: &do_variables
  55. PRIVATE_KEY: $DO_PRIVATE_KEY
  56. CI_PLATFORM: "do"
  57. SSH_USER: root
  58. .testcases: &testcases
  59. <<: *job
  60. <<: *docker_service
  61. cache:
  62. key: "$CI_BUILD_REF_NAME"
  63. paths:
  64. - downloads/
  65. - $HOME/.cache
  66. before_script:
  67. - docker info
  68. - /usr/bin/python -m pip install -r requirements.txt
  69. - /usr/bin/python -m pip install -r tests/requirements.txt
  70. - mkdir -p /.ssh
  71. - mkdir -p $HOME/.ssh
  72. - ansible-playbook --version
  73. - export PYPATH=$([[ ! "$CI_JOB_NAME" =~ "coreos" ]] && echo /usr/bin/python || echo /opt/bin/python)
  74. - echo "CI_JOB_NAME is $CI_JOB_NAME"
  75. - echo "PYPATH is $PYPATH"
  76. script:
  77. - pwd
  78. - ls
  79. - echo ${PWD}
  80. - echo "${STARTUP_SCRIPT}"
  81. - cd tests && make create-${CI_PLATFORM} -s ; cd -
  82. # Check out latest tag if testing upgrade
  83. # Uncomment when gitlab kubespray repo has tags
  84. #- test "${UPGRADE_TEST}" != "false" && git fetch --all && git checkout $(git describe --tags $(git rev-list --tags --max-count=1))
  85. - test "${UPGRADE_TEST}" != "false" && git checkout f7d52564aad2ff8e337634951beb4a881c0e8aa6
  86. # Checkout the CI vars file so it is available
  87. - test "${UPGRADE_TEST}" != "false" && git checkout "${CI_BUILD_REF}" tests/files/${CI_JOB_NAME}.yml
  88. # Workaround https://github.com/kubernetes-incubator/kubespray/issues/2021
  89. - 'sh -c "echo ignore_assert_errors: true | tee -a tests/files/${CI_JOB_NAME}.yml"'
  90. # Create cluster
  91. - >
  92. ansible-playbook
  93. -i ${ANSIBLE_INVENTORY}
  94. -b --become-user=root
  95. --private-key=${HOME}/.ssh/id_rsa
  96. -u $SSH_USER
  97. ${SSH_ARGS}
  98. ${LOG_LEVEL}
  99. -e @${CI_TEST_VARS}
  100. -e ansible_ssh_user=${SSH_USER}
  101. -e local_release_dir=${PWD}/downloads
  102. --limit "all:!fake_hosts"
  103. cluster.yml
  104. # Repeat deployment if testing upgrade
  105. - >
  106. if [ "${UPGRADE_TEST}" != "false" ]; then
  107. test "${UPGRADE_TEST}" == "basic" && PLAYBOOK="cluster.yml";
  108. test "${UPGRADE_TEST}" == "graceful" && PLAYBOOK="upgrade-cluster.yml";
  109. git checkout "${CI_BUILD_REF}";
  110. ansible-playbook
  111. -i ${ANSIBLE_INVENTORY}
  112. -b --become-user=root
  113. --private-key=${HOME}/.ssh/id_rsa
  114. -u $SSH_USER
  115. ${SSH_ARGS}
  116. ${LOG_LEVEL}
  117. -e @${CI_TEST_VARS}
  118. -e ansible_ssh_user=${SSH_USER}
  119. -e local_release_dir=${PWD}/downloads
  120. --limit "all:!fake_hosts"
  121. $PLAYBOOK;
  122. fi
  123. # Tests Cases
  124. ## Test Master API
  125. - >
  126. ansible-playbook -i ${ANSIBLE_INVENTORY} -e ansible_python_interpreter=${PYPATH} -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root --limit "all:!fake_hosts" tests/testcases/010_check-apiserver.yml $LOG_LEVEL
  127. -e "{kubeadm_enabled: ${KUBEADM_ENABLED}}"
  128. ## Ping the between 2 pod
  129. - ansible-playbook -i ${ANSIBLE_INVENTORY} -e ansible_python_interpreter=${PYPATH} -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root --limit "all:!fake_hosts" tests/testcases/030_check-network.yml $LOG_LEVEL
  130. ## Advanced DNS checks
  131. - ansible-playbook -i ${ANSIBLE_INVENTORY} -e ansible_python_interpreter=${PYPATH} -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root --limit "all:!fake_hosts" tests/testcases/040_check-network-adv.yml $LOG_LEVEL
  132. ## Idempotency checks 1/5 (repeat deployment)
  133. - >
  134. if [ "${IDEMPOT_CHECK}" = "true" ]; then
  135. ansible-playbook
  136. -i ${ANSIBLE_INVENTORY}
  137. -b --become-user=root
  138. --private-key=${HOME}/.ssh/id_rsa
  139. -u $SSH_USER
  140. ${SSH_ARGS}
  141. ${LOG_LEVEL}
  142. -e @${CI_TEST_VARS}
  143. -e ansible_python_interpreter=${PYPATH}
  144. -e local_release_dir=${PWD}/downloads
  145. --limit "all:!fake_hosts"
  146. cluster.yml;
  147. fi
  148. ## Idempotency checks 2/5 (Advanced DNS checks)
  149. - >
  150. if [ "${IDEMPOT_CHECK}" = "true" ]; then
  151. ansible-playbook
  152. -i ${ANSIBLE_INVENTORY}
  153. -b --become-user=root
  154. --private-key=${HOME}/.ssh/id_rsa
  155. -u $SSH_USER
  156. ${SSH_ARGS}
  157. ${LOG_LEVEL}
  158. -e @${CI_TEST_VARS}
  159. --limit "all:!fake_hosts"
  160. tests/testcases/040_check-network-adv.yml $LOG_LEVEL;
  161. fi
  162. ## Idempotency checks 3/5 (reset deployment)
  163. - >
  164. if [ "${IDEMPOT_CHECK}" = "true" -a "${RESET_CHECK}" = "true" ]; then
  165. ansible-playbook
  166. -i ${ANSIBLE_INVENTORY}
  167. -b --become-user=root
  168. --private-key=${HOME}/.ssh/id_rsa
  169. -u $SSH_USER
  170. ${SSH_ARGS}
  171. ${LOG_LEVEL}
  172. -e @${CI_TEST_VARS}
  173. -e ansible_python_interpreter=${PYPATH}
  174. -e reset_confirmation=yes
  175. --limit "all:!fake_hosts"
  176. reset.yml;
  177. fi
  178. ## Idempotency checks 4/5 (redeploy after reset)
  179. - >
  180. if [ "${IDEMPOT_CHECK}" = "true" -a "${RESET_CHECK}" = "true" ]; then
  181. ansible-playbook
  182. -i ${ANSIBLE_INVENTORY}
  183. -b --become-user=root
  184. --private-key=${HOME}/.ssh/id_rsa
  185. -u $SSH_USER
  186. ${SSH_ARGS}
  187. ${LOG_LEVEL}
  188. -e @${CI_TEST_VARS}
  189. -e ansible_python_interpreter=${PYPATH}
  190. -e local_release_dir=${PWD}/downloads
  191. --limit "all:!fake_hosts"
  192. cluster.yml;
  193. fi
  194. ## Idempotency checks 5/5 (Advanced DNS checks)
  195. - >
  196. if [ "${IDEMPOT_CHECK}" = "true" -a "${RESET_CHECK}" = "true" ]; then
  197. ansible-playbook -i ${ANSIBLE_INVENTORY} -e ansible_python_interpreter=${PYPATH}
  198. -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root
  199. --limit "all:!fake_hosts"
  200. tests/testcases/040_check-network-adv.yml $LOG_LEVEL;
  201. fi
  202. after_script:
  203. - cd tests && make delete-${CI_PLATFORM} -s ; cd -
  204. .gce: &gce
  205. <<: *testcases
  206. variables:
  207. <<: *gce_variables
  208. .do: &do
  209. variables:
  210. <<: *do_variables
  211. <<: *testcases
  212. # Test matrix. Leave the comments for markup scripts.
  213. .coreos_calico_aio_variables: &coreos_calico_aio_variables
  214. # stage: deploy-part1
  215. MOVED_TO_GROUP_VARS: "true"
  216. .ubuntu_canal_ha_variables: &ubuntu_canal_ha_variables
  217. # stage: deploy-part1
  218. UPGRADE_TEST: "graceful"
  219. .centos_weave_kubeadm_variables: &centos_weave_kubeadm_variables
  220. # stage: deploy-part1
  221. UPGRADE_TEST: "graceful"
  222. .ubuntu_canal_kubeadm_variables: &ubuntu_canal_kubeadm_variables
  223. # stage: deploy-part1
  224. MOVED_TO_GROUP_VARS: "true"
  225. .ubuntu_contiv_sep_variables: &ubuntu_contiv_sep_variables
  226. # stage: deploy-special
  227. MOVED_TO_GROUP_VARS: "true"
  228. .coreos_cilium_variables: &coreos_cilium_variables
  229. # stage: deploy-special
  230. MOVED_TO_GROUP_VARS: "true"
  231. .ubuntu_cilium_sep_variables: &ubuntu_cilium_sep_variables
  232. # stage: deploy-special
  233. MOVED_TO_GROUP_VARS: "true"
  234. .rhel7_weave_variables: &rhel7_weave_variables
  235. # stage: deploy-part1
  236. MOVED_TO_GROUP_VARS: "true"
  237. .centos7_flannel_addons_variables: &centos7_flannel_addons_variables
  238. # stage: deploy-part2
  239. MOVED_TO_GROUP_VARS: "true"
  240. .debian8_calico_variables: &debian8_calico_variables
  241. # stage: deploy-part2
  242. MOVED_TO_GROUP_VARS: "true"
  243. .coreos_canal_variables: &coreos_canal_variables
  244. # stage: deploy-part2
  245. MOVED_TO_GROUP_VARS: "true"
  246. .rhel7_canal_sep_variables: &rhel7_canal_sep_variables
  247. # stage: deploy-special
  248. MOVED_TO_GROUP_VARS: "true"
  249. .ubuntu_weave_sep_variables: &ubuntu_weave_sep_variables
  250. # stage: deploy-special
  251. MOVED_TO_GROUP_VARS: "true"
  252. .centos7_calico_ha_variables: &centos7_calico_ha_variables
  253. # stage: deploy-special
  254. MOVED_TO_GROUP_VARS: "true"
  255. .coreos_alpha_weave_ha_variables: &coreos_alpha_weave_ha_variables
  256. # stage: deploy-special
  257. MOVED_TO_GROUP_VARS: "true"
  258. .ubuntu_rkt_sep_variables: &ubuntu_rkt_sep_variables
  259. # stage: deploy-part1
  260. MOVED_TO_GROUP_VARS: "true"
  261. .ubuntu_vault_sep_variables: &ubuntu_vault_sep_variables
  262. # stage: deploy-part1
  263. MOVED_TO_GROUP_VARS: "true"
  264. .ubuntu_flannel_variables: &ubuntu_flannel_variables
  265. # stage: deploy-special
  266. MOVED_TO_GROUP_VARS: "true"
  267. .opensuse_canal_variables: &opensuse_canal_variables
  268. # stage: deploy-part2
  269. MOVED_TO_GROUP_VARS: "true"
  270. # Builds for PRs only (premoderated by unit-tests step) and triggers (auto)
  271. ### PR JOBS PART1
  272. gce_coreos-calico-aio:
  273. stage: deploy-part1
  274. <<: *job
  275. <<: *gce
  276. variables:
  277. <<: *coreos_calico_aio_variables
  278. <<: *gce_variables
  279. when: on_success
  280. except: ['triggers']
  281. only: [/^pr-.*$/]
  282. ### PR JOBS PART2
  283. gce_centos7-flannel-addons:
  284. stage: deploy-part2
  285. <<: *job
  286. <<: *gce
  287. variables:
  288. <<: *gce_variables
  289. <<: *centos7_flannel_addons_variables
  290. when: on_success
  291. except: ['triggers']
  292. only: [/^pr-.*$/]
  293. gce_ubuntu-weave-sep:
  294. stage: deploy-part2
  295. <<: *job
  296. <<: *gce
  297. variables:
  298. <<: *gce_variables
  299. <<: *ubuntu_weave_sep_variables
  300. when: on_success
  301. except: ['triggers']
  302. only: [/^pr-.*$/]
  303. ### MANUAL JOBS
  304. gce_coreos-calico-sep-triggers:
  305. stage: deploy-part2
  306. <<: *job
  307. <<: *gce
  308. variables:
  309. <<: *gce_variables
  310. <<: *coreos_calico_aio_variables
  311. when: on_success
  312. only: ['triggers']
  313. gce_ubuntu-canal-ha-triggers:
  314. stage: deploy-part2
  315. <<: *job
  316. <<: *gce
  317. variables:
  318. <<: *gce_variables
  319. <<: *ubuntu_canal_ha_variables
  320. when: on_success
  321. only: ['triggers']
  322. gce_centos7-flannel-addons-triggers:
  323. stage: deploy-part2
  324. <<: *job
  325. <<: *gce
  326. variables:
  327. <<: *gce_variables
  328. <<: *centos7_flannel_addons_variables
  329. when: on_success
  330. only: ['triggers']
  331. gce_ubuntu-weave-sep-triggers:
  332. stage: deploy-part2
  333. <<: *job
  334. <<: *gce
  335. variables:
  336. <<: *gce_variables
  337. <<: *ubuntu_weave_sep_variables
  338. when: on_success
  339. only: ['triggers']
  340. # More builds for PRs/merges (manual) and triggers (auto)
  341. do_ubuntu-canal-ha:
  342. stage: deploy-part2
  343. <<: *job
  344. <<: *do
  345. variables:
  346. <<: *do_variables
  347. when: manual
  348. except: ['triggers']
  349. only: ['master', /^pr-.*$/]
  350. gce_ubuntu-canal-ha:
  351. stage: deploy-part2
  352. <<: *job
  353. <<: *gce
  354. variables:
  355. <<: *gce_variables
  356. <<: *ubuntu_canal_ha_variables
  357. when: manual
  358. except: ['triggers']
  359. only: ['master', /^pr-.*$/]
  360. gce_ubuntu-canal-kubeadm:
  361. stage: deploy-part2
  362. <<: *job
  363. <<: *gce
  364. variables:
  365. <<: *gce_variables
  366. <<: *ubuntu_canal_kubeadm_variables
  367. when: manual
  368. except: ['triggers']
  369. only: ['master', /^pr-.*$/]
  370. gce_ubuntu-canal-kubeadm-triggers:
  371. stage: deploy-part2
  372. <<: *job
  373. <<: *gce
  374. variables:
  375. <<: *gce_variables
  376. <<: *ubuntu_canal_kubeadm_variables
  377. when: on_success
  378. only: ['triggers']
  379. gce_centos-weave-kubeadm:
  380. stage: deploy-part2
  381. <<: *job
  382. <<: *gce
  383. variables:
  384. <<: *gce_variables
  385. <<: *centos_weave_kubeadm_variables
  386. when: manual
  387. except: ['triggers']
  388. only: ['master', /^pr-.*$/]
  389. gce_centos-weave-kubeadm-triggers:
  390. stage: deploy-part2
  391. <<: *job
  392. <<: *gce
  393. variables:
  394. <<: *gce_variables
  395. <<: *centos_weave_kubeadm_variables
  396. when: on_success
  397. only: ['triggers']
  398. gce_ubuntu-contiv-sep:
  399. stage: deploy-special
  400. <<: *job
  401. <<: *gce
  402. variables:
  403. <<: *gce_variables
  404. <<: *ubuntu_contiv_sep_variables
  405. when: manual
  406. except: ['triggers']
  407. only: ['master', /^pr-.*$/]
  408. gce_coreos-cilium:
  409. stage: deploy-special
  410. <<: *job
  411. <<: *gce
  412. variables:
  413. <<: *gce_variables
  414. <<: *coreos_cilium_variables
  415. when: manual
  416. except: ['triggers']
  417. only: ['master', /^pr-.*$/]
  418. gce_ubuntu-cilium-sep:
  419. stage: deploy-special
  420. <<: *job
  421. <<: *gce
  422. variables:
  423. <<: *gce_variables
  424. <<: *ubuntu_cilium_sep_variables
  425. when: manual
  426. except: ['triggers']
  427. only: ['master', /^pr-.*$/]
  428. gce_rhel7-weave:
  429. stage: deploy-part2
  430. <<: *job
  431. <<: *gce
  432. variables:
  433. <<: *gce_variables
  434. <<: *rhel7_weave_variables
  435. when: manual
  436. except: ['triggers']
  437. only: ['master', /^pr-.*$/]
  438. gce_rhel7-weave-triggers:
  439. stage: deploy-part2
  440. <<: *job
  441. <<: *gce
  442. variables:
  443. <<: *gce_variables
  444. <<: *rhel7_weave_variables
  445. when: on_success
  446. only: ['triggers']
  447. gce_debian8-calico-upgrade:
  448. stage: deploy-part2
  449. <<: *job
  450. <<: *gce
  451. variables:
  452. <<: *gce_variables
  453. <<: *debian8_calico_variables
  454. when: manual
  455. except: ['triggers']
  456. only: ['master', /^pr-.*$/]
  457. gce_debian8-calico-triggers:
  458. stage: deploy-part2
  459. <<: *job
  460. <<: *gce
  461. variables:
  462. <<: *gce_variables
  463. <<: *debian8_calico_variables
  464. when: on_success
  465. only: ['triggers']
  466. gce_coreos-canal:
  467. stage: deploy-part2
  468. <<: *job
  469. <<: *gce
  470. variables:
  471. <<: *gce_variables
  472. <<: *coreos_canal_variables
  473. when: manual
  474. except: ['triggers']
  475. only: ['master', /^pr-.*$/]
  476. gce_coreos-canal-triggers:
  477. stage: deploy-part2
  478. <<: *job
  479. <<: *gce
  480. variables:
  481. <<: *gce_variables
  482. <<: *coreos_canal_variables
  483. when: on_success
  484. only: ['triggers']
  485. gce_rhel7-canal-sep:
  486. stage: deploy-special
  487. <<: *job
  488. <<: *gce
  489. variables:
  490. <<: *gce_variables
  491. <<: *rhel7_canal_sep_variables
  492. when: manual
  493. except: ['triggers']
  494. only: ['master', /^pr-.*$/,]
  495. gce_rhel7-canal-sep-triggers:
  496. stage: deploy-part2
  497. <<: *job
  498. <<: *gce
  499. variables:
  500. <<: *gce_variables
  501. <<: *rhel7_canal_sep_variables
  502. when: on_success
  503. only: ['triggers']
  504. gce_centos7-calico-ha:
  505. stage: deploy-special
  506. <<: *job
  507. <<: *gce
  508. variables:
  509. <<: *gce_variables
  510. <<: *centos7_calico_ha_variables
  511. when: manual
  512. except: ['triggers']
  513. only: ['master', /^pr-.*$/]
  514. gce_centos7-calico-ha-triggers:
  515. stage: deploy-part2
  516. <<: *job
  517. <<: *gce
  518. variables:
  519. <<: *gce_variables
  520. <<: *centos7_calico_ha_variables
  521. when: on_success
  522. only: ['triggers']
  523. gce_opensuse-canal:
  524. stage: deploy-part2
  525. <<: *job
  526. <<: *gce
  527. variables:
  528. <<: *gce_variables
  529. <<: *opensuse_canal_variables
  530. when: manual
  531. except: ['triggers']
  532. only: ['master', /^pr-.*$/]
  533. # no triggers yet https://github.com/kubernetes-incubator/kargo/issues/613
  534. gce_coreos-alpha-weave-ha:
  535. stage: deploy-special
  536. <<: *job
  537. <<: *gce
  538. variables:
  539. <<: *gce_variables
  540. <<: *coreos_alpha_weave_ha_variables
  541. when: manual
  542. except: ['triggers']
  543. only: ['master', /^pr-.*$/]
  544. gce_ubuntu-rkt-sep:
  545. stage: deploy-part2
  546. <<: *job
  547. <<: *gce
  548. variables:
  549. <<: *gce_variables
  550. <<: *ubuntu_rkt_sep_variables
  551. when: manual
  552. except: ['triggers']
  553. only: ['master', /^pr-.*$/]
  554. gce_ubuntu-vault-sep:
  555. stage: deploy-part2
  556. <<: *job
  557. <<: *gce
  558. variables:
  559. <<: *gce_variables
  560. <<: *ubuntu_vault_sep_variables
  561. when: manual
  562. except: ['triggers']
  563. only: ['master', /^pr-.*$/]
  564. gce_ubuntu-flannel-sep:
  565. stage: deploy-special
  566. <<: *job
  567. <<: *gce
  568. variables:
  569. <<: *gce_variables
  570. <<: *ubuntu_flannel_variables
  571. when: manual
  572. except: ['triggers']
  573. only: ['master', /^pr-.*$/]
  574. # Premoderated with manual actions
  575. ci-authorized:
  576. <<: *job
  577. stage: moderator
  578. before_script:
  579. - apt-get -y install jq
  580. script:
  581. - /bin/sh scripts/premoderator.sh
  582. except: ['triggers', 'master']
  583. syntax-check:
  584. <<: *job
  585. stage: unit-tests
  586. script:
  587. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root cluster.yml -vvv --syntax-check
  588. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root upgrade-cluster.yml -vvv --syntax-check
  589. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root reset.yml -vvv --syntax-check
  590. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root extra_playbooks/upgrade-only-k8s.yml -vvv --syntax-check
  591. except: ['triggers', 'master']
  592. yamllint:
  593. <<: *job
  594. stage: unit-tests
  595. script:
  596. - yamllint roles
  597. except: ['triggers', 'master']
  598. tox-inventory-builder:
  599. stage: unit-tests
  600. <<: *job
  601. script:
  602. - pip install tox
  603. - cd contrib/inventory_builder && tox
  604. when: manual
  605. except: ['triggers', 'master']