You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

701 lines
17 KiB

8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
contiv network support (#1914) * Add Contiv support Contiv is a network plugin for Kubernetes and Docker. It supports vlan/vxlan/BGP/Cisco ACI technologies. It support firewall policies, multiple networks and bridging pods onto physical networks. * Update contiv version to 1.1.4 Update contiv version to 1.1.4 and added SVC_SUBNET in contiv-config. * Load openvswitch module to workaround on CentOS7.4 * Set contiv cni version to 0.1.0 Correct contiv CNI version to 0.1.0. * Use kube_apiserver_endpoint for K8S_API_SERVER Use kube_apiserver_endpoint as K8S_API_SERVER to make contiv talks to a available endpoint no matter if there's a loadbalancer or not. * Make contiv use its own etcd Before this commit, contiv is using a etcd proxy mode to k8s etcd, this work fine when the etcd hosts are co-located with contiv etcd proxy, however the k8s peering certs are only in etcd group, as a result the etcd-proxy is not able to peering with the k8s etcd on etcd group, plus the netplugin is always trying to find the etcd endpoint on localhost, this will cause problem for all netplugins not runnign on etcd group nodes. This commit make contiv uses its own etcd, separate from k8s one. on kube-master nodes (where net-master runs), it will run as leader mode and on all rest nodes it will run as proxy mode. * Use cp instead of rsync to copy cni binaries Since rsync has been removed from hyperkube, this commit changes it to use cp instead. * Make contiv-etcd able to run on master nodes * Add rbac_enabled flag for contiv pods * Add contiv into CNI network plugin lists * migrate contiv test to tests/files Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> * Add required rules for contiv netplugin * Better handling json return of fwdMode * Make contiv etcd port configurable * Use default var instead of templating * roles/download/defaults/main.yml: use contiv 1.1.7 Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
7 years ago
contiv network support (#1914) * Add Contiv support Contiv is a network plugin for Kubernetes and Docker. It supports vlan/vxlan/BGP/Cisco ACI technologies. It support firewall policies, multiple networks and bridging pods onto physical networks. * Update contiv version to 1.1.4 Update contiv version to 1.1.4 and added SVC_SUBNET in contiv-config. * Load openvswitch module to workaround on CentOS7.4 * Set contiv cni version to 0.1.0 Correct contiv CNI version to 0.1.0. * Use kube_apiserver_endpoint for K8S_API_SERVER Use kube_apiserver_endpoint as K8S_API_SERVER to make contiv talks to a available endpoint no matter if there's a loadbalancer or not. * Make contiv use its own etcd Before this commit, contiv is using a etcd proxy mode to k8s etcd, this work fine when the etcd hosts are co-located with contiv etcd proxy, however the k8s peering certs are only in etcd group, as a result the etcd-proxy is not able to peering with the k8s etcd on etcd group, plus the netplugin is always trying to find the etcd endpoint on localhost, this will cause problem for all netplugins not runnign on etcd group nodes. This commit make contiv uses its own etcd, separate from k8s one. on kube-master nodes (where net-master runs), it will run as leader mode and on all rest nodes it will run as proxy mode. * Use cp instead of rsync to copy cni binaries Since rsync has been removed from hyperkube, this commit changes it to use cp instead. * Make contiv-etcd able to run on master nodes * Add rbac_enabled flag for contiv pods * Add contiv into CNI network plugin lists * migrate contiv test to tests/files Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> * Add required rules for contiv netplugin * Better handling json return of fwdMode * Make contiv etcd port configurable * Use default var instead of templating * roles/download/defaults/main.yml: use contiv 1.1.7 Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
7 years ago
6 years ago
8 years ago
6 years ago
8 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
  1. stages:
  2. - unit-tests
  3. - moderator
  4. - deploy-part1
  5. - deploy-part2
  6. - deploy-special
  7. variables:
  8. FAILFASTCI_NAMESPACE: 'kargo-ci'
  9. GITLAB_REPOSITORY: 'kargo-ci/kubernetes-incubator__kubespray'
  10. # DOCKER_HOST: tcp://localhost:2375
  11. ANSIBLE_FORCE_COLOR: "true"
  12. MAGIC: "ci check this"
  13. TEST_ID: "$CI_PIPELINE_ID-$CI_BUILD_ID"
  14. CI_TEST_VARS: "./tests/files/${CI_JOB_NAME}.yml"
  15. GS_ACCESS_KEY_ID: $GS_KEY
  16. GS_SECRET_ACCESS_KEY: $GS_SECRET
  17. CONTAINER_ENGINE: docker
  18. SSH_USER: root
  19. GCE_PREEMPTIBLE: "false"
  20. ANSIBLE_KEEP_REMOTE_FILES: "1"
  21. ANSIBLE_CONFIG: ./tests/ansible.cfg
  22. ANSIBLE_INVENTORY: ./inventory/sample/${CI_JOB_NAME}-${BUILD_NUMBER}.ini
  23. IDEMPOT_CHECK: "false"
  24. RESET_CHECK: "false"
  25. UPGRADE_TEST: "false"
  26. KUBEADM_ENABLED: "false"
  27. LOG_LEVEL: "-vv"
  28. # asia-east1-a
  29. # asia-northeast1-a
  30. # europe-west1-b
  31. # us-central1-a
  32. # us-east1-b
  33. # us-west1-a
  34. before_script:
  35. - /usr/bin/python -m pip install -r tests/requirements.txt
  36. - mkdir -p /.ssh
  37. .job: &job
  38. tags:
  39. - kubernetes
  40. - docker
  41. image: quay.io/kubespray/kubespray:latest
  42. .docker_service: &docker_service
  43. services:
  44. - docker:dind
  45. .create_cluster: &create_cluster
  46. <<: *job
  47. <<: *docker_service
  48. .gce_variables: &gce_variables
  49. GCE_USER: travis
  50. SSH_USER: $GCE_USER
  51. CLOUD_MACHINE_TYPE: "g1-small"
  52. CI_PLATFORM: "gce"
  53. PRIVATE_KEY: $GCE_PRIVATE_KEY
  54. .do_variables: &do_variables
  55. PRIVATE_KEY: $DO_PRIVATE_KEY
  56. CI_PLATFORM: "do"
  57. SSH_USER: root
  58. .testcases: &testcases
  59. <<: *job
  60. <<: *docker_service
  61. cache:
  62. key: "$CI_BUILD_REF_NAME"
  63. paths:
  64. - downloads/
  65. - $HOME/.cache
  66. before_script:
  67. - docker info
  68. - /usr/bin/python -m pip install -r requirements.txt
  69. - /usr/bin/python -m pip install -r tests/requirements.txt
  70. - mkdir -p /.ssh
  71. - mkdir -p $HOME/.ssh
  72. - ansible-playbook --version
  73. - export PYPATH=$([[ ! "$CI_JOB_NAME" =~ "coreos" ]] && echo /usr/bin/python || echo /opt/bin/python)
  74. - echo "CI_JOB_NAME is $CI_JOB_NAME"
  75. - echo "PYPATH is $PYPATH"
  76. script:
  77. - pwd
  78. - ls
  79. - echo ${PWD}
  80. - echo "${STARTUP_SCRIPT}"
  81. - cd tests && make create-${CI_PLATFORM} -s ; cd -
  82. # Check out latest tag if testing upgrade
  83. # Uncomment when gitlab kubespray repo has tags
  84. #- test "${UPGRADE_TEST}" != "false" && git fetch --all && git checkout $(git describe --tags $(git rev-list --tags --max-count=1))
  85. - test "${UPGRADE_TEST}" != "false" && git checkout 8b3ce6e418ccf48171eb5b3888ee1af84f8d71ba
  86. # Checkout the CI vars file so it is available
  87. - test "${UPGRADE_TEST}" != "false" && git checkout "${CI_BUILD_REF}" tests/files/${CI_JOB_NAME}.yml
  88. # Workaround https://github.com/kubernetes-incubator/kubespray/issues/2021
  89. - 'sh -c "echo ignore_assert_errors: true | tee -a tests/files/${CI_JOB_NAME}.yml"'
  90. # Create cluster
  91. - >
  92. ansible-playbook
  93. -i ${ANSIBLE_INVENTORY}
  94. -b --become-user=root
  95. --private-key=${HOME}/.ssh/id_rsa
  96. -u $SSH_USER
  97. ${SSH_ARGS}
  98. ${LOG_LEVEL}
  99. -e @${CI_TEST_VARS}
  100. -e ansible_ssh_user=${SSH_USER}
  101. -e local_release_dir=${PWD}/downloads
  102. --limit "all:!fake_hosts"
  103. cluster.yml
  104. # Repeat deployment if testing upgrade
  105. - >
  106. if [ "${UPGRADE_TEST}" != "false" ]; then
  107. test "${UPGRADE_TEST}" == "basic" && PLAYBOOK="cluster.yml";
  108. test "${UPGRADE_TEST}" == "graceful" && PLAYBOOK="upgrade-cluster.yml";
  109. git checkout "${CI_BUILD_REF}";
  110. ansible-playbook
  111. -i ${ANSIBLE_INVENTORY}
  112. -b --become-user=root
  113. --private-key=${HOME}/.ssh/id_rsa
  114. -u $SSH_USER
  115. ${SSH_ARGS}
  116. ${LOG_LEVEL}
  117. -e @${CI_TEST_VARS}
  118. -e ansible_ssh_user=${SSH_USER}
  119. -e local_release_dir=${PWD}/downloads
  120. --limit "all:!fake_hosts"
  121. $PLAYBOOK;
  122. fi
  123. # Tests Cases
  124. ## Test Master API
  125. - >
  126. ansible-playbook -i ${ANSIBLE_INVENTORY} -e ansible_python_interpreter=${PYPATH} -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root --limit "all:!fake_hosts" tests/testcases/010_check-apiserver.yml $LOG_LEVEL
  127. -e "{kubeadm_enabled: ${KUBEADM_ENABLED}}"
  128. ## Ping the between 2 pod
  129. - ansible-playbook -i ${ANSIBLE_INVENTORY} -e ansible_python_interpreter=${PYPATH} -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root --limit "all:!fake_hosts" tests/testcases/030_check-network.yml $LOG_LEVEL
  130. ## Advanced DNS checks
  131. - ansible-playbook -i ${ANSIBLE_INVENTORY} -e ansible_python_interpreter=${PYPATH} -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root --limit "all:!fake_hosts" tests/testcases/040_check-network-adv.yml $LOG_LEVEL
  132. ## Idempotency checks 1/5 (repeat deployment)
  133. - >
  134. if [ "${IDEMPOT_CHECK}" = "true" ]; then
  135. ansible-playbook
  136. -i ${ANSIBLE_INVENTORY}
  137. -b --become-user=root
  138. --private-key=${HOME}/.ssh/id_rsa
  139. -u $SSH_USER
  140. ${SSH_ARGS}
  141. ${LOG_LEVEL}
  142. -e @${CI_TEST_VARS}
  143. -e ansible_python_interpreter=${PYPATH}
  144. -e local_release_dir=${PWD}/downloads
  145. --limit "all:!fake_hosts"
  146. cluster.yml;
  147. fi
  148. ## Idempotency checks 2/5 (Advanced DNS checks)
  149. - >
  150. if [ "${IDEMPOT_CHECK}" = "true" ]; then
  151. ansible-playbook
  152. -i ${ANSIBLE_INVENTORY}
  153. -b --become-user=root
  154. --private-key=${HOME}/.ssh/id_rsa
  155. -u $SSH_USER
  156. ${SSH_ARGS}
  157. ${LOG_LEVEL}
  158. -e @${CI_TEST_VARS}
  159. --limit "all:!fake_hosts"
  160. tests/testcases/040_check-network-adv.yml $LOG_LEVEL;
  161. fi
  162. ## Idempotency checks 3/5 (reset deployment)
  163. - >
  164. if [ "${IDEMPOT_CHECK}" = "true" -a "${RESET_CHECK}" = "true" ]; then
  165. ansible-playbook
  166. -i ${ANSIBLE_INVENTORY}
  167. -b --become-user=root
  168. --private-key=${HOME}/.ssh/id_rsa
  169. -u $SSH_USER
  170. ${SSH_ARGS}
  171. ${LOG_LEVEL}
  172. -e @${CI_TEST_VARS}
  173. -e ansible_python_interpreter=${PYPATH}
  174. -e reset_confirmation=yes
  175. --limit "all:!fake_hosts"
  176. reset.yml;
  177. fi
  178. ## Idempotency checks 4/5 (redeploy after reset)
  179. - >
  180. if [ "${IDEMPOT_CHECK}" = "true" -a "${RESET_CHECK}" = "true" ]; then
  181. ansible-playbook
  182. -i ${ANSIBLE_INVENTORY}
  183. -b --become-user=root
  184. --private-key=${HOME}/.ssh/id_rsa
  185. -u $SSH_USER
  186. ${SSH_ARGS}
  187. ${LOG_LEVEL}
  188. -e @${CI_TEST_VARS}
  189. -e ansible_python_interpreter=${PYPATH}
  190. -e local_release_dir=${PWD}/downloads
  191. --limit "all:!fake_hosts"
  192. cluster.yml;
  193. fi
  194. ## Idempotency checks 5/5 (Advanced DNS checks)
  195. - >
  196. if [ "${IDEMPOT_CHECK}" = "true" -a "${RESET_CHECK}" = "true" ]; then
  197. ansible-playbook -i ${ANSIBLE_INVENTORY} -e ansible_python_interpreter=${PYPATH}
  198. -u $SSH_USER -e ansible_ssh_user=$SSH_USER $SSH_ARGS -b --become-user=root
  199. --limit "all:!fake_hosts"
  200. tests/testcases/040_check-network-adv.yml $LOG_LEVEL;
  201. fi
  202. after_script:
  203. - cd tests && make delete-${CI_PLATFORM} -s ; cd -
  204. .gce: &gce
  205. <<: *testcases
  206. variables:
  207. <<: *gce_variables
  208. .do: &do
  209. variables:
  210. <<: *do_variables
  211. <<: *testcases
  212. # Test matrix. Leave the comments for markup scripts.
  213. .coreos_calico_aio_variables: &coreos_calico_aio_variables
  214. # stage: deploy-part1
  215. MOVED_TO_GROUP_VARS: "true"
  216. .ubuntu_canal_ha_variables: &ubuntu_canal_ha_variables
  217. # stage: deploy-part1
  218. UPGRADE_TEST: "graceful"
  219. .centos_weave_kubeadm_variables: &centos_weave_kubeadm_variables
  220. # stage: deploy-part1
  221. UPGRADE_TEST: "graceful"
  222. .ubuntu_canal_kubeadm_variables: &ubuntu_canal_kubeadm_variables
  223. # stage: deploy-part1
  224. MOVED_TO_GROUP_VARS: "true"
  225. .ubuntu_contiv_sep_variables: &ubuntu_contiv_sep_variables
  226. # stage: deploy-special
  227. MOVED_TO_GROUP_VARS: "true"
  228. .coreos_cilium_variables: &coreos_cilium_variables
  229. # stage: deploy-special
  230. MOVED_TO_GROUP_VARS: "true"
  231. .ubuntu_cilium_sep_variables: &ubuntu_cilium_sep_variables
  232. # stage: deploy-special
  233. MOVED_TO_GROUP_VARS: "true"
  234. .rhel7_weave_variables: &rhel7_weave_variables
  235. # stage: deploy-part1
  236. MOVED_TO_GROUP_VARS: "true"
  237. .centos7_flannel_addons_variables: &centos7_flannel_addons_variables
  238. # stage: deploy-part2
  239. MOVED_TO_GROUP_VARS: "true"
  240. .debian8_calico_variables: &debian8_calico_variables
  241. # stage: deploy-part2
  242. MOVED_TO_GROUP_VARS: "true"
  243. .coreos_canal_variables: &coreos_canal_variables
  244. # stage: deploy-part2
  245. MOVED_TO_GROUP_VARS: "true"
  246. .rhel7_canal_sep_variables: &rhel7_canal_sep_variables
  247. # stage: deploy-special
  248. MOVED_TO_GROUP_VARS: "true"
  249. .ubuntu_weave_sep_variables: &ubuntu_weave_sep_variables
  250. # stage: deploy-special
  251. MOVED_TO_GROUP_VARS: "true"
  252. .centos7_calico_ha_variables: &centos7_calico_ha_variables
  253. # stage: deploy-special
  254. MOVED_TO_GROUP_VARS: "true"
  255. .coreos_alpha_weave_ha_variables: &coreos_alpha_weave_ha_variables
  256. # stage: deploy-special
  257. MOVED_TO_GROUP_VARS: "true"
  258. .ubuntu_rkt_sep_variables: &ubuntu_rkt_sep_variables
  259. # stage: deploy-part1
  260. MOVED_TO_GROUP_VARS: "true"
  261. .ubuntu_vault_sep_variables: &ubuntu_vault_sep_variables
  262. # stage: deploy-part1
  263. MOVED_TO_GROUP_VARS: "true"
  264. .coreos_vault_upgrade_variables: &coreos_vault_upgrade_variables
  265. # stage: deploy-part1
  266. UPGRADE_TEST: "basic"
  267. .ubuntu_flannel_variables: &ubuntu_flannel_variables
  268. # stage: deploy-special
  269. MOVED_TO_GROUP_VARS: "true"
  270. .opensuse_canal_variables: &opensuse_canal_variables
  271. # stage: deploy-part2
  272. MOVED_TO_GROUP_VARS: "true"
  273. # Builds for PRs only (premoderated by unit-tests step) and triggers (auto)
  274. ### PR JOBS PART1
  275. gce_coreos-calico-aio:
  276. stage: deploy-part1
  277. <<: *job
  278. <<: *gce
  279. variables:
  280. <<: *coreos_calico_aio_variables
  281. <<: *gce_variables
  282. when: on_success
  283. except: ['triggers']
  284. only: [/^pr-.*$/]
  285. ### PR JOBS PART2
  286. gce_centos7-flannel-addons:
  287. stage: deploy-part2
  288. <<: *job
  289. <<: *gce
  290. variables:
  291. <<: *gce_variables
  292. <<: *centos7_flannel_addons_variables
  293. when: on_success
  294. except: ['triggers']
  295. only: [/^pr-.*$/]
  296. gce_ubuntu-weave-sep:
  297. stage: deploy-part2
  298. <<: *job
  299. <<: *gce
  300. variables:
  301. <<: *gce_variables
  302. <<: *ubuntu_weave_sep_variables
  303. when: on_success
  304. except: ['triggers']
  305. only: [/^pr-.*$/]
  306. ### MANUAL JOBS
  307. gce_coreos-calico-sep-triggers:
  308. stage: deploy-part2
  309. <<: *job
  310. <<: *gce
  311. variables:
  312. <<: *gce_variables
  313. <<: *coreos_calico_aio_variables
  314. when: on_success
  315. only: ['triggers']
  316. gce_ubuntu-canal-ha-triggers:
  317. stage: deploy-part2
  318. <<: *job
  319. <<: *gce
  320. variables:
  321. <<: *gce_variables
  322. <<: *ubuntu_canal_ha_variables
  323. when: on_success
  324. only: ['triggers']
  325. gce_centos7-flannel-addons-triggers:
  326. stage: deploy-part2
  327. <<: *job
  328. <<: *gce
  329. variables:
  330. <<: *gce_variables
  331. <<: *centos7_flannel_addons_variables
  332. when: on_success
  333. only: ['triggers']
  334. gce_ubuntu-weave-sep-triggers:
  335. stage: deploy-part2
  336. <<: *job
  337. <<: *gce
  338. variables:
  339. <<: *gce_variables
  340. <<: *ubuntu_weave_sep_variables
  341. when: on_success
  342. only: ['triggers']
  343. # More builds for PRs/merges (manual) and triggers (auto)
  344. do_ubuntu-canal-ha:
  345. stage: deploy-part2
  346. <<: *job
  347. <<: *do
  348. variables:
  349. <<: *do_variables
  350. when: manual
  351. except: ['triggers']
  352. only: ['master', /^pr-.*$/]
  353. gce_ubuntu-canal-ha:
  354. stage: deploy-part2
  355. <<: *job
  356. <<: *gce
  357. variables:
  358. <<: *gce_variables
  359. <<: *ubuntu_canal_ha_variables
  360. when: manual
  361. except: ['triggers']
  362. only: ['master', /^pr-.*$/]
  363. gce_ubuntu-canal-kubeadm:
  364. stage: deploy-part2
  365. <<: *job
  366. <<: *gce
  367. variables:
  368. <<: *gce_variables
  369. <<: *ubuntu_canal_kubeadm_variables
  370. when: manual
  371. except: ['triggers']
  372. only: ['master', /^pr-.*$/]
  373. gce_ubuntu-canal-kubeadm-triggers:
  374. stage: deploy-part2
  375. <<: *job
  376. <<: *gce
  377. variables:
  378. <<: *gce_variables
  379. <<: *ubuntu_canal_kubeadm_variables
  380. when: on_success
  381. only: ['triggers']
  382. gce_centos-weave-kubeadm:
  383. stage: deploy-part2
  384. <<: *job
  385. <<: *gce
  386. variables:
  387. <<: *gce_variables
  388. <<: *centos_weave_kubeadm_variables
  389. when: manual
  390. except: ['triggers']
  391. only: ['master', /^pr-.*$/]
  392. gce_centos-weave-kubeadm-triggers:
  393. stage: deploy-part2
  394. <<: *job
  395. <<: *gce
  396. variables:
  397. <<: *gce_variables
  398. <<: *centos_weave_kubeadm_variables
  399. when: on_success
  400. only: ['triggers']
  401. gce_ubuntu-contiv-sep:
  402. stage: deploy-special
  403. <<: *job
  404. <<: *gce
  405. variables:
  406. <<: *gce_variables
  407. <<: *ubuntu_contiv_sep_variables
  408. when: manual
  409. except: ['triggers']
  410. only: ['master', /^pr-.*$/]
  411. gce_coreos-cilium:
  412. stage: deploy-special
  413. <<: *job
  414. <<: *gce
  415. variables:
  416. <<: *gce_variables
  417. <<: *coreos_cilium_variables
  418. when: manual
  419. except: ['triggers']
  420. only: ['master', /^pr-.*$/]
  421. gce_ubuntu-cilium-sep:
  422. stage: deploy-special
  423. <<: *job
  424. <<: *gce
  425. variables:
  426. <<: *gce_variables
  427. <<: *ubuntu_cilium_sep_variables
  428. when: manual
  429. except: ['triggers']
  430. only: ['master', /^pr-.*$/]
  431. gce_rhel7-weave:
  432. stage: deploy-part2
  433. <<: *job
  434. <<: *gce
  435. variables:
  436. <<: *gce_variables
  437. <<: *rhel7_weave_variables
  438. when: manual
  439. except: ['triggers']
  440. only: ['master', /^pr-.*$/]
  441. gce_rhel7-weave-triggers:
  442. stage: deploy-part2
  443. <<: *job
  444. <<: *gce
  445. variables:
  446. <<: *gce_variables
  447. <<: *rhel7_weave_variables
  448. when: on_success
  449. only: ['triggers']
  450. gce_debian8-calico-upgrade:
  451. stage: deploy-part2
  452. <<: *job
  453. <<: *gce
  454. variables:
  455. <<: *gce_variables
  456. <<: *debian8_calico_variables
  457. when: manual
  458. except: ['triggers']
  459. only: ['master', /^pr-.*$/]
  460. gce_debian8-calico-triggers:
  461. stage: deploy-part2
  462. <<: *job
  463. <<: *gce
  464. variables:
  465. <<: *gce_variables
  466. <<: *debian8_calico_variables
  467. when: on_success
  468. only: ['triggers']
  469. gce_coreos-canal:
  470. stage: deploy-part2
  471. <<: *job
  472. <<: *gce
  473. variables:
  474. <<: *gce_variables
  475. <<: *coreos_canal_variables
  476. when: manual
  477. except: ['triggers']
  478. only: ['master', /^pr-.*$/]
  479. gce_coreos-canal-triggers:
  480. stage: deploy-part2
  481. <<: *job
  482. <<: *gce
  483. variables:
  484. <<: *gce_variables
  485. <<: *coreos_canal_variables
  486. when: on_success
  487. only: ['triggers']
  488. gce_rhel7-canal-sep:
  489. stage: deploy-special
  490. <<: *job
  491. <<: *gce
  492. variables:
  493. <<: *gce_variables
  494. <<: *rhel7_canal_sep_variables
  495. when: manual
  496. except: ['triggers']
  497. only: ['master', /^pr-.*$/]
  498. gce_rhel7-canal-sep-triggers:
  499. stage: deploy-part2
  500. <<: *job
  501. <<: *gce
  502. variables:
  503. <<: *gce_variables
  504. <<: *rhel7_canal_sep_variables
  505. when: on_success
  506. only: ['triggers']
  507. gce_centos7-calico-ha:
  508. stage: deploy-special
  509. <<: *job
  510. <<: *gce
  511. variables:
  512. <<: *gce_variables
  513. <<: *centos7_calico_ha_variables
  514. when: manual
  515. except: ['triggers']
  516. only: ['master', /^pr-.*$/]
  517. gce_centos7-calico-ha-triggers:
  518. stage: deploy-part2
  519. <<: *job
  520. <<: *gce
  521. variables:
  522. <<: *gce_variables
  523. <<: *centos7_calico_ha_variables
  524. when: on_success
  525. only: ['triggers']
  526. gce_opensuse-canal:
  527. stage: deploy-part2
  528. <<: *job
  529. <<: *gce
  530. variables:
  531. <<: *gce_variables
  532. <<: *opensuse_canal_variables
  533. when: manual
  534. except: ['triggers']
  535. only: ['master', /^pr-.*$/]
  536. # no triggers yet https://github.com/kubernetes-incubator/kargo/issues/613
  537. gce_coreos-alpha-weave-ha:
  538. stage: deploy-special
  539. <<: *job
  540. <<: *gce
  541. variables:
  542. <<: *gce_variables
  543. <<: *coreos_alpha_weave_ha_variables
  544. when: manual
  545. except: ['triggers']
  546. only: ['master', /^pr-.*$/]
  547. gce_ubuntu-rkt-sep:
  548. stage: deploy-part2
  549. <<: *job
  550. <<: *gce
  551. variables:
  552. <<: *gce_variables
  553. <<: *ubuntu_rkt_sep_variables
  554. when: manual
  555. except: ['triggers']
  556. only: ['master', /^pr-.*$/]
  557. gce_ubuntu-vault-sep:
  558. stage: deploy-part2
  559. <<: *job
  560. <<: *gce
  561. variables:
  562. <<: *gce_variables
  563. <<: *ubuntu_vault_sep_variables
  564. when: manual
  565. except: ['triggers']
  566. only: ['master', /^pr-.*$/]
  567. gce_coreos-vault-upgrade:
  568. stage: deploy-part2
  569. <<: *job
  570. <<: *gce
  571. variables:
  572. <<: *gce_variables
  573. <<: *coreos_vault_upgrade_variables
  574. when: manual
  575. except: ['triggers']
  576. only: ['master', /^pr-.*$/]
  577. gce_ubuntu-flannel-sep:
  578. stage: deploy-special
  579. <<: *job
  580. <<: *gce
  581. variables:
  582. <<: *gce_variables
  583. <<: *ubuntu_flannel_variables
  584. when: manual
  585. except: ['triggers']
  586. only: ['master', /^pr-.*$/]
  587. # Premoderated with manual actions
  588. ci-authorized:
  589. <<: *job
  590. stage: moderator
  591. before_script:
  592. - apt-get -y install jq
  593. script:
  594. - /bin/sh scripts/premoderator.sh
  595. except: ['triggers', 'master']
  596. syntax-check:
  597. <<: *job
  598. stage: unit-tests
  599. script:
  600. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root cluster.yml -vvv --syntax-check
  601. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root upgrade-cluster.yml -vvv --syntax-check
  602. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root reset.yml -vvv --syntax-check
  603. - ansible-playbook -i inventory/local-tests.cfg -u root -e ansible_ssh_user=root -b --become-user=root extra_playbooks/upgrade-only-k8s.yml -vvv --syntax-check
  604. except: ['triggers', 'master']
  605. yamllint:
  606. <<: *job
  607. stage: unit-tests
  608. script:
  609. - yamllint roles
  610. except: ['triggers', 'master']
  611. tox-inventory-builder:
  612. stage: unit-tests
  613. <<: *job
  614. script:
  615. - pip install tox
  616. - cd contrib/inventory_builder && tox
  617. when: manual
  618. except: ['triggers', 'master']