From 0af0368c3a7b702004b2b19092bc44714ae81e11 Mon Sep 17 00:00:00 2001 From: Will Date: Fri, 25 Aug 2023 13:24:09 +0100 Subject: [PATCH 01/10] added config files and install scripts --- install.sh | 7 +++++++ nodepool.yaml | 19 +++++++++++++++++++ tenant.yaml | 7 +++++++ uninstall.sh | 3 +++ zuul.yaml | 23 +++++++++++++++++++++++ 5 files changed, 59 insertions(+) create mode 100755 install.sh create mode 100644 nodepool.yaml create mode 100644 tenant.yaml create mode 100755 uninstall.sh create mode 100644 zuul.yaml diff --git a/install.sh b/install.sh new file mode 100755 index 0000000..38dcbe7 --- /dev/null +++ b/install.sh @@ -0,0 +1,7 @@ +kubectl apply -f deploy/crds/zuul-ci_v1alpha2_zuul_crd.yaml +kubectl apply -f deploy/rbac-admin.yaml +kubectl apply -f deploy/operator.yaml +kubectl create ns zuul +kubectl -n zuul create secret generic zuul-nodepool-config --from-file=nodepool.yaml +kubectl -n zuul create secret generic zuul-tenant-config --from-file=tenant.yaml +kubectl -n zuul create secret generic executor-secrets --from-file=keys/id_rsa diff --git a/nodepool.yaml b/nodepool.yaml new file mode 100644 index 0000000..55ba706 --- /dev/null +++ b/nodepool.yaml @@ -0,0 +1,19 @@ +zookeeper-servers: + - host: zookeeper + port: 2281 +zookeeper-tls: + cert: /var/certs/certs/client.pem + key: /var/certs/keys/clientkey.pem + ca: /var/certs/certs/cacert.pem + +labels: + - name: main-jobs + +providers: + - name: kubernetes + driver: kubernetes + pools: + - name: main + labels: + - name: zuul + type: namespace diff --git a/tenant.yaml b/tenant.yaml new file mode 100644 index 0000000..6742d40 --- /dev/null +++ b/tenant.yaml @@ -0,0 +1,7 @@ +- tenant: + name: my-tenant + exclude-unprotected-branches: false + source: + github: + untrusted-projects: + - zuul-test-repo-a diff --git a/uninstall.sh b/uninstall.sh new file mode 100755 index 0000000..52ac577 --- /dev/null +++ b/uninstall.sh @@ -0,0 +1,3 @@ +kubectl delete -f deploy/operator.yaml +kubectl delete -f deploy/rbac-admin.yaml +kubectl delete -f deploy/crds/zuul-ci_v1alpha2_zuul_crd.yaml diff --git a/zuul.yaml b/zuul.yaml new file mode 100644 index 0000000..d86259d --- /dev/null +++ b/zuul.yaml @@ -0,0 +1,23 @@ +apiVersion: operator.zuul-ci.org/v1alpha2 +kind: Zuul +metadata: + name: zuul +spec: + executor: + count: 1 + sshkey: + secretName: executor-secrets + scheduler: + config: + secretName: zuul-tenant-config + launcher: + config: + secretName: zuul-nodepool-config + web: + count: 1 + connections: + opendev: + driver: git + baseurl: https://opendev.org + database: + allowUnsafeConfig: True From 5f5aca4d1eedcfc4785462dac3188d3c40d86572 Mon Sep 17 00:00:00 2001 From: Will Date: Fri, 25 Aug 2023 15:56:42 +0100 Subject: [PATCH 02/10] added external database --- database/mariadb-secret.yaml | 6 +++ database/mysql.yaml | 83 ++++++++++++++++++++++++++++++++++++ install.sh | 7 ++- zuul.yaml | 1 + 4 files changed, 93 insertions(+), 4 deletions(-) create mode 100644 database/mariadb-secret.yaml create mode 100644 database/mysql.yaml diff --git a/database/mariadb-secret.yaml b/database/mariadb-secret.yaml new file mode 100644 index 0000000..fa9a273 --- /dev/null +++ b/database/mariadb-secret.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Secret +metadata: + name: mariadb-secret +stringData: + dburi: mariadb+pymysql://zuul:password@mysql:3306/zuul_db \ No newline at end of file diff --git a/database/mysql.yaml b/database/mysql.yaml new file mode 100644 index 0000000..c61e7e6 --- /dev/null +++ b/database/mysql.yaml @@ -0,0 +1,83 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/name: zuul + app.kubernetes.io/component: mysql + name: mysql +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: zuul + app.kubernetes.io/component: mysql + strategy: + type: Recreate + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/name: zuul + app.kubernetes.io/component: mysql + spec: + containers: + - env: + - name: MYSQL_DATABASE + value: zuul_db + - name: MYSQL_PASSWORD + value: password + - name: MYSQL_RANDOM_ROOT_PASSWORD + value: "yes" + - name: MYSQL_USER + value: "zuul" + image: mariadb:10.10 + name: mysql + ports: + - containerPort: 3306 + resources: {} + volumeMounts: + - mountPath: /var/lib/mysql + name: var-lib-mysql + hostname: mysql + restartPolicy: Always + volumes: + - name: var-lib-mysql + persistentVolumeClaim: + claimName: var-lib-mysql + +--- + +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/name: zuul + app.kubernetes.io/component: mysql + name: mysql +spec: + ports: + - name: mysql + port: 3306 + targetPort: 3306 + selector: + app.kubernetes.io/name: zuul + app.kubernetes.io/component: mysql + +--- + +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/name: zuul + app.kubernetes.io/component: mysql + name: var-lib-mysql +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi \ No newline at end of file diff --git a/install.sh b/install.sh index 38dcbe7..baa0018 100755 --- a/install.sh +++ b/install.sh @@ -1,7 +1,6 @@ kubectl apply -f deploy/crds/zuul-ci_v1alpha2_zuul_crd.yaml kubectl apply -f deploy/rbac-admin.yaml kubectl apply -f deploy/operator.yaml -kubectl create ns zuul -kubectl -n zuul create secret generic zuul-nodepool-config --from-file=nodepool.yaml -kubectl -n zuul create secret generic zuul-tenant-config --from-file=tenant.yaml -kubectl -n zuul create secret generic executor-secrets --from-file=keys/id_rsa +kubectl create secret generic zuul-nodepool-config --from-file=nodepool.yaml +kubectl create secret generic zuul-tenant-config --from-file=tenant.yaml +kubectl create secret generic executor-secrets --from-file=keys/id_rsa diff --git a/zuul.yaml b/zuul.yaml index d86259d..2e70008 100644 --- a/zuul.yaml +++ b/zuul.yaml @@ -21,3 +21,4 @@ spec: baseurl: https://opendev.org database: allowUnsafeConfig: True + secretName: mariadb-secret From 2640b6e785f14bf241e582cf96d58d4ccd235f39 Mon Sep 17 00:00:00 2001 From: Will Date: Fri, 25 Aug 2023 16:34:50 +0100 Subject: [PATCH 03/10] Fixed broken nodepool config --- nodepool.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nodepool.yaml b/nodepool.yaml index 55ba706..25c118c 100644 --- a/nodepool.yaml +++ b/nodepool.yaml @@ -7,7 +7,7 @@ zookeeper-tls: ca: /var/certs/certs/cacert.pem labels: - - name: main-jobs + - name: zuul-jobs providers: - name: kubernetes @@ -15,5 +15,5 @@ providers: pools: - name: main labels: - - name: zuul + - name: zuul-jobs type: namespace From 5166f890c7ef4dcd5b3346b18aa4f0c99e1a3b94 Mon Sep 17 00:00:00 2001 From: Will Date: Fri, 25 Aug 2023 16:52:37 +0100 Subject: [PATCH 04/10] Set correct name for tenant config file --- tenant.yaml => custom-deployment-files/main.yaml | 0 nodepool.yaml => custom-deployment-files/nodepool.yaml | 0 zuul.yaml => custom-deployment-files/zuul.yaml | 0 install.sh | 4 ++-- 4 files changed, 2 insertions(+), 2 deletions(-) rename tenant.yaml => custom-deployment-files/main.yaml (100%) rename nodepool.yaml => custom-deployment-files/nodepool.yaml (100%) rename zuul.yaml => custom-deployment-files/zuul.yaml (100%) diff --git a/tenant.yaml b/custom-deployment-files/main.yaml similarity index 100% rename from tenant.yaml rename to custom-deployment-files/main.yaml diff --git a/nodepool.yaml b/custom-deployment-files/nodepool.yaml similarity index 100% rename from nodepool.yaml rename to custom-deployment-files/nodepool.yaml diff --git a/zuul.yaml b/custom-deployment-files/zuul.yaml similarity index 100% rename from zuul.yaml rename to custom-deployment-files/zuul.yaml diff --git a/install.sh b/install.sh index baa0018..45b5dc2 100755 --- a/install.sh +++ b/install.sh @@ -1,6 +1,6 @@ kubectl apply -f deploy/crds/zuul-ci_v1alpha2_zuul_crd.yaml kubectl apply -f deploy/rbac-admin.yaml kubectl apply -f deploy/operator.yaml -kubectl create secret generic zuul-nodepool-config --from-file=nodepool.yaml -kubectl create secret generic zuul-tenant-config --from-file=tenant.yaml +kubectl create secret generic zuul-nodepool-config --from-file=custom-deployment-files/nodepool.yaml +kubectl create secret generic zuul-tenant-config --from-file=custom-deployment-files/main.yaml kubectl create secret generic executor-secrets --from-file=keys/id_rsa From 41f612df6a5e9efc55aebb6b28ab6868ab007393 Mon Sep 17 00:00:00 2001 From: Will Date: Thu, 31 Aug 2023 11:36:39 +0100 Subject: [PATCH 05/10] Deployment configuration and setup scripts --- .gitignore | 5 ++++- install.sh | 6 ------ stackhpc/README.md | 7 +++++++ {database => stackhpc/database}/mariadb-secret.yaml | 0 {database => stackhpc/database}/mysql.yaml | 2 +- .../deploy-zuul}/main.yaml | 4 ++++ .../deploy-zuul}/nodepool.yaml | 8 ++++++-- .../deploy-zuul}/zuul.yaml | 12 +++++++----- stackhpc/install.sh | 9 +++++++++ stackhpc/patch-files/key-patchfile.yaml | 12 ++++++++++++ stackhpc/patch-files/web-service-patchfile.yaml | 2 ++ stackhpc/patch.sh | 1 + uninstall.sh | 3 --- 13 files changed, 53 insertions(+), 18 deletions(-) delete mode 100755 install.sh create mode 100644 stackhpc/README.md rename {database => stackhpc/database}/mariadb-secret.yaml (100%) rename {database => stackhpc/database}/mysql.yaml (98%) rename {custom-deployment-files => stackhpc/deploy-zuul}/main.yaml (57%) rename {custom-deployment-files => stackhpc/deploy-zuul}/nodepool.yaml (64%) rename {custom-deployment-files => stackhpc/deploy-zuul}/zuul.yaml (66%) create mode 100755 stackhpc/install.sh create mode 100644 stackhpc/patch-files/key-patchfile.yaml create mode 100644 stackhpc/patch-files/web-service-patchfile.yaml create mode 100755 stackhpc/patch.sh delete mode 100755 uninstall.sh diff --git a/.gitignore b/.gitignore index e665f03..5d4e6e7 100644 --- a/.gitignore +++ b/.gitignore @@ -9,4 +9,7 @@ id_rsa.pub *.patch *.egg-info/ .nox -.tox \ No newline at end of file +.tox +/stackhpc/github-secrets/* +/stackhpc/keys/* +force-teardown.sh diff --git a/install.sh b/install.sh deleted file mode 100755 index 45b5dc2..0000000 --- a/install.sh +++ /dev/null @@ -1,6 +0,0 @@ -kubectl apply -f deploy/crds/zuul-ci_v1alpha2_zuul_crd.yaml -kubectl apply -f deploy/rbac-admin.yaml -kubectl apply -f deploy/operator.yaml -kubectl create secret generic zuul-nodepool-config --from-file=custom-deployment-files/nodepool.yaml -kubectl create secret generic zuul-tenant-config --from-file=custom-deployment-files/main.yaml -kubectl create secret generic executor-secrets --from-file=keys/id_rsa diff --git a/stackhpc/README.md b/stackhpc/README.md new file mode 100644 index 0000000..21b32ee --- /dev/null +++ b/stackhpc/README.md @@ -0,0 +1,7 @@ +# Installation +1. Configure the files under deploy-zuul +2. Create github-secrets/webhook_token containg Github app webhook token +3. Create keys/github-key.pem containg Github app private key +4. Run install.sh +5. Once the zuul-web deployment has been created, run patch.sh + diff --git a/database/mariadb-secret.yaml b/stackhpc/database/mariadb-secret.yaml similarity index 100% rename from database/mariadb-secret.yaml rename to stackhpc/database/mariadb-secret.yaml diff --git a/database/mysql.yaml b/stackhpc/database/mysql.yaml similarity index 98% rename from database/mysql.yaml rename to stackhpc/database/mysql.yaml index c61e7e6..114faa0 100644 --- a/database/mysql.yaml +++ b/stackhpc/database/mysql.yaml @@ -80,4 +80,4 @@ spec: - ReadWriteOnce resources: requests: - storage: 1Gi \ No newline at end of file + storage: 1Gi diff --git a/custom-deployment-files/main.yaml b/stackhpc/deploy-zuul/main.yaml similarity index 57% rename from custom-deployment-files/main.yaml rename to stackhpc/deploy-zuul/main.yaml index 6742d40..edb5a80 100644 --- a/custom-deployment-files/main.yaml +++ b/stackhpc/deploy-zuul/main.yaml @@ -3,5 +3,9 @@ exclude-unprotected-branches: false source: github: + config-projects: + - zuul-config-test untrusted-projects: - zuul-test-repo-a + - zuul-test-repo-b + - zuul-test-repo-c diff --git a/custom-deployment-files/nodepool.yaml b/stackhpc/deploy-zuul/nodepool.yaml similarity index 64% rename from custom-deployment-files/nodepool.yaml rename to stackhpc/deploy-zuul/nodepool.yaml index 25c118c..3ab8405 100644 --- a/custom-deployment-files/nodepool.yaml +++ b/stackhpc/deploy-zuul/nodepool.yaml @@ -7,7 +7,8 @@ zookeeper-tls: ca: /var/certs/certs/cacert.pem labels: - - name: zuul-jobs + - name: zuul-jobs-ns + - name: zuul-job-pod providers: - name: kubernetes @@ -15,5 +16,8 @@ providers: pools: - name: main labels: - - name: zuul-jobs + - name: zuul-jobs-ns type: namespace + - name: zuul-job-pod + type: pod + image: docker.io/rockylinux:8 diff --git a/custom-deployment-files/zuul.yaml b/stackhpc/deploy-zuul/zuul.yaml similarity index 66% rename from custom-deployment-files/zuul.yaml rename to stackhpc/deploy-zuul/zuul.yaml index 2e70008..af6e2d8 100644 --- a/custom-deployment-files/zuul.yaml +++ b/stackhpc/deploy-zuul/zuul.yaml @@ -5,8 +5,8 @@ metadata: spec: executor: count: 1 - sshkey: - secretName: executor-secrets + # sshkey: + # secretName: executor-secrets scheduler: config: secretName: zuul-tenant-config @@ -16,9 +16,11 @@ spec: web: count: 1 connections: - opendev: - driver: git - baseurl: https://opendev.org + github: + driver: github + app_id: 382716 + app_key: /gh-keys/gh-key.pem + secretName: github-secrets database: allowUnsafeConfig: True secretName: mariadb-secret diff --git a/stackhpc/install.sh b/stackhpc/install.sh new file mode 100755 index 0000000..a5f7da5 --- /dev/null +++ b/stackhpc/install.sh @@ -0,0 +1,9 @@ +kubectl apply -f "database/*.yaml" +kubectl apply -f ../deploy/crds/zuul-ci_v1alpha2_zuul_crd.yaml +kubectl apply -f ../deploy/rbac-admin.yaml +kubectl apply -f ../deploy/operator.yaml +kubectl create secret generic zuul-nodepool-config --from-file=deploy-zuul/nodepool.yaml +kubectl create secret generic zuul-tenant-config --from-file=deploy-zuul/main.yaml +kubectl create secret generic github-secrets --from-file=github-secrets +kubectl create secret generic gh-key --from-file=keys +kubectl apply -f deploy-zuul/zuul.yaml diff --git a/stackhpc/patch-files/key-patchfile.yaml b/stackhpc/patch-files/key-patchfile.yaml new file mode 100644 index 0000000..a051502 --- /dev/null +++ b/stackhpc/patch-files/key-patchfile.yaml @@ -0,0 +1,12 @@ +spec: + template: + spec: + containers: + - name: web + volumeMounts: + - name: gh-keys + mountPath: /gh-keys + volumes: + - name: gh-keys + secret: + secretName: gh-key diff --git a/stackhpc/patch-files/web-service-patchfile.yaml b/stackhpc/patch-files/web-service-patchfile.yaml new file mode 100644 index 0000000..06ee70a --- /dev/null +++ b/stackhpc/patch-files/web-service-patchfile.yaml @@ -0,0 +1,2 @@ +spec: + type: LoadBalancer diff --git a/stackhpc/patch.sh b/stackhpc/patch.sh new file mode 100755 index 0000000..c76be89 --- /dev/null +++ b/stackhpc/patch.sh @@ -0,0 +1 @@ +kubectl apply -f "patch-files/*.yaml" diff --git a/uninstall.sh b/uninstall.sh deleted file mode 100755 index 52ac577..0000000 --- a/uninstall.sh +++ /dev/null @@ -1,3 +0,0 @@ -kubectl delete -f deploy/operator.yaml -kubectl delete -f deploy/rbac-admin.yaml -kubectl delete -f deploy/crds/zuul-ci_v1alpha2_zuul_crd.yaml From e798842cce66e499f8b43023749247bc184fdd3e Mon Sep 17 00:00:00 2001 From: Will Date: Thu, 31 Aug 2023 11:39:50 +0100 Subject: [PATCH 06/10] Fixed patch.sh --- stackhpc/patch.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/stackhpc/patch.sh b/stackhpc/patch.sh index c76be89..4d69e4d 100755 --- a/stackhpc/patch.sh +++ b/stackhpc/patch.sh @@ -1 +1,2 @@ -kubectl apply -f "patch-files/*.yaml" +kubectl patch deployment zuul-web --patch-file=patch-files/key-patchfile.yaml +kubectl patch service zuul-web --patch-file=patch-files/web-service-patchfile.yaml From 471d39c67723532a4d39efb6899ddafe448be720 Mon Sep 17 00:00:00 2001 From: Will Date: Mon, 4 Sep 2023 11:21:20 +0100 Subject: [PATCH 07/10] fixed broken names in config and added opendev connection for zuul-jobs --- stackhpc/deploy-zuul/main.yaml | 15 +++++++--- stackhpc/deploy-zuul/nodepool.yaml | 1 + .../deploy-zuul/zuul-permissions-role.yaml | 30 +++++++++++++++++++ stackhpc/deploy-zuul/zuul.yaml | 5 +++- 4 files changed, 46 insertions(+), 5 deletions(-) create mode 100644 stackhpc/deploy-zuul/zuul-permissions-role.yaml diff --git a/stackhpc/deploy-zuul/main.yaml b/stackhpc/deploy-zuul/main.yaml index edb5a80..3e85c4a 100644 --- a/stackhpc/deploy-zuul/main.yaml +++ b/stackhpc/deploy-zuul/main.yaml @@ -4,8 +4,15 @@ source: github: config-projects: - - zuul-config-test + - wtripp180901/zuul-config-test untrusted-projects: - - zuul-test-repo-a - - zuul-test-repo-b - - zuul-test-repo-c + - wtripp180901/zuul-test-repo-a + - wtripp180901/zuul-test-repo-b + - wtripp180901/zuul-test-repo-c + +- tenant: + name: zuul-jobs-playbooks + source: + opendev: + untrusted-projects: + - zuul/zuul-jobs diff --git a/stackhpc/deploy-zuul/nodepool.yaml b/stackhpc/deploy-zuul/nodepool.yaml index 3ab8405..1f3b416 100644 --- a/stackhpc/deploy-zuul/nodepool.yaml +++ b/stackhpc/deploy-zuul/nodepool.yaml @@ -1,6 +1,7 @@ zookeeper-servers: - host: zookeeper port: 2281 + zookeeper-tls: cert: /var/certs/certs/client.pem key: /var/certs/keys/clientkey.pem diff --git a/stackhpc/deploy-zuul/zuul-permissions-role.yaml b/stackhpc/deploy-zuul/zuul-permissions-role.yaml new file mode 100644 index 0000000..ffa91c0 --- /dev/null +++ b/stackhpc/deploy-zuul/zuul-permissions-role.yaml @@ -0,0 +1,30 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: zuul-permissions +rules: +- apiGroups: + - "" + resources: + - namespaces + verbs: + - create + - get + - list + - patch + - apply + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: zuul-perms-rb +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: zuul-permissions +subjects: + - kind: ServiceAccount + name: default + namespace: default \ No newline at end of file diff --git a/stackhpc/deploy-zuul/zuul.yaml b/stackhpc/deploy-zuul/zuul.yaml index af6e2d8..900fbf7 100644 --- a/stackhpc/deploy-zuul/zuul.yaml +++ b/stackhpc/deploy-zuul/zuul.yaml @@ -6,7 +6,7 @@ spec: executor: count: 1 # sshkey: - # secretName: executor-secrets + # secretName: executor-secret scheduler: config: secretName: zuul-tenant-config @@ -21,6 +21,9 @@ spec: app_id: 382716 app_key: /gh-keys/gh-key.pem secretName: github-secrets + opendev: + driver: git + baseurl: https://opendev.org/ database: allowUnsafeConfig: True secretName: mariadb-secret From 5dc03a9bec35fd1f6fc0c97ffab3d4ba48c952d7 Mon Sep 17 00:00:00 2001 From: Will Date: Mon, 4 Sep 2023 11:22:01 +0100 Subject: [PATCH 08/10] Added patch files to mount secrets and fix broken dependencies --- stackhpc/patch-files/executor-key-patchfile.yaml | 12 ++++++++++++ stackhpc/patch-files/scheduler-key-patchfile.yaml | 12 ++++++++++++ .../{key-patchfile.yaml => web-key-patchfile.yaml} | 0 stackhpc/patch-files/web-service-patchfile.yaml | 1 + stackhpc/patch-files/zookeeper-image-patchfile.yaml | 6 ++++++ stackhpc/patch.sh | 5 ++++- 6 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 stackhpc/patch-files/executor-key-patchfile.yaml create mode 100644 stackhpc/patch-files/scheduler-key-patchfile.yaml rename stackhpc/patch-files/{key-patchfile.yaml => web-key-patchfile.yaml} (100%) create mode 100644 stackhpc/patch-files/zookeeper-image-patchfile.yaml diff --git a/stackhpc/patch-files/executor-key-patchfile.yaml b/stackhpc/patch-files/executor-key-patchfile.yaml new file mode 100644 index 0000000..51859c1 --- /dev/null +++ b/stackhpc/patch-files/executor-key-patchfile.yaml @@ -0,0 +1,12 @@ +spec: + template: + spec: + containers: + - name: executor + volumeMounts: + - name: gh-keys + mountPath: /gh-keys + volumes: + - name: gh-keys + secret: + secretName: gh-key diff --git a/stackhpc/patch-files/scheduler-key-patchfile.yaml b/stackhpc/patch-files/scheduler-key-patchfile.yaml new file mode 100644 index 0000000..74b2f35 --- /dev/null +++ b/stackhpc/patch-files/scheduler-key-patchfile.yaml @@ -0,0 +1,12 @@ +spec: + template: + spec: + containers: + - name: scheduler + volumeMounts: + - name: gh-keys + mountPath: /gh-keys + volumes: + - name: gh-keys + secret: + secretName: gh-key diff --git a/stackhpc/patch-files/key-patchfile.yaml b/stackhpc/patch-files/web-key-patchfile.yaml similarity index 100% rename from stackhpc/patch-files/key-patchfile.yaml rename to stackhpc/patch-files/web-key-patchfile.yaml diff --git a/stackhpc/patch-files/web-service-patchfile.yaml b/stackhpc/patch-files/web-service-patchfile.yaml index 06ee70a..7ba9685 100644 --- a/stackhpc/patch-files/web-service-patchfile.yaml +++ b/stackhpc/patch-files/web-service-patchfile.yaml @@ -1,2 +1,3 @@ spec: type: LoadBalancer + loadBalancerIP: 192.171.169.119 diff --git a/stackhpc/patch-files/zookeeper-image-patchfile.yaml b/stackhpc/patch-files/zookeeper-image-patchfile.yaml new file mode 100644 index 0000000..540f03d --- /dev/null +++ b/stackhpc/patch-files/zookeeper-image-patchfile.yaml @@ -0,0 +1,6 @@ +spec: + template: + spec: + containers: + - name: zookeeper + image: "zookeeper:3.8.2" diff --git a/stackhpc/patch.sh b/stackhpc/patch.sh index 4d69e4d..e79bdd5 100755 --- a/stackhpc/patch.sh +++ b/stackhpc/patch.sh @@ -1,2 +1,5 @@ -kubectl patch deployment zuul-web --patch-file=patch-files/key-patchfile.yaml +kubectl patch deployment zuul-web --patch-file=patch-files/web-key-patchfile.yaml +kubectl patch statefulset zuul-scheduler --patch-file=patch-files/scheduler-key-patchfile.yaml kubectl patch service zuul-web --patch-file=patch-files/web-service-patchfile.yaml +kubectl patch statefulset zuul-executor --patch-file=patch-files/executor-key-patchfile.yaml +kubectl patch statefulset zookeeper --patch-file=patch-files/zookeeper-image-patchfile.yaml From ef1494b1652969025f769cc342c6ddcdd394f21e Mon Sep 17 00:00:00 2001 From: Will Date: Mon, 4 Sep 2023 16:09:46 +0100 Subject: [PATCH 09/10] Fixed tenant jobs --- stackhpc/deploy-zuul/main.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/stackhpc/deploy-zuul/main.yaml b/stackhpc/deploy-zuul/main.yaml index 3e85c4a..043b1a9 100644 --- a/stackhpc/deploy-zuul/main.yaml +++ b/stackhpc/deploy-zuul/main.yaml @@ -9,10 +9,6 @@ - wtripp180901/zuul-test-repo-a - wtripp180901/zuul-test-repo-b - wtripp180901/zuul-test-repo-c - -- tenant: - name: zuul-jobs-playbooks - source: opendev: untrusted-projects: - zuul/zuul-jobs From 49ff77727cef74ecd6dce6e5c0cb2b8608b32b51 Mon Sep 17 00:00:00 2001 From: Will Date: Mon, 4 Sep 2023 16:31:44 +0100 Subject: [PATCH 10/10] Updated README --- stackhpc/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stackhpc/README.md b/stackhpc/README.md index 21b32ee..c385cbc 100644 --- a/stackhpc/README.md +++ b/stackhpc/README.md @@ -4,4 +4,4 @@ 3. Create keys/github-key.pem containg Github app private key 4. Run install.sh 5. Once the zuul-web deployment has been created, run patch.sh - +6. You may need to restart the nodepool-launcher-kubernetes deployment after the patches are complete