+++ /dev/null
-[all]
-ignore = .tox/**,
- .git/**,
- .gitignore,
- .gitreview,
- .gitmodules,
- node_modules/**,
- **.sw?,
- **.orig
-
-[all.GitCommit]
-bears = GitCommitBear
-ignore_length_regex = Signed-off-by,
- Also-by,
- Co-authored-by,
- http://,
- https://
-
-[all.MarkDown]
-bears = MarkdownBear,SpaceConsistencyBear,WriteGoodLintBear
-files = **.md, **.markdown
-use_spaces = true
-
-[all.ShellCheck]
-bears = ShellCheckBear,SpaceConsistencyBear
-files = **.sh
-shell = bash
-indent_size = 4
-use_spaces = yeah
-
--- /dev/null
+# All these sections are optional, edit this file as you like.
+[general]
+# Ignore certain rules, you can reference them by their id or by their full
+# name
+# ignore=title-trailing-punctuation, T3
+
+# verbosity should be a value between 1 and 3, the command line -v flags take
+# precedence over this
+# verbosity = 2
+
+# By default gitlint will ignore merge commits. Set to 'false' to disable.
+# ignore-merge-commits=true
+
+# By default gitlint will ignore fixup commits. Set to 'false' to disable.
+# ignore-fixup-commits=true
+
+# By default gitlint will ignore squash commits. Set to 'false' to disable.
+# ignore-squash-commits=true
+
+# Enable debug mode (prints more output). Disabled by default.
+# debug=true
+
+# Set the extra-path where gitlint will search for user defined rules
+# See http://jorisroovers.github.io/gitlint/user_defined_rules for details
+# extra-path=examples/
+
+contrib=contrib-title-conventional-commits,contrib-body-requires-signed-off-by
+
+# [title-max-length]
+# line-length=80
+
+# [title-must-not-contain-word]
+# Comma-separated list of words that should not occur in the title. Matching is
+# case insensitive. It's fine if the keyword occurs as part of a larger word
+# (so "WIPING" will not cause a violation, but "WIP: my title" will.
+# words=wip
+
+# [title-match-regex]
+# python like regex (https://docs.python.org/2/library/re.html) that the
+# commit-msg title must be matched to.
+# Note that the regex can contradict with other rules if not used correctly
+# (e.g. title-must-not-contain-word).
+# regex=^US[0-9]*
+
+# [B1]
+# B1 = body-max-line-length
+# line-length=120
+
+# [body-min-length]
+# min-length=5
+
+# [body-is-missing]
+# Whether to ignore this rule on merge commits (which typically only have a title)
+# default = True
+# ignore-merge-commits=false
+
+# [body-changed-file-mention]
+# List of files that need to be explicitly mentioned in the body when they are
+# changed This is useful for when developers often erroneously edit certain
+# files or git submodules. By specifying this rule, developers can only change
+# the file when they explicitly reference it in the commit message.
+# files=gitlint/rules.py,README.md
+
+# [author-valid-email]
+# python like regex (https://docs.python.org/2/library/re.html) that the
+# commit author email address should be matched to
+# For example, use the following regex if you only want to allow email
+# addresses from foo.com
+# regex=[^@]+@foo.com
+
+# [ignore-by-title]
+# Ignore certain rules for commits of which the title matches a regex
+# E.g. Match commit titles that start with "Release"
+# regex=^Release(.*)
+#
+# Ignore certain rules, you can reference them by their id or by their full name
+# Use 'all' to ignore all rules
+# ignore=T1,body-min-length
+
+# [ignore-by-body]
+# Ignore certain rules for commits of which the body has a line that matches a
+# regex
+# E.g. Match bodies that have a line that contain "release"
+# regex=(.*)release(.*)
+#
+# Ignore certain rules, you can reference them by their id or by their full name
+# Use 'all' to ignore all rules
+# ignore=T1,body-min-length
+
+# Enable Conventional Commit subject line enforcement
+# https://www.conventionalcommits.org/en/v1.0.0/
+#
+# Since we want all subjects to be well formed, enforce the topics
+# to the following (fairly standard) topics and require them to be Mixed Case
+[contrib-title-conventional-commits]
+types=Fix,Feat,Chore,Docs,Style,Refactor,Perf,Test,Revert,CI,Build
+
+# Require RELENG issues in commit messages
+# [body-match-regex]
+# regex=(.*)Issue:\s+(?<!IT)RELENG-\d+(.*)
--- /dev/null
+---
+repos:
+ - repo: https://github.com/pre-commit/pre-commit-hooks
+ rev: v4.2.0
+ hooks:
+ - id: trailing-whitespace
+ - id: no-commit-to-branch
+ args:
+ - --branch=master
+ - --branch=main
+
+ - repo: https://github.com/pre-commit/mirrors-prettier
+ rev: v2.6.2
+ hooks:
+ - id: prettier
+ stages: [commit]
+
+ - repo: https://github.com/jorisroovers/gitlint
+ rev: v0.17.0
+ hooks:
+ - id: gitlint
+
+ - repo: https://github.com/adrienverge/yamllint.git
+ rev: v1.26.3
+ hooks:
+ - id: yamllint
+
+ - repo: https://github.com/jumanjihouse/pre-commit-hooks
+ rev: 2.1.6
+ hooks:
+ - id: shellcheck
+
+ # yamllint disable rule:comments-indentation
+ # Disable write good for now as it will require more work to get passing
+ # - repo: https://github.com/btford/write-good
+ # rev: v1.0.8
+ # hooks:
+ # - id: write-good
--- /dev/null
+---
+extends: default
+
+rules:
+ empty-lines:
+ max-end: 1
+ line-length:
+ max: 120
+ comments:
+ # prettier forces 1 space comment separator
+ min-spaces-from-content: 1
---
-version: '3'
+version: "3"
services:
- init:
- environment:
- - CI_SYSTEM=jenkins
- - GLOBAL_JJB_VERSION=v0.19.2
- volumes:
- - jenkins:/jenkins
- links:
- - jenkins
- jenkins:
- build:
- context: ./jenkins
- args:
- - JENKINS_VERSION=$JENKINS_CONTAINER_VERSION
- container_name: releng-jenkins
- env_file: config.env
- environment:
- - JAVA_OPTS="-Djenkins.install.runSetupWizard=false"
- - VIRTUAL_HOST=jenkins.localhost
- - VIRTUAL_PORT=8080
- volumes:
- - jenkins:/var/jenkins_home
- expose:
- - "8080"
- depends_on:
- - ldap
- - nginx
- links:
- - ldap
- - nginx
- jenkins-agent:
- build: ./jenkins/agent
- container_name: releng-agent
- env_file: config.env
- ports:
- - "22"
- links:
- - "nginx:jenkins.localhost"
- - "nginx:nexus.localhost"
- - "nginx:gerrit.localhost"
+ init:
+ environment:
+ - CI_SYSTEM=jenkins
+ - GLOBAL_JJB_VERSION=v0.19.2
+ volumes:
+ - jenkins:/jenkins
+ links:
+ - jenkins
+ jenkins:
+ build:
+ context: ./jenkins
+ args:
+ - JENKINS_VERSION=$JENKINS_CONTAINER_VERSION
+ container_name: releng-jenkins
+ env_file: config.env
+ environment:
+ - JAVA_OPTS="-Djenkins.install.runSetupWizard=false"
+ - VIRTUAL_HOST=jenkins.localhost
+ - VIRTUAL_PORT=8080
+ volumes:
+ - jenkins:/var/jenkins_home
+ expose:
+ - "8080"
+ depends_on:
+ - ldap
+ - nginx
+ links:
+ - ldap
+ - nginx
+ jenkins-agent:
+ build: ./jenkins/agent
+ container_name: releng-agent
+ env_file: config.env
+ ports:
+ - "22"
+ links:
+ - "nginx:jenkins.localhost"
+ - "nginx:nexus.localhost"
+ - "nginx:gerrit.localhost"
volumes:
- jenkins:
+ jenkins:
# Container Versions stored in '.env'
---
-version: '3'
+version: "3"
services:
- init:
- build:
- dockerfile: Dockerfile
- context: ./init/
- container_name: releng-init
- volumes:
- - ./init/inventory.ini:/etc/ansible/inventory.ini
- - ./init/playbooks:/usr/src/ansible
- - init:/init/
- links:
- - gerrit
- - nexus
- ldap:
- image: "osixia/openldap:$OPENLDAP_CONTAINER_VERSION"
- container_name: releng-ldap
- env_file: config.env
- command: "--loglevel debug --copy-service"
- volumes:
- - ./ldap/bootstrap/groups.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/50-groups.ldif
- ports:
- - "636:636"
- gerrit:
- image: "openfrontier/gerrit:$GERRIT_CONTAINER_VERSION"
- container_name: releng-gerrit
- env_file: config.env
- environment:
- - VIRTUAL_HOST=gerrit.localhost
- - VIRTUAL_PORT=8080
- volumes:
- - gerrit:/var/gerrit/review_site
- expose:
- - "8080"
- ports:
- - "29418:29418"
- depends_on:
- - ldap
- - nginx
- links:
- - ldap
- - nginx
- nexus:
- image: "sonatype/nexus:$NEXUS_CONTAINER_VERSION"
- container_name: releng-nexus
- env_file: config.env
- environment:
- - VIRTUAL_HOST=nexus.localhost
- - VIRTUAL_PORT=8081
- volumes:
- - nexus:/sonatype-work
- expose:
- - "8081"
- depends_on:
- - nginx
- links:
- - nginx
-# artifactory:
-# image: "docker.bintray.io/jfrog/artifactory-oss:$ARTIFACTORY_CONTAINER_VERSION"
-# container_name: releng-artifactory
-# env_file: config.env
-# environment:
-# - VIRTUAL_HOST=artifactory.localhost
-# - VIRTUAL_PORT=8081
-# volumes:
-# - artifactory:/var/opt/jfrog/artifactory
-# expose:
-# - "80"
-# - "443"
-# - "8081"
-# depends_on:
-# - nginx
-# links:
-# - nginx
- postgres:
- image: postgres:latest
- container_name: releng-postgres
- env_file: config.env
- expose:
- - "5432"
- nginx:
- image: jwilder/nginx-proxy:latest
- container_name: releng-ingress
- ports:
- - "80:80"
- volumes:
- - /var/run/docker.sock:/tmp/docker.sock:ro
+ init:
+ build:
+ dockerfile: Dockerfile
+ context: ./init/
+ container_name: releng-init
+ volumes:
+ - ./init/inventory.ini:/etc/ansible/inventory.ini
+ - ./init/playbooks:/usr/src/ansible
+ - init:/init/
+ links:
+ - gerrit
+ - nexus
+ ldap:
+ image: "osixia/openldap:$OPENLDAP_CONTAINER_VERSION"
+ container_name: releng-ldap
+ env_file: config.env
+ command: "--loglevel debug --copy-service"
+ volumes:
+ - ./ldap/bootstrap/groups.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/50-groups.ldif
+ ports:
+ - "636:636"
+ gerrit:
+ image: "openfrontier/gerrit:$GERRIT_CONTAINER_VERSION"
+ container_name: releng-gerrit
+ env_file: config.env
+ environment:
+ - VIRTUAL_HOST=gerrit.localhost
+ - VIRTUAL_PORT=8080
+ volumes:
+ - gerrit:/var/gerrit/review_site
+ expose:
+ - "8080"
+ ports:
+ - "29418:29418"
+ depends_on:
+ - ldap
+ - nginx
+ links:
+ - ldap
+ - nginx
+ nexus:
+ image: "sonatype/nexus:$NEXUS_CONTAINER_VERSION"
+ container_name: releng-nexus
+ env_file: config.env
+ environment:
+ - VIRTUAL_HOST=nexus.localhost
+ - VIRTUAL_PORT=8081
+ volumes:
+ - nexus:/sonatype-work
+ expose:
+ - "8081"
+ depends_on:
+ - nginx
+ links:
+ - nginx
+ # artifactory:
+ # image: "docker.bintray.io/jfrog/artifactory-oss:$ARTIFACTORY_CONTAINER_VERSION"
+ # container_name: releng-artifactory
+ # env_file: config.env
+ # environment:
+ # - VIRTUAL_HOST=artifactory.localhost
+ # - VIRTUAL_PORT=8081
+ # volumes:
+ # - artifactory:/var/opt/jfrog/artifactory
+ # expose:
+ # - "80"
+ # - "443"
+ # - "8081"
+ # depends_on:
+ # - nginx
+ # links:
+ # - nginx
+ postgres:
+ image: postgres:latest
+ container_name: releng-postgres
+ env_file: config.env
+ expose:
+ - "5432"
+ nginx:
+ image: jwilder/nginx-proxy:latest
+ container_name: releng-ingress
+ ports:
+ - "80:80"
+ volumes:
+ - /var/run/docker.sock:/tmp/docker.sock:ro
volumes:
- gerrit:
- nexus:
-# artifactory:
- init:
+ gerrit:
+ nexus:
+ # artifactory:
+ init:
curl --fail -s -L -X POST -u "workshop:workshop" -H "Content-type:text/plain" \
-d "@$KEYFILE" http://gerrit.localhost/a/accounts/self/sshkeys/ > /dev/null
+ exit_code=$?
+
# Provide guidance on curl errors
- if [ $? -eq 7 ]; then
+ if [ $exit_code -eq 7 ]; then
echo -e "\nPlease start Gerrit first:\n docker-compose up -d"
- elif [ $? -eq 22 ]; then
+ elif [ $exit_code -eq 22 ]; then
echo -e "\nPlease wait for Gerrit to finish running and try again"
fi
# Output future guidance
- if [ $? -eq 0 ]; then
+ if [ $exit_code -eq 0 ]; then
KEYID=$(ssh-keygen -l -f "$KEYFILE")
GERRIT_REPOS="$(curl -s -L http://gerrit.localhost/projects/ \
| grep \"id\" | cut -c12- | tr -d '",')"
echo -e "Successfully uploaded public keyfile:"
echo " $KEYID"
echo -e "\nYou can now clone the available repos:"
- print_repos $GERRIT_REPOS
+ print_repos "$GERRIT_REPOS"
echo -e "\nWith the command:"
echo -e " git clone ssh://workshop@gerrit.localhost:29418/<repo>"
fi
name: ci-jobs
jobs:
- - '{project-name}-ci-jobs'
+ - "{project-name}-ci-jobs"
project: ci-management
project-name: ci-management
# lf-infra defaults
jenkins-ssh-credential: ciworkshop-jenkins-ssh
gerrit-server-name: ciworkshop
- lftools-version: '<1.0.0'
+ lftools-version: "<1.0.0"
---
- hosts: all
vars:
- ci_system: "{{ lookup('env', 'CI_SYSTEM') }}"
+ ci_system: "{{ lookup('env', 'CI_SYSTEM') }}"
tasks:
- - name: Include Base Variables
- include_vars:
- file: vars/default.yaml
- - name: Create workshop user and ssh key
- user:
- name: 'workshop'
- generate_ssh_key: true
- uid: 1005
- ssh_key_bits: 2048
- ssh_key_file: '{{ workshop_ssh_keyfile }}'
- - name: Wait for Gerrit UI
- wait_for:
- host: 'gerrit'
- port: '8080'
- - name: Login to Gerrit to claim Admin rights
- uri:
- url: 'http://gerrit:8080/login'
- method: 'POST'
- body: "username=workshop&password=workshop"
- status_code: 302
- - name: Upload sshkey to Admin user
- uri:
- url: 'http://gerrit:8080/a/accounts/self/sshkeys'
- method: 'POST'
- user: 'workshop'
- password: 'workshop'
- force_basic_auth: true
- headers:
- Content-Type: 'text/plain'
- body: "{{ lookup('file', '{{ workshop_ssh_keyfile }}.pub') }}"
- status_code: 201
- - name: Wait for Gerrit SSH Interface
- wait_for:
- host: 'gerrit'
- port: '29418'
- - name: Configure Git User Email
- git_config:
- name: user.email
- scope: global
- value: "workshop@example.org"
- - name: Configure Git User Name
- git_config:
- name: user.name
- scope: global
- value: "workshop"
- - name: Configure Git SSH Command/Key
- git_config:
- name: core.sshCommand
- scope: global
- value: "ssh -i {{ workshop_ssh_keyfile }} -F /dev/null -o StrictHostKeyChecking=no"
- - name: Clone All-Projects
- git:
- repo: 'ssh://workshop@gerrit:29418/All-Projects.git'
- refspec: 'refs/meta/config:refs/remotes/origin/meta/config'
- version: 'meta/config'
- dest: '{{ all_projects_repo }}'
- key_file: '{{ workshop_ssh_keyfile }}'
- update: false
- - name: Configure Verified Label
- blockinfile:
- path: '{{ all_projects_repo }}/project.config'
- marker: "; {mark}1 Ansible Managed"
- block: |
- [label "Verified"]
- function = MaxWithBlock
- defaultValue = 0
- value = -1 Fails
- value = 0 No score
- value = +1 Verified
- copyAllScoresIfNoCodeChange = true
- - name: Allow non-interactive users Verified Rights
- blockinfile:
- path: '{{ all_projects_repo }}/project.config'
- marker: "; {mark}2 Ansible Managed"
- insertafter: '\[access "refs/heads/\*"\]'
- block: |
- label-Verified = -1..+1 group Administrators
- label-Verified = -1..+1 group Non-Interactive Users
- label-Verified = -1..+1 group Project Owners
- - name: Create verified label commit in All-Projects
- shell: |
- git add .
- git commit -am "Create Verified Label"
- git push origin HEAD:refs/meta/config
- args:
- chdir: '{{ all_projects_repo }}'
- - name: Collect list of Repositories
- uri:
- url: 'http://gerrit:8080/projects/'
- return_content: true
- register: projects
- - name: Create ci-management Repository
- command: >
- ssh {{ ssh_options }} -p 29418 workshop@gerrit -i {{ workshop_ssh_keyfile }}
- gerrit create-project ci-management --id --so --empty-commit -d "Workshop\ CI-Management\ Repo" -p "All-Projects"
- # [5:] is used to skip the XSS token added by Gerrit
- when: '(projects.content[5:] | from_json)["ci-management"] is not defined'
- - name: Clone ci-management repository
- git:
- repo: 'ssh://workshop@gerrit:29418/ci-management.git'
- dest: '{{ ci_management_repo }}'
- key_file: '{{ workshop_ssh_keyfile }}'
- update: false
- - name: Copy gitreview file to ci-managment
- copy:
- src: .gitreview
- dest: '{{ ci_management_repo }}/.gitreview'
- - name: Create initial commit to ci-management
- shell: |
- git add .
- git commit -am "Initial Commit"
- git push origin HEAD:refs/heads/master
- args:
- chdir: '{{ ci_management_repo }}'
- - name: Wait for Nexus Web
- wait_for:
- host: 'nexus'
- port: '8081'
- - name: Copy repo.json to tmp directory
- copy:
- src: nexus-repo.json
- dest: '/var/tmp/repo.json'
- - name: Check for Logs repo in Nexus
- uri:
- url: http://nexus:8081/service/local/repositories
- return_content: true
- register: nexus_repos
- - name: Create Logs repo in Nexus
- uri:
- url: http://nexus:8081/service/local/repositories
- method: POST
- body: "{{ lookup('file', '/var/tmp/repo.json') }}"
- user: admin
- password: admin123
- body_format: json
- status_code: 201
- when: '(nexus_repos.content | parse_xml("files/nexus-repo-schema.yaml"))["repositories"]["logs"] is not defined'
- - name: Include {{ ci_system }} Tasks
- include_tasks: "tasks/{{ ci_system }}.yaml"
+ - name: Include Base Variables
+ include_vars:
+ file: vars/default.yaml
+ - name: Create workshop user and ssh key
+ user:
+ name: "workshop"
+ generate_ssh_key: true
+ uid: 1005
+ ssh_key_bits: 2048
+ ssh_key_file: "{{ workshop_ssh_keyfile }}"
+ - name: Wait for Gerrit UI
+ wait_for:
+ host: "gerrit"
+ port: "8080"
+ - name: Login to Gerrit to claim Admin rights
+ uri:
+ url: "http://gerrit:8080/login"
+ method: "POST"
+ body: "username=workshop&password=workshop"
+ status_code: 302
+ - name: Upload sshkey to Admin user
+ uri:
+ url: "http://gerrit:8080/a/accounts/self/sshkeys"
+ method: "POST"
+ user: "workshop"
+ password: "workshop"
+ force_basic_auth: true
+ headers:
+ Content-Type: "text/plain"
+ body: "{{ lookup('file', '{{ workshop_ssh_keyfile }}.pub') }}"
+ status_code: 201
+ - name: Wait for Gerrit SSH Interface
+ wait_for:
+ host: "gerrit"
+ port: "29418"
+ - name: Configure Git User Email
+ git_config:
+ name: user.email
+ scope: global
+ value: "workshop@example.org"
+ - name: Configure Git User Name
+ git_config:
+ name: user.name
+ scope: global
+ value: "workshop"
+ - name: Configure Git SSH Command/Key
+ git_config:
+ name: core.sshCommand
+ scope: global
+ value: "ssh -i {{ workshop_ssh_keyfile }} -F /dev/null -o StrictHostKeyChecking=no"
+ - name: Clone All-Projects
+ git:
+ repo: "ssh://workshop@gerrit:29418/All-Projects.git"
+ refspec: "refs/meta/config:refs/remotes/origin/meta/config"
+ version: "meta/config"
+ dest: "{{ all_projects_repo }}"
+ key_file: "{{ workshop_ssh_keyfile }}"
+ update: false
+ - name: Configure Verified Label
+ blockinfile:
+ path: "{{ all_projects_repo }}/project.config"
+ marker: "; {mark}1 Ansible Managed"
+ block: |
+ [label "Verified"]
+ function = MaxWithBlock
+ defaultValue = 0
+ value = -1 Fails
+ value = 0 No score
+ value = +1 Verified
+ copyAllScoresIfNoCodeChange = true
+ - name: Allow non-interactive users Verified Rights
+ blockinfile:
+ path: "{{ all_projects_repo }}/project.config"
+ marker: "; {mark}2 Ansible Managed"
+ insertafter: '\[access "refs/heads/\*"\]'
+ block: |
+ label-Verified = -1..+1 group Administrators
+ label-Verified = -1..+1 group Non-Interactive Users
+ label-Verified = -1..+1 group Project Owners
+ - name: Create verified label commit in All-Projects
+ shell: |
+ git add .
+ git commit -am "Create Verified Label"
+ git push origin HEAD:refs/meta/config
+ args:
+ chdir: "{{ all_projects_repo }}"
+ - name: Collect list of Repositories
+ uri:
+ url: "http://gerrit:8080/projects/"
+ return_content: true
+ register: projects
+ # yamllint disable rule:line-length
+ - name: Create ci-management Repository
+ command: >
+ ssh {{ ssh_options }} -p 29418 workshop@gerrit -i {{ workshop_ssh_keyfile }}
+ gerrit create-project ci-management --id --so --empty-commit -d "Workshop\ CI-Management\ Repo" -p "All-Projects"
+ # [5:] is used to skip the XSS token added by Gerrit
+ when: '(projects.content[5:] | from_json)["ci-management"] is not defined'
+ # yamllint enable
+ - name: Clone ci-management repository
+ git:
+ repo: "ssh://workshop@gerrit:29418/ci-management.git"
+ dest: "{{ ci_management_repo }}"
+ key_file: "{{ workshop_ssh_keyfile }}"
+ update: false
+ - name: Copy gitreview file to ci-managment
+ copy:
+ src: .gitreview
+ dest: "{{ ci_management_repo }}/.gitreview"
+ - name: Create initial commit to ci-management
+ shell: |
+ git add .
+ git commit -am "Initial Commit"
+ git push origin HEAD:refs/heads/master
+ args:
+ chdir: "{{ ci_management_repo }}"
+ - name: Wait for Nexus Web
+ wait_for:
+ host: "nexus"
+ port: "8081"
+ - name: Copy repo.json to tmp directory
+ copy:
+ src: nexus-repo.json
+ dest: "/var/tmp/repo.json"
+ - name: Check for Logs repo in Nexus
+ uri:
+ url: http://nexus:8081/service/local/repositories
+ return_content: true
+ register: nexus_repos
+ - name: Create Logs repo in Nexus
+ uri:
+ url: http://nexus:8081/service/local/repositories
+ method: POST
+ body: "{{ lookup('file', '/var/tmp/repo.json') }}"
+ user: admin
+ password: admin123
+ body_format: json
+ status_code: 201
+ when: '(nexus_repos.content | parse_xml("files/nexus-repo-schema.yaml"))["repositories"]["logs"] is not defined'
+ - name: Include {{ ci_system }} Tasks
+ include_tasks: "tasks/{{ ci_system }}.yaml"
---
- name: Include Base Variables
include_vars:
- file: vars/default.yaml
+ file: vars/default.yaml
- name: Create jenkins user and ssh key
user:
- name: 'jenkins'
- generate_ssh_key: true
- uid: 1000
- ssh_key_bits: 2048
- ssh_key_file: '{{ jenkins_ssh_keyfile }}'
+ name: "jenkins"
+ generate_ssh_key: true
+ uid: 1000
+ ssh_key_bits: 2048
+ ssh_key_file: "{{ jenkins_ssh_keyfile }}"
- name: Check private key format
shell: |
- head -1 '{{ jenkins_ssh_keyfile }}'
+ head -1 '{{ jenkins_ssh_keyfile }}'
register: jenkins_ssh_key_header
- name: Ensure keys is in PEM format (not new OpenSSH format)
shell: |
- ssh-keygen -f '{{ jenkins_ssh_keyfile }}' -m PEM -p -P "" -N ""
+ ssh-keygen -f '{{ jenkins_ssh_keyfile }}' -m PEM -p -P "" -N ""
when: (jenkins_ssh_key_header.stdout | regex_search("OPENSSH"))
- name: Set Jenkins Workshop SSH Key fact
set_fact:
- credentials_sshkey: "{{ lookup('file', jenkins_ssh_keyfile) }}"
+ credentials_sshkey: "{{ lookup('file', jenkins_ssh_keyfile) }}"
- name: Put down Jenkins Credential template
template:
- src: jenkins-credentials.xml
- dest: /jenkins/jenkins-credentials.xml
+ src: jenkins-credentials.xml
+ dest: /jenkins/jenkins-credentials.xml
- name: Install Jenkins CLI
get_url:
- url: 'http://jenkins:8080/jnlpJars/jenkins-cli.jar'
- dest: /jenkins/jenkins-cli.jar
+ url: "http://jenkins:8080/jnlpJars/jenkins-cli.jar"
+ dest: /jenkins/jenkins-cli.jar
- name: Add Workshop Credentials to Jenkins
environment:
- JENKINS_URL: http://jenkins:8080/
- JENKINS_USER_ID: workshop
- JENKINS_API_TOKEN: workshop
+ JENKINS_URL: http://jenkins:8080/
+ JENKINS_USER_ID: workshop
+ JENKINS_API_TOKEN: workshop
shell: |
- cat jenkins-credentials.xml | java -jar jenkins-cli.jar -http \
- update-credentials-by-xml "system::system::jenkins" "(global)" \
- "{{ credentials_id }}"
+ cat jenkins-credentials.xml | java -jar jenkins-cli.jar -http \
+ update-credentials-by-xml "system::system::jenkins" "(global)" \
+ "{{ credentials_id }}"
args:
- chdir: '/jenkins'
+ chdir: "/jenkins"
- name: Wait for Gerrit SSH Interface
wait_for:
- host: 'gerrit'
- port: '29418'
+ host: "gerrit"
+ port: "29418"
- name: Check existance of Jenkins Workshop Gerrit user
uri:
- url: 'http://gerrit:8080/accounts/?q=username:jenkins-workshop&o=DETAILS'
- return_content: true
+ url: "http://gerrit:8080/accounts/?q=username:jenkins-workshop&o=DETAILS"
+ return_content: true
register: jenkins_gerrit_account_json
- name: Create fact containing Gerrit accounts
set_fact:
- jenkins_gerrit_account: '{{ jenkins_gerrit_account_json.content[5:] }}'
+ jenkins_gerrit_account: "{{ jenkins_gerrit_account_json.content[5:] }}"
- name: Debug Gerrit Accounts
debug:
- msg: '{{ jenkins_gerrit_account }}'
+ msg: "{{ jenkins_gerrit_account }}"
- name: Create Jenkins Workshop User
shell: >
- cat {{ jenkins_ssh_keyfile }}.pub | ssh {{ ssh_options }} -p 29418 workshop@gerrit -i {{ workshop_ssh_keyfile }}
- gerrit create-account jenkins-workshop --full-name "Jenkins\ Workshop"
- --group "Non-Interactive\ Users" --ssh-key -
+ cat {{ jenkins_ssh_keyfile }}.pub | ssh {{ ssh_options }} -p 29418 workshop@gerrit -i {{ workshop_ssh_keyfile }}
+ gerrit create-account jenkins-workshop --full-name "Jenkins\ Workshop"
+ --group "Non-Interactive\ Users" --ssh-key -
when: (jenkins_gerrit_account | length == 0)
- name: Clone ci-management repository
git:
- repo: 'ssh://workshop@gerrit:29418/ci-management.git'
- dest: '{{ ci_management_repo }}'
- key_file: '{{ workshop_ssh_keyfile }}'
- update: false
+ repo: "ssh://workshop@gerrit:29418/ci-management.git"
+ dest: "{{ ci_management_repo }}"
+ key_file: "{{ workshop_ssh_keyfile }}"
+ update: false
- name: Create JJB Directory
file:
- path: '{{ ci_management_repo }}/jjb'
- state: directory
+ path: "{{ ci_management_repo }}/jjb"
+ state: directory
- name: Add Global-JJB to ci-management
- command: 'git submodule add {{ global_jjb_url }} global-jjb'
+ command: "git submodule add {{ global_jjb_url }} global-jjb"
args:
- chdir: '{{ ci_management_repo }}/jjb'
- creates: '{{ ci_management_repo }}/jjb/global-jjb'
+ chdir: "{{ ci_management_repo }}/jjb"
+ creates: "{{ ci_management_repo }}/jjb/global-jjb"
- name: Add ci-management defaults
copy:
- dest: '{{ ci_management_repo }}/{{ item }}'
- src: 'files/{{ item }}'
+ dest: "{{ ci_management_repo }}/{{ item }}"
+ src: "files/{{ item }}"
with_items:
- - 'jjb/ci-management.yaml'
- - 'jjb/defaults.yaml'
+ - "jjb/ci-management.yaml"
+ - "jjb/defaults.yaml"
- name: Add jenkins.ini
copy:
- dest: '{{ ci_management_repo }}/jenkins.ini'
- src: 'files/jjb/jenkins.ini'
+ dest: "{{ ci_management_repo }}/jenkins.ini"
+ src: "files/jjb/jenkins.ini"
- name: Create initial commit for the ci-management repo
shell: |
- cd jjb/global-jjb
- git checkout {{ global_jjb_version }}
- cd ..
- git add .
- git commit -am "Initial JJB Files"
- git push origin HEAD:refs/heads/master
+ cd jjb/global-jjb
+ git checkout {{ global_jjb_version }}
+ cd ..
+ git add .
+ git commit -am "Initial JJB Files"
+ git push origin HEAD:refs/heads/master
args:
- chdir: '{{ ci_management_repo }}'
+ chdir: "{{ ci_management_repo }}"
- name: Install Jenkins Job Builder
pip:
- name: 'jenkins-job-builder'
- version: '{{ jjb_version }}'
+ name: "jenkins-job-builder"
+ version: "{{ jjb_version }}"
- name: Upload Jobs to Jenkins
- command: 'jenkins-jobs --conf jenkins.ini update -r jjb'
+ command: "jenkins-jobs --conf jenkins.ini update -r jjb"
args:
- chdir: '{{ ci_management_repo }}'
+ chdir: "{{ ci_management_repo }}"
---
-ci_management_repo: '/init/ci-management'
-all_projects_repo: '/init/all-projects'
-workshop_ssh_keyfile: '/init/id_rsa-workshop'
-jenkins_ssh_keyfile: '/jenkins/.ssh/id_rsa'
+ci_management_repo: "/init/ci-management"
+all_projects_repo: "/init/all-projects"
+workshop_ssh_keyfile: "/init/id_rsa-workshop"
+jenkins_ssh_keyfile: "/jenkins/.ssh/id_rsa"
# Options to pass to ssh when cloning repos
-ssh_options: '-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'
+ssh_options: "-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
# Version of Global JJB the ci-management repo should initially contain
global_jjb_version: "{{ lookup('env', 'GLOBAL_JJB_VERSION') | default('v0.19.2', true) }}"
global_jjb_url: https://github.com/lfit/releng-global-jjb
[tox]
-minversion = 1.6
-envlist = coala
+minversion = 3.8
+envlist =
+ py38,
+ pre-commit
skipsdist = true
-[testenv:coala]
-basepython = python3
+[testenv:pre-commit]
+basepython = python3.8
+allowlist_externals =
+ /bin/sh
deps =
- coala
- coala-bears
- # Markdown lint requires nodejs
- nodeenv
+ pre-commit
+passenv = HOME
commands =
- nodeenv -p
- npm install --global remark-cli remark-lint write-good
- python3 -m nltk.downloader punkt maxent_treebank_pos_tagger averaged_perceptron_tagger
- coala --non-interactive
-
+ pre-commit run --all-files --show-diff-on-failure
+ /bin/sh -c 'if ! git config --get user.name > /dev/null; then \
+ git config --global --add user.name "CI"; \
+ touch .git/REMOVE_USERNAME; fi'
+ /bin/sh -c 'if ! git config --get user.email > /dev/null; then \
+ git config --global --add user.email "ci@example.org"; \
+ touch .git/REMOVE_USEREMAIL; fi'
+ /bin/sh -c "if [ -f .git/COMMIT_EDITMSG ]; then \
+ cp .git/COMMIT_EDITMSG .git/COMMIT_MSGTOX; else \
+ git log HEAD -n1 | tail -n +5 | cut -c 5- > .git/COMMIT_MSGTOX; fi"
+ pre-commit run gitlint --hook-stage commit-msg --commit-msg-filename .git/COMMIT_MSGTOX
+ /bin/sh -c "rm -f .git/COMMIT_MSGTOX"
+ /bin/sh -c "if [ -f .git/REMOVE_USERNAME ]; then \
+ git config --global --unset user.name; \
+ rm -f .git/REMOVE_USERNAME; fi"
+ /bin/sh -c "if [ -f .git/REMOVE_USEREMAIL ]; then \
+ git config --global --unset user.email; \
+ rm -f .git/REMOVE_USEREMAIL; fi"
Code Review / releng / ci-workshop.git / commitdiff