diff --git a/.gitignore b/.gitignore index 4f71aa718f..2fe85e16cb 100644 --- a/.gitignore +++ b/.gitignore @@ -39,6 +39,9 @@ cover/ .project .pydevproject +# Files generated by Visual Studio Code +.vscode/ + # Files created by reno build releasenotes/build diff --git a/.zuul.d/base.yaml b/.zuul.d/base.yaml index 8847eb55c9..21c1ee8f50 100644 --- a/.zuul.d/base.yaml +++ b/.zuul.d/base.yaml @@ -54,6 +54,11 @@ - ^releasenotes/.*$ - ^specs/.*$ - ^test-requirements.txt$ + - ^\.zuul\.d/ + - ^\..+ + - ^contrib/ + - ^LICENSE$ + - ^tox\.ini$ vars: publisher: false extra-vars: diff --git a/.zuul.d/centos.yaml b/.zuul.d/centos.yaml index 98a6d8ab50..fcbd6ea9ae 100644 --- a/.zuul.d/centos.yaml +++ b/.zuul.d/centos.yaml @@ -11,7 +11,6 @@ # FIXME(yoctozepto): set to voting when TripleO CI is fixed voting: false files: - - ^.zuul.d/centos.yaml$ - ^docker/.*$ - ^kolla/.*$ - ^requirements.txt$ diff --git a/docker/base/Dockerfile.j2 b/docker/base/Dockerfile.j2 index 1f6356d1c0..13ed739eb0 100644 --- a/docker/base/Dockerfile.j2 +++ b/docker/base/Dockerfile.j2 @@ -404,7 +404,8 @@ RUN sed -i \ {% endif %} {% if base_distro == 'centos' or base_distro == 'rhel' %} -RUN sed -ri '/-session(\s+)optional(\s+)pam_systemd.so/d' /etc/pam.d/system-auth +RUN sed -ri '/-session(\s+)optional(\s+)pam_systemd.so/d' /etc/pam.d/system-auth \ + && sed -ri '/^[^#]/ s/systemd//g' /etc/nsswitch.conf {% endif %} COPY set_configs.py /usr/local/bin/kolla_set_configs diff --git a/docker/monasca/monasca-grafana/Dockerfile.j2 b/docker/monasca/monasca-grafana/Dockerfile.j2 index 295f37ae2f..2309aff2a8 100644 --- a/docker/monasca/monasca-grafana/Dockerfile.j2 +++ b/docker/monasca/monasca-grafana/Dockerfile.j2 @@ -53,7 +53,8 @@ ARG monasca_grafana_url=https://github.com/monasca/grafana/archive/$monasca_graf # NOTE(yoctozepto): Update npm to 6.x version to avoid issues with metadata parsing. # NPM installs itself in /usr/local/bin (the default in Ubuntu) which is not in the PATH. # This is forced for all distros to avoid conflicts with native packages. -RUN gem install rake:"~>12" fpm \ +# NOTE(mgoddard): childprocess 3.0.0 and ffi 1.13.0 depend on Ruby 2.3. +RUN gem install rake:"~>12" ffi:"<1.13.0" childprocess:"<2.0.0" fpm \ && curl -sSL -o /tmp/monasca-grafana.tgz ${monasca_grafana_url} \ && mkdir -p ${monasca_grafana_build_path} \ && tar --strip 1 -xvf /tmp/monasca-grafana.tgz -C ${monasca_grafana_build_path} \ diff --git a/docker/sensu/sensu-client/Dockerfile.j2 b/docker/sensu/sensu-client/Dockerfile.j2 index 9ccd4f3ae2..90f6bff452 100644 --- a/docker/sensu/sensu-client/Dockerfile.j2 +++ b/docker/sensu/sensu-client/Dockerfile.j2 @@ -9,13 +9,18 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% set sensu_client_packages = [ 'ceph-common', 'cyrus-sasl-devel', - 'docker-client', 'gcc-c++', 'make', 'mariadb', 'ntp', 'ruby-devel' ] %} + {% if base_distro != 'oraclelinux' %} + # NOTE(mgoddard): Installing docker-client fails on OracleLinux. + {% set sensu_client_packages = sensu_client_packages + [ + 'docker-client', + ] %} + {% endif %} {% if distro_python_version.startswith('3') %} {% set sensu_client_packages = sensu_client_packages + [ diff --git a/kolla/common/config.py b/kolla/common/config.py index acdc790931..dfb7d06fbc 100755 --- a/kolla/common/config.py +++ b/kolla/common/config.py @@ -315,7 +315,7 @@ 'bifrost-base': { 'type': 'url', 'location': ('$tarballs_base/bifrost/' - 'bifrost-6.0.3.tar.gz')}, + 'bifrost-6.0.4.tar.gz')}, 'blazar-base': { 'type': 'url', 'location': ('$tarballs_base/blazar/' @@ -331,7 +331,7 @@ 'cinder-base': { 'type': 'url', 'location': ('$tarballs_base/cinder/' - 'cinder-14.0.4.tar.gz')}, + 'cinder-14.1.0.tar.gz')}, 'congress-base': { 'type': 'url', 'location': ('$tarballs_base/congress/' @@ -379,11 +379,11 @@ 'heat-base': { 'type': 'url', 'location': ('$tarballs_base/heat/' - 'openstack-heat-12.0.0.tar.gz')}, + 'openstack-heat-12.1.0.tar.gz')}, 'horizon': { 'type': 'url', 'location': ('$tarballs_base/horizon/' - 'horizon-15.2.0.tar.gz')}, + 'horizon-15.3.0.tar.gz')}, 'horizon-plugin-blazar-dashboard': { 'type': 'url', 'location': ('$tarballs_base/blazar-dashboard/' @@ -507,7 +507,7 @@ 'keystone-base': { 'type': 'url', 'location': ('$tarballs_base/keystone/' - 'keystone-15.0.0.tar.gz')}, + 'keystone-15.0.1.tar.gz')}, 'kuryr-base': { 'type': 'url', 'location': ('$tarballs_base/kuryr/' @@ -523,7 +523,7 @@ 'manila-base': { 'type': 'url', 'location': ('$tarballs_base/manila/' - 'manila-8.1.0.tar.gz')}, + 'manila-8.1.2.tar.gz')}, 'mistral-base': { 'type': 'url', 'location': ('$tarballs_base/mistral/' @@ -572,7 +572,7 @@ 'neutron-base': { 'type': 'url', 'location': ('$tarballs_base/neutron/' - 'neutron-14.1.0.tar.gz')}, + 'neutron-14.2.0.tar.gz')}, 'neutron-base-plugin-neutron-fwaas': { 'type': 'url', 'location': ('$tarballs_base/neutron-fwaas/' @@ -648,15 +648,15 @@ 'neutron-server-ovn-plugin-networking-ovn': { 'type': 'url', 'location': ('$tarballs_base/networking-ovn/' - 'networking-ovn-6.0.1.tar.gz')}, + 'networking-ovn-6.1.0.tar.gz')}, 'neutron-metadata-agent-ovn-plugin-networking-ovn': { 'type': 'url', 'location': ('$tarballs_base/networking-ovn/' - 'networking-ovn-6.0.1.tar.gz')}, + 'networking-ovn-6.1.0.tar.gz')}, 'nova-base': { 'type': 'url', 'location': ('$tarballs_base/nova/' - 'nova-19.1.0.tar.gz')}, + 'nova-19.2.0.tar.gz')}, 'nova-base-plugin-blazar': { 'type': 'url', 'location': ('$tarballs_base/blazar-nova/' @@ -672,7 +672,7 @@ 'octavia-base': { 'type': 'url', 'location': ('$tarballs_base/octavia/' - 'octavia-4.1.1.tar.gz')}, + 'octavia-4.1.2.tar.gz')}, 'panko-base': { 'type': 'url', 'location': ('$tarballs_base/panko/' @@ -749,10 +749,6 @@ 'type': 'url', 'location': ('$tarballs_base/telemetry-tempest-plugin/' 'telemetry_tempest_plugin-0.3.0.tar.gz')}, - 'tempest-plugin-tripleo-common': { - 'type': 'url', - 'location': ('$tarballs_base/tripleo-common-tempest-plugin/' - 'tripleo-common-tempest-plugin-master.tar.gz')}, 'tempest-plugin-trove': { 'type': 'url', 'location': ('$tarballs_base/trove-tempest-plugin/' diff --git a/kolla/image/build.py b/kolla/image/build.py index 5fd2cde0ce..7496573ea2 100755 --- a/kolla/image/build.py +++ b/kolla/image/build.py @@ -198,14 +198,17 @@ "monasca-thresh", "nova-mksproxy", "ovsdpdk", + "rsyslog", "searchlight-base", "solum-base", + "tripleoclient", "vmtp", "zun-base" ], 'oraclelinux+source': [ "bifrost-base", "ovsdpdk", + "rsyslog", "tripleoclient", # TODO(jeffrey4l): remove tripleo-ui when following bug is fixed # https://bugs.launchpad.net/tripleo/+bug/1744215 diff --git a/releasenotes/notes/disable-systemd-nss-on-rhel-based-distros-5d586fcdb9a82da7.yaml b/releasenotes/notes/disable-systemd-nss-on-rhel-based-distros-5d586fcdb9a82da7.yaml new file mode 100644 index 0000000000..78521b9dcc --- /dev/null +++ b/releasenotes/notes/disable-systemd-nss-on-rhel-based-distros-5d586fcdb9a82da7.yaml @@ -0,0 +1,7 @@ +--- +fixes: + - | + Drop systemd support from nsswitch.conf on RHEL-based distros. This avoids + unneeded systemd nss lookups inside containers and it also avoids possible + selinux denials when a container bind mounts /run and makes the dbus socket + available inside the container only to be denied by selinux on the host. diff --git a/tests/playbooks/pre.yml b/tests/playbooks/pre.yml index b7f5a64912..ba546bfaff 100644 --- a/tests/playbooks/pre.yml +++ b/tests/playbooks/pre.yml @@ -16,7 +16,49 @@ path: "{{ kolla_build_logs_dir }}" state: directory + - block: + + - name: Ensure yum-utils is installed + # NOTE(mgoddard): The CentOS image used in CI has epel-release installed, + # but the configure-mirrors role used by Zuul disables epel. Since we + # install epel-release and expect epel to be enabled, enable it here. + package: + name: yum-utils + state: present + + - name: Enable the EPEL repository + command: yum-config-manager --enable epel + + become: true + when: + - ansible_os_family == "RedHat" + + - name: Install Python2 modules + become: true + package: + name: + - python-pip + - python-setuptools + - python-wheel + - python-virtualenv + + - name: Install virtualenv on Debian systems + # NOTE(hrw): On RedHat systems it is part of python3-virtualenv + package: + name: + - virtualenv + become: true + when: + ansible_os_family == "Debian" + + - name: Upgrade pip to latest version + # NOTE(mnasiadka): pip 8.x delivered with EPEL has problems installing + # zipp and configparser + become: true + command: "pip install --upgrade pip" + - name: Ensure tox is installed pip: name: tox + virtualenv: "{{ ansible_user_dir }}/tox-venv" become: true diff --git a/tests/playbooks/run.yml b/tests/playbooks/run.yml index d22a388702..a26baa72e7 100644 --- a/tests/playbooks/run.yml +++ b/tests/playbooks/run.yml @@ -37,6 +37,6 @@ dest: /etc/kolla/template_overrides.j2 - name: Run tox - command: tox -e {{ action }}-{{ base_distro }}-{{ install_type }} + command: "{{ ansible_user_dir }}/tox-venv/bin/tox -e {{ action }}-{{ base_distro }}-{{ install_type }}" args: chdir: "{{ zuul.project.src_dir }}" diff --git a/tests/templates/template_overrides.j2 b/tests/templates/template_overrides.j2 index 8997bc4ed9..9a36a78144 100644 --- a/tests/templates/template_overrides.j2 +++ b/tests/templates/template_overrides.j2 @@ -6,6 +6,7 @@ ENV PIP_INDEX_URL {{ nodepool_pypi_mirror }} ENV PIP_TRUSTED_HOST {{ nodepool_mirror_host }} +ENV PIP_EXTRA_INDEX_URL {{ nodepool_wheel_mirror }} RUN echo registry={{ nodepool_npmjs_proxy }} > /etc/npmrc \ && mkdir -p /usr/etc \ diff --git a/tests/vars/zuul.yml b/tests/vars/zuul.yml index e74e038f32..ca0454eea5 100644 --- a/tests/vars/zuul.yml +++ b/tests/vars/zuul.yml @@ -8,3 +8,6 @@ nodepool_grafana_proxy: "http://{{ zuul_site_mirror_fqdn }}:8080/grafana/" nodepool_cbs_centos_proxy: "http://{{ zuul_site_mirror_fqdn }}:8080/cbs.centos" nodepool_oraclelinux_proxy: "http://{{ zuul_site_mirror_fqdn }}:8080/oraclelinux/" nodepool_percona_proxy: "http://{{ zuul_site_mirror_fqdn }}:8080/percona" + +# NOTE(hrw): wheel cache goes over 80/443 not on 8080 +nodepool_wheel_mirror: "https://{{ zuul_site_mirror_fqdn }}/wheel/{{ ansible_distribution | lower }}-{{ ansible_distribution_version }}-{{ ansible_architecture | lower }}"