From 6181e8082f4cbd64d4c47af98067e6765565d191 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 12 Sep 2024 10:27:05 +0100 Subject: [PATCH 1/6] kolla-images.py: Add a check-image-map command This command checks the image mapping against Kolla Ansible variables. The *_image variables in Kolla Ansible define the mapping between containers and images. Ensure that the mapping defined in this script matches the one in Kolla Ansible. --- tools/kolla-images.py | 46 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 45 insertions(+), 1 deletion(-) diff --git a/tools/kolla-images.py b/tools/kolla-images.py index 06e67cb1c..2d9193f3f 100755 --- a/tools/kolla-images.py +++ b/tools/kolla-images.py @@ -96,6 +96,9 @@ def parse_args() -> argparse.Namespace: parser.add_argument("--base-distros", default=",".join(SUPPORTED_BASE_DISTROS), choices=SUPPORTED_BASE_DISTROS) subparsers = parser.add_subparsers(dest="command", required=True) + subparser = subparsers.add_parser("check-image-map", help="Check image mapping against kolla-ansible") + subparser.add_argument("--kolla-ansible-path", required=True, help="Path to kolla-ansible repostory checked out to correct branch") + subparser = subparsers.add_parser("check-hierarchy", help="Check tag variable hierarchy against kolla-ansible") subparser.add_argument("--kolla-ansible-path", required=True, help="Path to kolla-ansible repostory checked out to correct branch") @@ -277,6 +280,45 @@ def check_tags(base_distros: List[str], kolla_image_tags: KollaImageTags, regist sys.exit(1) +def check_image_map(kolla_ansible_path: str): + """Check the image mapping against Kolla Ansible variables. + + The *_image variables in Kolla Ansible define the mapping between + containers and images. Ensure that the mapping defined in this script + matches the one in Kolla Ansible. + """ + supported_images = read_images("etc/kayobe/pulp.yml") + assert supported_images + # Build a map from container to image name. + cmd = """git grep -h '^[a-z0-9_]*_image:' ansible/roles/*/defaults/main.yml""" + image_map_str = subprocess.check_output(cmd, shell=True, cwd=os.path.realpath(kolla_ansible_path)) + image_map = yaml.safe_load(image_map_str) + image_var_re = re.compile(r"^([a-z0-9_]+)_image$") + image_map = { + image_var_re.match(image_var).group(1): image.split("/")[-1] + for image_var, image in image_map.items() + } + # Filter out unsupported images. + image_map = { + container: image + for container, image in image_map.items() + if image in supported_images + } + assert image_map + errors = [] + # Check that our mapping is correct. + for container, image in image_map.items(): + containers = get_containers(image) + if container not in containers: + errors.append((container, image)) + if errors: + print("Errors:") + for tag_var, image in errors: + print(f"Expected {tag_var} container to use {image} image") + if errors: + sys.exit(1) + + def check_hierarchy(kolla_ansible_path: str): """Check the tag variable hierarchy against Kolla Ansible variables.""" cmd = """git grep -h '^[a-z0-9_]*_tag:' ansible/roles/*/defaults/main.yml""" @@ -352,7 +394,9 @@ def main(): validate(kolla_image_tags) - if args.command == "check-hierarchy": + if args.command == "check-image-map": + check_image_map(args.kolla_ansible_path) + elif args.command == "check-hierarchy": check_hierarchy(args.kolla_ansible_path) elif args.command == "check-tags": check_tags(base_distros, kolla_image_tags, args.registry, args.namespace) From 6f1576365dd677a11c4e555060a18c45b6dcf8ee Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 12 Sep 2024 10:30:37 +0100 Subject: [PATCH 2/6] kolla-images.py: Fix image to container exceptions using check-image-map We recently had an issue where images were built for ironic, but this did not include dnsmasq due to not matching the regex. The 'ironic' tag was updated in kolla-image-tags.yml, which matches ironic_dnsmasq container, but no such dnsmasq image existed. This issue would have been caught the check-tags workflow with the correct mapping added in this change. --- tools/kolla-images.py | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/tools/kolla-images.py b/tools/kolla-images.py index 2d9193f3f..ec0d319c8 100755 --- a/tools/kolla-images.py +++ b/tools/kolla-images.py @@ -39,15 +39,19 @@ # Maps a Kolla image to a list of containers that use the image. IMAGE_TO_CONTAINERS_EXCEPTIONS: Dict[str, List[str]] = { + "dnsmasq": [ + "ironic_dnsmasq", + ], "haproxy": [ "glance_tls_proxy", + "haproxy", "neutron_tls_proxy", ], "mariadb-server": [ "mariadb", "mariabackup", ], - "neutron-eswitchd": [ + "neutron-mlnx-agent": [ "neutron_mlnx_agent", ], "neutron-metadata-agent": [ @@ -58,6 +62,15 @@ "nova_super_conductor", "nova_conductor", ], + "openvswitch-db-server": [ + "openvswitch_db", + ], + "ovn-nb-db-server": [ + "ovn_nb_db", + ], + "ovn-sb-db-server": [ + "ovn_sb_db", + ], "prometheus-v2-server": [ "prometheus_server", ], From 1caf4a3265e8364b19c408892ea50dfc211bf414 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 12 Sep 2024 10:31:16 +0100 Subject: [PATCH 3/6] kolla-images.py: Misc fixes --- etc/kayobe/ansible/check-tags.yml | 1 + tools/kolla-images.py | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/etc/kayobe/ansible/check-tags.yml b/etc/kayobe/ansible/check-tags.yml index dc429a7cd..bdfb294da 100644 --- a/etc/kayobe/ansible/check-tags.yml +++ b/etc/kayobe/ansible/check-tags.yml @@ -4,6 +4,7 @@ - name: Check whether tags exist in Pulp container registry hosts: localhost + gather_facts: false tasks: - name: Query images and tags command: diff --git a/tools/kolla-images.py b/tools/kolla-images.py index ec0d319c8..65c2f78e7 100755 --- a/tools/kolla-images.py +++ b/tools/kolla-images.py @@ -130,7 +130,7 @@ def parse_args() -> argparse.Namespace: return parser.parse_args() -def get_abs_path(relative_path: str) -> str: +def get_abs_path(relative_path: str) -> pathlib.Path: """Return the absolute path of a file in SKC.""" script_path = pathlib.Path(inspect.getfile(inspect.currentframe())) return script_path.parent.parent / relative_path From 9241b3aba7453b55a1ee9edc019e549a08598d8e Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 12 Sep 2024 10:32:28 +0100 Subject: [PATCH 4/6] CI: Add check-image-map and check-hierarchy to check-tags workflow These commands ensure that the image map and hierarchy defined in kolla-images.py matches Kolla Ansible. Also update the path filter to run the check-tags workflow when pulp.yml or kolla-images.py is modified. --- .github/path-filters.yml | 2 ++ .github/workflows/stackhpc-check-tags.yml | 9 +++++ etc/kayobe/ansible/check-kolla-images-py.yml | 35 ++++++++++++++++++++ 3 files changed, 46 insertions(+) create mode 100644 etc/kayobe/ansible/check-kolla-images-py.yml diff --git a/.github/path-filters.yml b/.github/path-filters.yml index b9815d9d6..e9ef5a5ae 100644 --- a/.github/path-filters.yml +++ b/.github/path-filters.yml @@ -23,3 +23,5 @@ aio: check-tags: - '.github/workflows/stackhpc-check-tags.yml' - 'etc/kayobe/kolla-image-tags.yml' + - 'etc/kayobe/pulp.yml' + - 'tools/kolla-images.py' diff --git a/.github/workflows/stackhpc-check-tags.yml b/.github/workflows/stackhpc-check-tags.yml index 4016c00e9..db2383e21 100644 --- a/.github/workflows/stackhpc-check-tags.yml +++ b/.github/workflows/stackhpc-check-tags.yml @@ -46,6 +46,15 @@ jobs: run: | docker image pull $KAYOBE_IMAGE + - name: Check kolla-images.py image map and tag hierarchy + run: | + docker run -t --rm \ + -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ + -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ + $KAYOBE_IMAGE \ + /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/playbook-run.sh \ + '$KAYOBE_CONFIG_PATH/ansible/check-kolla-images-py.yml' + - name: Check container image tags run: | docker run -t --rm \ diff --git a/etc/kayobe/ansible/check-kolla-images-py.yml b/etc/kayobe/ansible/check-kolla-images-py.yml new file mode 100644 index 000000000..ba934a222 --- /dev/null +++ b/etc/kayobe/ansible/check-kolla-images-py.yml @@ -0,0 +1,35 @@ +--- +- name: Check kolla-images.py image map and tag hierarchy + hosts: localhost + gather_facts: false + tasks: + - name: Create a temporary directory + ansible.builtin.tempfile: + state: directory + suffix: kolla-ansible + register: tempdir_result + + - name: Clone Kolla Ansible repository + ansible.builtin.git: + repo: "{{ stackhpc_kolla_ansible_source_url }}" + version: "{{ stackhpc_kolla_ansible_source_version }}" + dest: "{{ tempdir_result.path }}" + + - name: Check image mapping + ansible.builtin.command: + cmd: >- + {{ kayobe_config_path }}/../../tools/kolla-images.py + check-image-map + --kolla-ansible-path {{ tempdir_result.path }} + + - name: Check tag hierarchy + ansible.builtin.command: + cmd: >- + {{ kayobe_config_path }}/../../tools/kolla-images.py + check-hierarchy + --kolla-ansible-path {{ tempdir_result.path }} + + - name: Remove temporary directory + ansible.builtin.file: + path: "{{ tempdir_result.path }}" + state: absent From 1edb38ba15fcaafe9334208550a6cd858f577ec6 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 12 Sep 2024 10:43:17 +0100 Subject: [PATCH 5/6] CI: Trigger build-kayobe-image for check-tags job --- .github/path-filters.yml | 7 +++++-- .github/workflows/stackhpc-pull-request.yml | 3 ++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/path-filters.yml b/.github/path-filters.yml index e9ef5a5ae..02d0ab609 100644 --- a/.github/path-filters.yml +++ b/.github/path-filters.yml @@ -1,5 +1,5 @@ # This file is a list of path filters for the PR workflow in .github/workflows/stackhpc-pull-request.yml. -aio: +aio: &aio - '.automation' - '.automation.conf/config.sh' - '.automation.conf/tempest/load-lists/default' @@ -20,8 +20,11 @@ aio: - 'kayobe-env' - 'requirements.txt' - 'terraform/aio/**' -check-tags: +check-tags: &check-tags - '.github/workflows/stackhpc-check-tags.yml' - 'etc/kayobe/kolla-image-tags.yml' - 'etc/kayobe/pulp.yml' - 'tools/kolla-images.py' +build-kayobe-image: + - *aio + - *check-tags diff --git a/.github/workflows/stackhpc-pull-request.yml b/.github/workflows/stackhpc-pull-request.yml index 34d644bd9..f5cfb90de 100644 --- a/.github/workflows/stackhpc-pull-request.yml +++ b/.github/workflows/stackhpc-pull-request.yml @@ -20,6 +20,7 @@ jobs: if: github.repository == 'stackhpc/stackhpc-kayobe-config' outputs: aio: ${{ steps.changes.outputs.aio }} + build-kayobe-image: ${{ steps.changes.outputs.build-kayobe-image }} check-tags: ${{ steps.changes.outputs.check-tags }} steps: - name: GitHub Checkout @@ -74,7 +75,7 @@ jobs: - check-changes uses: ./.github/workflows/stackhpc-build-kayobe-image.yml with: - if: ${{ needs.check-changes.outputs.aio == 'true' }} + if: ${{ needs.check-changes.outputs.build-kayobe-image == 'true' }} if: github.repository == 'stackhpc/stackhpc-kayobe-config' check-tags: From a4f03d42e54319f3dc44fdd306841c9e34da3238 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 12 Sep 2024 11:31:06 +0100 Subject: [PATCH 6/6] kolla-images.py: Add image map exception for neutron_eswitchd This was not caught because neutron-mlnx-agent is not in the list of supported images in pulp.yml. --- tools/kolla-images.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/kolla-images.py b/tools/kolla-images.py index 65c2f78e7..34ea9d6b8 100755 --- a/tools/kolla-images.py +++ b/tools/kolla-images.py @@ -52,6 +52,7 @@ "mariabackup", ], "neutron-mlnx-agent": [ + "neutron_eswitchd", "neutron_mlnx_agent", ], "neutron-metadata-agent": [