From b2239ece4ac453aaf5d7f18c5c4378909ccf6d7e Mon Sep 17 00:00:00 2001 From: Vladimir Khlyunev Date: Mon, 25 Feb 2019 13:04:37 +0400 Subject: [PATCH] Add image build job Change-Id: I513f3526e8b96bc2cecfe85b98a4229776f50eab --- .../common/jobs/build-swarm-image.yaml | 36 ++++ .../scripts/build_base_swarm_slave_image.sh | 97 +++++++++++ .../scripts/build_mos_swarm_slave_image.sh | 161 ++++++++++++++++++ .../scripts/prepare_build_upload_image.sh | 67 ++++++++ 4 files changed, 361 insertions(+) create mode 100644 maintenance-ci/common/jobs/build-swarm-image.yaml create mode 100644 maintenance-ci/common/scripts/build_base_swarm_slave_image.sh create mode 100644 maintenance-ci/common/scripts/build_mos_swarm_slave_image.sh create mode 100755 maintenance-ci/common/scripts/prepare_build_upload_image.sh diff --git a/maintenance-ci/common/jobs/build-swarm-image.yaml b/maintenance-ci/common/jobs/build-swarm-image.yaml new file mode 100644 index 0000000..95dd340 --- /dev/null +++ b/maintenance-ci/common/jobs/build-swarm-image.yaml @@ -0,0 +1,36 @@ +- job: + name: 'build-swarm-image' + description: | + Create given heat stack on internal cloud in maintenance-team tenant + + concurrent: false + node: 'image-builder' + + parameters: + - string: + name: IMAGE_NAME + description: "Name of image - used for glance" + default: "swarm-slave" + - bool: + name: TEST_AFTER_BUILD + default: "false" + - string: + name: UPDATE_SCRIPT + default: "maintenance-ci/common/scripts/build_base_swarm_slave_image.sh" + + scm: + - git: + url: 'https://review.fuel-infra.org/tools/sustaining/' + branches: + - origin/master + + wrappers: + - timestamps + - openstack-creds + - timeout: + fail: true + timeout: 30 + + builders: + - shell: + !include-raw: common/scripts/prepare_build_upload_image.sh diff --git a/maintenance-ci/common/scripts/build_base_swarm_slave_image.sh b/maintenance-ci/common/scripts/build_base_swarm_slave_image.sh new file mode 100644 index 0000000..b350ddd --- /dev/null +++ b/maintenance-ci/common/scripts/build_base_swarm_slave_image.sh @@ -0,0 +1,97 @@ +#!/bin/bash +set -ex +adduser --disabled-password --gecos "" jenkins +echo "jenkins:jenkins" | chpasswd +adduser jenkins sudo +sh -c 'echo "jenkins ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/jenkins-user' +mkdir /home/jenkins/.ssh +echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDci6MBY68s3FJ9V1OP5vdtVo/daJnkNXCPSPYbCX8/d0E3UJKgE81YvsxfuKp3r1rUNwTuGnkq+VUWcbIgpQNy69OuKxQkoGsRgYTA8n4ZZcuWz+dVenP90xLYHcnyACg63HUVEp5foLvu1WzOdH2A4bHmsl0ePM5IdnFyToHj+Nhwz1NSvbK1OkQHoEcIbkbIkIa/kWY2mgEIIUgb9YmaCI96eiVtQpFPQ4k7hpdrUAkG4e0jT8JA3zQoB++S12p0d0K3SQtJ3+YATUm+rKnHchHZ/uEAgBgoOLiu99p7Aiie76jlGxZp8A/hPqU/zS61z7ER4lJeyR/pXh53Ja+1 maintenance-ci" > /home/jenkins/.ssh/authorized_keys + +export DEBIAN_FRONTEND=noninteractive + +sh -c 'echo "deb [trusted=yes] http://mirror.fuel-infra.org/infra/packages/xenial/ xenial main" > /etc/apt/sources.list.d/mirantis_repo.list' + +cp /etc/apt/sources.list /etc/apt/sources.list.bkp +sed -i "s/nova.clouds.archive.ubuntu.com/mirrors.xtom.com/g" /etc/apt/sources.list +sed -i "s/archive.ubuntu.com/mirrors.xtom.com/g" /etc/apt/sources.list +sed -i "s/security.ubuntu.com/mirrors.xtom.com/g" /etc/apt/sources.list + +apt update + +# some packages below could be dropped probably +apt -yq install --no-install-recommends --no-install-suggests openjdk-8-jre git \ +build-essential \ +gcc \ +bridge-utils \ +libyaml-dev \ +libffi-dev \ +python-dev \ +pkg-config \ +python-pip \ +ubuntu-vm-builder \ +bridge-utils \ +python-seed-client + +wget -O /home/jenkins/jenkins-swarm-client.jar https://repo.jenkins-ci.org/releases/org/jenkins-ci/plugins/swarm-client/3.9/swarm-client-3.9.jar +mkdir /etc/jenkins-agent +echo "base-slave" > /etc/jenkins-agent/labels +cat > /etc/jenkins-agent/config < /home/jenkins/launch_jenkins_agent.sh < /etc/systemd/system/jenkins-swarm-agent.service << EOF +[Unit] +Description=jenkins-swarm-agent +Wants=network-online.target +After=network-online.target + +[Service] +User=jenkins +Group=jenkins +Type=simple +ExecStart=/home/jenkins/launch_jenkins_agent.sh + +[Install] +WantedBy=multi-user.target +EOF +systemctl enable jenkins-swarm-agent + +chown -R jenkins:jenkins /home/jenkins/ + +cp /etc/apt/sources.list.bkp /etc/apt/sources.list +apt update + +apt-get -y clean +apt-get -y autoremove +sed -i '/.*cdrom.*/d' /etc/apt/sources.list +rm -f /etc/ssh/ssh_host_* +rm -f /var/cache/apt/archives/*.deb +rm -f /var/cache/apt/*cache.bin +rm -f /var/lib/apt/lists/*_Packages +rm -f /etc/resolv.conf +rm -f /root/.bash_history +rm -f /root/.nano_history +rm -f /root/.lesshst +rm -f /root/.ssh/known_hosts +rm -rf /tmp/tmp +for k in $(find /var/log -type f); do echo > $k; done +for k in $(find /tmp -type f); do rm -f $k; done +for k in $(find /root -type f \( ! -iname ".*" \)); do rm -f $k; done diff --git a/maintenance-ci/common/scripts/build_mos_swarm_slave_image.sh b/maintenance-ci/common/scripts/build_mos_swarm_slave_image.sh new file mode 100644 index 0000000..587a124 --- /dev/null +++ b/maintenance-ci/common/scripts/build_mos_swarm_slave_image.sh @@ -0,0 +1,161 @@ +#!/bin/bash +set -ex +adduser --disabled-password --gecos "" jenkins +echo "jenkins:jenkins" | chpasswd +adduser jenkins sudo +sh -c 'echo "jenkins ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/jenkins-user' +mkdir /home/jenkins/.ssh +echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDci6MBY68s3FJ9V1OP5vdtVo/daJnkNXCPSPYbCX8/d0E3UJKgE81YvsxfuKp3r1rUNwTuGnkq+VUWcbIgpQNy69OuKxQkoGsRgYTA8n4ZZcuWz+dVenP90xLYHcnyACg63HUVEp5foLvu1WzOdH2A4bHmsl0ePM5IdnFyToHj+Nhwz1NSvbK1OkQHoEcIbkbIkIa/kWY2mgEIIUgb9YmaCI96eiVtQpFPQ4k7hpdrUAkG4e0jT8JA3zQoB++S12p0d0K3SQtJ3+YATUm+rKnHchHZ/uEAgBgoOLiu99p7Aiie76jlGxZp8A/hPqU/zS61z7ER4lJeyR/pXh53Ja+1 maintenance-ci" > /home/jenkins/.ssh/authorized_keys + +export DEBIAN_FRONTEND=noninteractive + +sh -c 'echo "deb [trusted=yes] http://mirror.fuel-infra.org/infra/packages/xenial/ xenial main" > /etc/apt/sources.list.d/mirantis_repo.list' + +cp /etc/apt/sources.list /etc/apt/sources.list.bkp +sed -i "s/nova.clouds.archive.ubuntu.com/mirrors.xtom.com/g" /etc/apt/sources.list +sed -i "s/archive.ubuntu.com/mirrors.xtom.com/g" /etc/apt/sources.list +sed -i "s/security.ubuntu.com/mirrors.xtom.com/g" /etc/apt/sources.list + +apt update + +apt -yq install --no-install-recommends --no-install-suggests openjdk-8-jre git \ +build-essential \ +gcc \ +bridge-utils \ +libyaml-dev \ +libffi-dev \ +libvirt-bin \ +libvirt-dev \ +python-dev \ +pkg-config \ +python-pip \ +python-libvirt \ +postgresql \ +postgresql-server-dev-all \ +qemu-kvm \ +qemu-utils \ +ubuntu-vm-builder \ +bridge-utils \ +python-seed-client + +cat > /home/jenkins/configure_libvirt_pool.sh </dev/null ) || virsh pool-define-as --type=dir --name=default --target=/var/lib/libvirt/images +(virsh pool-list | grep yes >/dev/null ) || virsh pool-autostart default +(virsh pool-list | grep active >/dev/null ) || virsh pool-start default +EOF +chmod +x /home/jenkins/configure_libvirt_pool.sh + +cat > /etc/systemd/system/configure_libvirt_pool.service << EOF +[Unit] +Description=configure_libvirt_pool +Requires=libvirtd.service +After=libvirtd.service + +[Service] +User=root +Group=root +RemainAfterExit=false +Type=oneshot +ExecStart=/home/jenkins/configure_libvirt_pool.sh + +[Install] +WantedBy=multi-user.target +EOF +systemctl enable configure_libvirt_pool + +sed -i "s/#listen_tls.*/listen_tls = 0/" /etc/libvirt/libvirtd.conf +sed -i "s/#listen_tcp.*/listen_tcp = 1/" /etc/libvirt/libvirtd.conf +sed -i "/listen_tcp = 1/a auth_tcp = \"none\"" /etc/libvirt/libvirtd.conf +sed -i "s/#tcp_port.*/tcp_port=\"16509\"/" /etc/libvirt/libvirtd.conf +sed -i "s/#listen_addr.*/listen_addr=\"0.0.0.0\"/" /etc/libvirt/libvirtd.conf + +sed -i "s/#libvirtd_opts.*/libvirtd_opts=\" -l\"/" /etc/default/libvirt-bin + +sed -i "s/env libvirtd_opts.*/env libvirtd_opts=\"-d -l\"/" /etc/init/libvirt-bin.conf + +wget -O /home/jenkins/jenkins-swarm-client.jar https://repo.jenkins-ci.org/releases/org/jenkins-ci/plugins/swarm-client/3.9/swarm-client-3.9.jar +mkdir /etc/jenkins-agent +echo "mos-slave" > /etc/jenkins-agent/labels +cat > /etc/jenkins-agent/config < /home/jenkins/launch_jenkins_agent.sh < /etc/systemd/system/jenkins-swarm-agent.service << EOF +[Unit] +Description=jenkins-swarm-agent +Wants=network-online.target +After=network-online.target + +[Service] +User=jenkins +Group=jenkins +Type=simple +ExecStart=/home/jenkins/launch_jenkins_agent.sh + +[Install] +WantedBy=multi-user.target +EOF +systemctl enable jenkins-swarm-agent + +pg_version=$(dpkg-query --show --showformat='${version;3}' postgresql) +pg_createcluster $pg_version main --start || true +sed -ir 's/peer/trust/' /etc/postgresql/9.*/main/pg_hba.conf +service postgresql restart + +sudo -u postgres psql -c "CREATE USER fuel_devops PASSWORD 'fuel_devops'" || true +sudo -u postgres psql -c "CREATE ROLE fuel_devops WITH LOGIN PASSWORD 'fuel_devops'" || true +sudo -u postgres createdb fuel_devops -O fuel_devops || true + + +pip install virtualenv +sudo -u jenkins -H bash -c "virtualenv /home/jenkins/qa-venv-9.x +source /home/jenkins/qa-venv-9.x/bin/activate + pip install -U pip + pip install git+git://github.com/openstack/fuel-devops.git@release/2.9 + + django-admin.py syncdb --settings=devops.settings + django-admin.py migrate devops --settings=devops.settings + +deactivate +" +chown -R jenkins:jenkins /home/jenkins/ + +cp /etc/apt/sources.list.bkp /etc/apt/sources.list +apt update + +apt-get -y clean +apt-get -y autoremove +sed -i '/.*cdrom.*/d' /etc/apt/sources.list +rm -f /etc/ssh/ssh_host_* +rm -f /var/cache/apt/archives/*.deb +rm -f /var/cache/apt/*cache.bin +rm -f /var/lib/apt/lists/*_Packages +rm -f /etc/resolv.conf +rm -f /root/.bash_history +rm -f /root/.nano_history +rm -f /root/.lesshst +rm -f /root/.ssh/known_hosts +rm -rf /tmp/tmp +for k in $(find /var/log -type f); do echo > $k; done +for k in $(find /tmp -type f); do rm -f $k; done +for k in $(find /root -type f \( ! -iname ".*" \)); do rm -f $k; done diff --git a/maintenance-ci/common/scripts/prepare_build_upload_image.sh b/maintenance-ci/common/scripts/prepare_build_upload_image.sh new file mode 100755 index 0000000..8af73d3 --- /dev/null +++ b/maintenance-ci/common/scripts/prepare_build_upload_image.sh @@ -0,0 +1,67 @@ +#!/bin/bash + +set -ex + +echo "${UPDATE_SCRIPT?} will be used for image building" + +if [[ ! -f xenial-server-cloudimg&&md64-disk1.img.bkp ]] ; then + wget -q https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img -O /tmp/xenial-server-cloudimg-amd64-disk1.img + cp /tmp/xenial-server-cloudimg-amd64-disk1.img xenial-server-cloudimg-amd64-disk1.img +else + cp /tmp/xenial-server-cloudimg-amd64-disk1.img xenial-server-cloudimg-amd64-disk1.img +fi + +# sometimes archive.ubuntu.com is slow as hell - xtom mirrors is faster upstream +# mirror. also we do not want to reuse our mirrors because we need some kind of stable job +sudo sed -i "s/security.ubuntu.com/mirrors.xtom.com/g" /etc/apt/sources.list +sudo sed -i "s/nova.clouds.archive.ubuntu.com/mirrors.xtom.com/g" /etc/apt/sources.list + +sudo apt update -qq +sudo apt install -y qemu-utils + +sudo modprobe nbd max_part=16 +sudo qemu-nbd -d /dev/nbd0 || pass +sudo qemu-nbd -c /dev/nbd0 xenial-server-cloudimg-amd64-disk1.img +sleep 1 +sudo partx -a /dev/nbd0 +sudo mkdir -p /mnt/image + +sudo mount /dev/nbd0p1 /mnt/image +sudo mount --bind /dev /mnt/image/dev +sudo mount --bind /proc /mnt/image/proc +sudo mv /mnt/image/etc/resolv.conf /mnt/image/etc/resolv.conf.bak +sudo cp -f /etc/resolv.conf /mnt/image/etc/resolv.conf + +sudo cp "${UPDATE_SCRIPT}" /mnt/image/tmp/build_image.sh +sudo chroot /mnt/image /bin/bash /tmp/build_image.sh + + +sudo mv /mnt/image/etc/resolv.conf.bak /mnt/image/etc/resolv.conf +sudo rm -rf /mtn/image/tmp/* +sudo umount -l /mnt/image/dev/ +sudo umount -l /mnt/image/proc/ +sudo umount -l /mnt/image +sudo qemu-nbd -d /dev/nbd0 +sudo rm -rf /mnt/image + +if [[ $TEST_AFTER_BUILD ]] ; then + GLANCE_IMAGE_NAME="${IMAGE_NAME}-staging" +else + GLANCE_IMAGE_NAME="${IMAGE_NAME}" +fi + +set +x +source "${OPENRC_FILE?}" +OPENSTACK_CLIENTS_VENV="${OPENSTACK_CLIENTS_VENV:-/home/jenkins/venv-openstack-clients}" +if [[ ! -d "${OPENSTACK_CLIENTS_VENV}" ]] ; then + virtualenv "${OPENSTACK_CLIENTS_VENV}" + source "${OPENSTACK_CLIENTS_VENV}"/bin/activate + pip install openstackclient + deactivate +fi +source "${OPENSTACK_CLIENTS_VENV}"/bin/activate + +set -x +openstack image delete "${GLANCE_IMAGE_NAME}" +openstack image create --disk-format qcow2 --container-format bare --file xenial-server-cloudimg-amd64-disk1.img "${GLANCE_IMAGE_NAME}" +deactivate \ No newline at end of file -- 2.45.2