diff --git a/.github/actions/setup-vm-creds/action.yml b/.github/actions/setup-vm-creds/action.yml new file mode 100644 index 00000000000..a143ddd1f75 --- /dev/null +++ b/.github/actions/setup-vm-creds/action.yml @@ -0,0 +1,39 @@ +name: Setup VM Credentials +description: | + This action will setup the runner with the necessary credentials to create and + interact with VMs + +inputs: + gcp-ssh-key: + description: + The SSH private key to use for GCP + gcp-ssh-key-pub: + description: + The SSH public key to use for GCP + s390x-key: + description: + The SSH private key to use for s390x + ppc64le-key: + description: + The SSH private key to use for ppc64le +runs: + using: composite + steps: + - shell: bash + run: | + mkdir -p "$HOME/.ssh" + chmod 0700 "$HOME/.ssh" + + function copy_secret_to_file() { + local secret="$1" + local destination="$2" + local perms="$3" + + echo "$secret" > "$destination" + chmod "$perms" "$destination" + } + + copy_secret_to_file "${{ inputs.gcp-ssh-key }}" "$HOME/.ssh/GCP_SSH_KEY" 0600 + copy_secret_to_file "${{ inputs.gcp-ssh-key-pub }}" "$HOME/.ssh/GCP_SSH_KEY.pub" 0600 + copy_secret_to_file "${{ inputs.s390x-key }}" "$HOME/.ssh/acs-s390x-rsa.prv" 0600 + copy_secret_to_file "${{ inputs.ppc64le-key }}" "$HOME/.ssh/acs-ppc64le-rsa.prv" 0600 diff --git a/.github/workflows/collector-builder.yml b/.github/workflows/collector-builder.yml index 2a218a0af12..064cb5e5240 100644 --- a/.github/workflows/collector-builder.yml +++ b/.github/workflows/collector-builder.yml @@ -37,6 +37,20 @@ jobs: - builder/Dockerfile - .github/workflows/collector-builder.yml + create-s390x-build-vms: + if: needs.builder-needs-rebuilding.outputs.build-image == 'true' || + (github.event_name == 'push' && ( + github.ref_type == 'tag' || startsWith(github.ref_name, 'release-') + )) || + contains(github.event.pull_request.labels.*.name, 'build-builder-image') + needs: + - builder-needs-rebuilding + uses: ./.github/workflows/vms/create-vms.yml + with: + vm_type: rhel-s390x + job-tag: builder + kind: build + build-builder-image: name: Build the builder image runs-on: ubuntu-latest @@ -44,6 +58,7 @@ jobs: timeout-minutes: 480 needs: - builder-needs-rebuilding + - create-s390x-build-vms if: | needs.builder-needs-rebuilding.outputs.build-image == 'true' || (github.event_name == 'push' && ( @@ -59,6 +74,8 @@ jobs: env: PLATFORM: linux/${{ matrix.arch }} + BUILD_TYPE: ci + JOB_ID: ${{ needs.create-s390x-build-vms.outputs.job-id }} steps: - uses: actions/checkout@v3 @@ -94,6 +111,27 @@ jobs: echo "rhacs_eng_password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }}" } > ${{ github.workspace }}/ansible/secrets.yml + - uses: ./.github/actions/setup-vm-creds + with: + gcp-ssh-key: ${{ secrets.GCP_SSH_KEY }} + gcp-ssh-key-pub: ${{ secrets.GCP_SSH_KEY_PUB }} + s390x-key: ${{ secrets.IBM_CLOUD_S390X_SSH_PRIVATE_KEY }} + ppc64le-key: ${{ secrets.IBM_CLOUD_POWER_SSH_PRIVATE_KEY }} + + + - name: Download inventory + if: matrix.arch == 's390x' + uses: actions/download-artifact@v3 + with: + name: ${{ needs.create-s390x-build-vms.outputs.inventory }} + + - name: Install ansible dependencies + run: | + ls -lah . + ls -lah ansible + ls -lah ansible/ci + ansible-galaxy install -r ansible/requirements.yml + - name: Build images if: | github.event_name == 'push' || @@ -101,15 +139,34 @@ jobs: contains(github.event.pull_request.labels.*.name, 'run-multiarch-builds') timeout-minutes: 480 run: | - ansible-galaxy install -r ansible/requirements.yml ansible-playbook \ --connection local \ -i localhost, \ --limit localhost \ -e arch='${{ matrix.arch }}' \ + -e collector_builder_tag='${{ env.COLLECTOR_BUILDER_TAG }}' \ -e @'${{ github.workspace }}/ansible/secrets.yml' \ ansible/ci-build-builder.yml + - name: Build s390x images + if: | + github.event_name == 'push' || + (contains(github.event.pull_request.labels.*.name, 'run-multiarch-builds') && matrix.arch == 's390x') + timeout-minutes: 480 + run: | + ansible-playbook \ + -i ansible/ci \ + -e arch='${{ matrix.arch }}' \ + -e collector_builder_tag='${{ env.COLLECTOR_BUILDER_TAG }}' \ + -e collector_git_ref='${{ github.sha }}' \ + -e @'${{ github.workspace }}/ansible/secrets.yml' \ + ansible/ci-build-builder.yml + + - name: Destroy VMs + if: always() + run: | + make -C ansible destroy-vms + create-multiarch-manifest: needs: - build-builder-image diff --git a/.github/workflows/collector-slim.yml b/.github/workflows/collector-slim.yml index 5b848297dbb..cea086decb9 100644 --- a/.github/workflows/collector-slim.yml +++ b/.github/workflows/collector-slim.yml @@ -25,9 +25,20 @@ env: RHACS_ENG_IMAGE: quay.io/rhacs-eng/collector:${{ inputs.collector-tag }} jobs: + create-s390x-build-vms: + if: ${{ contains(github.event.pull_request.labels.*.name, 'run-multiarch-builds') || github.event_name == 'push' }} + uses: ./.github/workflows/vms/create-vms.yml + with: + vm_type: rhel-s390x + job-tag: builder + kind: build + build-collector-image: name: Build the collector slim image runs-on: ubuntu-latest + if: always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled') + needs: + - create-s390x-build-vms strategy: fail-fast: false matrix: @@ -35,6 +46,8 @@ jobs: env: PLATFORM: linux/${{ matrix.arch }} + JOB_ID: ${{ needs.create-s390x-build-vms.outputs.job-id }} + BUILD_TYPE: ci steps: - uses: actions/checkout@v3 @@ -68,19 +81,40 @@ jobs: echo "rhacs_eng_password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }}" } > ${{ github.workspace }}/ansible/secrets.yml + - uses: ./.github/actions/setup-vm-creds + with: + gcp-ssh-key: ${{ secrets.GCP_SSH_KEY }} + gcp-ssh-key-pub: ${{ secrets.GCP_SSH_KEY_PUB }} + s390x-key: ${{ secrets.IBM_CLOUD_S390X_SSH_PRIVATE_KEY }} + ppc64le-key: ${{ secrets.IBM_CLOUD_POWER_SSH_PRIVATE_KEY }} + + - name: Download inventory + if: matrix.arch == 's390x' + uses: actions/download-artifact@v3 + with: + name: ${{ needs.create-s390x-build-vms.outputs.inventory }} + + - name: Install ansible dependencies + run: | + ls -lah . + ls -lah ansible + ls -lah ansible/ci + ansible-galaxy install -r ansible/requirements.yml + - name: Build images if: | github.event_name == 'push' || matrix.arch == 'amd64' || - contains(github.event.pull_request.labels.*.name, 'run-multiarch-builds') + (contains(github.event.pull_request.labels.*.name, 'run-multiarch-builds') && matrix.arch != 's390x') timeout-minutes: 480 run: | - ansible-galaxy install -r ansible/requirements.yml ansible-playbook \ --connection local \ -i localhost, \ --limit localhost \ -e collector_image='${{ inputs.collector-image }}' \ + -e collector_tag='${{ inputs.collector-tag }}' \ + -e collector_builder_tag='${{ env.COLLECTOR_BUILDER_TAG }}' \ -e arch='${{ matrix.arch }}' \ -e disable_profiling="${{ matrix.arch != 'amd64' && matrix.arch != 'arm64' }}" \ -e @'${{ github.workspace }}/ansible/secrets.yml' \ @@ -88,6 +122,25 @@ jobs: env: ANSIBLE_CONFIG: ansible/ansible.cfg + - name: Build s390x image + if: | + github.event_name == 'push' || + (contains(github.event.pull_request.labels.*.name, 'run-multiarch-builds') && matrix.arch == 's390x') + timeout-minutes: 480 + run: | + ansible-playbook \ + -i ansible/ci \ + -e collector_image='${{ inputs.collector-image }}' \ + -e collector_tag='${{ inputs.collector-tag }}' \ + -e collector_git_ref='${{ github.sha }}' \ + -e collector_builder_tag='${{ env.COLLECTOR_BUILDER_TAG }}' \ + -e arch='${{ matrix.arch }}' \ + -e disable_profiling="true" \ + -e @'${{ github.workspace }}/ansible/secrets.yml' \ + ansible/ci-build-collector.yml + env: + ANSIBLE_CONFIG: ansible/ansible.cfg + - name: Save CMake cache uses: actions/upload-artifact@v3 with: @@ -95,6 +148,11 @@ jobs: path: cmake-build/CMakeCache.txt retention-days: 1 + - name: Destroy Build VMs + if: always() + run: | + make -C ansible destroy-vms + create-multiarch-manifest: needs: - build-collector-image diff --git a/.github/workflows/integration-tests-vm-type.yml b/.github/workflows/integration-tests-vm-type.yml index bec10a9ef29..c3465a4f27b 100644 --- a/.github/workflows/integration-tests-vm-type.yml +++ b/.github/workflows/integration-tests-vm-type.yml @@ -36,8 +36,16 @@ on: default: "" jobs: - run: + create-vms: + uses: ./.github/workflows/vms/create-vms.yml + with: + vm_type: ${{ inputs.vm_type }} + job-tag: ${{ inputs.job-tag }} + kind: test + tests: runs-on: ubuntu-latest + needs: + - create-vms env: # # JOB_ID is a little odd in that it needs to be unique per vm_type, @@ -55,7 +63,7 @@ jobs: # # vm_type may contain hyphens, so the id is normalized below # - JOB_ID: ${{ github.run_id }}${{ inputs.vm_type }}${{ inputs.job-tag }} + JOB_ID: ${{ needs.create-vms.outputs.job-id }} GCP_SSH_KEY_FILE: ~/.ssh/GCP_SSH_KEY BUILD_TYPE: ci VM_TYPE: "${{ inputs.vm_type }}" @@ -68,96 +76,22 @@ jobs: - uses: actions/setup-go@v3 with: go-version: '1.19' # to match the requirement in the integration tests + - uses: actions/setup-python@v3 with: python-version: "3.10" - - name: Install python dependencies - run: python -m pip install -r ansible/requirements.txt - - - name: Install ansible dependencies - run: ansible-galaxy collection install -r ansible/ansible-collections.yml - - - name: Authenticate with GCP - uses: 'google-github-actions/auth@v1' + - uses: ./.github/actions/setup-vm-creds with: - credentials_json: '${{ secrets.GOOGLE_CREDENTIALS_COLLECTOR_SVC_ACCT }}' - - - name: Setup GCP - uses: 'google-github-actions/setup-gcloud@v1' - - - name: Copy creds files - run: | - # Temporary compatibility with OSCI - mkdir -p /tmp/secret/stackrox-collector-e2e-tests - cp "$GOOGLE_APPLICATION_CREDENTIALS" /tmp/secret/stackrox-collector-e2e-tests/GOOGLE_CREDENTIALS_COLLECTOR_SVC_ACCT - - mkdir -p "$HOME/.ssh" - chmod 0700 "$HOME/.ssh" - - function copy_secret_to_file() { - local secret="$1" - local destination="$2" - local perms="$3" - - echo "$secret" > "$destination" - chmod "$perms" "$destination" - } - - copy_secret_to_file "$GCP_SSH_KEY" "$HOME/.ssh/GCP_SSH_KEY" 0600 - copy_secret_to_file "$GCP_SSH_KEY_PUB" "$HOME/.ssh/GCP_SSH_KEY.pub" 0600 - copy_secret_to_file "$IBM_S390X_SSH_KEY" "$HOME/.ssh/acs-sshkey_rsa.prv" 0600 - - if [[ '${{ inputs.vm_type }}' =~ ppc64le ]]; then - copy_secret_to_file "$IBM_PPC64LE_SSH_KEY" "$HOME/.ssh/acs-sshkey_rsa.prv" 0600 - fi - env: - GCP_SSH_KEY: ${{ secrets.GCP_SSH_KEY }} - GCP_SSH_KEY_PUB: ${{ secrets.GCP_SSH_KEY_PUB }} - IBM_S390X_SSH_KEY: ${{ secrets.IBM_CLOUD_S390X_SSH_PRIVATE_KEY }} - IBM_PPC64LE_SSH_KEY: ${{ secrets.IBM_CLOUD_POWER_SSH_PRIVATE_KEY }} + gcp-ssh-key: ${{ secrets.GCP_SSH_KEY }} + gcp-ssh-key-pub: ${{ secrets.GCP_SSH_KEY_PUB }} + s390x-key: ${{ secrets.IBM_CLOUD_S390X_SSH_PRIVATE_KEY }} + ppc64le-key: ${{ secrets.IBM_CLOUD_POWER_SSH_PRIVATE_KEY }} - - name: Set environment - run: | - NORM_JOB_ID="${JOB_ID//-/}" - echo "JOB_ID=${NORM_JOB_ID}" | tee -a "$GITHUB_ENV" - - if [[ '${{ contains(github.event.pull_request.labels.*.name, 'integration-tests-trace-logging') }}' == 'true' ]]; then - echo "COLLECTOR_LOG_LEVEL=trace" | tee -a "$GITHUB_ENV" - fi - - if [[ '${{ inputs.vm_type }}' =~ s390x ]]; then - { - echo "IC_API_KEY=${{ secrets.IBM_CLOUD_S390X_API_KEY }}" - echo "IC_REGION=ca-tor" - } >> "${GITHUB_ENV}" - fi - - if [[ '${{ inputs.vm_type }}' =~ ppc64le ]]; then - { - echo "IC_API_KEY=${{ secrets.IBM_CLOUD_POWER_API_KEY }}" - echo "IC_REGION=osa" - echo "IC_ZONE=osa21" - echo "IBM_CLOUD_POWER_SSH_PUBLIC_KEY=${{ secrets.IBM_CLOUD_POWER_SSH_PUBLIC_KEY }}" - } >> "${GITHUB_ENV}" - fi - - if [[ '${{ inputs.vm_type }}' =~ rhel ]]; then - { - echo "REDHAT_USERNAME=${{ secrets.REDHAT_USERNAME }}" - echo "REDHAT_PASSWORD=${{ secrets.REDHAT_PASSWORD }}" - } >> "${GITHUB_ENV}" - fi - #Added workaround for ssh connection issue with power vm from ubuntu machine. - #Changing mtu works in resolving the issue - - name: Set MTU for Power VMs - if: ${{ contains(inputs.vm_type, 'ppc64le') }} - run: sudo ifconfig eth0 mtu 1000 up - - - name: Create VMs - if: ${{ ! inputs.run-benchmarks }} - run: | - make -C "${{ github.workspace }}/ansible" create-ci-vms + - name: Download inventory + uses: actions/download-artifact@v3 + with: + name: ${{ needs.create-vms.outputs.inventory }} - name: Run Tests if: ${{ ! inputs.run-benchmarks }} diff --git a/.github/workflows/vms/create-vms.yml b/.github/workflows/vms/create-vms.yml new file mode 100644 index 00000000000..df079d36fb4 --- /dev/null +++ b/.github/workflows/vms/create-vms.yml @@ -0,0 +1,151 @@ +on: + workflow_call: + inputs: + vm_type: + description: | + Type of VM to run integration tests on. e.g. rhel or ubuntu-os + type: string + required: true + job-tag: + description: | + Used to differentiate between different sources when creating + VMs in GCP. + type: string + default: "" + kind: + description: | + The kind of VMs to create. build, test, benchmark + type: string + default: "test" + outputs: + job-id: + description: The job-id used to create the VMs + value: ${{ jobs.create-vms.outputs.job-id }} + inventory: + description: The name of the inventory artefact + value: ${{ jobs.create-vms.outputs.inventory }} + +jobs: + create-vms: + runs-on: ubuntu-latest + outputs: + job-id: ${{ steps.finalize.outputs.job-id }} + inventory: ${{ steps.finalize.outputs.inventory }} + env: + # + # JOB_ID is a little odd in that it needs to be unique per vm_type, + # but GHA's run_id is only unique per job. Appending the vm_type + # makes it fit our requirements... + # + # but wait, there's more + # + # the job id is used both as part of a GCP instance name and label, but + # also as a group name in ansible, which means it has some restrictions: + # + # - must be alpha-numeric + # - must not contain underscores (because of GCP) + # - must not contain hyphens (because of ansible) + # + # vm_type may contain hyphens, so the id is normalized below + # + JOB_ID: ${{ github.run_id }}${{ inputs.vm_type }}${{ inputs.job-tag }} + BUILD_TYPE: ci + GCP_SSH_KEY_FILE: ~/.ssh/GCP_SSH_KEY + steps: + - uses: actions/checkout@v3 + + - uses: actions/setup-python@v3 + with: + python-version: "3.10" + + - name: Install python dependencies + run: python -m pip install -r ansible/requirements.txt + + - name: Install ansible dependencies + run: ansible-galaxy collection install -r ansible/ansible-collections.yml + + - name: Authenticate with GCP + uses: 'google-github-actions/auth@v1' + with: + credentials_json: '${{ secrets.GOOGLE_CREDENTIALS_COLLECTOR_SVC_ACCT }}' + + - name: Setup GCP + uses: 'google-github-actions/setup-gcloud@v1' + + - name: Setup credentials files + uses: ./.github/actions/setup-vm-creds + with: + gcp-ssh-key: ${{ secrets.GCP_SSH_KEY }} + gcp-ssh-key-pub: ${{ secrets.GCP_SSH_KEY_PUB }} + s390x-key: ${{ secrets.IBM_CLOUD_S390X_SSH_PRIVATE_KEY }} + ppc64le-key: ${{ secrets.IBM_CLOUD_POWER_SSH_PRIVATE_KEY }} + + - name: Set environment + run: | + NORM_JOB_ID="${JOB_ID//-/}" + echo "JOB_ID=${NORM_JOB_ID}" | tee -a "$GITHUB_ENV" + + if [[ '${{ contains(github.event.pull_request.labels.*.name, 'integration-tests-trace-logging') }}' == 'true' ]]; then + echo "COLLECTOR_LOG_LEVEL=trace" | tee -a "$GITHUB_ENV" + fi + + if [[ '${{ inputs.vm_type }}' =~ s390x ]]; then + { + echo "IC_API_KEY=${{ secrets.IBM_CLOUD_S390X_API_KEY }}" + echo "IC_REGION=ca-tor" + } >> "${GITHUB_ENV}" + fi + + if [[ '${{ inputs.vm_type }}' =~ ppc64le ]]; then + { + echo "IC_API_KEY=${{ secrets.IBM_CLOUD_POWER_API_KEY }}" + echo "IC_REGION=osa" + echo "IC_ZONE=osa21" + echo "IBM_CLOUD_POWER_SSH_PUBLIC_KEY=${{ secrets.IBM_CLOUD_POWER_SSH_PUBLIC_KEY }}" + } >> "${GITHUB_ENV}" + fi + + if [[ '${{ inputs.vm_type }}' =~ rhel ]]; then + { + echo "REDHAT_USERNAME=${{ secrets.REDHAT_USERNAME }}" + echo "REDHAT_PASSWORD=${{ secrets.REDHAT_PASSWORD }}" + } >> "${GITHUB_ENV}" + fi + + # Added workaround for ssh connection issue with power vm from ubuntu machine. + # Changing mtu works in resolving the issue + - name: Set MTU for Power VMs + if: ${{ contains(inputs.vm_type, 'ppc64le') }} + run: sudo ifconfig eth0 mtu 1000 up + + - name: Create VMs + if: inputs.kind == 'test' + run: | + make -C "${{ github.workspace }}/ansible" create-ci-vms + + - name: Create Benchmark VMs + if: inputs.kind == 'benchmark' + run: | + make -C "${{ github.workspace }}/ansible" create-benchmark-vms + + - name: Create Build VMs + if: inputs.kind == 'build' + run: | + make -C "${{ github.workspace }}/ansible" create-build-vms + + - name: Save Inventory Files + uses: actions/upload-artifact@v3 + with: + name: ${{ env.JOB_ID }}-inventory + path: | + ${{ github.workspace }}/ansible/ci/*.yml + + - name: Set outputs + id: finalize + run: | + echo "inventory=${{ env.JOB_ID }}-inventory" >> "$GITHUB_OUTPUT" + echo "job-id=${{ env.JOB_ID }}" >> "$GITHUB_OUTPUT" + + - name: Clean up + if: always() && failure() + run: make -C "${{ github.workspace }}/ansible" destroy-vms diff --git a/ansible/Makefile b/ansible/Makefile index 791c6f072ff..4dd9511653e 100644 --- a/ansible/Makefile +++ b/ansible/Makefile @@ -1,3 +1,6 @@ +BASE_PATH = ./.. +include ../Makefile-constants.mk + ifeq ($(BUILD_TYPE), ci) CONTEXT=ci else @@ -66,6 +69,13 @@ create-ci-vms: --tags setup,provision \ integration-tests.yml +.PHONY: create-build-vms +create-build-vms: + ansible-playbook -i $(CONTEXT) \ + -e job_id="$(JOB_ID)" \ + --tags setup,provision \ + ci-create-build-vms.yml + .PHONY: vm-local-dev vm-local-dev: ansible-playbook -i $(CONTEXT) \ diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg index 701e93eacf7..1f96aa1e2a4 100644 --- a/ansible/ansible.cfg +++ b/ansible/ansible.cfg @@ -1,5 +1,5 @@ [defaults] -stdout_callback=selective +stdout_callback=debug stderr_callback=debug display_skipped_hosts=false host_key_checking=False diff --git a/ansible/ci-build-builder.yml b/ansible/ci-build-builder.yml index a09ecdbd3c6..ec7c95bbe0e 100644 --- a/ansible/ci-build-builder.yml +++ b/ansible/ci-build-builder.yml @@ -4,13 +4,24 @@ environment: BUILD_BUILDER_IMAGE: "true" - COLLECTOR_BUILDER_TAG: "{{ ansible_env.COLLECTOR_BUILDER_TAG }}" - PLATFORM: "{{ ansible_env.PLATFORM }}" + COLLECTOR_BUILDER_TAG: "{{ collector_builder_tag }}" + PLATFORM: "linux/{{ arch }}" + + vars: + collector_root: "{{ ansible_env.HOME }}/collector" tasks: + - name: Clone repository + ansible.builtin.git: + repo: https://github.com/stackrox/collector + dest: "{{ collector_root }}" + version: "{{ collector_git_ref }}" + recursive: true + when: arch == "s390x" + - name: Build the collector builder image community.general.make: - chdir: "{{ lookup('env', 'GITHUB_WORKSPACE') }}" + chdir: "{{ ansible_env.GITHUB_WORKSPACE | default(collector_root) }}" target: builder - name: Retag collector builder image to arch specific diff --git a/ansible/ci-build-collector.yml b/ansible/ci-build-collector.yml index b1938e65d7b..2943d4f25dd 100644 --- a/ansible/ci-build-collector.yml +++ b/ansible/ci-build-collector.yml @@ -3,20 +3,32 @@ hosts: all environment: - COLLECTOR_BUILDER_TAG: "{{ ansible_env.COLLECTOR_BUILDER_TAG }}" - PLATFORM: "{{ ansible_env.PLATFORM }}" - COLLECTOR_TAG: "{{ ansible_env.COLLECTOR_TAG }}" + COLLECTOR_BUILDER_TAG: "{{ collector_build_tag }}" + PLATFORM: "linux/{{ arch }}" + COLLECTOR_TAG: "{{ collector_tag }}" DISABLE_PROFILING: "{{ disable_profiling }}" + vars: + collector_root: "{{ ansible_env.HOME }}/collector" + tasks: + - debug: var=collector_root + - name: Clone repository + ansible.builtin.git: + repo: https://github.com/stackrox/collector + dest: "{{ collector_root }}" + version: "{{ collector_git_ref }}" + recursive: true + when: arch == "s390x" + - name: Run the builder image community.general.make: - chdir: "{{ lookup('env', 'GITHUB_WORKSPACE') }}" + chdir: "{{ ansible_env.GITHUB_WORKSPACE | default(collector_root) }}" target: start-builder - name: Build the collector image community.general.make: - chdir: "{{ lookup('env', 'GITHUB_WORKSPACE') }}" + chdir: "{{ ansible_env.GITHUB_WORKSPACE | default(collector_root) }}" target: image register: build_result # ensure this action is printed diff --git a/ansible/ci-create-build-vms.yml b/ansible/ci-create-build-vms.yml new file mode 100644 index 00000000000..ba49da65045 --- /dev/null +++ b/ansible/ci-create-build-vms.yml @@ -0,0 +1,35 @@ +--- +- name: Create Build VMs + hosts: localhost + tags: + - setup + tasks: + - name: Create VMs for each architecture + include_role: + name: create-all-vms + vars: + test_platform: all + vm_list: + # amd64 + # Not using virtual_machines['rhel'] here to avoid creating + # multiple build VMs + # rhel: + # project: rhel-cloud + # families: + # - rhel-9 + + # s390x + rhel-s390x: "{{ virtual_machines['rhel-s390x'] }}" + # # ppc64le + # rhel-ppc64le: "{{ virtual_machines['rhel-ppc64le'] }}" + +- name: Provision Build VMs + hosts: "job_id_{{ job_id }}" + roles: + - provision-vm + gather_facts: no + strategy: free + become: yes + tags: + - setup + - provision diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 59ad98195bd..043bee11b7b 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -52,7 +52,7 @@ virtual_machines: rhel-s390x: project: rhel-s390x-cloud arch: s390x - ssh_key_file: "{{ ibmcloud_ssh_key_file }}" + ssh_key_file: "~/.ssh/acs-s390x-rsa.prv" families: - rhel-8-6-s390x @@ -61,7 +61,7 @@ virtual_machines: rhel-ppc64le: project: rhel-ppc64le-cloud arch: ppc64le - ssh_key_file: "{{ ibmcloud_ssh_key_file }}" + ssh_key_file: "~/.ssh/acs-ppc64le-rsa.prv" families: - p