React to changes in base origin-gce; make run generic

cluster/bin/run.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+set -euo pipefail
+
+ctr=gce-cluster
+
+docker rm $ctr &>/dev/null || true
+docker create $@ --name $ctr -it openshift/origin-gce:latest /bin/bash >/dev/null
+tar --mode='ug+rwX' -c -C data . | docker cp - $ctr:/usr/share/ansible/openshift-ansible-gce/playbooks/files
+docker start -ai $ctr

cluster/ci/README.md

@@ -1,11 +1,18 @@
-Deploy the OpenShift CI instance to GCE
+# Deploy the OpenShift CI instance to GCE
 
-    $ ./up.sh
+    $ ../bin/run.sh
+    $ export PR_REPO_URL=<a yum repo base URL containing OpenShift RPMs>
+    $ ansible-playbook playbooks/provision.yaml
 
 Will download the appropriate version of OpenShift and install it to
-GCE. You must populate the data directory with the appropriate secret
-data first (instructions pending).
+GCE. You must populate the `data` directory with the appropriate secret
+data first:
 
-To get a shell into the container with the right data, run:
+* ssl.crt / ssl.key: certificates for the master
+* gce.json: Service account credentials for installing the master
+* gce-registry.json: Service account credentials for the registry to use against GCS
+* identity-providers.json: GitHub OAuth info
+* ssh-privatekey / ssh-publickey: An SSH key pair for connecting to the masters (optional)
 
-    $ $(./run.sh)
+The image `openshift/origin-gce:latest` is used as the environment for Ansible, and contains
+a copy of the `openshift-ansible` code and `origin-gce`.

cluster/ci/data/vars.yaml

@@ -4,6 +4,10 @@ deployment_type: origin
 openshift_pkg_version: "-0.0.1"
 ansible_pkg_mgr: yum
 docker_upgrade: false
+openshift_version: 1.4.0 # work around 1.5 not being a valid option yet
+openshift_image_tag: v1.5.0-alpha.1
+openshift_additional_repos: [{'id': 'origin-pr', 'baseurl': '{{ lookup("env", "PR_REPO_URL") | default("https://https://storage.googleapis.com/origin-ci-test/branch-logs/master/zz_test_gcloud/latest/artifacts/rpms") }}', 'enabled': 1, 'gpgcheck': 0}]
+openshift_enable_origin_repo: false
 
 # URLs and certs
 
@@ -22,13 +26,13 @@ openshift_node_port_range: 30000-32000
 
 # Authentication and authorization
 
-openshift_master_identity_providers: "{{ (lookup('file', ansible_env.HOME + '/identity-providers.json' ) | default('{\"items\":[]}') | from_json).get('items') }}"
+openshift_master_identity_providers: "{{ (lookup('file', 'files/identity-providers.json' ) | default('{\"items\":[]}') | from_json).get('items') }}"
 provision_role_mappings: [{'user': 'smarterclayton', 'role': 'cluster-admin'}]
 
 # Paths on the local system for the certificate files. If empty, self-signed
 # certificate will be generated
-provision_master_https_cert_file: "{{ playbook_dir }}/files/ssl.crt"
-provision_master_https_key_file: "{{ playbook_dir }}/files/ssl.key"
+provision_master_https_cert_file: "ssl.crt"
+provision_master_https_key_file: "ssl.key"
 
 # Post config setting sizes
 
@@ -43,9 +47,9 @@ gce_project_id: openshift-gce-devel
 gce_region_name: us-central1
 gce_zone_name: us-central1-a
 gce_service_account: [email protected]
-gce_service_account_keyfile: "{{ lookup('file', 'files/gce.json') }}"
+gce_service_account_keyfile: "gce.json"
 gce_ssh_private_key: /home/cloud-user/.ssh/google_compute_engine
-gcs_registry_keyfile: "{{ lookup('file', 'files/gce.json') }}"
+gcs_registry_keyfile: "gcs-registry.json"
 inventory_ip_type: external
 
 gce_extra_tags_master: ",preserve"
@@ -87,6 +91,6 @@ provision_gce_registry_gcs_bucket: openshift-gce-devel-origin-ci-registry-bucket
 provision_gce_router_network_instance_group: ig-m # default: ig-i
 
 # Provide a startup script file to the GCE instances
-provision_gce_startup_script_file: "{{ playbook_dir }}/files/startup.sh"
+provision_gce_startup_script_file: # "startup.sh"
 # Provide userdata to the gce instances
 provision_gce_user_data_file:

cluster/test-deploy/data/vars.yaml

@@ -39,7 +39,7 @@ openshift_node_port_range: 30000-32000
 # Authentication and authorization
 
 openshift_master_identity_providers: [{'name': 'allow_all', 'login': 'true', 'challenge': 'true', 'kind': 'AllowAllPasswordIdentityProvider'}]
-provision_role_mappings: [{'user': 'admin', 'role': 'cluster-admin'}]
+# provision_role_mappings: [{'user': 'admin', 'role': 'cluster-admin'}]
 
 # Paths on the local system for the certificate files. If empty, self-signed
 # certificate will be generated

cluster/test-deploy/up.sh

@@ -7,23 +7,25 @@ data=$2
 url=${3-}
 
 # provide simple defaulting of playbooks
-playbook="${4:-playbooks/provision.yaml}"
+playbook="${4:-playbooks/launch.yaml}"
 if [[ -z "${3-}" && -z "${4-}" ]]; then
-  playbook="playbooks/deprovision.yaml"
+  playbook="playbooks/terminate.yaml"
 fi
 
+ctr=gce-pr-$build
+
 # start a container with the custom playbook inside it
-docker rm gce-pr-$build &>/dev/null || true
+docker rm $ctr &>/dev/null || true
 args=""
 if [[ -n "${OPENSHIFT_ANSIBLE_REPO-}" ]]; then
-  docker volume rm gce-pr-$build-volume &>/dev/null || true
-  docker volume create --name gce-pr-$build-volume >/dev/null
-  args="-v gce-pr-$build-volume:/usr/share/ansible/openshift-ansible "
+  docker volume rm $ctr-volume &>/dev/null || true
+  docker volume create --name $ctr-volume >/dev/null
+  args="-v $ctr-volume:/usr/share/ansible/openshift-ansible "
 fi
-docker create -e "PR_NUMBER=pr${build}" -e "PR_REPO_URL=${url}" --name gce-pr-$build $args openshift/origin-gce:latest ansible-playbook "${@:5}" "${playbook}" >/dev/null
-tar -c -C "${data}" . | docker cp - gce-pr-$build:/usr/share/ansible/openshift-ansible-gce/playbooks/files
+docker create -e "PR_NUMBER=pr${build}" -e "PR_REPO_URL=${url}" --name $ctr $args openshift/origin-gce:latest ansible-playbook "${@:5}" "${playbook}" >/dev/null
+tar -c -C "${data}" . | docker cp - $ctr:/usr/share/ansible/openshift-ansible-gce/playbooks/files
 if [[ -n "${OPENSHIFT_ANSIBLE_REPO-}" ]]; then
-  tar -c -C "${OPENSHIFT_ANSIBLE_REPO}" . | docker cp - gce-pr-$build:/usr/share/ansible/openshift-ansible/
+  tar -c -C "${OPENSHIFT_ANSIBLE_REPO}" . | docker cp - $ctr:/usr/share/ansible/openshift-ansible/
 fi
-docker start -a gce-pr-$build
-docker cp gce-pr-$build:/tmp/admin.kubeconfig admin.kubeconfig &>/dev/null || true
+docker start -a $ctr
+docker cp $ctr:/tmp/admin.kubeconfig admin.kubeconfig &>/dev/null || true