Bug #1854869 “Some stx-built docker images are not properly tagg...” : Bugs : StarlingX

Revision history for this message

Ghada Khalil (gkhalil) wrote on 2019-12-02:

#1

Adding response from Don Penney:
-------------------------------------
From: Penney, Don [mailto:<email address hidden>]
Sent: Wednesday, November 13, 2019 1:13 PM
To: Chiing-Ting Huang; <email address hidden>
Subject: Re: [Starlingx-discuss] sriov-network-device container issue

There are two references in r/stx.2.0 that configure the image tag to be used for the k8s-plugins-sriov-network-device image:
https://opendev.org/starlingx/ansible-playbooks/src/branch/r/stx.2.0/playbookconfig/src/playbooks/bootstrap/roles/bringup-essential-services/templates/sriov-plugin.yaml.j2#L43
https://opendev.org/starlingx/config/src/branch/r/stx.2.0/puppet-manifests/src/modules/platform/templates/sriovdp-daemonset.yaml.erb#L43

It may only be the ansible-playbooks reference that has any effect, as the puppet-manifests reference may be stale code.

The k8s-cni-sriov and k8s-plugins-sriov-network-device images are built as part of the regular build, and tagged with a versioned tag and a latest tag, as with the other stx images. However, these are loaded as part of the built-in platform-integ-app and therefore uses the static image tag that’s in the repo.

What this means is that every load is referencing the master-stable-centos-latest tag when you initially bring up the system, which would be the latest weekly build at that time. This may not always work, if there is something incompatible in the new image. This is presumably what’s happened here with 2.0.

My suggestion would be to treat these images, built from upstream sources, specially and manually tag them with versions as needed, updating the static references to those tags.

In r/stx.2.0, we could update these static tags to the appropriate tag for that build - presumably the one referenced below by Ting.

Going forward, we can manually tag the image in docker hub with whatever format we choose - such as 1.0.0, or maybe whatever version corresponds to the upstream repo at that time (ie. v3.0.0). Once we’ve manually tagged the image, we push an update into the repo to update the static reference to use the new tag.

So for example:

k8s-cni-sriov: Currently building from https://github.com/intel/sriov-cni/commit/365c8f8cc1204df84f3e976ea30f113e733ca665, which looks like it’s tagged as v2.2. We could retag the current build as starlingx/k8s-cni-sriov:v2.2, then update ansible-playbooks with the new tag.

k8s-plugins-sriov-network-device: Building from: https://github.com/intel/sriov-network-device-plugin/commit/000db15405f3ce3b7c2f9feb180c3051aa3f7aea, tagged as v3.1. We could retag the current build as starlingx/k8s-plugins-sriov-network-device:v3.1, then update ansible-playbooks with the new tag.

Whenever there’s new content in these images we want to pick up, we retag the new build, and push updates to the static references.

-------------------------------------

Adding response from Don Penney:
-------------------------------------
From: Penney, Don [mailto:Don.Penney@windriver.com] 
Sent: Wednesday, November 13, 2019 1:13 PM
To: Chiing-Ting Huang; starlingx-discuss@lists.starlingx.io
Subject: Re: [Starlingx-discuss] sriov-network-device container issue

There are two references in r/stx.2.0 that configure the image tag to be used for the k8s-plugins-sriov-network-device image:
https://opendev.org/starlingx/ansible-playbooks/src/branch/r/stx.2.0/playbookconfig/src/playbooks/bootstrap/roles/bringup-essential-services/templates/sriov-plugin.yaml.j2#L43
https://opendev.org/starlingx/config/src/branch/r/stx.2.0/puppet-manifests/src/modules/platform/templates/sriovdp-daemonset.yaml.erb#L43

It may only be the ansible-playbooks reference that has any effect, as the puppet-manifests reference may be stale code.

The k8s-cni-sriov and k8s-plugins-sriov-network-device images are built as part of the regular build, and tagged with a versioned tag and a latest tag, as with the other stx images. However, these are loaded as part of the built-in platform-integ-app and therefore uses the static image tag that’s in the repo.

What this means is that every load is referencing the master-stable-centos-latest tag when you initially bring up the system, which would be the latest weekly build at that time. This may not always work, if there is something incompatible in the new image. This is presumably what’s happened here with 2.0.

My suggestion would be to treat these images, built from upstream sources, specially and manually tag them with versions as needed, updating the static references to those tags.

In r/stx.2.0, we could update these static tags to the appropriate tag for that build - presumably the one referenced below by Ting.

Going forward, we can manually tag the image in docker hub with whatever format we choose - such as 1.0.0, or maybe whatever version corresponds to the upstream repo at that time (ie. v3.0.0). Once we’ve manually tagged the image, we push an update into the repo to update the static reference to use the new tag.

So for example:

k8s-cni-sriov: Currently building from https://github.com/intel/sriov-cni/commit/365c8f8cc1204df84f3e976ea30f113e733ca665, which looks like it’s tagged as v2.2. We could retag the current build as starlingx/k8s-cni-sriov:v2.2, then update ansible-playbooks with the new tag.

k8s-plugins-sriov-network-device: Building from: https://github.com/intel/sriov-network-device-plugin/commit/000db15405f3ce3b7c2f9feb180c3051aa3f7aea, tagged as v3.1. We could retag the current build as starlingx/k8s-plugins-sriov-network-device:v3.1, then update ansible-playbooks with the new tag.

Whenever there’s new content in these images we want to pick up, we retag the new build, and push updates to the static references.

-------------------------------------

description:	updated
description:	updated
tags:	added: stx.config stx.containers

Revision history for this message

Ghada Khalil (gkhalil) wrote on 2019-12-02:

#2

Problematic Image tags:
ansible-playbooks/playbookconfig/src/playbooks/roles/bootstrap/bringup-essential-services/vars/main.yaml:
sriov_cni_img: docker.io/starlingx/k8s-cni-sriov:master-centos-stable-latest
sriov_network_device_img: docker.io/starlingx/k8s-plugins-sriov-network-device:master-centos-stable-latest

Not sure if these images in stx.3.0 pose the same issue:
ansible-playbooks/playbookconfig/src/playbooks/roles/bootstrap/plugins/templates/intel-fpga-plugin.yaml.j2:
image: "{{ docker_registry.url }}/starlingx/intel-fpga-plugin:master-distroless-stable-latest"

ansible-playbooks/playbookconfig/src/playbooks/roles/bootstrap/plugins/templates/intel-gpu-plugin.yaml.j2
image: "{{ docker_registry.url }}/starlingx/intel-gpu-plugin:master-distroless-stable-latest"

ansible-playbooks/playbookconfig/src/playbooks/roles/bootstrap/plugins/templates/intel-qat-plugin.yaml.j2
image: "{{ docker_registry.url }}/starlingx/intel-qat-plugin:master-distroless-stable-latest"

Revision history for this message

Ghada Khalil (gkhalil) wrote on 2019-12-03:

#3

Don Penney confirmed that the plugin images should also be updated with a specific tag instead of using -latest

Revision history for this message

Ghada Khalil (gkhalil) wrote on 2019-12-09:

#4

Marking as stx.3.0; will likely need to be addressed in an upcoming mtce release.
Note: This is also an issue with stx.2.0. TBD if we pursue a fix for that release as well.

tags:	added: stx.3.0
Changed in starlingx:
importance:	Undecided → High
status:	New → Triaged
assignee:	nobody → Don Penney (dpenney)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-02-12: Fix proposed to ansible-playbooks (master)

#5

Fix proposed to branch: master
Review: https://review.opendev.org/707462

Changed in starlingx:
status:	Triaged → In Progress

Revision history for this message

Don Penney (dpenney) wrote on 2020-02-12:

#6

Download full text (4.7 KiB)

This bug exposed an issue we have with some of our stx-built images. Certain images are referenced statically in platform-installed charts or files that use the master-centos-stable-latest tag, which is updated every time CENGN builds images, whereas the managed applications are able to use the specific image versions from build information.

To address this, I’d like to propose a tag management system to complement the image build setup.

Workflow:

We decide we want to use new functionality introduced in recent build of image Y:
• Create a Launchpad to update the image being used
• Determine an appropriate version tag to use for the image. For example, if the main project of the image is based on an upstream repo, check the version associated with the SHA used for building the image. If the upstream commit is tagged as v2.2, the image tag to use could be stx.4.0-v2.2. Include this info in the Launchpad.
• Update tag management config file, with Partial-Bug: XXXXXX referencing Launchpad.
  o Include reference to source build tag from loadbuild, using the versioned tag, such as master-centos-stable-20191203T153530Z.0
  o Include reference to upstream commit, if appropriate
  o Include new requested tag
• Once tag management config file update is reviewed and merged, tag management utility can be run - as part of CENGN loadbuild, maybe, or perhaps a separate CENGN job that can be triggered by the merge
• Once the new tag has been pushed to the docker hub, a follow-up commit can be posted to update the chart or other reference to move to the new image tag, with Closes-Bug in commit message

The only cases where we should see charts/manifests or other references to master-centos-stable-latest tag would be files that are inputs to the application build that would be replacing those tags with the specific versioned tags from the loadbuild and are therefore outside the scope of this procedure.

This ensures a load is locked down to a specific version of such images, rather than floating to use latest, avoiding compatibility issues that may arise (as in the case of LP 1854869).

Example tag management yaml file for stx-4.0:

images:
  - name: docker.io/starlingx/k8s-cni-sriov
    src_build_tag: master-centos-stable-20191203T153530Z.0
    src_ref: https://opendev.org/starlingx/integ/commit/dac417bd31ed36d455e94db4aabe5916367654d4
    # Tag determined based on release tag associated with upstream commit
    tag: stx.4.0-v2.2
  - name: docker.io/starlingx/k8s-plugins-sriov-network-device
    src_build_tag: master-centos-stable-20191203T153530Z.0
    src_ref: https://opendev.org/starlingx/integ/commit/dac417bd31ed36d455e94db4aabe5916367654d4
    # Tag determined based on release tag associated with upstream commit
    tag: stx.4.0-v3.1
  - name: docker.io/starlingx/intel-fpga-admissionwebhook
    src_build_tag: master-distroless-stable-20191203T153530Z.0
    src_ref: https://opendev.org/starlingx/integ/commit/5f72ddb26a38d41fef919060585daaafae677433
    # Version determined by running 'git describe --tags' in clone of upstream repo
    tag: stx.4.0-v0.11.0-103-g4f28657
  - name: docker.io/starlingx/intel-fpga-initcontainer
    src_build_tag: master-dist...

This bug exposed an issue we have with some of our stx-built images. Certain images are referenced statically in platform-installed charts or files that use the master-centos-stable-latest tag, which is updated every time CENGN builds images, whereas the managed applications are able to use the specific image versions from build information.

To address this, I’d like to propose a tag management system to complement the image build setup.

Workflow:

We decide we want to use new functionality introduced in recent build of image Y:
• Create a Launchpad to update the image being used
• Determine an appropriate version tag to use for the image. For example, if the main project of the image is based on an upstream repo, check the version associated with the SHA used for building the image. If the upstream commit is tagged as v2.2, the image tag to use could be stx.4.0-v2.2. Include this info in the Launchpad.
• Update tag management config file, with Partial-Bug: XXXXXX referencing Launchpad.
  o Include reference to source build tag from loadbuild, using the versioned tag, such as master-centos-stable-20191203T153530Z.0
  o Include reference to upstream commit, if appropriate
  o Include new requested tag
• Once tag management config file update is reviewed and merged, tag management utility can be run - as part of CENGN loadbuild, maybe, or perhaps a separate CENGN job that can be triggered by the merge
• Once the new tag has been pushed to the docker hub, a follow-up commit can be posted to update the chart or other reference to move to the new image tag, with Closes-Bug in commit message

The only cases where we should see charts/manifests or other references to master-centos-stable-latest tag would be files that are inputs to the application build that would be replacing those tags with the specific versioned tags from the loadbuild and are therefore outside the scope of this procedure.

This ensures a load is locked down to a specific version of such images, rather than floating to use latest, avoiding compatibility issues that may arise (as in the case of LP 1854869).

Example tag management yaml file for stx-4.0:

images:
  - name: docker.io/starlingx/k8s-cni-sriov
    src_build_tag: master-centos-stable-20191203T153530Z.0
    src_ref: https://opendev.org/starlingx/integ/commit/dac417bd31ed36d455e94db4aabe5916367654d4
    # Tag determined based on release tag associated with upstream commit
    tag: stx.4.0-v2.2
  - name: docker.io/starlingx/k8s-plugins-sriov-network-device
    src_build_tag: master-centos-stable-20191203T153530Z.0
    src_ref: https://opendev.org/starlingx/integ/commit/dac417bd31ed36d455e94db4aabe5916367654d4
    # Tag determined based on release tag associated with upstream commit
    tag: stx.4.0-v3.1
  - name: docker.io/starlingx/intel-fpga-admissionwebhook
    src_build_tag: master-distroless-stable-20191203T153530Z.0
    src_ref: https://opendev.org/starlingx/integ/commit/5f72ddb26a38d41fef919060585daaafae677433
    # Version determined by running 'git describe --tags' in clone of upstream repo
    tag: stx.4.0-v0.11.0-103-g4f28657
  - name: docker.io/starlingx/intel-fpga-initcontainer
    src_build_tag: master-distroless-stable-20191203T153530Z.0
    src_ref: https://opendev.org/starlingx/integ/commit/5f72ddb26a38d41fef919060585daaafae677433
    # Version determined by running 'git describe --tags' in clone of upstream repo
    tag: stx.4.0-v0.11.0-103-g4f28657
  - name: docker.io/starlingx/intel-fpga-plugin
    src_build_tag: master-distroless-stable-20191203T153530Z.0
    src_ref: https://opendev.org/starlingx/integ/commit/5f72ddb26a38d41fef919060585daaafae677433
    # Version determined by running 'git describe --tags' in clone of upstream repo
    tag: stx.4.0-v0.11.0-103-g4f28657
  - name: docker.io/starlingx/intel-gpu-plugin
    src_build_tag: master-distroless-stable-20191203T153530Z.0
    src_ref: https://opendev.org/starlingx/integ/commit/5f72ddb26a38d41fef919060585daaafae677433
    # Version determined by running 'git describe --tags' in clone of upstream repo
    tag: stx.4.0-v0.11.0-103-g4f28657
  - name: docker.io/starlingx/intel-qat-plugin
    src_build_tag: master-distroless-stable-20191203T153530Z.0
    src_ref: https://opendev.org/starlingx/integ/commit/d9d92a6997f939cb1ec41813dbf2d72d0b80d79c
    # Version determined by running 'git describe --tags' in clone of upstream repo
    tag: stx.4.0-v0.11.0-109-gc48c502

The image retagging utility checks to see if the new tag already exists in the docker repo. If not, it will pull the image using the src_build_tag, retag it with the new tag, and push it. As noted above, this utility can be called by CENGN to handle the retagging - or called manually by a member of the build team with appropriate access permissions.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-02-12: Fix proposed to root (master)

#7

Fix proposed to branch: master
Review: https://review.opendev.org/707465

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-02-13: Fix merged to ansible-playbooks (master)

#8

Reviewed: https://review.opendev.org/707462
Committed: https://git.openstack.org/cgit/starlingx/ansible-playbooks/commit/?id=f4baa947f7643d0d437e63c83725c4c9c24f27c8
Submitter: Zuul
Branch: master

commit f4baa947f7643d0d437e63c83725c4c9c24f27c8
Author: Don Penney <email address hidden>
Date: Wed Feb 12 14:48:15 2020 -0500

Replace image stable-latest tags with static versions

    In order to avoid compatiblity issues from using a moving
    stable-latest tag on referenced images, the playbooks are updated to
    use static version tags for those images built by CENGN.

    Change-Id: I336ec16ec6c8d7581f547efa77bd75f2c1b4726b
    Partial-Bug: 1854869
    Signed-off-by: Don Penney <email address hidden>

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-02-13: Fix merged to root (master)

#9

Reviewed: https://review.opendev.org/707465
Committed: https://git.openstack.org/cgit/starlingx/root/commit/?id=921cb526ffd9fe9d6dddcf7253bf0812d7299350
Submitter: Zuul
Branch: master

commit 921cb526ffd9fe9d6dddcf7253bf0812d7299350
Author: Don Penney <email address hidden>
Date: Wed Feb 12 14:51:52 2020 -0500

Add tag-management utility

    This commit introduces a tag management utility for images to allow
    retagging of specific images. This allows the StarlingX ansible
    playbooks and packaged charts to use a static image tag rather than the
    moving stable-latest tag.

    This utility can only be run by a StarlingX build team member with
    publishing capability on the docker hub, to allow for updated tags to
    be available publicly, or as part of a CENGN build job.

    Change-Id: I7659695c701ccf3bfe8255b24ad0b1896b59cc23
    Partial-Bug: 1854869
    Signed-off-by: Don Penney <email address hidden>

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-03-31: Fix proposed to root (f/centos8)

#10

Fix proposed to branch: f/centos8
Review: https://review.opendev.org/716131

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-03-31: Fix proposed to ansible-playbooks (f/centos8)

#11

Fix proposed to branch: f/centos8
Review: https://review.opendev.org/716133

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-03-31: Fix merged to ansible-playbooks (f/centos8)

#12

Download full text (12.5 KiB)

Reviewed: https://review.opendev.org/716133
Committed: https://git.openstack.org/cgit/starlingx/ansible-playbooks/commit/?id=ddcb11f4b773f4b3190663defe3ba0f3ec4201c8
Submitter: Zuul
Branch: f/centos8

commit bf103f3c54eb45c26d52a43c35339d1d863a42de
Author: Mihnea Saracin <email address hidden>
Date: Fri Mar 27 18:19:02 2020 +0200

Fix B&R when the controller needs to be unlocked

    After running the restore playbook, all the applications
    should be in an uploaded state. But they are in an
    applied state instead, making the controller-0
    unable to unlock.

    Closes-Bug: 1869403
    Change-Id: I8bd9c51e250969cc334d52b78c616f9ad082afd8
    Signed-off-by: Mihnea Saracin <email address hidden>

commit 6e875971afeaf1378c2c8aeb845359459838ce30
Author: Stefan Dinescu <email address hidden>
Date: Sat Mar 21 16:57:57 2020 +0200

Fix Netapp port conflict

    By default, the Trident Netapp service opens port 8443 for
    HTTPS REST api usage. This conflicts with the port the
    Horizon dashboard uses on an HTTPS enabled setup (the port
    is also 8443).

    In order to fix this, we change the default port from 8443
    to 8678, but also make it configurable through ansible
    overrides.

    The Trident service also opens port 8001 for metrics usage.
    While that doesn't currently conflict with any other service
    on the system, I also made that configurable through
    ansible overrides, in case such a conflict appears in the
    future.

    Change-Id: I08db939acac6082f82b9e12e932d8289c7cecdeb
    Closes-bug: 1868382
    Signed-off-by: Stefan Dinescu <email address hidden>

commit 5a9ba6786e393f2cd93bfae8c3a8f09f0cf9eb26
Author: Robert Church <email address hidden>
Date: Thu Mar 19 19:08:17 2020 -0400

Upversion Multus to 3.4

Updates the Multus configuration to align with version 3.4

    Change-Id: Ifc236ccbbe4e559987d7ef522902f638062348ca
    Depends-On: https://review.opendev.org/#/c/714024/
    Story: 2006999
    Task: 39110
    Signed-off-by: Robert Church <email address hidden>

commit 6a261463f9ac0f81d9c7f054dd3cb10a51934d4a
Author: Robert Church <email address hidden>
Date: Wed Mar 18 22:01:03 2020 -0400

Upversion Calico from 3.6 to 3.12

    Updates the Calico configuration to align with version 3.12. This
    introduces support for a Flex Volume Driver which requires enabling the
    --volume-plugin-dir option for kubelet, the --flex-volume-plugin-dir
    option for kube-controller-manager, and pulling the pod2daemon-flexvol
    image used by calico-node pods.

    Change-Id: I74bc5c53ffcb16c8e3c06cebf20eac296b9ccc65
    Story: 2006999
    Task: 39109
    Depends-On: https://review.opendev.org/#/c/714023
    Signed-off-by: Robert Church <email address hidden>

commit b35387f8bc40714e9633e6191267284b8af8ccee
Author: Stefan Dinescu <email address hidden>
Date: Thu Mar 19 18:13:26 2020 +0200

Netapp: Fix handling of IPv6 addresses

    Using bash process subtitution to pass the file parameter
    to the "create backend" command doesn't work as the bash
    variable expansion...

Reviewed:  https://review.opendev.org/716133
Committed: https://git.openstack.org/cgit/starlingx/ansible-playbooks/commit/?id=ddcb11f4b773f4b3190663defe3ba0f3ec4201c8
Submitter: Zuul
Branch:    f/centos8

commit bf103f3c54eb45c26d52a43c35339d1d863a42de
Author: Mihnea Saracin <Mihnea.Saracin@windriver.com>
Date:   Fri Mar 27 18:19:02 2020 +0200

Fix B&R when the controller needs to be unlocked
    
    After running the restore playbook, all the applications
    should be in an uploaded state. But they are in an
    applied state instead, making the controller-0
    unable to unlock.
    
    Closes-Bug: 1869403
    Change-Id: I8bd9c51e250969cc334d52b78c616f9ad082afd8
    Signed-off-by: Mihnea Saracin <Mihnea.Saracin@windriver.com>

commit 6e875971afeaf1378c2c8aeb845359459838ce30
Author: Stefan Dinescu <stefan.dinescu@windriver.com>
Date:   Sat Mar 21 16:57:57 2020 +0200

Fix Netapp port conflict
    
    By default, the Trident Netapp service opens port 8443 for
    HTTPS REST api usage. This conflicts with the port the
    Horizon dashboard uses on an HTTPS enabled setup (the port
    is also 8443).
    
    In order to fix this, we change the default port from 8443
    to 8678, but also make it configurable through ansible
    overrides.
    
    The Trident service also opens port 8001 for metrics usage.
    While that doesn't currently conflict with any other service
    on the system, I also made that configurable through
    ansible overrides, in case such a conflict appears in the
    future.
    
    Change-Id: I08db939acac6082f82b9e12e932d8289c7cecdeb
    Closes-bug: 1868382
    Signed-off-by: Stefan Dinescu <stefan.dinescu@windriver.com>

commit 5a9ba6786e393f2cd93bfae8c3a8f09f0cf9eb26
Author: Robert Church <robert.church@windriver.com>
Date:   Thu Mar 19 19:08:17 2020 -0400

Upversion Multus to 3.4
    
    Updates the Multus configuration to align with version 3.4
    
    Change-Id: Ifc236ccbbe4e559987d7ef522902f638062348ca
    Depends-On: https://review.opendev.org/#/c/714024/
    Story: 2006999
    Task: 39110
    Signed-off-by: Robert Church <robert.church@windriver.com>

commit 6a261463f9ac0f81d9c7f054dd3cb10a51934d4a
Author: Robert Church <robert.church@windriver.com>
Date:   Wed Mar 18 22:01:03 2020 -0400

Upversion Calico from 3.6 to 3.12
    
    Updates the Calico configuration to align with version 3.12. This
    introduces support for a Flex Volume Driver which requires enabling the
    --volume-plugin-dir option for kubelet, the --flex-volume-plugin-dir
    option for kube-controller-manager, and pulling the pod2daemon-flexvol
    image used by calico-node pods.
    
    Change-Id: I74bc5c53ffcb16c8e3c06cebf20eac296b9ccc65
    Story: 2006999
    Task: 39109
    Depends-On: https://review.opendev.org/#/c/714023
    Signed-off-by: Robert Church <robert.church@windriver.com>

commit b35387f8bc40714e9633e6191267284b8af8ccee
Author: Stefan Dinescu <stefan.dinescu@windriver.com>
Date:   Thu Mar 19 18:13:26 2020 +0200

Netapp: Fix handling of IPv6 addresses
    
    Using bash process subtitution to pass the file parameter
    to the "create backend" command doesn't work as the bash
    variable expansion breaks the IPv6 format, resulting in
    an invalid JSON file.
    
    In order to fix this, we create a temporary file where we
    store the desired information. This file is then cleaned
    (along with the whole staging folder) once the playbook
    finishes exection.
    
    Also improved handling of IPv6 by the install command by
    supporing extra parameters for the "tridentctl install"
    command. In order to force IPv6 compatibility, you need to
    add to the "trident_install_extra_params" variable the
    "--use-ipv6" option
    
    Change-Id: I5ecd98307d40cfdfe277d72acd7b095ff0b66aad
    Closes-bug: 1868103
    Signed-off-by: Stefan Dinescu <stefan.dinescu@windriver.com>

commit 8c6cf0e629cfb62ff654653e866e9a894b1bb806
Author: Stefan Dinescu <stefan.dinescu@windriver.com>
Date:   Wed Mar 4 14:12:57 2020 +0200

Add playbook for installing Trident Netapp backend
    
    Changes included:
    - add separate playbook for configuring the netapp storage
      backend for kubernetes
    - templates for trident are generated using the "tridentctl
      -n trident install --generate-custom-yaml"
    - change to the push-docker-images role to support being
      imported for the trident playbook
    - the YAML files generated from these templates are stored
      in /etc/kubernetes/trident/setup. This location can be
      customized using ansible overrides.
    - merged the "upgrade_k8s_networking=true" and
      "upgrade_kubernetes=true" variables into the
      "mode" variable.
    
    Changes made to the generated templates:
    - changed default REST api port from 8000 to 8677; this was
      done due to port 8000 already being used by armada in
      StarlingX. The port can be changed at any time through
      ansible overrides
    - allow configuration of any namespace for the pods to be
      launched in; the default is still "trident"
    - images pulled by the trident pods are pulled from the
      local registry. They are pre-pulled to the local registry
      by the push-docker-images role
    - add an imagePullSecret to the service account so images
      can be pulled from the local registry
    - add additional nodeSelector in order to restrict the
      main trident service to launching only on controller
      nodes
    
    Change-Id: I5ca9db9a17ba2cf8d1a000ab0b4e36656d8b290c
    Co-Authored-By: Stefan Dinescu <stefan.dinescu@windriver.com>
    Co-Authored-By: Ovidiu Poncea <ovidiu.poncea@windriver.com>
    Depends-On: https://review.opendev.org/#/c/711907/
    Story: 2007391
    Task: 38985
    Signed-off-by: Stefan Dinescu <stefan.dinescu@windriver.com>

commit 3441d046eaafcf20a463aaf4bd8c11172014f1e9
Author: Mihnea Saracin <Mihnea.Saracin@windriver.com>
Date:   Mon Mar 16 23:11:27 2020 +0200

Fix B&R when wipe_ceph_osds is set to true
    
    The helm charts are restored only when the ceph osds are not wiped,
    but they also need to be restored when the ceph osds are wiped.
    
    Closes-Bug: 1866704
    Change-Id: I7d9bf8cbfbf26a0edd44c6af6f0d98d95abfb682
    Signed-off-by: Mihnea Saracin <Mihnea.Saracin@windriver.com>

commit c03dc5f3fc7dd1a5646cfc5b83d6c6fc08241bc1
Author: Andy Ning <andy.ning@windriver.com>
Date:   Thu Mar 5 16:57:29 2020 -0500

Create ssl_ca dir to support multiple CA certificate
    
    This update creates ssl_ca directory in the drbd shared fs during
    ansible bootstrap. The directory is used to store the CA certificates
    as individual files. CA certificate install and uninstall operations
    are manipulating these certificate files.
    
    Change-Id: Idfca7220320a5de1cc274e077fc7ce8d2778a76b
    Closes-Bug: 1861438
    Closes-Bug: 1860995
    Signed-off-by: Andy Ning <andy.ning@windriver.com>

commit 208df05af590ab1cbdac16c94f65b29d4fac3e90
Author: David Sullivan <david.sullivan@windriver.com>
Date:   Sun Mar 1 21:16:04 2020 -0500

Add OAM IP records to API server certSANs
    
    Add the OAM IP records to the apiserver_cert_sans. This will allow for
    remote access to the kubernetes API server.
    
    Change-Id: I344f59fa0b5a24633f1341e2c2fd54748d88c0af
    Closes-Bug: 1863798
    Signed-off-by: David Sullivan <david.sullivan@windriver.com>

commit fea7aa9c64f4a84216e241921d5b202a137c2c04
Author: Jerry Sun <jerry.sun@windriver.com>
Date:   Wed Mar 4 16:08:36 2020 -0500

Support post-bootstrap config of kube-apiserver parameters
    
    Save the openid connect parameters for kube-apiserver in system
    service parameters. This keeps them consistent if the user changes
    them after bootstrap
    
    Story: 2006711
    Task: 38944
    
    Depends-On: https://review.opendev.org/711337
    
    Change-Id: I1757afecb1ff222b16feee464fa486d5ac02f40d
    Signed-off-by: Jerry Sun <jerry.sun@windriver.com>

commit 3a21623f6b7285ac9e822a8a9b23d5d0fd0f4e38
Author: hutianhao <hu.tianhao@99cloud.net>
Date:   Wed Feb 19 17:14:44 2020 +0800

Select another way to get device information
    
    If terminal language is Chinese(maybe other language will also have
    this problem), it can't get exact root disk size because the word
    "Disk" is not in English. So drdb config will fail after unlock.
    Select another way to get device information to avoid this problem.
    
    Closes-Bug: 1859951
    Change-Id: Ie144f7f302b73854c8407681a5dd0981797d4c5f
    Signed-off-by: hutianhao <hu.tianhao@99cloud.net>

commit 7e0f62e8480197d1518e890eb47ec7ac18986e46
Author: Ovidiu Poncea <ovidiu.poncea@windriver.com>
Date:   Thu Dec 19 11:15:45 2019 +0200

B&R: Add support for backing up and restoring StarlingX apps
    
    This works when ceph storage backend is kept intact (i.e. when
    restore is run with wipe_ceph_osds=false). To accomplish this the
    commit enhances platform B&R to include the etcd database. Ceph
    PVC are kept intact.
    
    Details:
     o Backup etcd db
     o Restore etcd db
     o Allow k8s to start with the restored db
     o Fix helm to start with the restored db
    
    Change-Id: I80f36dbedbd322bd3129aaa7740704f97da7750c
    Story: 2006770
    Task: 37780
    Signed-off-by: Ovidiu Poncea <ovidiu.poncea@windriver.com>

commit 37471539878e6861cec4983cd8d89ba154acd7f3
Author: Tao Liu <tao.liu@windriver.com>
Date:   Wed Feb 19 19:06:26 2020 -0500

Increase activeDeadlineSeconds in the rvmc template
    
    While investigating a remote install failure, it was observed
    that the rvmc job/pod was terminating after 10 mins prior
    to entering an error or complete state hence, the error
    logs were not captured.
    
    This update increases activeDeadlineSeconds from 600 seconds
    to 1200 seconds.
    
    Change-Id: Ibb9240c7153b7dbead20ffb0a7ac4fc606b64fcd
    Story: 2006980
    Task: 38465
    Signed-off-by: Tao Liu <tao.liu@windriver.com>

commit f4baa947f7643d0d437e63c83725c4c9c24f27c8
Author: Don Penney <don.penney@windriver.com>
Date:   Wed Feb 12 14:48:15 2020 -0500

Replace image stable-latest tags with static versions
    
    In order to avoid compatiblity issues from using a moving
    stable-latest tag on referenced images, the playbooks are updated to
    use static version tags for those images built by CENGN.
    
    Change-Id: I336ec16ec6c8d7581f547efa77bd75f2c1b4726b
    Partial-Bug: 1854869
    Signed-off-by: Don Penney <don.penney@windriver.com>

commit e364e4b11ca9977a37e3b3d05924846b0fbe7e0d
Author: Stefan Dinescu <stefan.dinescu@windriver.com>
Date:   Fri Jan 31 17:37:23 2020 +0200

Remove default provisioning of ceph
    
    Ceph is no longer a default service, so we remove
    the provisioning from ansible.
    
    Ceph will be configured using the following command
        "system storage-backend-add ceph --confirmed"
    This configuration option will be available after
    running the ansible bootstrap.
    
    Change-Id: I8cac1ef3ab97a036f7e77289b8fb7807cf37ddd7
    Depends-On: https://review.opendev.org/705235
    Story: 2007064
    Task: 38590
    Signed-off-by: Stefan Dinescu <stefan.dinescu@windriver.com>

commit ee0b46522c106832004eed7e332fbe93f8de385b
Author: Andy Ning <andy.ning@windriver.com>
Date:   Tue Feb 4 15:18:01 2020 -0500

Enable kubernetes secret encryption at rest
    
    This update enabled kubernetes secret resource encryption during
    ansible play system deployment. It contains the following changes:
    
    - An extraArgs "encryption-provider-config:
      /etc/kubernetes/encryption-provider.yaml" is added to kubeadm.yaml
      by template. This argument will be fed into kube-apiserver static
      pod manifest so that kube-apiserver will be started with this
      encryption enabling flag.
    - A template file is added to generate the actual encryption provider
      configuration file. This generated file is hostPath mounted to
      kube-apiserver pod as kube-apiserver's encryption provider configuration.
    - The generated encryption provider configuration file is transfered to
      the second controller by the shared fs for kube-apiserver pod running
      on the second controller.
    
    Change-Id: If1c1e1887e024923e5d876bf589a5bfd312d5da9
    Story: 2007243
    Task: 38626
    Depends-On: https://review.opendev.org/#/c/705975
    Signed-off-by: Andy Ning <andy.ning@windriver.com>

commit 5471cd1ae5ed92af0d160e04ce0983dee85cf716
Author: Bin Qian <bin.qian@windriver.com>
Date:   Wed Feb 5 08:27:51 2020 -0500

Adding job to upload commits to GitHub
    Add job to publish ansible-playbooks repo to GitHub
    
    Change-Id: Ica6f28f34882ec574bd91f6aa26933e0f1b4f6fa
    Story: 2007252
    Task: 38655
    Signed-off-by: Bin Qian <bin.qian@windriver.com>

tags:

added: in-f-centos8

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-03-31: Fix merged to root (f/centos8)

#13

Download full text (11.6 KiB)

Reviewed: https://review.opendev.org/716131
Committed: https://git.openstack.org/cgit/starlingx/root/commit/?id=e5faf8bd5cebfa275823de8cc10be1abbdc2f8f8
Submitter: Zuul
Branch: f/centos8

commit b31cd4b01ee0e6c02cc35094b17aef0edd4f6071
Author: Don Penney <email address hidden>
Date: Wed Mar 25 15:19:07 2020 -0400

Update tag for stx-oidc-client to stx.4.0-v1.0.2

    Change-Id: I6deab3e81b2210968c93f82d667003e5805a1136
    Partial-Bug: 1868895
    Signed-off-by: Don Penney <email address hidden>

commit bd0d9015fa095948443e29f40a701bc3f81c328f
Author: Don Penney <email address hidden>
Date: Wed Mar 18 10:56:08 2020 -0400

Add managed tag for stx-platformclients image

    Change-Id: Id37f2eaf5bacaad941a7abaf835d3c7204d7ca97
    Story: 2006711
    Task: 39096
    Signed-off-by: Don Penney <email address hidden>

commit f5985aa83ad6c5275f97db53db9a095a1f4a1bb1
Author: Davlet Panech <email address hidden>
Date: Wed Mar 18 16:29:40 2020 -0400

Use private yum cache dir in build scripts

    YUM & friends use a cache directory named /tmp/yum-$USER-xxx or
    similar, even when used concurrently e.g. when bulding unrelated
    source trees. This causes interference between CI pipelines.

This patch sets TMPDIR=$MY_WORKSPACE/tmp when calling repoquery,
etc.

    Change-Id: Ieeb4d6fd9447f1c2988380c3427975893be365a5
    Closes-Bug: 1867817
    Signed-off-by: Davlet Panech <email address hidden>

commit 7dc6b23b517d4d14cad38f29d47af64e66e105b9
Author: Stefan Dinescu <email address hidden>
Date: Wed Mar 18 16:23:59 2020 +0200

Support custom docker registries for remote cli

    The build script for remote cli was receiving as parameters
    only the desired tag for the clients docker images; the docker
    images were always pulled from docker.io/starlinx.

    Nowthe build script take the full link of the docker image
    as parameter, so we can use any docker registry as source
    for the client images.

    Change-Id: Ibc4584a9401c1ff30f8e657ca27d31b35c4e94d5
    Depends-On: https://review.opendev.org/#/c/713665/
    Story: 2006711
    Task: 39095
    Signed-off-by: Stefan Dinescu <email address hidden>

commit 3b0e2dd4ea92b4fe5b53b1fd4b38a5e673e9c92c
Author: Davlet Panech <email address hidden>
Date: Mon Mar 9 14:54:10 2020 -0400

Fixed broken setuptools import

    pyScss tries to import a module called "Feature" from setuptools,
    which was removed from setuptools 46.0.0 (mar 8 2020). This causes
    compilation erros. The fix updates "pip install" in Dockerfile
    to install setuptools < 46.0.0

    Change-Id: Ib5c00aafb934efaf1413e72ede30638f2dc35230
    Signed-off-by: Davlet Panech <email address hidden>
    Closes-Bug: 1866699

commit 3a95ab163f4cb4371fa4c6a94f5f64e27b1980f2
Author: Don Penney <email address hidden>
Date: Wed Mar 4 10:59:37 2020 -0500

Add tag for rvmc image

Update tag management file to publish a static tag for the rvmc image.

    Change-Id: I459e4f676ffa0a28c2c1fca5d61df16f499ded93
    Story: 2006980
    Task: 38935
    Signed-off-by: Don Penney <don.penney...

Reviewed:  https://review.opendev.org/716131
Committed: https://git.openstack.org/cgit/starlingx/root/commit/?id=e5faf8bd5cebfa275823de8cc10be1abbdc2f8f8
Submitter: Zuul
Branch:    f/centos8

commit b31cd4b01ee0e6c02cc35094b17aef0edd4f6071
Author: Don Penney <don.penney@windriver.com>
Date:   Wed Mar 25 15:19:07 2020 -0400

Update tag for stx-oidc-client to stx.4.0-v1.0.2
    
    Change-Id: I6deab3e81b2210968c93f82d667003e5805a1136
    Partial-Bug: 1868895
    Signed-off-by: Don Penney <don.penney@windriver.com>

commit bd0d9015fa095948443e29f40a701bc3f81c328f
Author: Don Penney <don.penney@windriver.com>
Date:   Wed Mar 18 10:56:08 2020 -0400

Add managed tag for stx-platformclients image
    
    Change-Id: Id37f2eaf5bacaad941a7abaf835d3c7204d7ca97
    Story: 2006711
    Task: 39096
    Signed-off-by: Don Penney <don.penney@windriver.com>

commit f5985aa83ad6c5275f97db53db9a095a1f4a1bb1
Author: Davlet Panech <davlet.panech@windriver.com>
Date:   Wed Mar 18 16:29:40 2020 -0400

Use private yum cache dir in build scripts
    
    YUM & friends use a cache directory named /tmp/yum-$USER-xxx or
    similar, even when used concurrently e.g. when bulding unrelated
    source trees. This causes interference between CI pipelines.
    
    This patch sets TMPDIR=$MY_WORKSPACE/tmp when calling repoquery,
    etc.
    
    Change-Id: Ieeb4d6fd9447f1c2988380c3427975893be365a5
    Closes-Bug: 1867817
    Signed-off-by: Davlet Panech <davlet.panech@windriver.com>

commit 7dc6b23b517d4d14cad38f29d47af64e66e105b9
Author: Stefan Dinescu <stefan.dinescu@windriver.com>
Date:   Wed Mar 18 16:23:59 2020 +0200

Support custom docker registries for remote cli
    
    The build script for remote cli was receiving as parameters
    only the desired tag for the clients docker images; the docker
    images were always pulled from docker.io/starlinx.
    
    Nowthe build script take the full link of the docker image
    as parameter, so we can use any docker registry as source
    for the client images.
    
    Change-Id: Ibc4584a9401c1ff30f8e657ca27d31b35c4e94d5
    Depends-On: https://review.opendev.org/#/c/713665/
    Story: 2006711
    Task: 39095
    Signed-off-by: Stefan Dinescu <stefan.dinescu@windriver.com>

commit 3b0e2dd4ea92b4fe5b53b1fd4b38a5e673e9c92c
Author: Davlet Panech <davlet.panech@windriver.com>
Date:   Mon Mar 9 14:54:10 2020 -0400

Fixed broken setuptools import
    
    pyScss tries to import a module called "Feature" from setuptools,
    which was removed from setuptools 46.0.0 (mar 8 2020). This causes
    compilation erros. The fix updates "pip install" in Dockerfile
    to install setuptools < 46.0.0
    
    Change-Id: Ib5c00aafb934efaf1413e72ede30638f2dc35230
    Signed-off-by: Davlet Panech <davlet.panech@windriver.com>
    Closes-Bug: 1866699

commit 3a95ab163f4cb4371fa4c6a94f5f64e27b1980f2
Author: Don Penney <don.penney@windriver.com>
Date:   Wed Mar 4 10:59:37 2020 -0500

Add tag for rvmc image
    
    Update tag management file to publish a static tag for the rvmc image.
    
    Change-Id: I459e4f676ffa0a28c2c1fca5d61df16f499ded93
    Story: 2006980
    Task: 38935
    Signed-off-by: Don Penney <don.penney@windriver.com>

commit 11ae91f2d85cd7cd9ab07d6595261b249df94855
Author: Don Penney <don.penney@windriver.com>
Date:   Sat Feb 22 08:33:35 2020 -0500

Update image tags for stx-oidc-client and n3000-opae
    
    Update image tags for the stx-oidc-client and n3000-opae images to
    point to new image versions.
    
    Change-Id: I15c8854c335911567c2ad5f38eedb95c0ba2ee91
    Story: 2006711
    Task: 38850
    Signed-off-by: Don Penney <don.penney@windriver.com>

commit 9b77e2e1b346c7f2f6fe617bc9c48e3c9c39d6de
Author: Scott Little <scott.little@windriver.com>
Date:   Mon Oct 28 19:22:57 2019 -0400

Build avoidance fixes
    
    1) Build avoidance fails on a clean workspace because directory
    $MY_WORKSPACE/tmp doesn't exist when mktemp needs to
    create a forth subdir under that path.
    
    Add a 'mkdir -p $MY_WORKSPACE/tmp' to ensure it exists
    prior to mktemp.
    
    2) Failed to rebuild kmods after a kernel change and
    building with build-avoidance enabled.  The problem was
    a missing dependency cache that would have listed
    the kmods as having dependencies on the kernel.
    Reusing kmods from a prior build in conjunction with
    a rebuilt kernel results int load with unusable kmods
    due to a key mismatch.
    
    Add the dependancy-cache to the list of artifacts to
    syncronize as part of build avoidance.  A primed
    dependency cache will allow build-pkgs to determine
    that kmods must be rebuilt when the kernel has changed.
    
    3) Make sure $MY_WORKSPACE/$BUILD_TYPE/repo
    symlink exists after a build avoidance build.
    If no packages require a rebuild, it was missing.
    
    4) Fix an error message that was puzzling while debugging
    the above issues.
    
    Closes-Bug: 1864110
    Change-Id: Ia912b2e3e110efbe69004d7978109ebb089d684b
    Signed-off-by: Scott Little <scott.little@windriver.com>

commit b1532a41dacaa4b08fbf0d378adf51e17705c32c
Author: Don Penney <don.penney@windriver.com>
Date:   Wed Feb 19 18:44:04 2020 -0500

Lock down upper-constraints for wheels
    
    Currently, the images built via loci are python2-based. Given that
    support for python2 has ended, most new module versions in pypi are
    python3-only. As a result, these new versions will fail to install in
    the image during the build.
    
    A recent change to the upstream upper-constraints upversioned the
    ovsdbapp module to a python3-only version, which caused the stx-nova
    and stx-neutron image builds to fail. As a temporary workaround until
    we can move these images to python3, this update locks down the
    upper-constraints and global-requirements files to a version prior to
    this change.
    
    Change-Id: Iaf0e9c76c96b21c398345dfc6b0b8715e978e879
    Closes-Bug: 1863957
    Signed-off-by: Don Penney <don.penney@windriver.com>

commit 921cb526ffd9fe9d6dddcf7253bf0812d7299350
Author: Don Penney <don.penney@windriver.com>
Date:   Wed Feb 12 14:51:52 2020 -0500

Add tag-management utility
    
    This commit introduces a tag management utility for images to allow
    retagging of specific images. This allows the StarlingX ansible
    playbooks and packaged charts to use a static image tag rather than the
    moving stable-latest tag.
    
    This utility can only be run by a StarlingX build team member with
    publishing capability on the docker hub, to allow for updated tags to
    be available publicly, or as part of a CENGN build job.
    
    Change-Id: I7659695c701ccf3bfe8255b24ad0b1896b59cc23
    Partial-Bug: 1854869
    Signed-off-by: Don Penney <don.penney@windriver.com>

commit d02fd0c39e6c9ee12afffd7fee2a8ebfbaf23e03
Author: Don Penney <don.penney@windriver.com>
Date:   Wed Feb 12 14:38:59 2020 -0500

Fix patch-iso for StarlingX repos
    
    The patch-iso utility is currently unable to find necessary files
    within the StarlingX repos. This commits corrects the location,
    allowing the utility to run. It also does a little cleanup to add
    robustness to the utility.
    
    Depends-On: https://review.opendev.org/707459
    Change-Id: Ibacdfc7f06a464c7ef62e0a681f4f99e634057f2
    Closes-Bug: 1863011
    Signed-off-by: Don Penney <don.penney@windriver.com>

commit d184c69b7c6c0f2cf93facf888182670211460ad
Author: Don Penney <don.penney@windriver.com>
Date:   Wed Jan 15 14:22:45 2020 -0500

Update tox.ini bashate to test all bash scripts
    
    Currently, the tox.ini file is only running bashate against files that
    end in a .sh extension. However, many of the build tools do not have
    an extension, and therefore don't have bashate executed against them.
    This commit enhances the tox command to search for shell scripts
    regardless of file extension.
    
    The bashate ignore list has been updated to ignore all existing
    warnings. Future updates can perform cleanup to address the
    outstanding issues and remove items from the ignore list one by one.
    
    The original check of .sh is maintained with a smaller ignore list, to
    ensure new issues are not introduced.
    
    Change-Id: I07e8ac83c6ed3d81e7bfad19da1eee1747d60802
    Signed-off-by: Don Penney <don.penney@windriver.com>

commit b2286535c9270ca728a0ed5e053392e2961b9373
Author: Scott Little <scott.little@windriver.com>
Date:   Tue Dec 31 15:46:45 2019 -0500

Update to build tools to support Build layering.
    
    1: Building rpms now produces an rpm.lst file.  This file serves to
    list all rpms produced by the build.  A seperate rpm.lst file
    is producede for each build type (std, rt, installer). The file is
    co-resident with the matching repodata directory.
    
    The rpm.lst files will need to be published by cengn for each layer build.
    
    The download tools in stx-tools will need to find the rpm.lst files
    of lower layer builds, and use it to direct the download of rpms
    from the lower layer.
    
    2: Building rpms now produces an image.inc file.  This file serves
    to list all rpms that the layer recommends be built into an iso.
    The file is stored under the $MY_WORKSPACE/<build-type> subdirectory,
    although it has identical content for any build-type.
    
    The image.inc file will need to be published by cengn for each layer
    build.
    
    The download tools in stx-tools will need to download the per-layer
    image.inc files to the $MY_REPO/cgcs-centos-repo/layer_image_inc/
    sub-directory, renaming the file in some layer specific way.
    
    The build-iso tool will process any *.inc files found under
    $MY_REPO/cgcs-centos-repo/layer_image_inc/ ,
    adding those rpms to the iso.
    
    3) Add a mechanism for layer specific mock.cfg prototypes.
    This will allow special handling of the real-time (aka 'rt'),
    repositories for layer builds that need to do a 'rt' build.
    
    4) Add support for a $MY_REPO/cgcs-centos-repo/rt subdirectory,
    a place to build a repo of real-time rpms originating from
    lower layer builds.
    
    The download tools in stx-tools will need to populate the new
    rt repos.
    
    As of this writing, non-rt rpms remain in $MY_REPO/cgcs-centos-repo/.
    i.e. there is not a new $MY_REPO/cgcs-centos-repo/std/ directory.
    
    5) Some changes to make us more flexible about where we find
    realease and bsp files.
    
    6) Found that kernel mudules were not reliably building against
    the hearnel-headers of our modified kernel.  Found that adding '--update'
    to our mock build command was not working.  Does mock expect '--update'
    to only be used independently of a build command?  It does work when
    used in that manner, so that's what we will do.
    
    7) The build-pkgs, build-srpms, build-rpms family of commands
    can take a layer argument and/or will read the LAYER environment
    variable.  Current the only use of this variable is to modify
    the build-info.  It does NOT limit the compile to packages
    for a specific layer.
    
    Story: 2006166
    Task: 37094
    
    Depends-On: https://review.opendev.org/698756
    Depends-On: https://review.opendev.org/700819
    Change-Id: I817e08a19cdabe08b3fcc47dee63a36b461c13c0
    Co-Authored-by: Martin Chen <haochuan.z.chen@intel.com>
    Signed-off-by: Scott Little <scott.little@windriver.com>

commit 508b15d3c42e95e3ce60320960f40b0f0c643ed7
Author: Bin Qian <bin.qian@windriver.com>
Date:   Thu Feb 6 15:00:45 2020 -0500

Adding job to upload commits to GitHub
    
    Add job to publish containers repo to GitHub
    
    Change-Id: I6b500881aaaddddf548f9121166ecd42cd3d5f61
    Story: 2007252
    Task: 38692
    Signed-off-by: Bin Qian <bin.qian@windriver.com>

Revision history for this message

Ghada Khalil (gkhalil) wrote on 2020-05-24:

#14

This has been addressed in stx master through the image tagging mechanism introduced by Don Penney. Therefore, this LP should be marked as Fix Released.

The only follow-up is to check if the required changes were ported in the r/stx.3.0 branch or not yet.

Yosief Gebremariam (ygebrema) on 2020-06-05

Changed in starlingx:
status:	In Progress → Fix Committed
status:	Fix Committed → In Progress

Ghada Khalil (gkhalil) on 2020-06-19

Changed in starlingx:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-08-17: Fix proposed to ansible-playbooks (r/stx.3.0)

#15

Fix proposed to branch: r/stx.3.0
Review: https://review.opendev.org/746616

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-08-18: Fix merged to ansible-playbooks (r/stx.3.0)

#16

Reviewed: https://review.opendev.org/746616
Committed: https://git.openstack.org/cgit/starlingx/ansible-playbooks/commit/?id=99bee502b39311ca0f036b834d8a7accd7086261
Submitter: Zuul
Branch: r/stx.3.0

commit 99bee502b39311ca0f036b834d8a7accd7086261
Author: Don Penney <email address hidden>
Date: Wed Feb 12 14:48:15 2020 -0500

Replace image stable-latest tags with static versions

    In order to avoid compatiblity issues from using a moving
    stable-latest tag on referenced images, the playbooks are updated to
    use static version tags for those images built by CENGN.

Conflicts:
playbookconfig/src/playbooks/roles/common/push-docker-images/vars/k8s-v1.16.2/system-images.yml

    Change-Id: I4add70fbc5b621e84d06044ef30f0a0bff6ca3f8
    Partial-Bug: 1854869
    Signed-off-by: Don Penney <email address hidden>
    (cherry picked from commit f4baa947f7643d0d437e63c83725c4c9c24f27c8)

Don Penney (dpenney) on 2020-08-18

Changed in starlingx:
status:	Fix Committed → Fix Released

Ghada Khalil (gkhalil) on 2020-08-27

tags:

added: in-r-stx30

StarlingX

Some stx-built docker images are not properly tagged

Bug Description

Other bug subscribers

Remote bug watches