From 31e3c6421f7366591fcbe7d71c97584e1e93689a Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 20 Dec 2023 09:04:40 +0000 Subject: [PATCH 1/4] Add terraform-kayobe-multinode to Kayobe team --- ansible/inventory/group_vars/all/source-repositories | 7 +++++++ terraform/github/terraform.tfvars.json | 3 ++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/ansible/inventory/group_vars/all/source-repositories b/ansible/inventory/group_vars/all/source-repositories index 82533372..3f141571 100644 --- a/ansible/inventory/group_vars/all/source-repositories +++ b/ansible/inventory/group_vars/all/source-repositories @@ -100,6 +100,13 @@ source_repositories: - codeowners: content: "{{ community_files.codeowners.kayobe }}" dest: ".github/CODEOWNERS" + terraform-kayobe-multinode: + repository_type: "single-branch" + workflows: [] + community_files: + - codeowners: + content: "{{ community_files.codeowners.kayobe }}" + dest: ".github/CODEOWNERS" bifrost: ignored_releases: - victoria diff --git a/terraform/github/terraform.tfvars.json b/terraform/github/terraform.tfvars.json index b41218c0..1c90fcc5 100644 --- a/terraform/github/terraform.tfvars.json +++ b/terraform/github/terraform.tfvars.json @@ -60,7 +60,8 @@ "kolla-ansible", "openstack-admin-guide", "stackhpc-kayobe-config", - "ansible-collection-kayobe-workflows" + "ansible-collection-kayobe-workflows", + "terraform-kayobe-multinode" ], "OpenStack": [ "bifrost", From 228a314ff4272872b4fc0d2dab0cb0fc070af3fd Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 20 Dec 2023 09:05:07 +0000 Subject: [PATCH 2/4] Move bifrost from OpenStack to Kayobe team --- terraform/github/terraform.tfvars.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/github/terraform.tfvars.json b/terraform/github/terraform.tfvars.json index 1c90fcc5..1cabfad2 100644 --- a/terraform/github/terraform.tfvars.json +++ b/terraform/github/terraform.tfvars.json @@ -54,6 +54,7 @@ "caas-slurm-appliance" ], "Kayobe": [ + "bifrost", "kolla", "kayobe", "kayobe-automation", @@ -64,7 +65,6 @@ "terraform-kayobe-multinode" ], "OpenStack": [ - "bifrost", "barbican", "cinder", "cloudkitty", From adade3fd80f32ff2b2f4515a8d5429f893203627 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 20 Dec 2023 09:06:17 +0000 Subject: [PATCH 3/4] Template account and repo in GitHub runner deployment This makes the code more cargo-cult-able. --- terraform/github-runners/ansible/site.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/github-runners/ansible/site.yml b/terraform/github-runners/ansible/site.yml index 23b9449a..dba22cec 100644 --- a/terraform/github-runners/ansible/site.yml +++ b/terraform/github-runners/ansible/site.yml @@ -17,7 +17,7 @@ # Start the service manually. - name: Ensure runner service is running ansible.builtin.service: - name: actions.runner.stackhpc-stackhpc-release-train.{{ ansible_facts.hostname }}.service + name: actions.runner.{{ github_account }}-{{ github_repo }}.{{ ansible_facts.hostname }}.service state: started enabled: true become: true From 441742a03525df5eae4ede9e6a05462e340f2bb6 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 20 Dec 2023 09:19:08 +0000 Subject: [PATCH 4/4] Remove prevent_destroy from branch protection rules Using prevent_destroy prevents moving repositories between teams. Although branch protections are sensitive, we won't lose any data by simply removing them. --- terraform/github/branches.tf | 35 ----------------------------------- 1 file changed, 35 deletions(-) diff --git a/terraform/github/branches.tf b/terraform/github/branches.tf index 3c58f5cc..7c99c8bd 100644 --- a/terraform/github/branches.tf +++ b/terraform/github/branches.tf @@ -26,10 +26,6 @@ resource "github_branch_protection" "ansible_branch_protection" { contexts = lookup(var.required_status_checks, each.key, { "default" : [] }).default strict = false } - - lifecycle { - prevent_destroy = true - } } resource "github_branch_protection" "batch_branch_protection" { @@ -55,10 +51,6 @@ resource "github_branch_protection" "batch_branch_protection" { contexts = lookup(var.required_status_checks, each.key, { "default" : [] }).default strict = false } - - lifecycle { - prevent_destroy = true - } } resource "github_branch_protection" "kayobe_branch_protection_py_3-6" { @@ -94,10 +86,6 @@ resource "github_branch_protection" "kayobe_branch_protection_py_3-6" { }).default) strict = false } - - lifecycle { - prevent_destroy = false - } } resource "github_branch_protection" "kayobe_branch_protection_py_3-10" { @@ -129,10 +117,6 @@ resource "github_branch_protection" "kayobe_branch_protection_py_3-10" { }).default) strict = false } - - lifecycle { - prevent_destroy = true - } } resource "github_branch_protection" "openstack_branch_protection_py_3-6" { @@ -168,9 +152,6 @@ resource "github_branch_protection" "openstack_branch_protection_py_3-6" { }).default) strict = false } - lifecycle { - prevent_destroy = true - } } resource "github_branch_protection" "openstack_branch_protection_py_3-10" { @@ -202,10 +183,6 @@ resource "github_branch_protection" "openstack_branch_protection_py_3-10" { }).default) strict = false } - - lifecycle { - prevent_destroy = false - } } resource "github_branch_protection" "platform_branch_protection" { @@ -231,10 +208,6 @@ resource "github_branch_protection" "platform_branch_protection" { contexts = lookup(var.required_status_checks, each.key, { "default" : [] }).default strict = false } - - lifecycle { - prevent_destroy = true - } } resource "github_branch_protection" "releasetrain_branch_protection" { @@ -260,10 +233,6 @@ resource "github_branch_protection" "releasetrain_branch_protection" { contexts = lookup(var.required_status_checks, each.key, { "default" : [] }).default strict = false } - - lifecycle { - prevent_destroy = true - } } resource "github_branch_protection" "smslab_branch_protection" { @@ -289,9 +258,5 @@ resource "github_branch_protection" "smslab_branch_protection" { contexts = lookup(var.required_status_checks, each.key, { "default" : [] }).default strict = false } - - lifecycle { - prevent_destroy = true - } }