77 description : Build Rocky Linux 9
88 type : boolean
99 default : true
10+ rocky9-aarch64 :
11+ description : Build Rocky Linux 9 aarch64
12+ type : boolean
13+ default : true
1014 ubuntu-noble :
1115 description : Build Ubuntu 24.04 Noble
1216 type : boolean
@@ -38,24 +42,18 @@ jobs:
3842 with :
3943 runner_env : ${{ inputs.runner_env }}
4044
41- ipa-image-build :
42- name : Build IPA images
45+ create-tag :
46+ name : Create a tag to be added to resulting images
4347 if : github.repository == 'stackhpc/stackhpc-kayobe-config'
4448 environment : ${{ inputs.runner_env }}
4549 runs-on : ${{ needs.runner-selection.outputs.runner_name_image_build }}
4650 needs :
4751 - runner-selection
4852 permissions : {}
53+ outputs :
54+ openstack_release : ${{ steps.openstack_release.outputs.openstack_release }}
55+ ipa_image_tag : ${{ steps.ipa_image_tag.outputs.ipa_image_tag }}
4956 steps :
50- - name : Install Package dependencies
51- run : |
52- sudo apt update &&
53- sudo apt install -y git unzip nodejs python3-pip python3-venv openssh-server openssh-client jq
54-
55- - name : Start the SSH service
56- run : |
57- sudo /etc/init.d/ssh start
58-
5957 - name : Checkout
6058 uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
6159 with :
7270 run : |
7371 echo "ipa_image_tag=$(date +${{ steps.openstack_release.outputs.openstack_release }}-%Y%m%dT%H%M%S)" >> $GITHUB_OUTPUT
7472
73+ ipa-image-build :
74+ name : Build IPA images
75+ if : github.repository == 'stackhpc/stackhpc-kayobe-config'
76+ environment : ${{ inputs.runner_env }}
77+ runs-on : ${{ needs.runner-selection.outputs.runner_name_image_build }}
78+ needs :
79+ - runner-selection
80+ - create-tag
81+ permissions : {}
82+ steps :
83+ - name : Install Package dependencies
84+ run : |
85+ sudo apt update &&
86+ sudo apt install -y git unzip nodejs python3-pip python3-venv openssh-server openssh-client jq
87+
88+ - name : Start the SSH service
89+ run : |
90+ sudo /etc/init.d/ssh start
91+
92+ - name : Checkout
93+ uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
94+ with :
95+ path : src/kayobe-config
96+
7597 - name : Display IPA image tag
7698 run : |
77- echo "${{ steps.ipa_image_tag .outputs.ipa_image_tag }}"
99+ echo "${{ needs.create-tag .outputs.ipa_image_tag }}"
78100
79101 - name : Install Kayobe
80102 run : |
@@ -240,7 +262,7 @@ jobs:
240262 src/kayobe-config/etc/kayobe/ansible/pulp/pulp-artifact-upload.yml \
241263 -e artifact_path=/opt/kayobe/images/ipa \
242264 -e artifact_type=ipa-images \
243- -e artifact_tag=${{ steps.ipa_image_tag .outputs.ipa_image_tag }} \
265+ -e artifact_tag=${{ needs.create-tag .outputs.ipa_image_tag }} \
244266 -e os_distribution="ubuntu" \
245267 -e os_release="noble" \
246268 -e file_regex='*.kernel'
@@ -256,7 +278,7 @@ jobs:
256278 src/kayobe-config/etc/kayobe/ansible/pulp/pulp-artifact-upload.yml \
257279 -e artifact_path=/opt/kayobe/images/ipa \
258280 -e artifact_type=ipa-images \
259- -e artifact_tag=${{ steps.ipa_image_tag .outputs.ipa_image_tag }} \
281+ -e artifact_tag=${{ needs.create-tag .outputs.ipa_image_tag }} \
260282 -e os_distribution="ubuntu" \
261283 -e os_release="noble" \
262284 -e file_regex='*.initramfs'
@@ -297,7 +319,7 @@ jobs:
297319 src/kayobe-config/etc/kayobe/ansible/pulp/pulp-artifact-upload.yml \
298320 -e artifact_path=/opt/kayobe/images/ipa \
299321 -e artifact_type=ipa-images \
300- -e artifact_tag=${{ steps.ipa_image_tag .outputs.ipa_image_tag }} \
322+ -e artifact_tag=${{ needs.create-tag .outputs.ipa_image_tag }} \
301323 -e os_distribution="rocky" \
302324 -e os_release="9" \
303325 -e file_regex='*.kernel'
@@ -313,7 +335,7 @@ jobs:
313335 src/kayobe-config/etc/kayobe/ansible/pulp/pulp-artifact-upload.yml \
314336 -e artifact_path=/opt/kayobe/images/ipa \
315337 -e artifact_type=ipa-images \
316- -e artifact_tag=${{ steps.ipa_image_tag .outputs.ipa_image_tag }} \
338+ -e artifact_tag=${{ needs.create-tag .outputs.ipa_image_tag }} \
317339 -e os_distribution="rocky" \
318340 -e os_release="9" \
319341 -e file_regex='*.initramfs'
@@ -349,3 +371,251 @@ jobs:
349371 OS_APPLICATION_CREDENTIAL_ID : ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }}
350372 OS_APPLICATION_CREDENTIAL_SECRET : ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }}
351373 if : always()
374+
375+ ipa-image-build-aarch64 :
376+ name : Build Rocky 9 aarch64 IPA image
377+ if : github.repository == 'stackhpc/stackhpc-kayobe-config' && inputs.rocky9-aarch64 && inputs.runner_env == 'SMS Lab'
378+ environment : ${{ inputs.runner_env }}
379+ runs-on : ${{ needs.runner-selection.outputs.runner_name_image_build }}
380+ needs :
381+ - runner-selection
382+ - create-tag
383+ permissions : {}
384+ steps :
385+ - name : Install Package dependencies
386+ run : |
387+ sudo apt update &&
388+ sudo apt install -y git unzip nodejs python3-pip python3-venv openssh-server openssh-client jq
389+
390+ - name : Start the SSH service
391+ run : |
392+ sudo /etc/init.d/ssh start
393+
394+ - name : Checkout
395+ uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
396+ with :
397+ path : src/kayobe-config
398+
399+ - name : Display IPA image tag
400+ run : |
401+ echo "${{ needs.create-tag.outputs.ipa_image_tag }}"
402+
403+ - name : Install Kayobe
404+ run : |
405+ mkdir -p venvs &&
406+ pushd venvs &&
407+ python3 -m venv kayobe &&
408+ source kayobe/bin/activate &&
409+ pip install -U pip &&
410+ pip install -r ../src/kayobe-config/requirements.txt
411+
412+ - name : Install terraform
413+ uses : hashicorp/setup-terraform@5e8dbf3c6d9deaf4193ca7a8fb23f2ac83bb6c85 # v4.0.0
414+
415+ - name : Initialise terraform
416+ run : terraform init
417+ working-directory : ${{ github.workspace }}/src/kayobe-config/terraform/aio
418+
419+ - name : Generate SSH keypair
420+ run : ssh-keygen -f id_rsa -N ''
421+ working-directory : ${{ github.workspace }}/src/kayobe-config/terraform/aio
422+
423+ - name : Generate clouds.yaml
424+ run : |
425+ cat << EOF > clouds.yaml
426+ ${{ secrets.CLOUDS_YAML }}
427+ EOF
428+ working-directory : ${{ github.workspace }}/src/kayobe-config/terraform/aio
429+
430+ - name : Generate terraform.tfvars
431+ run : |
432+ cat << EOF > terraform.tfvars
433+ ssh_public_key = "id_rsa.pub"
434+ ssh_username = "ubuntu"
435+ aio_vm_name = "skc-ipa-image-builder-arm64"
436+ aio_vm_image = "${{ vars.HOST_IMAGE_BUILD_IMAGE_ARM64 }}"
437+ aio_vm_flavor = "${{ vars.HOST_IMAGE_BUILD_FLAVOR }}"
438+ aio_vm_network = "${{ vars.HOST_IMAGE_BUILD_NETWORK }}"
439+ aio_vm_subnet = "${{ vars.HOST_IMAGE_BUILD_SUBNET }}"
440+ aio_vm_interface = "ens3"
441+ aio_vm_volume_size = "${{ vars.HOST_IMAGE_BUILD_VOLUME }}"
442+ EOF
443+ working-directory : ${{ github.workspace }}/src/kayobe-config/terraform/aio
444+
445+ - name : Terraform Plan
446+ run : terraform plan
447+ working-directory : ${{ github.workspace }}/src/kayobe-config/terraform/aio
448+ env :
449+ OS_CLOUD : ${{ vars.OS_CLOUD }}
450+ OS_APPLICATION_CREDENTIAL_ID : ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }}
451+ OS_APPLICATION_CREDENTIAL_SECRET : ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }}
452+
453+ - name : Terraform Apply
454+ run : |
455+ for attempt in $(seq 5); do
456+ if terraform apply -auto-approve; then
457+ echo "Created infrastructure on attempt $attempt"
458+ exit 0
459+ fi
460+ echo "Failed to create infrastructure on attempt $attempt"
461+ sleep 10
462+ terraform destroy -auto-approve
463+ sleep 60
464+ done
465+ echo "Failed to create infrastructure after $attempt attempts"
466+ exit 1
467+ working-directory : ${{ github.workspace }}/src/kayobe-config/terraform/aio
468+ env :
469+ OS_CLOUD : ${{ vars.OS_CLOUD }}
470+ OS_APPLICATION_CREDENTIAL_ID : ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }}
471+ OS_APPLICATION_CREDENTIAL_SECRET : ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }}
472+
473+ - name : Get Terraform outputs
474+ id : tf_outputs
475+ run : |
476+ terraform output -json
477+ working-directory : ${{ github.workspace }}/src/kayobe-config/terraform/aio
478+
479+ - name : Write Terraform outputs
480+ run : |
481+ cat << EOF > src/kayobe-config/etc/kayobe/environments/ci-builder/tf-outputs.yml
482+ ${{ steps.tf_outputs.outputs.stdout }}
483+ EOF
484+
485+ - name : Write Terraform network config
486+ run : |
487+ cat << EOF > src/kayobe-config/etc/kayobe/environments/ci-builder/tf-network-allocation.yml
488+ ---
489+ aio_ips:
490+ builder: "{{ access_ip_v4.value }}"
491+ EOF
492+
493+ - name : Write Terraform network interface config
494+ run : |
495+ mkdir -p src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed
496+ rm -f src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed/network-interfaces
497+ cat << EOF > src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed/network-interfaces
498+ admin_interface: "{{ access_interface.value }}"
499+ aio_interface: "{{ access_interface.value }}"
500+ EOF
501+
502+ - name : Manage SSH keys
503+ run : |
504+ mkdir -p ~/.ssh
505+ touch ~/.ssh/authorized_keys
506+ cat src/kayobe-config/terraform/aio/id_rsa.pub >> ~/.ssh/authorized_keys
507+ cp src/kayobe-config/terraform/aio/id_rsa* ~/.ssh/
508+
509+ - name : Bootstrap the control host
510+ run : |
511+ source venvs/kayobe/bin/activate &&
512+ source src/kayobe-config/kayobe-env --environment ci-builder &&
513+ kayobe control host bootstrap
514+
515+ - name : Configure the seed host (Builder VM)
516+ run : |
517+ source venvs/kayobe/bin/activate &&
518+ source src/kayobe-config/kayobe-env --environment ci-builder &&
519+ kayobe seed host configure \
520+ -e seed_bootstrap_user=ubuntu \
521+ --skip-tags network,apt,docker,docker-registry
522+ env :
523+ KAYOBE_VAULT_PASSWORD : ${{ secrets.KAYOBE_VAULT_PASSWORD_CI_BUILDER }}
524+
525+ - name : Install dependencies
526+ run : |
527+ source venvs/kayobe/bin/activate &&
528+ source src/kayobe-config/kayobe-env --environment ci-builder &&
529+ kayobe seed host command run \
530+ --command "sudo apt update && sudo apt -y install gcc git libffi-dev python3-dev python-is-python3 python3-venv" --show-output
531+ env :
532+ KAYOBE_VAULT_PASSWORD : ${{ secrets.KAYOBE_VAULT_PASSWORD_CI_BUILDER }}
533+
534+ - name : Build a Rocky 9 aarch64 IPA image
535+ id : build_rocky_9_ipa_aarch64
536+ continue-on-error : true
537+ run : |
538+ source venvs/kayobe/bin/activate &&
539+ source src/kayobe-config/kayobe-env --environment ci-builder &&
540+ kayobe overcloud deployment image build --force-rebuild \
541+ -e os_distribution="rocky" \
542+ -e os_release="9" \
543+ -e ipa_ci_builder_distribution="rocky" \
544+ -e ipa_ci_builder_release="9" \
545+ -e ipa_ci_builder_arch="aarch64"
546+ env :
547+ KAYOBE_VAULT_PASSWORD : ${{ secrets.KAYOBE_VAULT_PASSWORD_CI_BUILDER }}
548+
549+ - name : Show last error logs
550+ continue-on-error : true
551+ run : |
552+ source venvs/kayobe/bin/activate &&
553+ source src/kayobe-config/kayobe-env --environment ci-builder &&
554+ kayobe seed host command run --command "tail -200 /opt/kayobe/images/ipa/ipa.stdout" --show-output
555+ env :
556+ KAYOBE_VAULT_PASSWORD : ${{ secrets.KAYOBE_VAULT_PASSWORD_CI_BUILDER }}
557+ if : steps.build_rocky_9_ipa_aarch64.outcome == 'failure'
558+
559+ - name : Upload Rocky 9 aarch64 IPA kernel image to Ark
560+ run : |
561+ source venvs/kayobe/bin/activate &&
562+ source src/kayobe-config/kayobe-env --environment ci-builder &&
563+ kayobe playbook run \
564+ src/kayobe-config/etc/kayobe/ansible/pulp/pulp-artifact-upload.yml \
565+ -e artifact_path=/opt/kayobe/images/ipa \
566+ -e artifact_type=ipa-images \
567+ -e artifact_tag=${{ needs.create-tag.outputs.ipa_image_tag }} \
568+ -e repository_name="ipa-images-${{ needs.create-tag.outputs.openstack_release }}-rocky-9-aarch64" \
569+ -e pulp_base_path="ipa-images/${{ needs.create-tag.outputs.openstack_release }}/rocky/9/aarch64" \
570+ -e os_distribution="rocky" \
571+ -e os_release="9" \
572+ -e file_regex='ipa.kernel'
573+ env :
574+ KAYOBE_VAULT_PASSWORD : ${{ secrets.KAYOBE_VAULT_PASSWORD_CI_BUILDER }}
575+ if : steps.build_rocky_9_ipa_aarch64.outcome == 'success'
576+
577+ - name : Upload Rocky 9 aarch64 IPA ramdisk image to Ark
578+ run : |
579+ source venvs/kayobe/bin/activate &&
580+ source src/kayobe-config/kayobe-env --environment ci-builder &&
581+ kayobe playbook run \
582+ src/kayobe-config/etc/kayobe/ansible/pulp/pulp-artifact-upload.yml \
583+ -e artifact_path=/opt/kayobe/images/ipa \
584+ -e artifact_type=ipa-images \
585+ -e artifact_tag=${{ needs.create-tag.outputs.ipa_image_tag }} \
586+ -e repository_name="ipa-images-${{ needs.create-tag.outputs.openstack_release }}-rocky-9-aarch64" \
587+ -e pulp_base_path="ipa-images/${{ needs.create-tag.outputs.openstack_release }}/rocky/9/aarch64" \
588+ -e os_distribution="rocky" \
589+ -e os_release="9" \
590+ -e file_regex='ipa.initramfs'
591+ env :
592+ KAYOBE_VAULT_PASSWORD : ${{ secrets.KAYOBE_VAULT_PASSWORD_CI_BUILDER }}
593+ if : steps.build_rocky_9_ipa_aarch64.outcome == 'success'
594+
595+ - name : Copy logs back
596+ continue-on-error : true
597+ run : |
598+ mkdir logs
599+ scp -r ubuntu@$(jq -r .access_ip_v4.value src/kayobe-config/etc/kayobe/environments/ci-builder/tf-outputs.yml):/opt/kayobe/images/*/*.std* ./logs/
600+ if : always()
601+
602+ - name : Upload logs artifact
603+ uses : actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
604+ with :
605+ name : Build logs aarch64
606+ path : ./logs
607+
608+ - name : Fail if the aarch64 IPA image build failed
609+ run : |
610+ echo "Build failed. See workflow artifacts for details." &&
611+ exit 1
612+ if : steps.build_rocky_9_ipa_aarch64.outcome == 'failure'
613+
614+ - name : Destroy
615+ run : terraform destroy -auto-approve
616+ working-directory : ${{ github.workspace }}/src/kayobe-config/terraform/aio
617+ env :
618+ OS_CLOUD : openstack
619+ OS_APPLICATION_CREDENTIAL_ID : ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }}
620+ OS_APPLICATION_CREDENTIAL_SECRET : ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }}
621+ if : always()
0 commit comments