CINXE.COM

General Purpose Roles — Zuul-Jobs documentation

<!DOCTYPE html> <html class="writer-html5" lang="en"> <head> <meta charset="utf-8" /><meta name="generator" content="Docutils 0.19: https://docutils.sourceforge.io/" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>General Purpose Roles &mdash; Zuul-Jobs documentation</title> <link rel="stylesheet" type="text/css" href="_static/pygments.css" /> <link rel="stylesheet" type="text/css" href="_static/css/theme.css" /> <link rel="stylesheet" type="text/css" href="_static/graphviz.css" /> <!--[if lt IE 9]> <script src="_static/js/html5shiv.min.js"></script> <![endif]--> <script data-url_root="./" id="documentation_options" src="_static/documentation_options.js"></script> <script src="_static/jquery.js"></script> <script src="_static/underscore.js"></script> <script src="_static/_sphinx_javascript_frameworks_compat.js"></script> <script src="_static/doctools.js"></script> <script src="_static/sphinx_highlight.js"></script> <script src="_static/js/theme.js"></script> <link rel="index" title="Index" href="genindex.html" /> <link rel="search" title="Search" href="search.html" /> <link rel="next" title="Log Roles" href="log-roles.html" /> <link rel="prev" title="Roles" href="roles.html" /> </head> <body class="wy-body-for-nav"> <div class="wy-grid-for-nav"> <nav data-toggle="wy-nav-shift" class="wy-nav-side"> <div class="wy-side-scroll"> <div class="wy-side-nav-search" style="background: #41B6E6" > <a href="index.html"> <img src="_static/logo.svg" class="logo" alt="Logo"/> </a> <div role="search"> <form id="rtd-search-form" class="wy-form" action="search.html" method="get"> <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" /> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> </div> </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu"> <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="install.html">Installation</a></li> <li class="toctree-l1"><a class="reference internal" href="policy.html">Policy</a><ul> <li class="toctree-l2"><a class="reference internal" href="policy.html#deprecation-policy">Deprecation Policy</a><ul> <li class="toctree-l3"><a class="reference internal" href="policy.html#new-zuul-features">New Zuul Features</a></li> <li class="toctree-l3"><a class="reference internal" href="policy.html#deprecated-zuul-features">Deprecated Zuul Features</a></li> <li class="toctree-l3"><a class="reference internal" href="policy.html#deprecated-operating-systems">Deprecated Operating Systems</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="policy.html#python-version-policy">Python Version Policy</a></li> <li class="toctree-l2"><a class="reference internal" href="policy.html#coding-guidelines">Coding guidelines</a><ul> <li class="toctree-l3"><a class="reference internal" href="policy.html#role-variable-naming-policy">Role Variable Naming Policy</a></li> <li class="toctree-l3"><a class="reference internal" href="policy.html#support-for-multiple-operating-systems">Support for Multiple Operating Systems</a></li> <li class="toctree-l3"><a class="reference internal" href="policy.html#handling-privileges-on-hosts">Handling privileges on hosts</a></li> <li class="toctree-l3"><a class="reference internal" href="policy.html#output-variables">Output Variables</a></li> <li class="toctree-l3"><a class="reference internal" href="policy.html#installing-dependencies-in-roles">Installing Dependencies in Roles</a></li> <li class="toctree-l3"><a class="reference internal" href="policy.html#ansible-linting-rules">Ansible Linting Rules</a><ul> <li class="toctree-l4"><a class="reference internal" href="policy.html#loops-in-roles">Loops in Roles</a></li> <li class="toctree-l4"><a class="reference internal" href="policy.html#preservation-of-owner-between-executor-and-remote">Preservation Of Owner Between Executor And Remote</a></li> </ul> </li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="policy.html#testing">Testing</a></li> </ul> </li> <li class="toctree-l1"><a class="reference internal" href="mirror.html">Mirror Configuration</a></li> <li class="toctree-l1"><a class="reference internal" href="jobs.html">Jobs</a><ul> <li class="toctree-l2"><a class="reference internal" href="general-jobs.html">General Purpose Jobs</a></li> <li class="toctree-l2"><a class="reference internal" href="python-jobs.html">Python Jobs</a></li> <li class="toctree-l2"><a class="reference internal" href="js-jobs.html">Javascript Jobs</a></li> <li class="toctree-l2"><a class="reference internal" href="dib-jobs.html">Diskimage-Builder Jobs</a></li> <li class="toctree-l2"><a class="reference internal" href="docker-jobs.html">Docker Jobs</a></li> <li class="toctree-l2"><a class="reference internal" href="container-jobs.html">Container Jobs</a></li> <li class="toctree-l2"><a class="reference internal" href="go-jobs.html">Go Jobs</a></li> <li class="toctree-l2"><a class="reference internal" href="hashicorp-jobs.html">Hashicorp Jobs</a></li> <li class="toctree-l2"><a class="reference internal" href="haskell-jobs.html">Haskell Jobs</a></li> <li class="toctree-l2"><a class="reference internal" href="helm-jobs.html">Helm Jobs</a></li> <li class="toctree-l2"><a class="reference internal" href="nim-jobs.html">Nim Jobs</a></li> <li class="toctree-l2"><a class="reference internal" href="system-jobs.html">System Jobs</a></li> <li class="toctree-l2"><a class="reference internal" href="deprecated-jobs.html">Deprecated Jobs</a></li> </ul> </li> <li class="toctree-l1 current"><a class="reference internal" href="roles.html">Roles</a><ul class="current"> <li class="toctree-l2 current"><a class="current reference internal" href="#">General Purpose Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="log-roles.html">Log Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="afs-roles.html">AFS Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="build-roles.html">Build Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="cloud-roles.html">Cloud Computing Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="container-roles.html">Container Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="deprecated-roles.html">Deprecated and Test Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="dib-roles.html">Diskimage-Builder Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="galaxy-roles.html">Ansible Galaxy Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="go-roles.html">Go Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="hashicorp-roles.html">Packer Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="haskell-roles.html">Haskell Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="helm-roles.html">Helm Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="java-roles.html">Java Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="js-roles.html">Javascript Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="kubernetes-roles.html">Kubernetes Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="launchpad-roles.html">Launchpad Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="nim-roles.html">Nim Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="puppet-roles.html">Puppet Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="python-roles.html">Python Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="rust-roles.html">Rust Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="system-roles.html">System Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="translation-roles.html">Translation Roles</a></li> <li class="toctree-l2"><a class="reference internal" href="logjuicer-roles.html">LogJuicer Roles</a></li> </ul> </li> <li class="toctree-l1"><a class="reference internal" href="docker-image.html">Container Images</a><ul> <li class="toctree-l2"><a class="reference internal" href="docker-image.html#run-an-intermediate-container-registry">Run an Intermediate Container Registry</a></li> <li class="toctree-l2"><a class="reference internal" href="docker-image.html#create-parent-jobs">Create Parent Jobs</a><ul> <li class="toctree-l3"><a class="reference internal" href="docker-image.html#yoursite-buildset-registry">yoursite-buildset-registry</a></li> <li class="toctree-l3"><a class="reference internal" href="docker-image.html#yoursite-build-docker-image">yoursite-build-docker-image</a></li> <li class="toctree-l3"><a class="reference internal" href="docker-image.html#yoursite-upload-docker-image">yoursite-upload-docker-image</a></li> <li class="toctree-l3"><a class="reference internal" href="docker-image.html#yoursite-promote-docker-image">yoursite-promote-docker-image</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="docker-image.html#system-architecture">System Architecture</a></li> <li class="toctree-l2"><a class="reference internal" href="docker-image.html#using-the-jobs">Using the Jobs</a><ul> <li class="toctree-l3"><a class="reference internal" href="docker-image.html#a-repository-with-producers-and-consumers">A Repository with Producers and Consumers</a></li> <li class="toctree-l3"><a class="reference internal" href="docker-image.html#a-repository-with-only-producers">A Repository with Only Producers</a></li> <li class="toctree-l3"><a class="reference internal" href="docker-image.html#publishing-an-image">Publishing an Image</a></li> </ul> </li> </ul> </li> </ul> </div> </div> </nav> <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" style="background: #41B6E6" > <i data-toggle="wy-nav-top" class="fa fa-bars"></i> <a href="index.html">Zuul-Jobs</a> </nav> <div class="wy-nav-content"> <div class="rst-content"> <div role="navigation" aria-label="Page navigation"> <ul class="wy-breadcrumbs"> <li><a href="index.html" class="icon icon-home" aria-label="Home"></a></li> <li class="breadcrumb-item"><a href="roles.html">Roles</a></li> <li class="breadcrumb-item active">General Purpose Roles</li> <li class="wy-breadcrumbs-aside"> <a href="_sources/general-roles.rst.txt" rel="nofollow"> View page source</a> </li> </ul> <hr/> </div> <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article"> <div itemprop="articleBody"> <section id="general-purpose-roles"> <h1>General Purpose Roles<a class="headerlink" href="#general-purpose-roles" title="Permalink to this heading"></a></h1> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-add-authorized-keys"> <span class="sig-name descname"><span class="pre">add-authorized-keys</span></span><a class="headerlink" href="#role-add-authorized-keys" title="Permalink to this definition"></a></dt> <dd><p>Install SSH public key(s) on all hosts</p> <p>This role is intended to be run at the end of a failed job for which the build node set will be held with zuul’s <cite>autohold</cite> command.</p> <p>It copies the public key(s) into the authorized_keys file of every host in the inventory, allowing privileged users to access the node set for debugging or post-mortem analysis.</p> <p>Add this stanza at the end of your project’s base post playbook to activate this functionality:</p> <div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">hosts</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">all</span> <span class="w"> </span><span class="nt">roles</span><span class="p">:</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">role</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">add-authorized-keys</span> <span class="w"> </span><span class="nt">public_keys</span><span class="p">:</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">public_key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ssh-rsa AAAAB... venkman@parapsy.columbia.edu</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">public_key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ssh-rsa AAAAB... spengler@parapsy.columbia.edu</span> <span class="w"> </span><span class="nt">when</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">not zuul_success | bool</span> </pre></div> </div> <div class="admonition caution"> <p class="admonition-title">Caution</p> <p>Including this role earlier in any playbook may allow the keys’ owners to tamper with the execution of the jobs. It is strongly advised against doing so.</p> </div> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-authorized-keys.ssh_public_keys"> <span class="sig-name descname"><span class="pre">ssh_public_keys</span></span><a class="headerlink" href="#rolevar-add-authorized-keys.ssh_public_keys" title="Permalink to this definition"></a><br /></dt> <dd><p>A list of keys to inject.</p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-authorized-keys.ssh_public_keys.public_key"> <span class="sig-prename descclassname"><span class="pre">ssh_public_keys.</span></span><span class="sig-name descname"><span class="pre">public_key</span></span><a class="headerlink" href="#rolevar-add-authorized-keys.ssh_public_keys.public_key" title="Permalink to this definition"></a><br /></dt> <dd><p>A public key to inject into authorized_keys, or a URL to a public key.</p> </dd></dl> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-add-build-sshkey"> <span class="sig-name descname"><span class="pre">add-build-sshkey</span></span><a class="headerlink" href="#role-add-build-sshkey" title="Permalink to this definition"></a></dt> <dd><p>Generate and install a build-local SSH key on all hosts</p> <p>This role is intended to be run on the Zuul Executor at the start of every job. It generates an SSH keypair and installs the public key in the authorized_keys file of every host in the inventory. It then removes the Zuul master key from this job’s SSH agent so that the original key used to log into all of the hosts is no longer accessible (any per-project keys, if present, remain available), then adds the newly generated private key.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-sshkey.zuul_temp_ssh_key"> <span class="sig-name descname"><span class="pre">zuul_temp_ssh_key</span></span><a class="headerlink" href="#rolevar-add-build-sshkey.zuul_temp_ssh_key" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">``{{</span> <span class="pre">zuul.executor.work_root</span> <span class="pre">}}/{{</span> <span class="pre">zuul.build</span> <span class="pre">}}_id_rsa``</span></code><br /></dt> <dd><p>Where to put the newly-generated SSH private key.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-sshkey.zuul_ssh_key_dest"> <span class="sig-name descname"><span class="pre">zuul_ssh_key_dest</span></span><a class="headerlink" href="#rolevar-add-build-sshkey.zuul_ssh_key_dest" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">``id_{{</span> <span class="pre">zuul_ssh_key_algorithm</span> <span class="pre">}}``</span></code><br /></dt> <dd><p>File name for the the newly-generated SSH private key.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-sshkey.zuul_build_sshkey_cleanup"> <span class="sig-name descname"><span class="pre">zuul_build_sshkey_cleanup</span></span><a class="headerlink" href="#rolevar-add-build-sshkey.zuul_build_sshkey_cleanup" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">false</span></code><br /></dt> <dd><p>Remove previous build sshkey. Set it to true for single use static node. Do not set it to true for multi-slot static nodes as it removes the build key configured by other jobs.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-sshkey.zuul_ssh_key_algorithm"> <span class="sig-name descname"><span class="pre">zuul_ssh_key_algorithm</span></span><a class="headerlink" href="#rolevar-add-build-sshkey.zuul_ssh_key_algorithm" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">rsa</span></code><br /></dt> <dd><p>The digital signature algorithm to be used to generate the key.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-sshkey.zuul_ssh_key_size"> <span class="sig-name descname"><span class="pre">zuul_ssh_key_size</span></span><a class="headerlink" href="#rolevar-add-build-sshkey.zuul_ssh_key_size" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">3072</span></code><br /></dt> <dd><p>Specifies the number of bits in the key to create.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-add-build-winrm-cert"> <span class="sig-name descname"><span class="pre">add-build-winrm-cert</span></span><a class="headerlink" href="#role-add-build-winrm-cert" title="Permalink to this definition"></a></dt> <dd><p>Generate and install a build-local WinRM certificate on all Windows hosts</p> <p>This role is intended to be run on the Zuul Executor at the start of every job. It generates a self-signed certificate and installs the certificate on every Windows host in the inventory.</p> <p>It then updates the host vars for each such host to use the new certificate. The original certificate used to initially connect to the host still remains on disk, but once the build-local certificate is in place, later untrusted playbooks no longer need it to be provided.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-winrm-cert.build_winrm_cert_credentials"> <span class="sig-name descname"><span class="pre">build_winrm_cert_credentials</span></span><a class="headerlink" href="#rolevar-add-build-winrm-cert.build_winrm_cert_credentials" title="Permalink to this definition"></a><br /></dt> <dd><p>A complex argument expected to be supplied from a Zuul secret. These are the Windows login credentials for the account to associate with the certificate.</p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-winrm-cert.build_winrm_cert_credentials.username"> <span class="sig-prename descclassname"><span class="pre">build_winrm_cert_credentials.</span></span><span class="sig-name descname"><span class="pre">username</span></span><a class="headerlink" href="#rolevar-add-build-winrm-cert.build_winrm_cert_credentials.username" title="Permalink to this definition"></a><br /></dt> <dd><p>The username of the account.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-winrm-cert.build_winrm_cert_credentials.password"> <span class="sig-prename descclassname"><span class="pre">build_winrm_cert_credentials.</span></span><span class="sig-name descname"><span class="pre">password</span></span><a class="headerlink" href="#rolevar-add-build-winrm-cert.build_winrm_cert_credentials.password" title="Permalink to this definition"></a><br /></dt> <dd><p>The password of the account.</p> </dd></dl> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-winrm-cert.build_winrm_cert_change_password"> <span class="sig-name descname"><span class="pre">build_winrm_cert_change_password</span></span><a class="headerlink" href="#rolevar-add-build-winrm-cert.build_winrm_cert_change_password" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">``False``</span></code><br /></dt> <dd><p>If this is true, then change the password for the user to the value supplied before adding the certificate. This is useful if the initial account password is automatically generated and otherwise unknown.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-winrm-cert.zuul_temp_winrm_name"> <span class="sig-name descname"><span class="pre">zuul_temp_winrm_name</span></span><a class="headerlink" href="#rolevar-add-build-winrm-cert.zuul_temp_winrm_name" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">``{{</span> <span class="pre">zuul.build</span> <span class="pre">}}_winrm``</span></code><br /></dt> <dd><p>The base name of the certificate file.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-winrm-cert.zuul_temp_winrm_cert"> <span class="sig-name descname"><span class="pre">zuul_temp_winrm_cert</span></span><a class="headerlink" href="#rolevar-add-build-winrm-cert.zuul_temp_winrm_cert" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">``{{</span> <span class="pre">zuul.executor.work_root</span> <span class="pre">}}/{{</span> <span class="pre">zuul_temp_winrm_name</span> <span class="pre">}}.crt``</span></code><br /></dt> <dd><p>File name for the the newly-generated certificate.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-winrm-cert.zuul_temp_winrm_key"> <span class="sig-name descname"><span class="pre">zuul_temp_winrm_key</span></span><a class="headerlink" href="#rolevar-add-build-winrm-cert.zuul_temp_winrm_key" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">``{{</span> <span class="pre">zuul.executor.work_root</span> <span class="pre">}}/{{</span> <span class="pre">zuul_temp_winrm_name</span> <span class="pre">}}.key``</span></code><br /></dt> <dd><p>File name for the the newly-generated private key.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-winrm-cert.zuul_temp_winrm_pfx"> <span class="sig-name descname"><span class="pre">zuul_temp_winrm_pfx</span></span><a class="headerlink" href="#rolevar-add-build-winrm-cert.zuul_temp_winrm_pfx" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">``{{</span> <span class="pre">zuul.executor.work_root</span> <span class="pre">}}/{{</span> <span class="pre">zuul_temp_winrm_name</span> <span class="pre">}}.pfx``</span></code><br /></dt> <dd><p>Executor-local file name for the the exported certificate.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-build-winrm-cert.zuul_temp_winrm_remote_tempfile"> <span class="sig-name descname"><span class="pre">zuul_temp_winrm_remote_tempfile</span></span><a class="headerlink" href="#rolevar-add-build-winrm-cert.zuul_temp_winrm_remote_tempfile" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">``~/appdata/local/temp/{{</span> <span class="pre">zuul_temp_winrm_name</span> <span class="pre">}}.pfx``</span></code><br /></dt> <dd><p>Remote temporary location for the certificate during import.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-add-gpgkey"> <span class="sig-name descname"><span class="pre">add-gpgkey</span></span><a class="headerlink" href="#role-add-gpgkey" title="Permalink to this definition"></a></dt> <dd><p>Install a GPG private key onto a host.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-gpgkey.gpg_key"> <span class="sig-name descname"><span class="pre">gpg_key</span></span><a class="headerlink" href="#rolevar-add-gpgkey.gpg_key" title="Permalink to this definition"></a><br /></dt> <dd><blockquote> <div><p>Complex argument which contains the GPG private key. It is expected that this argument comes from a <cite>Secret</cite>.</p> </div></blockquote> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-gpgkey.gpg_key.private"> <span class="sig-prename descclassname"><span class="pre">gpg_key.</span></span><span class="sig-name descname"><span class="pre">private</span></span><a class="headerlink" href="#rolevar-add-gpgkey.gpg_key.private" title="Permalink to this definition"></a><br /></dt> <dd><p>The ascii-armored contents of the GPG private key.</p> </dd></dl> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-add-sshkey"> <span class="sig-name descname"><span class="pre">add-sshkey</span></span><a class="headerlink" href="#role-add-sshkey" title="Permalink to this definition"></a></dt> <dd><p>Add an ssh key to the host so that non-ansible ssh connections can be made.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-sshkey.ssh_key"> <span class="sig-name descname"><span class="pre">ssh_key</span></span><a class="headerlink" href="#rolevar-add-sshkey.ssh_key" title="Permalink to this definition"></a><br /></dt> <dd><p>Complex argument which contains the ssh key information. It is expected that this argument comes from a <cite>Secret</cite>.</p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-sshkey.ssh_key.ssh_known_hosts"> <span class="sig-prename descclassname"><span class="pre">ssh_key.</span></span><span class="sig-name descname"><span class="pre">ssh_known_hosts</span></span><a class="headerlink" href="#rolevar-add-sshkey.ssh_key.ssh_known_hosts" title="Permalink to this definition"></a><br /></dt> <dd><p>String containing known host signature for the remote host.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-sshkey.ssh_key.ssh_private_key"> <span class="sig-prename descclassname"><span class="pre">ssh_key.</span></span><span class="sig-name descname"><span class="pre">ssh_private_key</span></span><a class="headerlink" href="#rolevar-add-sshkey.ssh_key.ssh_private_key" title="Permalink to this definition"></a><br /></dt> <dd><p>Contents of the ssh private key to use.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-add-sshkey.ssh_key.fqdn"> <span class="sig-prename descclassname"><span class="pre">ssh_key.</span></span><span class="sig-name descname"><span class="pre">fqdn</span></span><a class="headerlink" href="#rolevar-add-sshkey.ssh_key.fqdn" title="Permalink to this definition"></a><br /></dt> <dd><p>The FQDN of the remote host.</p> </dd></dl> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-bindep"> <span class="sig-name descname"><span class="pre">bindep</span></span><a class="headerlink" href="#role-bindep" title="Permalink to this definition"></a></dt> <dd><p>Installs distro packages using bindep tool</p> <p>Looks for a <code class="docutils literal notranslate"><span class="pre">bindep.txt</span></code> in a project’s source directory, or failing that a <code class="docutils literal notranslate"><span class="pre">other-requirements.txt</span></code>. If one exists, run <code class="docutils literal notranslate"><span class="pre">bindep</span></code> on the file to produce a list of required distro packages that do not exist and then install the missing packages.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-bindep.bindep_dir"> <span class="sig-name descname"><span class="pre">bindep_dir</span></span><a class="headerlink" href="#rolevar-bindep.bindep_dir" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul.project.src_dir</span> <span class="pre">}}</span></code><br /></dt> <dd><p>The directory to look for bindep files in.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-bindep.bindep_profile"> <span class="sig-name descname"><span class="pre">bindep_profile</span></span><a class="headerlink" href="#rolevar-bindep.bindep_profile" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">test</span></code><br /></dt> <dd><p>A specific bindep profile to request.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-bindep.bindep_file"> <span class="sig-name descname"><span class="pre">bindep_file</span></span><a class="headerlink" href="#rolevar-bindep.bindep_file" title="Permalink to this definition"></a><br /></dt> <dd><p>Path or list of paths to a specific bindep file(s) to read from.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-bindep.bindep_command"> <span class="sig-name descname"><span class="pre">bindep_command</span></span><a class="headerlink" href="#rolevar-bindep.bindep_command" title="Permalink to this definition"></a><br /></dt> <dd><p>Path to the bindep command. Defaults to unset which will look for a system installed bindep. If bindep_command is not found, bindep will be installed into a temporary virtualenv.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-bindep.bindep_fallback"> <span class="sig-name descname"><span class="pre">bindep_fallback</span></span><a class="headerlink" href="#rolevar-bindep.bindep_fallback" title="Permalink to this definition"></a><br /></dt> <dd><p>Path to a bindep fallback file to be used if no bindep file can be found in <a class="reference internal" href="#rolevar-bindep.bindep_dir" title="rolevar-bindep.bindep_dir"><span class="xref zuul zuul-rolevar">bindep.bindep_dir</span></a>.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-buildset-artifacts-location"> <span class="sig-name descname"><span class="pre">buildset-artifacts-location</span></span><a class="headerlink" href="#role-buildset-artifacts-location" title="Permalink to this definition"></a></dt> <dd><p>Return the location of buildset logs</p> <p>When a ‘buildset’ directory exists in the job logs, then use zuul_return to set buildset_artifacts_url for children jobs.</p> <p>rpm-build job:</p> <ul class="simple"> <li><p>Create a repository</p></li> <li><p>Fetch the repository to “{{ zuul.executor.log_root }}/buildset”</p></li> <li><p>Use the buildset-artifacts-location role</p></li> </ul> <p>rpm-test jobs:</p> <ul class="simple"> <li><p>Install “{{ buildset_artficats_url }}” yum repository</p></li> <li><p>Run integration tests</p></li> </ul> <div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nt">layout</span><span class="p">:</span> <span class="w"> </span><span class="nt">jobs</span><span class="p">:</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">rpm-build</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">rpm-test1</span><span class="p">:</span> <span class="w"> </span><span class="nt">dependencies</span><span class="p">:</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">rpm-build</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">rpm-test2</span><span class="p">:</span> <span class="w"> </span><span class="nt">dependencies</span><span class="p">:</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">rpm-build</span> </pre></div> </div> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-buildset-artifacts-location.zuul_log_url"> <span class="sig-name descname"><span class="pre">zuul_log_url</span></span><a class="headerlink" href="#rolevar-buildset-artifacts-location.zuul_log_url" title="Permalink to this definition"></a><br /></dt> <dd><p>Base URL where logs are to be found.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-buildset-artifacts-location.zuul_log_path"> <span class="sig-name descname"><span class="pre">zuul_log_path</span></span><a class="headerlink" href="#rolevar-buildset-artifacts-location.zuul_log_path" title="Permalink to this definition"></a><br /></dt> <dd><p>Path of the logs. This optional when the role is used after ‘upload-logs’.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-clear-firewall"> <span class="sig-name descname"><span class="pre">clear-firewall</span></span><a class="headerlink" href="#role-clear-firewall" title="Permalink to this definition"></a></dt> <dd><p>Clear firewall rules from test nodes</p> <p>Some test workloads manage all of their own firewall rules, and pre-existing firewall rules can pollute the system. This role clears out firewall rules for both ipv4 and ipv6.</p> <p>You may want to consult your Zuul system’s system administrator prior to using this role as the preexisting firewall configuration may provide necessary functionality.</p> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-configure-mirrors"> <span class="sig-name descname"><span class="pre">configure-mirrors</span></span><a class="headerlink" href="#role-configure-mirrors" title="Permalink to this definition"></a></dt> <dd><p>An ansible role to configure services to use mirrors.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-configure-mirrors.mirror_fqdn"> <span class="sig-name descname"><span class="pre">mirror_fqdn</span></span><a class="headerlink" href="#rolevar-configure-mirrors.mirror_fqdn" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul_site_mirror_fqdn</span> <span class="pre">}}</span></code><br /></dt> <dd><p>The base host for mirror servers.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-configure-mirrors.mirror_use_ssl"> <span class="sig-name descname"><span class="pre">mirror_use_ssl</span></span><a class="headerlink" href="#rolevar-configure-mirrors.mirror_use_ssl" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">False</span></code><br /></dt> <dd><p>Use ssl to communicate to mirror endpoints. Note if the platform cannot use ssl (for example Ubuntu Xenial apt needs additional packages) this will still use http instead of https when set for that platform.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-configure-mirrors.pypi_fqdn"> <span class="sig-name descname"><span class="pre">pypi_fqdn</span></span><a class="headerlink" href="#rolevar-configure-mirrors.pypi_fqdn" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">mirror_fqdn</span> <span class="pre">}}</span></code><br /></dt> <dd><p>The base host for PyPi mirror server.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-configure-mirrors.pypi_mirror"> <span class="sig-name descname"><span class="pre">pypi_mirror</span></span><a class="headerlink" href="#rolevar-configure-mirrors.pypi_mirror" title="Permalink to this definition"></a><br /></dt> <dd><p>URL to override the generated pypi mirror url based on <a class="reference internal" href="#rolevar-configure-mirrors.pypi_fqdn" title="rolevar-configure-mirrors.pypi_fqdn"><span class="xref zuul zuul-rolevar">configure-mirrors.pypi_fqdn</span></a>.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-configure-mirrors.set_apt_mirrors_trusted"> <span class="sig-name descname"><span class="pre">set_apt_mirrors_trusted</span></span><a class="headerlink" href="#rolevar-configure-mirrors.set_apt_mirrors_trusted" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">False</span></code><br /></dt> <dd><p>Set to True in order to tag APT mirrors as trusted, needed when accessing unsigned mirrors with newer releases like Ubuntu Bionic.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-configure-mirrors.enable_deb_src_repos"> <span class="sig-name descname"><span class="pre">enable_deb_src_repos</span></span><a class="headerlink" href="#rolevar-configure-mirrors.enable_deb_src_repos" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">False</span></code><br /></dt> <dd><p>Set this to True in order to enable deb-src entries in sources.list configs for apt. Note this option currently only works on Debian (not Ubuntu) installations.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-configure-mirrors.configure_mirrors_extra_repos"> <span class="sig-name descname"><span class="pre">configure_mirrors_extra_repos</span></span><a class="headerlink" href="#rolevar-configure-mirrors.configure_mirrors_extra_repos" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">True</span></code><br /></dt> <dd><p>Set to False to opt-out of installing extra repositories such as PowerTools and HighAvailability on centos-8-stream and backports for Debian/Ubuntu. The intent is to match the upstream distro state when this variable is set to False. Note that this role is not necessarily consistent with the repos that are enabled by default between distribution versions (centos stream 8 vs. 9 for example).</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-configure-mirrors.configure_mirrors_components_9_stream"> <span class="sig-name descname"><span class="pre">configure_mirrors_components_9_stream</span></span><a class="headerlink" href="#rolevar-configure-mirrors.configure_mirrors_components_9_stream" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">See</span> <span class="pre">`vars/CentOS-9.yaml`</span></code><br /></dt> <dd><p>A list of the components that should be redirected to the <cite>mirror_fqdn</cite> when setting up a CentOS 9-stream host. For example, your mirror may only mirror some components, or not the debug/source components, etc.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-copy-build-sshkey"> <span class="sig-name descname"><span class="pre">copy-build-sshkey</span></span><a class="headerlink" href="#role-copy-build-sshkey" title="Permalink to this definition"></a></dt> <dd><p>Copy a build-local SSH key to a defined user on all hosts</p> <p>This role is intended to be run on the Zuul Executor. It copies a generated build specific ssh key to a user and adds it to the authorized_keys file of every host in the inventory.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-copy-build-sshkey.zuul_temp_ssh_key"> <span class="sig-name descname"><span class="pre">zuul_temp_ssh_key</span></span><a class="headerlink" href="#rolevar-copy-build-sshkey.zuul_temp_ssh_key" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">&quot;{{</span> <span class="pre">zuul.executor.work_root</span> <span class="pre">}}/{{</span> <span class="pre">zuul.build</span> <span class="pre">}}_id_rsa&quot;</span></code><br /></dt> <dd><p>Where to source the build private key</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-copy-build-sshkey.copy_sshkey_target_user"> <span class="sig-name descname"><span class="pre">copy_sshkey_target_user</span></span><a class="headerlink" href="#rolevar-copy-build-sshkey.copy_sshkey_target_user" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">root</span></code><br /></dt> <dd><p>The user to copy the sshkey to.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-download-artifact"> <span class="sig-name descname"><span class="pre">download-artifact</span></span><a class="headerlink" href="#role-download-artifact" title="Permalink to this definition"></a></dt> <dd><p>Download artifacts from a completed build of a Zuul job</p> <p>Given a change, downloads artifacts from a previous build (by default of the current change) into the work directory. This will download as many artifacts as match the selection criteria.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-download-artifact.download_artifact_api"> <span class="sig-name descname"><span class="pre">download_artifact_api</span></span><a class="headerlink" href="#rolevar-download-artifact.download_artifact_api" title="Permalink to this definition"></a><br /></dt> <dd><p>The Zuul API endpoint to use. Example: <code class="docutils literal notranslate"><span class="pre">https://zuul.example.org/api/tenant/{{</span> <span class="pre">zuul.tenant</span> <span class="pre">}}</span></code></p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-download-artifact.download_artifact_pipeline"> <span class="sig-name descname"><span class="pre">download_artifact_pipeline</span></span><a class="headerlink" href="#rolevar-download-artifact.download_artifact_pipeline" title="Permalink to this definition"></a><br /></dt> <dd><p>The pipeline in which the previous build ran.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-download-artifact.download_artifact_job"> <span class="sig-name descname"><span class="pre">download_artifact_job</span></span><a class="headerlink" href="#rolevar-download-artifact.download_artifact_job" title="Permalink to this definition"></a><br /></dt> <dd><p>The job of the previous build.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-download-artifact.download_artifact_type"> <span class="sig-name descname"><span class="pre">download_artifact_type</span></span><a class="headerlink" href="#rolevar-download-artifact.download_artifact_type" title="Permalink to this definition"></a><br /></dt> <dd><p>The artifact type. This is the value of the <code class="docutils literal notranslate"><span class="pre">type</span></code> field in the artifact metadata. This can be a string or a list of strings.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-download-artifact.download_artifact_query"> <span class="sig-name descname"><span class="pre">download_artifact_query</span></span><a class="headerlink" href="#rolevar-download-artifact.download_artifact_query" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">change={{</span> <span class="pre">zuul.change</span> <span class="pre">}}&amp;patchset={{</span> <span class="pre">zuul.patchset</span> <span class="pre">}}&amp;pipeline={{</span> <span class="pre">download_artifact_pipeline</span> <span class="pre">}}&amp;job_name={{</span> <span class="pre">download_artifact_job</span> <span class="pre">}}</span></code><br /></dt> <dd><p>The query to use to find the build. Normally the default is used.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-download-artifact.download_artifact_directory"> <span class="sig-name descname"><span class="pre">download_artifact_directory</span></span><a class="headerlink" href="#rolevar-download-artifact.download_artifact_directory" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul.executor.work_root</span> <span class="pre">}}</span></code><br /></dt> <dd><p>The directory in which to place the downloaded artifacts.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-dstat-graph"> <span class="sig-name descname"><span class="pre">dstat-graph</span></span><a class="headerlink" href="#role-dstat-graph" title="Permalink to this definition"></a></dt> <dd><p>Run dstat_graph</p> <p>This requires that the <a class="reference internal" href="#role-run-dstat" title="role-run-dstat"><span class="xref zuul zuul-role">run-dstat</span></a> role be previously used.</p> <p>Add this to a post-run playbook to run <code class="docutils literal notranslate"><span class="pre">dstat_graph</span></code> to graph data from dstat.</p> <p>Use the <a class="reference internal" href="#role-ensure-dstat-graph" title="role-ensure-dstat-graph"><span class="xref zuul zuul-role">ensure-dstat-graph</span></a> in a pre-run playbook to make sure that dstat_graph is available (since it is not currently packaged in any operating system).</p> <p>The output will appear in <code class="docutils literal notranslate"><span class="pre">dstat.html</span></code> in the <code class="docutils literal notranslate"><span class="pre">zuul-output/logs</span></code> directory.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-dstat-graph.dstat_graph_cache_path"> <span class="sig-name descname"><span class="pre">dstat_graph_cache_path</span></span><a class="headerlink" href="#rolevar-dstat-graph.dstat_graph_cache_path" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">/opt/cache/dstat_graph</span></code><br /></dt> <dd><p>The role will check this location to see if a cached copy of dstat_graph is available.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-dstat-graph.dstat_graph_download_path"> <span class="sig-name descname"><span class="pre">dstat_graph_download_path</span></span><a class="headerlink" href="#rolevar-dstat-graph.dstat_graph_download_path" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">/tmp/dstat_graph</span></code><br /></dt> <dd><p>If a cached copy is not available, the role will check if dstat_graph was previously downloaded to this location.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-dstat-graph.dstat_data_path"> <span class="sig-name descname"><span class="pre">dstat_data_path</span></span><a class="headerlink" href="#rolevar-dstat-graph.dstat_data_path" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">&quot;{{</span> <span class="pre">ansible_user_dir</span> <span class="pre">}}/zuul-output/logs/dstat.csv&quot;</span></code><br /></dt> <dd><p>The path to the dstat data file.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-emit-job-header"> <span class="sig-name descname"><span class="pre">emit-job-header</span></span><a class="headerlink" href="#role-emit-job-header" title="Permalink to this definition"></a></dt> <dd><p>Log a few lines about the job.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-emit-job-header.zuul_log_url"> <span class="sig-name descname"><span class="pre">zuul_log_url</span></span><a class="headerlink" href="#rolevar-emit-job-header.zuul_log_url" title="Permalink to this definition"></a><br /></dt> <dd><p>Base URL where logs are to be found.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-emit-job-header.zuul_log_path_shard_build"> <span class="sig-name descname"><span class="pre">zuul_log_path_shard_build</span></span><a class="headerlink" href="#rolevar-emit-job-header.zuul_log_path_shard_build" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">False</span></code><br /></dt> <dd><p>This var is consumed by set-zuul-log-path-fact which emit-job-header calls into. If you set this you will get log paths prefixed with the first three characters of the build uuid. This will improve log file sharding.</p> <p>More details can be found at <a class="reference internal" href="log-roles.html#rolevar-set-zuul-log-path-fact.zuul_log_path_shard_build" title="rolevar-set-zuul-log-path-fact.zuul_log_path_shard_build"><span class="xref zuul zuul-rolevar">set-zuul-log-path-fact.zuul_log_path_shard_build</span></a></p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-enable-fips"> <span class="sig-name descname"><span class="pre">enable-fips</span></span><a class="headerlink" href="#role-enable-fips" title="Permalink to this definition"></a></dt> <dd><p>Enable FIPS on a node.</p> <p>Set a node into FIPS mode, to test functionality when crypto policies are set to FIPS in RHEL/Centos &gt;=8 or Ubuntu.</p> <p>For Ubuntu nodes, the node is assumed to already have an Ubuntu Advantage subscription activated, as this is required to enable FIPS mode. The enable-ua-subscription role in this repo can be used to activate the subscription.</p> <p>The role will set the node into FIPS mode, reboot the node, and then call the post-reboot-tasks role. This role requires a role parameter - nslookup_target.</p> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-enable-netconsole"> <span class="sig-name descname"><span class="pre">enable-netconsole</span></span><a class="headerlink" href="#role-enable-netconsole" title="Permalink to this definition"></a></dt> <dd><p>Enable netconsole for host</p> <p>This enables the netconsole on a host to send kernel/dmesg logs to a remote host. This can be very useful if a node is experiencing a kernel oops or another form of unexpected disconnect where you can not retrieve information via standard logging methods.</p> <p>The <code class="docutils literal notranslate"><span class="pre">netconsole_remote_ip</span></code> and <code class="docutils literal notranslate"><span class="pre">netconsole_remote_port</span></code> variables must be set. This host can capture the logs with a command like:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span>$ nc -v -u -l -p 6666 | tee console-output.log </pre></div> </div> <p>or:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span>$ socat udp-recv:6666 - | tee console-output.log </pre></div> </div> <p>One further trick is to send interesting data to <code class="docutils literal notranslate"><span class="pre">/dev/kmsg</span></code>, this should make it across the netconsole even if the main interface has been disabled, etc. e.g.:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span>$ ip addr | sudo tee /dev/kmsg </pre></div> </div> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-enable-netconsole.netconsole_remote_ip"> <span class="sig-name descname"><span class="pre">netconsole_remote_ip</span></span><a class="headerlink" href="#rolevar-enable-netconsole.netconsole_remote_ip" title="Permalink to this definition"></a><br /></dt> <dd><p>The IP address of the remote host to send to.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-enable-netconsole.netconsole_remote_port"> <span class="sig-name descname"><span class="pre">netconsole_remote_port</span></span><a class="headerlink" href="#rolevar-enable-netconsole.netconsole_remote_port" title="Permalink to this definition"></a><br /></dt> <dd><p>The port listening on the remote host.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-enable-ua-subscription"> <span class="sig-name descname"><span class="pre">enable-ua-subscription</span></span><a class="headerlink" href="#role-enable-ua-subscription" title="Permalink to this definition"></a></dt> <dd><p>Enable UA Subscription on a node.</p> <p>For Ubuntu nodes, this role activates an Ubuntu advantage subscription using a passed in token (ubuntu_ua_token.token).</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-enable-ua-subscription.ubuntu_ua_token"> <span class="sig-name descname"><span class="pre">ubuntu_ua_token</span></span><a class="headerlink" href="#rolevar-enable-ua-subscription.ubuntu_ua_token" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">None</span></code><br /><span class="pre">Type:</span> <em><span class="pre">dict</span></em><br /></dt> <dd><p>Dict used to specify Ubuntu advantage subscription information. ubuntu_ua_token.token is a subscription key.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-encrypt-file"> <span class="sig-name descname"><span class="pre">encrypt-file</span></span><a class="headerlink" href="#role-encrypt-file" title="Permalink to this definition"></a></dt> <dd><p>encrypt-file</p> <p>Import GPG keys and encrypt a file</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-encrypt-file.encrypt_file"> <span class="sig-name descname"><span class="pre">encrypt_file</span></span><a class="headerlink" href="#rolevar-encrypt-file.encrypt_file" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">*undefined*</span></code><br /></dt> <dd><p>A <em>string</em> with the full path to a log file to encrypt, or a <em>list</em> of <em>string</em> values of full paths to encrypt. Must be defined. Resulting file(s) will have <code class="docutils literal notranslate"><span class="pre">.gpg</span></code> added.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-encrypt-file.encrypt_file_recipients"> <span class="sig-name descname"><span class="pre">encrypt_file_recipients</span></span><a class="headerlink" href="#rolevar-encrypt-file.encrypt_file_recipients" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">[]</span></code><br /></dt> <dd><p>List of recipients who will be able to decrypt the file(s). This should be a list of <code class="docutils literal notranslate"><span class="pre">name</span></code> keys that exist in <code class="docutils literal notranslate"><span class="pre">encrypt_file_keys</span></code>.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-encrypt-file.encrypt_file_keys"> <span class="sig-name descname"><span class="pre">encrypt_file_keys</span></span><a class="headerlink" href="#rolevar-encrypt-file.encrypt_file_keys" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">[]</span></code><br /></dt> <dd><p>Keys available to encrypt the file with. Each entry is a dictionary with keys</p> <ul class="simple"> <li><p><code class="docutils literal notranslate"><span class="pre">name</span></code> : a freeform string identifier</p></li> <li><p><code class="docutils literal notranslate"><span class="pre">key_id</span></code>: the GPG key ID</p></li> <li><p><code class="docutils literal notranslate"><span class="pre">gpg_asc</span></code>: the GPG ASCII-armored public key. If the public-key is not already available, it will be imported to GPG.</p></li> </ul> <p>It is intended that this is a global-variable, and specific files to be encrypted then choose a subset of keys in this variable for encryption.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-ensure-bazelisk"> <span class="sig-name descname"><span class="pre">ensure-bazelisk</span></span><a class="headerlink" href="#role-ensure-bazelisk" title="Permalink to this definition"></a></dt> <dd><p>Ensure that bazelisk is present.</p> <p>If bazelisk is already installed, this role does nothing. Otherwise, it downloads bazelisk from GitHub and installs it in the user’s home directory by default.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-ensure-bazelisk.bazelisk_version"> <span class="sig-name descname"><span class="pre">bazelisk_version</span></span><a class="headerlink" href="#rolevar-ensure-bazelisk.bazelisk_version" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">v1.3.0</span></code><br /></dt> <dd><p>Version of bazelisk to install.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-ensure-bazelisk.bazelisk_arch"> <span class="sig-name descname"><span class="pre">bazelisk_arch</span></span><a class="headerlink" href="#rolevar-ensure-bazelisk.bazelisk_arch" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">linux-amd64</span></code><br /></dt> <dd><p>Architecture to install.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-ensure-bazelisk.bazelisk_url"> <span class="sig-name descname"><span class="pre">bazelisk_url</span></span><a class="headerlink" href="#rolevar-ensure-bazelisk.bazelisk_url" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">https://github.com/bazelbuild/bazelisk/releases/download/{{</span> <span class="pre">bazelisk_version</span> <span class="pre">}}/bazelisk-{{</span> <span class="pre">bazelisk_arch</span> <span class="pre">}}</span></code><br /></dt> <dd><p>The URL from which to download bazelisk.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-ensure-bazelisk.bazelisk_target"> <span class="sig-name descname"><span class="pre">bazelisk_target</span></span><a class="headerlink" href="#rolevar-ensure-bazelisk.bazelisk_target" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">&quot;{{</span> <span class="pre">ansible_user_dir</span> <span class="pre">}}/.local/bin/bazelisk&quot;</span></code><br /></dt> <dd><p>Where to install bazelisk. If the role downloads bazelisk, it will set <a class="reference internal" href="#rolevar-ensure-bazelisk.bazelisk_executable" title="rolevar-ensure-bazelisk.bazelisk_executable"><span class="xref zuul zuul-rolevar">ensure-bazelisk.bazelisk_executable</span></a> to this value as well.</p> </dd></dl> <p><strong>Output Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-ensure-bazelisk.bazelisk_executable"> <span class="sig-name descname"><span class="pre">bazelisk_executable</span></span><a class="headerlink" href="#rolevar-ensure-bazelisk.bazelisk_executable" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">bazelisk</span></code><br /></dt> <dd><p>The bazelisk executable. If this already exists, the role will not perform any further actions. It will be made available for other roles running after role.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-ensure-dhall"> <span class="sig-name descname"><span class="pre">ensure-dhall</span></span><a class="headerlink" href="#role-ensure-dhall" title="Permalink to this definition"></a></dt> <dd><p>Ensure dhall is installed</p> <p>Installs the specified version of the haskell implementation.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-ensure-dhall.dhall_version"> <span class="sig-name descname"><span class="pre">dhall_version</span></span><a class="headerlink" href="#rolevar-ensure-dhall.dhall_version" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">1.31.1</span></code><br /></dt> <dd><p>The dhall version.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-ensure-dstat-graph"> <span class="sig-name descname"><span class="pre">ensure-dstat-graph</span></span><a class="headerlink" href="#role-ensure-dstat-graph" title="Permalink to this definition"></a></dt> <dd><p>Install dstat_graph</p> <p>This downloads <code class="docutils literal notranslate"><span class="pre">dstat_graph</span></code> if it is not already present on the remote host.</p> <p>Add this to a pre-run playbook to ensure it is available for roles such as <a class="reference internal" href="#role-dstat-graph" title="role-dstat-graph"><span class="xref zuul zuul-role">dstat-graph</span></a>.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-ensure-dstat-graph.dstat_graph_cache_path"> <span class="sig-name descname"><span class="pre">dstat_graph_cache_path</span></span><a class="headerlink" href="#rolevar-ensure-dstat-graph.dstat_graph_cache_path" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">/opt/cache/dstat_graph</span></code><br /></dt> <dd><p>The role will check this location to see if a cached copy of dstat_graph is available.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-ensure-dstat-graph.dstat_graph_download_path"> <span class="sig-name descname"><span class="pre">dstat_graph_download_path</span></span><a class="headerlink" href="#rolevar-ensure-dstat-graph.dstat_graph_download_path" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">/tmp/dstat_graph</span></code><br /></dt> <dd><p>If a cached copy is not available, the role will download dstat_graph to this location.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-ensure-markdownlint"> <span class="sig-name descname"><span class="pre">ensure-markdownlint</span></span><a class="headerlink" href="#role-ensure-markdownlint" title="Permalink to this definition"></a></dt> <dd><p>Ensure markdownlint-cli from NPM is installed.</p> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-ensure-shake"> <span class="sig-name descname"><span class="pre">ensure-shake</span></span><a class="headerlink" href="#role-ensure-shake" title="Permalink to this definition"></a></dt> <dd><p>Ensure shake is installed</p> <p>Installs the shake tool using the distro package.</p> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-fetch-markdownlint"> <span class="sig-name descname"><span class="pre">fetch-markdownlint</span></span><a class="headerlink" href="#role-fetch-markdownlint" title="Permalink to this definition"></a></dt> <dd><p>Collect output from a markdownlint run. Assumes you will only run one repo, and one node.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-fetch-markdownlint.zuul_work_dir"> <span class="sig-name descname"><span class="pre">zuul_work_dir</span></span><a class="headerlink" href="#rolevar-fetch-markdownlint.zuul_work_dir" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul.project.src_dir</span> <span class="pre">}}</span></code><br /></dt> <dd><p>The location of the main working directory of the job.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-git-prepare-nodecache"> <span class="sig-name descname"><span class="pre">git-prepare-nodecache</span></span><a class="headerlink" href="#role-git-prepare-nodecache" title="Permalink to this definition"></a></dt> <dd><p>Prepare an archive containing all repositories that are part of the job. This can be used to prepare the repos archive suitable for caching in the node image to be used by <cite>prepare-workspace-git</cite>.</p> <p>The path to the resulting archive file will be stored in the <cite>git_cache_file</cite> variable. That variable can be used to push the archive to a place where it will be picked up to be baked into the node image.</p> <p><strong>Role variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-git-prepare-nodecache.git_cache_root"> <span class="sig-name descname"><span class="pre">git_cache_root</span></span><a class="headerlink" href="#rolevar-git-prepare-nodecache.git_cache_root" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{ansible_user_dir</span> <span class="pre">}}/git-cache&quot;</span></code><br /></dt> <dd><p>Directory where the git cache should be prepared. Usually this should not be changed.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-intercept-job"> <span class="sig-name descname"><span class="pre">intercept-job</span></span><a class="headerlink" href="#role-intercept-job" title="Permalink to this definition"></a></dt> <dd><p>If a special SSH key is placed in the right place, stops and waits for user to SSH in to the node.</p> <p>This role is intended to be used in pre/post playbooks to allow a smoother self-service experience than autoholds can offer, at the expense that one can only access the node for the length of the job timeout.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-intercept-job.intercept_job_pub_key_path"> <span class="sig-name descname"><span class="pre">intercept_job_pub_key_path</span></span><a class="headerlink" href="#rolevar-intercept-job.intercept_job_pub_key_path" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">``{{</span> <span class="pre">zuul.project.src_dir</span> <span class="pre">}}/intercept_job.pub``</span></code><br /></dt> <dd><p>If a public key is found here, the intercept-job role will install it, print details for SSH’ing into this machine, and wait until the intercept_job_stop_path exists.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-intercept-job.intercept_job_stop_path"> <span class="sig-name descname"><span class="pre">intercept_job_stop_path</span></span><a class="headerlink" href="#rolevar-intercept-job.intercept_job_stop_path" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">``{{</span> <span class="pre">zuul.project.src_dir</span> <span class="pre">}}/intercept_job.stop``</span></code><br /></dt> <dd><p>If this file exists, the intercept-job role will stop waiting and allow the playbook to continue.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-log-inventory"> <span class="sig-name descname"><span class="pre">log-inventory</span></span><a class="headerlink" href="#role-log-inventory" title="Permalink to this definition"></a></dt> <dd><p>Log the inventory used to run the job to the job’s log dir.</p> <p>This will result in the log collection roles logging the job inventory.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-log-inventory.zuul_info_dir"> <span class="sig-name descname"><span class="pre">zuul_info_dir</span></span><a class="headerlink" href="#rolevar-log-inventory.zuul_info_dir" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul.executor.log_root</span> <span class="pre">}}/zuul-info</span></code><br /></dt> <dd><p>The directory path to store the inventory file.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-markdownlint"> <span class="sig-name descname"><span class="pre">markdownlint</span></span><a class="headerlink" href="#role-markdownlint" title="Permalink to this definition"></a></dt> <dd><p>Run markdownlint against all markdown files in the given project.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-markdownlint.zuul_work_dir"> <span class="sig-name descname"><span class="pre">zuul_work_dir</span></span><a class="headerlink" href="#rolevar-markdownlint.zuul_work_dir" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul.project.src_dir</span> <span class="pre">}}</span></code><br /></dt> <dd><p>Directory to search for markdown files in.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-multi-node-bridge"> <span class="sig-name descname"><span class="pre">multi-node-bridge</span></span><a class="headerlink" href="#role-multi-node-bridge" title="Permalink to this definition"></a></dt> <dd><p>Configures a VXLAN virtual network overlay through an openvswitch network bridge between a ‘switch’ node and ‘peer’ nodes.</p> <p>This allows members of the bridge to communicate with each other through the virtual network.</p> <p>By default, this role will:</p> <ul class="simple"> <li><p>Install and start <code class="docutils literal notranslate"><span class="pre">openvswitch</span></code></p></li> <li><p>Set up a <code class="docutils literal notranslate"><span class="pre">br-infra</span></code> bridge on all nodes</p></li> <li><p>Set up the connectivity between the switch and the peer with a virtual port</p></li> <li><p>Set up an ip address on the bridge interface:</p></li> </ul> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="mf">172.24.4.1</span><span class="o">/</span><span class="mi">23</span> <span class="c1"># switch node</span> <span class="mf">172.41.4.2</span><span class="o">/</span><span class="mi">23</span> <span class="c1"># first peer</span> <span class="mf">172.41.4.3</span><span class="o">/</span><span class="mi">23</span> <span class="c1"># second peer</span> <span class="o">...</span> </pre></div> </div> <p><strong>Role requirements</strong></p> <p>This role requires and expects two groups to be set up in the Ansible host inventory in order to work:</p> <ul class="simple"> <li><p><code class="docutils literal notranslate"><span class="pre">switch</span></code> (the node acting as the switch)</p></li> <li><p><code class="docutils literal notranslate"><span class="pre">peers</span></code> (nodes connected to the virtual switch ports)</p></li> </ul> <p><strong>Role variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-multi-node-bridge.bridge_vni_offset"> <span class="sig-name descname"><span class="pre">bridge_vni_offset</span></span><a class="headerlink" href="#rolevar-multi-node-bridge.bridge_vni_offset" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">1000000</span></code><br /></dt> <dd><p>VXLAN Network Identifier offset (openvswitch key).</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-multi-node-bridge.bridge_mtu"> <span class="sig-name descname"><span class="pre">bridge_mtu</span></span><a class="headerlink" href="#rolevar-multi-node-bridge.bridge_mtu" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">Smallest</span> <span class="pre">mtu</span> <span class="pre">less</span> <span class="pre">50</span> <span class="pre">bytes</span> <span class="pre">for</span> <span class="pre">vxlan</span> <span class="pre">overhead</span></code><br /></dt> <dd><p>Bridge interface MTU. By default we determine this value by checking all interfaces on host, taking the smallest MTU and subtracting by 50 for vxlan overhead. Can be overridden explicitly if this does not work.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-multi-node-bridge.bridge_name"> <span class="sig-name descname"><span class="pre">bridge_name</span></span><a class="headerlink" href="#rolevar-multi-node-bridge.bridge_name" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">br-infra</span></code><br /></dt> <dd><p>Name of the bridge interface.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-multi-node-bridge.bridge_configure_address"> <span class="sig-name descname"><span class="pre">bridge_configure_address</span></span><a class="headerlink" href="#rolevar-multi-node-bridge.bridge_configure_address" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">true</span></code><br /></dt> <dd><p>Whether or not to configure an IP address on the bridge interface.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-multi-node-bridge.bridge_authorize_internal_traffic"> <span class="sig-name descname"><span class="pre">bridge_authorize_internal_traffic</span></span><a class="headerlink" href="#rolevar-multi-node-bridge.bridge_authorize_internal_traffic" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">false</span></code><br /></dt> <dd><p>When <code class="docutils literal notranslate"><span class="pre">bridge_configure_address</span></code> is <code class="docutils literal notranslate"><span class="pre">true</span></code>, whether or not to set up firewall rules to allow traffic freely within the bridge subnet (<code class="docutils literal notranslate"><span class="pre">bridge_address_prefix</span></code>.0/<code class="docutils literal notranslate"><span class="pre">bridge_address_subnet</span></code>).</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-multi-node-bridge.bridge_address_prefix"> <span class="sig-name descname"><span class="pre">bridge_address_prefix</span></span><a class="headerlink" href="#rolevar-multi-node-bridge.bridge_address_prefix" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">172.24.4</span></code><br /></dt> <dd><p>The IP address range prefix.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-multi-node-bridge.bridge_address_offset"> <span class="sig-name descname"><span class="pre">bridge_address_offset</span></span><a class="headerlink" href="#rolevar-multi-node-bridge.bridge_address_offset" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">1</span></code><br /></dt> <dd><p>The IP address offset, used with <code class="docutils literal notranslate"><span class="pre">bridge_address_prefix</span></code> to provide the full IP address. The initial offset defines the IP address of the switch node in the virtual network.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-multi-node-bridge.bridge_address_subnet"> <span class="sig-name descname"><span class="pre">bridge_address_subnet</span></span><a class="headerlink" href="#rolevar-multi-node-bridge.bridge_address_subnet" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">23</span></code><br /></dt> <dd><p>The IP address range CIDR/subnet.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-multi-node-bridge.install_ovs"> <span class="sig-name descname"><span class="pre">install_ovs</span></span><a class="headerlink" href="#rolevar-multi-node-bridge.install_ovs" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">true</span></code><br /></dt> <dd><p>Whether or not to install openvswitch. It can be set to false when ovs installation is taken care outside of the role.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-multi-node-firewall"> <span class="sig-name descname"><span class="pre">multi-node-firewall</span></span><a class="headerlink" href="#role-multi-node-firewall" title="Permalink to this definition"></a></dt> <dd><p>Multinode firewall is configured.</p> <p>This role is intended to install iptables and configure firewall.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-multi-node-firewall.iptables_package"> <span class="sig-name descname"><span class="pre">iptables_package</span></span><a class="headerlink" href="#rolevar-multi-node-firewall.iptables_package" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">iptables</span></code><br /></dt> <dd><p>Install the distribution package for Iptables.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-multi-node-hosts-file"> <span class="sig-name descname"><span class="pre">multi-node-hosts-file</span></span><a class="headerlink" href="#role-multi-node-hosts-file" title="Permalink to this definition"></a></dt> <dd><p>Configures the inventory hostnames in a multi-node job resolve to their respective private ipv4 addresses through the /etc/hosts file on each node.</p> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-multi-node-known-hosts"> <span class="sig-name descname"><span class="pre">multi-node-known-hosts</span></span><a class="headerlink" href="#role-multi-node-known-hosts" title="Permalink to this definition"></a></dt> <dd><p>Configures the file <code class="docutils literal notranslate"><span class="pre">/etc/ssh/ssh_known_hosts</span></code> on each node in a multi-node job to contain all known host names.</p> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-persistent-firewall"> <span class="sig-name descname"><span class="pre">persistent-firewall</span></span><a class="headerlink" href="#role-persistent-firewall" title="Permalink to this definition"></a></dt> <dd><p>Saves current iptables rules for both ipv4 and ipv6 and makes them persistent so that they are available if iptables or the instance is restarted.</p> <p>This role can be re-used more than once in order to persist new rules.</p> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-prepare-workspace"> <span class="sig-name descname"><span class="pre">prepare-workspace</span></span><a class="headerlink" href="#role-prepare-workspace" title="Permalink to this definition"></a></dt> <dd><p>Prepare remote workspaces</p> <p>This role is intended to run before any other role in a Zuul job.</p> <p>It starts the Zuul console streamer on every host in the inventory, and then copies the prepared source repos to the working directory on every host.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-prepare-workspace.zuul_workspace_root"> <span class="sig-name descname"><span class="pre">zuul_workspace_root</span></span><a class="headerlink" href="#rolevar-prepare-workspace.zuul_workspace_root" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">.</span></code><br /></dt> <dd><p>The directory into which the source repositories are copied.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-prepare-workspace-git"> <span class="sig-name descname"><span class="pre">prepare-workspace-git</span></span><a class="headerlink" href="#role-prepare-workspace-git" title="Permalink to this definition"></a></dt> <dd><p>Mirror the local git repos to remote nodes</p> <p>This role uses git operations (unlike <a class="reference internal" href="#role-prepare-workspace" title="role-prepare-workspace"><span class="xref zuul zuul-role">prepare-workspace</span></a> which uses rsync) to mirror the locally prepared git repos to the remote nodes while taking advantage of cached repos on the node if they exist. This role works generically regardless of the existence of a cached repo on the node.</p> <p>The cached repos need to be placed using the canonical name under the <cite>cached_repos_root</cite> directory.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-prepare-workspace-git.cached_repos_root"> <span class="sig-name descname"><span class="pre">cached_repos_root</span></span><a class="headerlink" href="#rolevar-prepare-workspace-git.cached_repos_root" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">/opt/git</span></code><br /></dt> <dd><p>The root of the cached repos.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-prepare-workspace-git.prepare_workspace_sync_required_projects_only"> <span class="sig-name descname"><span class="pre">prepare_workspace_sync_required_projects_only</span></span><a class="headerlink" href="#rolevar-prepare-workspace-git.prepare_workspace_sync_required_projects_only" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">False</span></code><br /><span class="pre">Type:</span> <em><span class="pre">bool</span></em><br /></dt> <dd><p>A flag which if set to true, filters the to be synchronized project list to only use projects which are required by the job.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-prepare-workspace-git.mirror_workspace_quiet"> <span class="sig-name descname"><span class="pre">mirror_workspace_quiet</span></span><a class="headerlink" href="#rolevar-prepare-workspace-git.mirror_workspace_quiet" title="Permalink to this definition"></a><br /></dt> <dd><p>This value is ignored; it should be removed from job configuration.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-prepare-workspace-git.zuul_workspace_root"> <span class="sig-name descname"><span class="pre">zuul_workspace_root</span></span><a class="headerlink" href="#rolevar-prepare-workspace-git.zuul_workspace_root" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">&quot;{{</span> <span class="pre">ansible_user_dir</span> <span class="pre">}}&quot;</span></code><br /></dt> <dd><p>The root of the workspace in which the repos are mirrored.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-prepare-workspace-openshift"> <span class="sig-name descname"><span class="pre">prepare-workspace-openshift</span></span><a class="headerlink" href="#role-prepare-workspace-openshift" title="Permalink to this definition"></a></dt> <dd><p>Prepare remote workspaces in OpenShift</p> <p>This role can be used instead of the <a class="reference internal" href="#role-prepare-workspace" title="role-prepare-workspace"><span class="xref zuul zuul-role">prepare-workspace</span></a> role when the synchronize module doesn’t work with kubectl connection. It copies the prepared source repos to the pods’ cwd using the <cite>oc rsync</cite> command.</p> <p>This role is intended to run once before any other role in a Zuul job. This role requires the origin-clients to be installed.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-prepare-workspace-openshift.openshift_pods"> <span class="sig-name descname"><span class="pre">openshift_pods</span></span><a class="headerlink" href="#rolevar-prepare-workspace-openshift.openshift_pods" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul.resources</span> <span class="pre">}}</span></code><br /></dt> <dd><p>The dictionary of pod name, pod information to copy the sources to.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-post-reboot-tasks"> <span class="sig-name descname"><span class="pre">post-reboot-tasks</span></span><a class="headerlink" href="#role-post-reboot-tasks" title="Permalink to this definition"></a></dt> <dd><p>Ensure that processes are running after a node reboot.</p> <p>Some roles (like the enable-fips role) need to reboot the node in order to complete their operations.</p> <p>This role can be invoked to ensure that the node is sufficiently up again before continuing by doing some basic checks for connectivity (ssh), restarting the zuul-console and making sure DNS is up.</p> <p>A role parameter nslookup_target is required to specify the DNS name to ensure DNS is working.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-post-reboot-tasks.nslookup_target"> <span class="sig-name descname"><span class="pre">nslookup_target</span></span><a class="headerlink" href="#rolevar-post-reboot-tasks.nslookup_target" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">None</span></code><br /><span class="pre">Type:</span> <em><span class="pre">str</span></em><br /></dt> <dd><p>DNS name to query to confirm that DNS is working. If working in a mirrored environment, it is a good idea to use $zuul_site_mirror_fqdn, because this is what will be needed for package installs in any case.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-remove-build-sshkey"> <span class="sig-name descname"><span class="pre">remove-build-sshkey</span></span><a class="headerlink" href="#role-remove-build-sshkey" title="Permalink to this definition"></a></dt> <dd><p>Remove the per-build SSH key from all hosts</p> <p>The complement to <a class="reference internal" href="#role-add-build-sshkey" title="role-add-build-sshkey"><span class="xref zuul zuul-role">add-build-sshkey</span></a>. It removes the build’s SSH key from the authorized_keys files of all remote hosts.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-remove-build-sshkey.zuul_temp_ssh_key"> <span class="sig-name descname"><span class="pre">zuul_temp_ssh_key</span></span><a class="headerlink" href="#rolevar-remove-build-sshkey.zuul_temp_ssh_key" title="Permalink to this definition"></a><br /></dt> <dd><p>Where the per-build SSH private key was stored.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-remove-build-sshkey.zuul_ssh_key_algorithm"> <span class="sig-name descname"><span class="pre">zuul_ssh_key_algorithm</span></span><a class="headerlink" href="#rolevar-remove-build-sshkey.zuul_ssh_key_algorithm" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">rsa</span></code><br /></dt> <dd><p>The digital signature algorithm which was used to generate the key.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-remove-build-winrm-cert"> <span class="sig-name descname"><span class="pre">remove-build-winrm-cert</span></span><a class="headerlink" href="#role-remove-build-winrm-cert" title="Permalink to this definition"></a></dt> <dd><p>Remove the per-build WinRM certificate from all hosts</p> <p>The complement to <a class="reference internal" href="#role-add-build-winrm-cert" title="role-add-build-winrm-cert"><span class="xref zuul zuul-role">add-build-winrm-cert</span></a>. It removes the build’s WinRM certificate from WSMan registry of all Windows hosts.</p> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-remove-gpgkey"> <span class="sig-name descname"><span class="pre">remove-gpgkey</span></span><a class="headerlink" href="#role-remove-gpgkey" title="Permalink to this definition"></a></dt> <dd><p>Remove an added GPG key from the host.</p> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-remove-sshkey"> <span class="sig-name descname"><span class="pre">remove-sshkey</span></span><a class="headerlink" href="#role-remove-sshkey" title="Permalink to this definition"></a></dt> <dd><p>Remove an added ssh key from the host.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-remove-sshkey.ssh_key"> <span class="sig-name descname"><span class="pre">ssh_key</span></span><a class="headerlink" href="#rolevar-remove-sshkey.ssh_key" title="Permalink to this definition"></a><br /></dt> <dd><p>Complex argument which contains the ssh key information. It is expected that this argument comes from a <cite>Secret</cite>.</p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-remove-sshkey.ssh_key.ssh_known_hosts"> <span class="sig-prename descclassname"><span class="pre">ssh_key.</span></span><span class="sig-name descname"><span class="pre">ssh_known_hosts</span></span><a class="headerlink" href="#rolevar-remove-sshkey.ssh_key.ssh_known_hosts" title="Permalink to this definition"></a><br /></dt> <dd><p>String containing known host signature for the remote host.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-remove-sshkey.ssh_key.fqdn"> <span class="sig-prename descclassname"><span class="pre">ssh_key.</span></span><span class="sig-name descname"><span class="pre">fqdn</span></span><a class="headerlink" href="#rolevar-remove-sshkey.ssh_key.fqdn" title="Permalink to this definition"></a><br /></dt> <dd><p>The FQDN of the remote host.</p> </dd></dl> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-render-diff"> <span class="sig-name descname"><span class="pre">render-diff</span></span><a class="headerlink" href="#role-render-diff" title="Permalink to this definition"></a></dt> <dd><p>Run render command and ensure there are no resulting differences.</p> <p>Ensure that generated configuration files are idempotent.</p> <p><strong>Role Variables</strong></p> <dl class="zuul jobvar"> <dt class="sig sig-object zuul" id="jobvar-render-diff.render_command"> <span class="sig-name descname"><span class="pre">render_command</span></span><a class="headerlink" href="#jobvar-render-diff.render_command" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">make</span></code><br /></dt> <dd><p>The command that render the configuration files.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-render-diff.zuul_work_dir"> <span class="sig-name descname"><span class="pre">zuul_work_dir</span></span><a class="headerlink" href="#rolevar-render-diff.zuul_work_dir" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul.project.src_dir</span> <span class="pre">}}</span></code><br /></dt> <dd><p>Directory to run the render command in.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-remove-zuul-sshkey"> <span class="sig-name descname"><span class="pre">remove-zuul-sshkey</span></span><a class="headerlink" href="#role-remove-zuul-sshkey" title="Permalink to this definition"></a></dt> <dd><p>Remove the zuul ssh key</p> <p>This role is intended to be run on the Zuul Executor at the start of every job to prevent access to public Zuul ssh connection.</p> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-revoke-sudo"> <span class="sig-name descname"><span class="pre">revoke-sudo</span></span><a class="headerlink" href="#role-revoke-sudo" title="Permalink to this definition"></a></dt> <dd><p>Remove sudo access for the Zuul user.</p> <p>If the file <code class="docutils literal notranslate"><span class="pre">/etc/sudoers.d/zuul</span></code> exists, then it will be removed. This is to facilitate systems which may use the same image for tests which require sudo and those which do not.</p> <p>This role also asserts that sudo access has been removed and will fail if it has not.</p> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-run-dstat"> <span class="sig-name descname"><span class="pre">run-dstat</span></span><a class="headerlink" href="#role-run-dstat" title="Permalink to this definition"></a></dt> <dd><p>Run dstat</p> <p>Add this to a pre-run playbook to run <code class="docutils literal notranslate"><span class="pre">dstat</span></code>.</p> <p>The role <a class="reference internal" href="#role-dstat-graph" title="role-dstat-graph"><span class="xref zuul zuul-role">dstat-graph</span></a> may optionally be used to graph the resulting data.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-run-dstat.dstat_data_path"> <span class="sig-name descname"><span class="pre">dstat_data_path</span></span><a class="headerlink" href="#rolevar-run-dstat.dstat_data_path" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">&quot;{{</span> <span class="pre">ansible_user_dir</span> <span class="pre">}}/zuul-output/logs/dstat.csv&quot;</span></code><br /></dt> <dd><p>The path to the dstat data file.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-shake-build"> <span class="sig-name descname"><span class="pre">shake-build</span></span><a class="headerlink" href="#role-shake-build" title="Permalink to this definition"></a></dt> <dd><p>Run the shake build system command.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-shake-build.shake_report_name"> <span class="sig-name descname"><span class="pre">shake_report_name</span></span><a class="headerlink" href="#rolevar-shake-build.shake_report_name" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">shake.html</span></code><br /></dt> <dd><p>The name of the report.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-shake-build.shake_target"> <span class="sig-name descname"><span class="pre">shake_target</span></span><a class="headerlink" href="#rolevar-shake-build.shake_target" title="Permalink to this definition"></a><br /></dt> <dd><p>The name of the target to build.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-shake-build.zuul_work_dir"> <span class="sig-name descname"><span class="pre">zuul_work_dir</span></span><a class="headerlink" href="#rolevar-shake-build.zuul_work_dir" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul.project.src_dir</span> <span class="pre">}}</span></code><br /></dt> <dd><p>Directory to run the shake command in.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-sign-artifacts"> <span class="sig-name descname"><span class="pre">sign-artifacts</span></span><a class="headerlink" href="#role-sign-artifacts" title="Permalink to this definition"></a></dt> <dd><p>Sign artifacts</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-sign-artifacts.gpg_key"> <span class="sig-name descname"><span class="pre">gpg_key</span></span><a class="headerlink" href="#rolevar-sign-artifacts.gpg_key" title="Permalink to this definition"></a><br /></dt> <dd><blockquote> <div><p>Complex argument which contains the GPG private key for signing the artifacts. It is expected that this argument comes from a <cite>Secret</cite>.</p> </div></blockquote> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-sign-artifacts.gpg_key.private"> <span class="sig-prename descclassname"><span class="pre">gpg_key.</span></span><span class="sig-name descname"><span class="pre">private</span></span><a class="headerlink" href="#rolevar-sign-artifacts.gpg_key.private" title="Permalink to this definition"></a><br /></dt> <dd><p>The ascii-armored contents of the GPG private key.</p> </dd></dl> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-sign-artifacts.gpg_artifact_path"> <span class="sig-name descname"><span class="pre">gpg_artifact_path</span></span><a class="headerlink" href="#rolevar-sign-artifacts.gpg_artifact_path" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">&quot;{{</span> <span class="pre">zuul.executor.work_root</span> <span class="pre">}}/artifacts/&quot;</span></code><br /></dt> <dd><p>Path to a directory containing artifacts to sign.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-stage-output"> <span class="sig-name descname"><span class="pre">stage-output</span></span><a class="headerlink" href="#role-stage-output" title="Permalink to this definition"></a></dt> <dd><p>Stage job output on the remote node</p> <p>Takes as input a dictionary of files/folders named ‘zuul_copy_output’. Copies contents into {{ stage_dir }} on the remote node and is intended to be used before output fetching in a base job’s post-playbook. If you plan to pair this role with the ‘fetch-output’ role you should ensure {{ stage-dir }] is set to match {{ zuul_output_dir }}.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-stage-output.zuul_copy_output"> <span class="sig-name descname"><span class="pre">zuul_copy_output</span></span><a class="headerlink" href="#rolevar-stage-output.zuul_copy_output" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">None</span></code><br /></dt> <dd><p>Dictionary of files and folders to be staged.</p> <p>The input is a dictionary so that it can accumulated via zuul variable merging. Keys of the dictionary will be things to copy. Valid values describe the type of output to copy:</p> <ul class="simple"> <li><p>logs</p></li> <li><p>artifacts</p></li> <li><p>docs</p></li> <li><p>null # ansible null, not the string null</p></li> </ul> <p>null overrides the will of a parent job to copy something instructing not to copy.</p> <p>If the type is suffixed with <code class="docutils literal notranslate"><span class="pre">_txt</span></code>, then the item will have <code class="docutils literal notranslate"><span class="pre">.txt</span></code> appended to its name. For example:</p> <div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nt">zuul_copy_output</span><span class="p">:</span> <span class="w"> </span><span class="nt">/var/log/syslog</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">logs_txt</span> </pre></div> </div> <p>Will copy <code class="docutils literal notranslate"><span class="pre">/var/log/syslog</span></code> to <code class="docutils literal notranslate"><span class="pre">logs/syslog.txt</span></code>.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-stage-output.stage_dir"> <span class="sig-name descname"><span class="pre">stage_dir</span></span><a class="headerlink" href="#rolevar-stage-output.stage_dir" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">ansible_user_dir</span> <span class="pre">}}</span></code><br /></dt> <dd><p>The stage directory on the remote node.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-stage-output.extensions_to_txt"> <span class="sig-name descname"><span class="pre">extensions_to_txt</span></span><a class="headerlink" href="#rolevar-stage-output.extensions_to_txt" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">null</span></code><br /></dt> <dd><p>A dict of file extensions to be replaced with .txt when staging. This can be useful to ensure that text files with an extension not registered in the web server may be viewed via browser when uploaded to a file server.</p> <p>Note that this is only used for files listed directly in <cite>zuul_copy_output</cite> and it won’t be applied to files contained in folders listed in <cite>zuul_copy_output</cite>.</p> <p>Example:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">extensions_to_txt</span><span class="p">:</span> <span class="n">conf</span><span class="p">:</span> <span class="kc">True</span> <span class="n">log</span><span class="p">:</span> <span class="kc">True</span> <span class="n">txt</span><span class="p">:</span> <span class="kc">False</span> <span class="n">zuul</span><span class="o">.</span><span class="n">conf</span> <span class="o">--</span><span class="p">(</span><span class="n">staged</span> <span class="k">as</span><span class="p">)</span><span class="o">--&gt;</span> <span class="n">zuul_conf</span><span class="o">.</span><span class="n">txt</span> </pre></div> </div> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-stage-output.stage_compress_logs"> <span class="sig-name descname"><span class="pre">stage_compress_logs</span></span><a class="headerlink" href="#rolevar-stage-output.stage_compress_logs" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">False</span></code><br /></dt> <dd><p>When True, files staged as logs will be compressed individually. Note this option is deprecated as final log storage should control whether or not contents are compressed. The reason for this is certain services like swift may serve compressed files like .tar.gz tarballs uncompressed when you want them to be compressed when served in this way.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-start-zuul-console"> <span class="sig-name descname"><span class="pre">start-zuul-console</span></span><a class="headerlink" href="#role-start-zuul-console" title="Permalink to this definition"></a></dt> <dd><p>Start Zuul console logger</p> <p>It starts the Zuul console streamer on every host in the inventory.</p> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-test-setup"> <span class="sig-name descname"><span class="pre">test-setup</span></span><a class="headerlink" href="#role-test-setup" title="Permalink to this definition"></a></dt> <dd><p>Perform project test setup tasks.</p> <p>This role assumes that Zuul has checked out a change for a project at <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul_work_dir</span> <span class="pre">}}</span></code> and looks for a file named <code class="docutils literal notranslate"><span class="pre">tools/test-setup.sh</span></code>. If that file exists and is executable, it will be run.</p> <p>This allows projects to specify test-setup steps (such as creating or initializing a database) in a form that can be easily run by both an automated testing system and developers.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-test-setup.test_setup_environment"> <span class="sig-name descname"><span class="pre">test_setup_environment</span></span><a class="headerlink" href="#rolevar-test-setup.test_setup_environment" title="Permalink to this definition"></a><br /></dt> <dd><p>Environment variables to pass in to the test-setup script.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-test-setup.test_setup_args"> <span class="sig-name descname"><span class="pre">test_setup_args</span></span><a class="headerlink" href="#rolevar-test-setup.test_setup_args" title="Permalink to this definition"></a><br /></dt> <dd><p>String of optional command line options passed to the test-setup script.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-test-setup.test_setup_skip"> <span class="sig-name descname"><span class="pre">test_setup_skip</span></span><a class="headerlink" href="#rolevar-test-setup.test_setup_skip" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">false</span></code><br /></dt> <dd><p>Set this to true to skip running the test-setup script even if it exists.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-test-setup.zuul_work_dir"> <span class="sig-name descname"><span class="pre">zuul_work_dir</span></span><a class="headerlink" href="#rolevar-test-setup.zuul_work_dir" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul.project.src_dir</span> <span class="pre">}}</span></code><br /></dt> <dd><p>The directory in which to look for the setup script.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-trigger-readthedocs"> <span class="sig-name descname"><span class="pre">trigger-readthedocs</span></span><a class="headerlink" href="#role-trigger-readthedocs" title="Permalink to this definition"></a></dt> <dd><p>Trigger readthedocs build for a project</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-trigger-readthedocs.rtd_project_name"> <span class="sig-name descname"><span class="pre">rtd_project_name</span></span><a class="headerlink" href="#rolevar-trigger-readthedocs.rtd_project_name" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">``{{</span> <span class="pre">zuul.project.short_name</span> <span class="pre">}}``</span></code><br /></dt> <dd><p>The readthedocs project name</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-trigger-readthedocs.rtd_webhook_id"> <span class="sig-name descname"><span class="pre">rtd_webhook_id</span></span><a class="headerlink" href="#rolevar-trigger-readthedocs.rtd_webhook_id" title="Permalink to this definition"></a><br /></dt> <dd><p>The readthedocs webhook API ID. This needs to be taken from the project’s “Integrations” dashboard page in RTD. The URL will look like <code class="docutils literal notranslate"><span class="pre">readthedocs.org/api/v2/webhook/&lt;project-name&gt;/&lt;id&gt;/</span></code>.</p> <p>This may come from a secret, however it can not be triggered without authentication.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-trigger-readthedocs.rtd_credentials"> <span class="sig-name descname"><span class="pre">rtd_credentials</span></span><a class="headerlink" href="#rolevar-trigger-readthedocs.rtd_credentials" title="Permalink to this definition"></a><br /></dt> <dd><blockquote> <div><p>Complex argument which contains the RTD authentication credentials. This is expected to come from a secret.</p> </div></blockquote> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-trigger-readthedocs.rtd_credentials.integration_token"> <span class="sig-prename descclassname"><span class="pre">rtd_credentials.</span></span><span class="sig-name descname"><span class="pre">integration_token</span></span><a class="headerlink" href="#rolevar-trigger-readthedocs.rtd_credentials.integration_token" title="Permalink to this definition"></a><br /></dt> <dd><p>The webhook integration token. You’ll find this value on the project’s “Integrations” dashboard page in RTD. This can be used instead of username/password combo.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-trigger-readthedocs.rtd_credentials.username"> <span class="sig-prename descclassname"><span class="pre">rtd_credentials.</span></span><span class="sig-name descname"><span class="pre">username</span></span><a class="headerlink" href="#rolevar-trigger-readthedocs.rtd_credentials.username" title="Permalink to this definition"></a><br /></dt> <dd><p>The readthedocs username. If set, this will be used to authenticate in preference to any token set via <code class="docutils literal notranslate"><span class="pre">rtd_integration_token</span></code>.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-trigger-readthedocs.rtd_credentials.password"> <span class="sig-prename descclassname"><span class="pre">rtd_credentials.</span></span><span class="sig-name descname"><span class="pre">password</span></span><a class="headerlink" href="#rolevar-trigger-readthedocs.rtd_credentials.password" title="Permalink to this definition"></a><br /></dt> <dd><p>Password for <code class="docutils literal notranslate"><span class="pre">username</span></code>. Must be set if username is set.</p> </dd></dl> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-update-json-file"> <span class="sig-name descname"><span class="pre">update-json-file</span></span><a class="headerlink" href="#role-update-json-file" title="Permalink to this definition"></a></dt> <dd><p>Update JSON file</p> <p>This role reads a JSON file, merges it with supplied values using Ansible’s <code class="docutils literal notranslate"><span class="pre">combine</span></code> filter and writes it back out. It is useful for updating configuration files. Note this role is not currently idempotent and will write the file each time.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-update-json-file.update_json_file_name"> <span class="sig-name descname"><span class="pre">update_json_file_name</span></span><a class="headerlink" href="#rolevar-update-json-file.update_json_file_name" title="Permalink to this definition"></a><br /><span class="pre">Type:</span> <em><span class="pre">path</span></em><br /></dt> <dd><p>The path to the file to edit.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-update-json-file.update_json_file_combine"> <span class="sig-name descname"><span class="pre">update_json_file_combine</span></span><a class="headerlink" href="#rolevar-update-json-file.update_json_file_combine" title="Permalink to this definition"></a><br /><span class="pre">Type:</span> <em><span class="pre">object</span></em><br /></dt> <dd><p>The data to be combined with the existing file data. This uses the Jinja <code class="docutils literal notranslate"><span class="pre">combine</span></code> filter.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-update-json-file.update_json_file_debug"> <span class="sig-name descname"><span class="pre">update_json_file_debug</span></span><a class="headerlink" href="#rolevar-update-json-file.update_json_file_debug" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">false</span></code><br /><span class="pre">Type:</span> <em><span class="pre">bool</span></em><br /></dt> <dd><p>If enabled, output the combined result in a debug task.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-update-json-file.update_json_file_default"> <span class="sig-name descname"><span class="pre">update_json_file_default</span></span><a class="headerlink" href="#rolevar-update-json-file.update_json_file_default" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{}</span></code><br /></dt> <dd><p>The default value if the given file does not exist.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-update-json-file.update_json_file_become"> <span class="sig-name descname"><span class="pre">update_json_file_become</span></span><a class="headerlink" href="#rolevar-update-json-file.update_json_file_become" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">false</span></code><br /><span class="pre">Type:</span> <em><span class="pre">bool</span></em><br /></dt> <dd><p>The <code class="docutils literal notranslate"><span class="pre">become:</span></code> status when writing out the new file.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-update-json-file.update_json_file_mode"> <span class="sig-name descname"><span class="pre">update_json_file_mode</span></span><a class="headerlink" href="#rolevar-update-json-file.update_json_file_mode" title="Permalink to this definition"></a><br /></dt> <dd><p>The mode for the combined file.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-update-json-file.update_json_file_user"> <span class="sig-name descname"><span class="pre">update_json_file_user</span></span><a class="headerlink" href="#rolevar-update-json-file.update_json_file_user" title="Permalink to this definition"></a><br /></dt> <dd><p>The user for the combined file.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-update-json-file.update_json_file_group"> <span class="sig-name descname"><span class="pre">update_json_file_group</span></span><a class="headerlink" href="#rolevar-update-json-file.update_json_file_group" title="Permalink to this definition"></a><br /></dt> <dd><p>The group for the combined file.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-update-json-file.update_json_dir_mode"> <span class="sig-name descname"><span class="pre">update_json_dir_mode</span></span><a class="headerlink" href="#rolevar-update-json-file.update_json_dir_mode" title="Permalink to this definition"></a><br /></dt> <dd><p>The mode for the directory if that does not already exists.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-upload-artifactory"> <span class="sig-name descname"><span class="pre">upload-artifactory</span></span><a class="headerlink" href="#role-upload-artifactory" title="Permalink to this definition"></a></dt> <dd><p>Upload artifacts specified from the executor to artifactory.</p> <div class="admonition note"> <p class="admonition-title">Note</p> <p>This role uses the <code class="docutils literal notranslate"><span class="pre">src</span></code> function of the <code class="docutils literal notranslate"><span class="pre">uri</span></code> module introduced in Ansible 2.7 therefore any ansible version lower than that is not supported.</p> </div> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_instances"> <span class="sig-name descname"><span class="pre">upload_artifactory_instances</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_instances" title="Permalink to this definition"></a><br /></dt> <dd><p>Complex argument that contains the information about credentials, fqdn and name. This argument is expected to come from a secret.</p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_instances.upload_artifactory_instances.&lt;name&gt;.user"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_instances.</span></span><span class="sig-name descname"><span class="pre">upload_artifactory_instances.&lt;name&gt;.user</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_instances.upload_artifactory_instances.<name>.user" title="Permalink to this definition"></a><br /></dt> <dd><p>User for authenticating.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_instances.upload_artifactory_instances.&lt;name&gt;.password"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_instances.</span></span><span class="sig-name descname"><span class="pre">upload_artifactory_instances.&lt;name&gt;.password</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_instances.upload_artifactory_instances.<name>.password" title="Permalink to this definition"></a><br /></dt> <dd><p>Password for authenticating. Has a lower precedense than <code class="docutils literal notranslate"><span class="pre">api_key</span></code>.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_instances.upload_artifactory_instances.&lt;name&gt;.api_key"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_instances.</span></span><span class="sig-name descname"><span class="pre">upload_artifactory_instances.&lt;name&gt;.api_key</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_instances.upload_artifactory_instances.<name>.api_key" title="Permalink to this definition"></a><br /></dt> <dd><p>API key for authenticating. Has a higher precedense than <code class="docutils literal notranslate"><span class="pre">password</span></code>.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_instances.upload_artifactory_instances.&lt;name&gt;.fqdn"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_instances.</span></span><span class="sig-name descname"><span class="pre">upload_artifactory_instances.&lt;name&gt;.fqdn</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_instances.upload_artifactory_instances.<name>.fqdn" title="Permalink to this definition"></a><br /></dt> <dd><p>Fully qualified domain name to the instance.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_instances.upload_artifactory_instances.&lt;name&gt;.transport"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_instances.</span></span><span class="sig-name descname"><span class="pre">upload_artifactory_instances.&lt;name&gt;.transport</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_instances.upload_artifactory_instances.<name>.transport" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">https</span></code><br /></dt> <dd><p>Set to <code class="docutils literal notranslate"><span class="pre">http</span></code> if the instance does not support https.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_instances.force_basic_auth"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_instances.</span></span><span class="sig-name descname"><span class="pre">force_basic_auth</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_instances.force_basic_auth" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">false</span></code><br /></dt> <dd><p>Set to <code class="docutils literal notranslate"><span class="pre">true</span></code> if the instance requires basic auth to be used.</p> </dd></dl> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_manifest"> <span class="sig-name descname"><span class="pre">upload_artifactory_manifest</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_manifest" title="Permalink to this definition"></a><br /></dt> <dd><p>Dictionary of types of items to upload. Currently only supports <code class="docutils literal notranslate"><span class="pre">artifacts</span></code>.</p> <blockquote> <div><dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_manifest.artifacts"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_manifest.</span></span><span class="sig-name descname"><span class="pre">artifacts</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_manifest.artifacts" title="Permalink to this definition"></a><br /></dt> <dd><p>Variable that contains a manifest of the artifacts that should be uploaded to a specific instance of artifactory. This is expected to be set during the build as a cached fact.</p> <blockquote> <div><div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nt">artifacts</span><span class="p">:</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">tarball</span> <span class="w"> </span><span class="nt">src</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">artifact.tar.gz</span> <span class="w"> </span><span class="nt">dest</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/destination/to/put/artifact/artifact.tar.gz</span> <span class="w"> </span><span class="nt">instance</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">artifact-server1</span> <span class="w"> </span><span class="nt">headers</span><span class="p">:</span> <span class="w"> </span><span class="nt">Content-Type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">application/gzip</span> </pre></div> </div> </div></blockquote> <p>The attributes available on an artifact are the following.</p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.name"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_manifest.</span></span><span class="sig-prename descclassname"><span class="pre">artifacts.</span></span><span class="sig-name descname"><span class="pre">name</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.name" title="Permalink to this definition"></a><br /></dt> <dd><p>Name of the artifact. This will be displayed in the build page.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.src"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_manifest.</span></span><span class="sig-prename descclassname"><span class="pre">artifacts.</span></span><span class="sig-name descname"><span class="pre">src</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.src" title="Permalink to this definition"></a><br /></dt> <dd><p>Path relative to <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul.executor.work_root</span> <span class="pre">}}/artifacts/</span></code>.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.dest"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_manifest.</span></span><span class="sig-prename descclassname"><span class="pre">artifacts.</span></span><span class="sig-name descname"><span class="pre">dest</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.dest" title="Permalink to this definition"></a><br /></dt> <dd><p>Destination where the artifact should be put in.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.instance"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_manifest.</span></span><span class="sig-prename descclassname"><span class="pre">artifacts.</span></span><span class="sig-name descname"><span class="pre">instance</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.instance" title="Permalink to this definition"></a><br /></dt> <dd><p>Artifactory instance to place the artiface in, this is to choose which entry in <a class="reference internal" href="#rolevar-upload-artifactory.upload_artifactory_instances" title="rolevar-upload-artifactory.upload_artifactory_instances"><span class="xref zuul zuul-rolevar">upload-artifactory.upload_artifactory_instances</span></a> to upload the artifact to.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.headers"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_manifest.</span></span><span class="sig-prename descclassname"><span class="pre">artifacts.</span></span><span class="sig-name descname"><span class="pre">headers</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.headers" title="Permalink to this definition"></a><br /></dt> <dd><p>Any headers that should be passed to ansibles uri module when uploading.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.properties"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_manifest.</span></span><span class="sig-prename descclassname"><span class="pre">artifacts.</span></span><span class="sig-name descname"><span class="pre">properties</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.properties" title="Permalink to this definition"></a><br /></dt> <dd><p>Properties to set in artifactory.</p> <p>Properties can be either strings or lists of strings.</p> <div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nt">properties</span><span class="p">:</span> <span class="w"> </span><span class="nt">property1</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">value1</span> <span class="w"> </span><span class="nt">property2</span><span class="p">:</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">value2</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">value3</span> </pre></div> </div> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.metadata"> <span class="sig-prename descclassname"><span class="pre">upload_artifactory_manifest.</span></span><span class="sig-prename descclassname"><span class="pre">artifacts.</span></span><span class="sig-name descname"><span class="pre">metadata</span></span><a class="headerlink" href="#rolevar-upload-artifactory.upload_artifactory_manifest.artifacts.metadata" title="Permalink to this definition"></a><br /></dt> <dd><p>Any metadata that should be returned to Zuul together with the artifact link.</p> </dd></dl> </dd></dl> </div></blockquote> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-upload-git-mirror"> <span class="sig-name descname"><span class="pre">upload-git-mirror</span></span><a class="headerlink" href="#role-upload-git-mirror" title="Permalink to this definition"></a></dt> <dd><p>Mirrors a git repository to a remote git server</p> <p>Meant to be used after a change was successfully merged, this role mirrors a tested git repository to a remote git server over SSH.</p> <p>The role assumes that git has been previously installed and does not require superuser privileges to run.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-git-mirror.git_mirror_credentials"> <span class="sig-name descname"><span class="pre">git_mirror_credentials</span></span><a class="headerlink" href="#rolevar-upload-git-mirror.git_mirror_credentials" title="Permalink to this definition"></a><br /></dt> <dd><blockquote> <div><p>Dictionary that provides the remote git repository credentials</p> </div></blockquote> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-git-mirror.git_mirror_credentials.user"> <span class="sig-prename descclassname"><span class="pre">git_mirror_credentials.</span></span><span class="sig-name descname"><span class="pre">user</span></span><a class="headerlink" href="#rolevar-upload-git-mirror.git_mirror_credentials.user" title="Permalink to this definition"></a><br /></dt> <dd><p>SSH user for the remote git repository</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-git-mirror.git_mirror_credentials.host"> <span class="sig-prename descclassname"><span class="pre">git_mirror_credentials.</span></span><span class="sig-name descname"><span class="pre">host</span></span><a class="headerlink" href="#rolevar-upload-git-mirror.git_mirror_credentials.host" title="Permalink to this definition"></a><br /></dt> <dd><p>SSH host for the remote git repository</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-git-mirror.git_mirror_credentials.ssh_key"> <span class="sig-prename descclassname"><span class="pre">git_mirror_credentials.</span></span><span class="sig-name descname"><span class="pre">ssh_key</span></span><a class="headerlink" href="#rolevar-upload-git-mirror.git_mirror_credentials.ssh_key" title="Permalink to this definition"></a><br /></dt> <dd><p>Literal private key contents. Should start with something like <code class="docutils literal notranslate"><span class="pre">-----BEGIN</span> <span class="pre">RSA</span> <span class="pre">PRIVATE</span> <span class="pre">KEY-----</span></code>.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-git-mirror.git_mirror_credentials.host_key"> <span class="sig-prename descclassname"><span class="pre">git_mirror_credentials.</span></span><span class="sig-name descname"><span class="pre">host_key</span></span><a class="headerlink" href="#rolevar-upload-git-mirror.git_mirror_credentials.host_key" title="Permalink to this definition"></a><br /></dt> <dd><p>SSH host key of the remote git server. Can be obtained with <code class="docutils literal notranslate"><span class="pre">ssh-keyscan</span> <span class="pre">-H</span> <span class="pre">&lt;host&gt;</span></code>.</p> </dd></dl> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-upload-git-mirror.git_mirror_repository"> <span class="sig-name descname"><span class="pre">git_mirror_repository</span></span><a class="headerlink" href="#rolevar-upload-git-mirror.git_mirror_repository" title="Permalink to this definition"></a><br /></dt> <dd><p>Path of the remote git repository</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-validate-dco-license"> <span class="sig-name descname"><span class="pre">validate-dco-license</span></span><a class="headerlink" href="#role-validate-dco-license" title="Permalink to this definition"></a></dt> <dd><p>Validate all commits have Signed-off-by header</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-validate-dco-license.dco_license_failure"> <span class="sig-name descname"><span class="pre">dco_license_failure</span></span><a class="headerlink" href="#rolevar-validate-dco-license.dco_license_failure" title="Permalink to this definition"></a><br /></dt> <dd><p>Message to display when Signed-off-by header is missing.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-validate-dco-license.zuul_work_dir"> <span class="sig-name descname"><span class="pre">zuul_work_dir</span></span><a class="headerlink" href="#rolevar-validate-dco-license.zuul_work_dir" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul.project.src_dir</span> <span class="pre">}}</span></code><br /></dt> <dd><p>Directory to DCO license check in.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-validate-host"> <span class="sig-name descname"><span class="pre">validate-host</span></span><a class="headerlink" href="#role-validate-host" title="Permalink to this definition"></a></dt> <dd><p>Log information about the build node</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-validate-host.zuul_site_ipv4_route_required"> <span class="sig-name descname"><span class="pre">zuul_site_ipv4_route_required</span></span><a class="headerlink" href="#rolevar-validate-host.zuul_site_ipv4_route_required" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">false</span></code><br /></dt> <dd><p>If true, fail when no IPv4 route to <code class="docutils literal notranslate"><span class="pre">zuul_site_traceroute_host</span></code> is available. When false (default) a missing IPv4 route is acceptable so long as there is still a viable IPv6 route.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-validate-host.zuul_site_ipv6_route_required"> <span class="sig-name descname"><span class="pre">zuul_site_ipv6_route_required</span></span><a class="headerlink" href="#rolevar-validate-host.zuul_site_ipv6_route_required" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">false</span></code><br /></dt> <dd><p>If true, fail when no IPv6 route to <code class="docutils literal notranslate"><span class="pre">zuul_site_traceroute_host</span></code> is available. When false (default) a missing IPv6 route is acceptable so long as there is still a viable IPv4 route.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-validate-host.zuul_site_traceroute_host"> <span class="sig-name descname"><span class="pre">zuul_site_traceroute_host</span></span><a class="headerlink" href="#rolevar-validate-host.zuul_site_traceroute_host" title="Permalink to this definition"></a><br /></dt> <dd><p>If defined, a host to run a traceroute against to verify build node network connectivity.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-validate-host.zuul_site_image_manifest_files"> <span class="sig-name descname"><span class="pre">zuul_site_image_manifest_files</span></span><a class="headerlink" href="#rolevar-validate-host.zuul_site_image_manifest_files" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">['/etc/dib-builddate.txt',</span> <span class="pre">'/etc/image-hostname.txt']</span></code><br /></dt> <dd><p>A list of files to read from the filesystem of the build node and whose contents will be logged. The default files are files written to nodes by diskimage-builder.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-validate-zone-db"> <span class="sig-name descname"><span class="pre">validate-zone-db</span></span><a class="headerlink" href="#role-validate-zone-db" title="Permalink to this definition"></a></dt> <dd><p>Validate bind zone.db files</p> <p>This role uses <code class="docutils literal notranslate"><span class="pre">named-checkzone</span></code> to validate Bind <code class="docutils literal notranslate"><span class="pre">zone.db</span></code> files.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-validate-zone-db.zone_files"> <span class="sig-name descname"><span class="pre">zone_files</span></span><a class="headerlink" href="#rolevar-validate-zone-db.zone_files" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">zuul.project.src_dir</span></code><br /></dt> <dd><p>Look for <code class="docutils literal notranslate"><span class="pre">zone.db</span></code> files recursively in this directory. The layout should be <code class="docutils literal notranslate"><span class="pre">domain.xyz/zone.db</span></code> where a parent directory is named for the zone the child <code class="docutils literal notranslate"><span class="pre">zone.db</span></code> file describes. This populates the <code class="docutils literal notranslate"><span class="pre">zone_db_files</span></code> variable. Will not be used if <code class="docutils literal notranslate"><span class="pre">zone_db_files</span></code> is explicitly set per below.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-validate-zone-db.zone_db_files"> <span class="sig-name descname"><span class="pre">zone_db_files</span></span><a class="headerlink" href="#rolevar-validate-zone-db.zone_db_files" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">[]</span></code><br /></dt> <dd><p>A list of <code class="docutils literal notranslate"><span class="pre">zone.db</span></code> files to check. Each entry is a list with the first element the domain, and the second element the path to the <code class="docutils literal notranslate"><span class="pre">zone.db</span></code> file. If this variable is set, automatic searching described by <code class="docutils literal notranslate"><span class="pre">zone_files</span></code> will not be performed.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-version-from-git"> <span class="sig-name descname"><span class="pre">version-from-git</span></span><a class="headerlink" href="#role-version-from-git" title="Permalink to this definition"></a></dt> <dd><p>Sets three facts based on information in a git repo.</p> <dl class="simple"> <dt>scm_sha</dt><dd><p>The short sha found in the repository.</p> </dd> <dt>project_ver</dt><dd><p>A string describing the project’s version. It will either be the value of {{ zuul.tag }} or {{ scm_tag }}.{{ commits_since_tag }}.{{ scm_sha }} otherwise where <code class="docutils literal notranslate"><span class="pre">scm_tag</span></code> is either the most recent tag or the value of <code class="docutils literal notranslate"><span class="pre">scm_sha</span></code> if there are no commits in the repo.</p> </dd> <dt>commits_since_tag</dt><dd><p>Number of commits since the most recent tag.</p> </dd> </dl> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-version-from-git.zuul_work_dir"> <span class="sig-name descname"><span class="pre">zuul_work_dir</span></span><a class="headerlink" href="#rolevar-version-from-git.zuul_work_dir" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">zuul.project.src_dir</span> <span class="pre">}}</span></code><br /></dt> <dd><p>Directory to run git in.</p> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-write-inventory"> <span class="sig-name descname"><span class="pre">write-inventory</span></span><a class="headerlink" href="#role-write-inventory" title="Permalink to this definition"></a></dt> <dd><p>Write an abbreviated version of the Zuul inventory to a file</p> <p>This writes the minimal information about hosts from the current Zuul inventory to a file. It may be used to subsequently invoke Ansible with the inventory for the job.</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-write-inventory.write_inventory_dest"> <span class="sig-name descname"><span class="pre">write_inventory_dest</span></span><a class="headerlink" href="#rolevar-write-inventory.write_inventory_dest" title="Permalink to this definition"></a><br /></dt> <dd><p>The path of the inventory file to write.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-write-inventory.write_inventory_include_hostvars"> <span class="sig-name descname"><span class="pre">write_inventory_include_hostvars</span></span><a class="headerlink" href="#rolevar-write-inventory.write_inventory_include_hostvars" title="Permalink to this definition"></a><br /><span class="pre">Type:</span> <em><span class="pre">list</span></em><br /></dt> <dd><p>A list of facts about the host to include. By default this parameter is omitted and all variables about a host will be included. To only include certain variables, list them here. The empty list will cause no variables to be included.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-write-inventory.write_inventory_exclude_hostvars"> <span class="sig-name descname"><span class="pre">write_inventory_exclude_hostvars</span></span><a class="headerlink" href="#rolevar-write-inventory.write_inventory_exclude_hostvars" title="Permalink to this definition"></a><br /><span class="pre">Type:</span> <em><span class="pre">list</span></em><br /></dt> <dd><p>A list of facts about the host to exclude. By default, all variables about a host will be included. To exclude certain variables, list them here.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-write-inventory.write_inventory_additional_hostvars"> <span class="sig-name descname"><span class="pre">write_inventory_additional_hostvars</span></span><a class="headerlink" href="#rolevar-write-inventory.write_inventory_additional_hostvars" title="Permalink to this definition"></a><br /><span class="pre">Type:</span> <em><span class="pre">dict</span></em><br /></dt> <dd><p>Additional hostvars to include. This can be used to map information from nodepool into the inventory if used as follows:</p> <div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nt">write_inventory_additional_hostvars</span><span class="p">:</span> <span class="w"> </span><span class="nt">public_v4</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">nodepool.public_ipv4</span> <span class="w"> </span><span class="nt">public_v6</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">nodepool.public_ipv6</span> </pre></div> </div> <p>This will map hostvars[hostname][‘nodepool’][‘public_ipv4’] to hostvars[hostname][‘public_v4’].</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-write-inventory.write_inventory_per_host_hostvars"> <span class="sig-name descname"><span class="pre">write_inventory_per_host_hostvars</span></span><a class="headerlink" href="#rolevar-write-inventory.write_inventory_per_host_hostvars" title="Permalink to this definition"></a><br /><span class="pre">Type:</span> <em><span class="pre">dict</span></em><br /></dt> <dd><p>An additional dictionary added on a per-host basis. The keys of this dictionary should be hostnames, if the host name matches, the value (also a dictionary) is merged into the hostvars for that host. For example below, <code class="docutils literal notranslate"><span class="pre">hosta.com</span></code> will have <code class="docutils literal notranslate"><span class="pre">foo</span></code> with value <code class="docutils literal notranslate"><span class="pre">bar</span></code>, while <code class="docutils literal notranslate"><span class="pre">hostb.com</span></code> will have <code class="docutils literal notranslate"><span class="pre">foo</span></code> with value <code class="docutils literal notranslate"><span class="pre">baz</span></code>.</p> <div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nt">write_inventory_per_host_hostvars</span><span class="p">:</span> <span class="w"> </span><span class="nt">hosta.com</span><span class="p">:</span> <span class="w"> </span><span class="nt">foo</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bar</span> <span class="w"> </span><span class="nt">hostb.com</span><span class="p">:</span> <span class="w"> </span><span class="nt">foo</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">baz</span> </pre></div> </div> </dd></dl> </dd></dl> <dl class="zuul role"> <dt class="sig sig-object zuul" id="role-zuul-tenant-conf-check"> <span class="sig-name descname"><span class="pre">zuul-tenant-conf-check</span></span><a class="headerlink" href="#role-zuul-tenant-conf-check" title="Permalink to this definition"></a></dt> <dd><p>Run the zuul-admin tenant-conf-check command.</p> <p>This requires a partial zuul.conf (it only needs the connection entries, and those without any credential information) and a tenant config file. It will validate the syntax of the tenant config file (but not the job configuration of any projects in the tenants).</p> <p><strong>Role Variables</strong></p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_zuul_conf_path"> <span class="sig-name descname"><span class="pre">zuul_tenant_conf_check_zuul_conf_path</span></span><a class="headerlink" href="#rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_zuul_conf_path" title="Permalink to this definition"></a><br /></dt> <dd><p>The path to the partial zuul.conf to use. This must contain the connection entries, but no credentials are required. Any other sections are ignored.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_tenant_config_path"> <span class="sig-name descname"><span class="pre">zuul_tenant_conf_check_tenant_config_path</span></span><a class="headerlink" href="#rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_tenant_config_path" title="Permalink to this definition"></a><br /></dt> <dd><p>The path to the tenant config file to check.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_image"> <span class="sig-name descname"><span class="pre">zuul_tenant_conf_check_image</span></span><a class="headerlink" href="#rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_image" title="Permalink to this definition"></a><br /><span class="pre">Default:</span> <code class="docutils literal notranslate"><span class="pre">quay.io/zuul-ci/zuul-scheduler:latest</span></code><br /></dt> <dd><p>The Zuul scheduler container image which contains the zuul-admin command to run.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_registry_credentials"> <span class="sig-name descname"><span class="pre">zuul_tenant_conf_check_registry_credentials</span></span><a class="headerlink" href="#rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_registry_credentials" title="Permalink to this definition"></a><br /></dt> <dd><p>An optional value, expected in the form of a secret, that supplies credential information if zuul_tenant_conf_check_image is in a registry that requires authentication. The format is a dictionary keyed by the registry name. Example:</p> <div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nt">zuul_tenant_conf_check_registry_credentials</span><span class="p">:</span> <span class="w"> </span><span class="nt">docker.io</span><span class="p">:</span> <span class="w"> </span><span class="nt">username</span><span class="p">:</span><span class="w"> </span><span class="s">&#39;username&#39;</span> <span class="w"> </span><span class="nt">password</span><span class="p">:</span><span class="w"> </span><span class="s">&#39;password&#39;</span> </pre></div> </div> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_registry_credentials.[registry_name]"> <span class="sig-prename descclassname"><span class="pre">zuul_tenant_conf_check_registry_credentials.</span></span><span class="sig-name descname"><span class="pre">[registry_name]</span></span><a class="headerlink" href="#rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_registry_credentials.[registry_name]" title="Permalink to this definition"></a><br /></dt> <dd><p>The dictionary key should be the name of the registry</p> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_registry_credentials.[registry_name].username"> <span class="sig-prename descclassname"><span class="pre">zuul_tenant_conf_check_registry_credentials.</span></span><span class="sig-prename descclassname"><span class="pre">[registry_name].</span></span><span class="sig-name descname"><span class="pre">username</span></span><a class="headerlink" href="#rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_registry_credentials.[registry_name].username" title="Permalink to this definition"></a><br /></dt> <dd><p>The registry username.</p> </dd></dl> <dl class="zuul rolevar"> <dt class="sig sig-object zuul" id="rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_registry_credentials.[registry_name].password"> <span class="sig-prename descclassname"><span class="pre">zuul_tenant_conf_check_registry_credentials.</span></span><span class="sig-prename descclassname"><span class="pre">[registry_name].</span></span><span class="sig-name descname"><span class="pre">password</span></span><a class="headerlink" href="#rolevar-zuul-tenant-conf-check.zuul_tenant_conf_check_registry_credentials.[registry_name].password" title="Permalink to this definition"></a><br /></dt> <dd><p>The registry password.</p> </dd></dl> </dd></dl> </dd></dl> </dd></dl> </section> </div> </div> <footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer"> <a href="roles.html" class="btn btn-neutral float-left" title="Roles" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a> <a href="log-roles.html" class="btn btn-neutral float-right" title="Log Roles" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a> </div> <hr/> <div role="contentinfo"> <p>&#169; Copyright 2012-2025, Zuul project contributors.</p> </div> Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>. </footer> </div> </div> </section> </div> <script> jQuery(function () { SphinxRtdTheme.Navigation.enable(true); }); </script> </body> </html>

Pages： 1 2 3 4 5 6 7 8 9 10