diff --git a/.zuul.d/jobs.yaml b/.zuul.d/jobs.yaml new file mode 100644 index 0000000..62b4958 --- /dev/null +++ b/.zuul.d/jobs.yaml @@ -0,0 +1,51 @@ +--- +- job: + name: awx-ee-tox-ansible-builder + parent: ansible-buildset-registry-consumer + timeout: 3600 + vars: + container_command: podman + +- job: + name: awx-ee-tox-ansible-builder + parent: tox + requires: + - ansible-runner-container-image + - python-builder-container-image + required-projects: + - github.com/ansible/ansible-builder + nodeset: ubuntu-bionic-2vcpu + vars: + tox_envlist: check-diff + tox_install_siblings: false + +- job: + name: awx-ee-build-container-image + parent: ansible-build-container-image + description: Build awx-ee container image + timeout: 3600 + provides: awx-ee-container-image + requires: + - ansible-runner-container-image + - python-builder-container-image + vars: &vars + container_images: &container_images + - context: . + registry: quay.io + repository: quay.io/ansible/awx-ee + tags: + # If zuul.tag is defined: [ '3', '3.19', '3.19.0' ]. Only works for 3-component tags. + # Otherwise: ['devel'] + &imagetag "{{ zuul.tag is defined | ternary([zuul.get('tag', '').split('.')[0], '.'.join(zuul.get('tag', '').split('.')[:2]), zuul.get('tag', '')], ['devel']) }}" + docker_images: *container_images + +- job: + name: awx-ee-upload-container-image + parent: ansible-upload-container-image + description: Build awx-ee container image and upload to quay.io + timeout: 3600 + provides: awx-ee-container-image + requires: + - ansible-runner-container-image + - python-builder-container-image + vars: *vars diff --git a/.zuul.d/project.yaml b/.zuul.d/project.yaml new file mode 100644 index 0000000..e31e92e --- /dev/null +++ b/.zuul.d/project.yaml @@ -0,0 +1,25 @@ +--- +- project: + check: + jobs: + - awx-ee-build-container-image + - awx-ee-tox-ansible-builder + gate: + jobs: + - awx-ee-build-container-image + - awx-ee-tox-ansible-builder + post: + jobs: + - awx-ee-upload-container-image: + vars: + upload_container_image_promote: false + release: + jobs: + - awx-ee-upload-container-image: + vars: + upload_container_image_promote: false + periodic: + jobs: + - awx-ee-upload-container-image: + vars: + upload_container_image_promote: false diff --git a/Containerfile b/Containerfile new file mode 100644 index 0000000..da4c290 --- /dev/null +++ b/Containerfile @@ -0,0 +1,30 @@ +ARG ANSIBLE_RUNNER_IMAGE=quay.io/ansible/ansible-runner:devel +ARG PYTHON_BUILDER_IMAGE=quay.io/ansible/python-builder:latest + +FROM $ANSIBLE_RUNNER_IMAGE as galaxy + +ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS= +ADD _build /build + +WORKDIR /build +RUN ansible-galaxy role install -r requirements.yml --roles-path /usr/share/ansible/roles +RUN ansible-galaxy collection install $ANSIBLE_GALAXY_CLI_COLLECTION_OPTS -r requirements.yml --collections-path /usr/share/ansible/collections + +FROM $PYTHON_BUILDER_IMAGE as builder +ADD _build/requirements_combined.txt /tmp/src/requirements.txt +ADD _build/bindep_combined.txt /tmp/src/bindep.txt +RUN assemble + +FROM $ANSIBLE_RUNNER_IMAGE + +COPY --from=galaxy /usr/share/ansible /usr/share/ansible + +COPY --from=builder /output/ /output/ +RUN /output/install-from-bindep && rm -rf /output/wheels +RUN alternatives --set python /usr/bin/python3 +COPY --from=quay.io/project-receptor/receptor:0.9.7 /usr/bin/receptor /usr/bin/receptor +RUN mkdir -p /var/run/receptor +ADD run.sh /run.sh +CMD /run.sh +USER 1000 +RUN git lfs install diff --git a/Dockerfile b/Dockerfile new file mode 120000 index 0000000..5240dc0 --- /dev/null +++ b/Dockerfile @@ -0,0 +1 @@ +Containerfile \ No newline at end of file diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 0000000..8dde0fe --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,38 @@ +podTemplate(yaml: """ +kind: Pod +spec: + containers: + - name: kaniko + image: gcr.io/kaniko-project/executor:debug-539ddefcae3fd6b411a95982a830d987f4214251 + imagePullPolicy: Always + command: + - /busybox/cat + tty: true + volumeMounts: + - name: jenkins-docker-cfg + mountPath: /kaniko/.docker + volumes: + - name: jenkins-docker-cfg + projected: + sources: + - secret: + name: regcred + items: + - key: .dockerconfigjson + path: config.json +""" + ) { + + node(POD_LABEL) { + stage('Build with Kaniko') { + git url: 'ssh://git@git.ervine.org/jonny/awx-ee-custom.git', credentialsId: 'jenkins-to-git' + container('kaniko') { + sh '/kaniko/executor -f `pwd`/Dockerfile -c `pwd` --cache=false --destination=harbor.ervine.dev/public/x86_64/awx-ee-custom:0.2.0' + } + } + stage('Notify gchat') { + hangoutsNotify message: "Ansible Execution Environment container has built",token: "A2ET831pVslqXTqAx6ycu573r",threadByJob: false + } + } +} + diff --git a/LICENSE.md b/LICENSE.md new file mode 100644 index 0000000..bb0a7c7 --- /dev/null +++ b/LICENSE.md @@ -0,0 +1,168 @@ +Apache License +============== + +_Version 2.0, January 2004_ +_<>_ + +### Terms and Conditions for use, reproduction, and distribution + +#### 1. Definitions + +“License” shall mean the terms and conditions for use, reproduction, and +distribution as defined by Sections 1 through 9 of this document. + +“Licensor” shall mean the copyright owner or entity authorized by the copyright +owner that is granting the License. + +“Legal Entity” shall mean the union of the acting entity and all other entities +that control, are controlled by, or are under common control with that entity. +For the purposes of this definition, “control” means **(i)** the power, direct or +indirect, to cause the direction or management of such entity, whether by +contract or otherwise, or **(ii)** ownership of fifty percent (50%) or more of the +outstanding shares, or **(iii)** beneficial ownership of such entity. + +“You” (or “Your”) shall mean an individual or Legal Entity exercising +permissions granted by this License. + +“Source” form shall mean the preferred form for making modifications, including +but not limited to software source code, documentation source, and configuration +files. + +“Object” form shall mean any form resulting from mechanical transformation or +translation of a Source form, including but not limited to compiled object code, +generated documentation, and conversions to other media types. + +“Work” shall mean the work of authorship, whether in Source or Object form, made +available under the License, as indicated by a copyright notice that is included +in or attached to the work (an example is provided in the Appendix below). + +“Derivative Works” shall mean any work, whether in Source or Object form, that +is based on (or derived from) the Work and for which the editorial revisions, +annotations, elaborations, or other modifications represent, as a whole, an +original work of authorship. For the purposes of this License, Derivative Works +shall not include works that remain separable from, or merely link (or bind by +name) to the interfaces of, the Work and Derivative Works thereof. + +“Contribution” shall mean any work of authorship, including the original version +of the Work and any modifications or additions to that Work or Derivative Works +thereof, that is intentionally submitted to Licensor for inclusion in the Work +by the copyright owner or by an individual or Legal Entity authorized to submit +on behalf of the copyright owner. For the purposes of this definition, +“submitted” means any form of electronic, verbal, or written communication sent +to the Licensor or its representatives, including but not limited to +communication on electronic mailing lists, source code control systems, and +issue tracking systems that are managed by, or on behalf of, the Licensor for +the purpose of discussing and improving the Work, but excluding communication +that is conspicuously marked or otherwise designated in writing by the copyright +owner as “Not a Contribution.” + +“Contributor” shall mean Licensor and any individual or Legal Entity on behalf +of whom a Contribution has been received by Licensor and subsequently +incorporated within the Work. + +#### 2. Grant of Copyright License + +Subject to the terms and conditions of this License, each Contributor hereby +grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, +irrevocable copyright license to reproduce, prepare Derivative Works of, +publicly display, publicly perform, sublicense, and distribute the Work and such +Derivative Works in Source or Object form. + +#### 3. Grant of Patent License + +Subject to the terms and conditions of this License, each Contributor hereby +grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, +irrevocable (except as stated in this section) patent license to make, have +made, use, offer to sell, sell, import, and otherwise transfer the Work, where +such license applies only to those patent claims licensable by such Contributor +that are necessarily infringed by their Contribution(s) alone or by combination +of their Contribution(s) with the Work to which such Contribution(s) was +submitted. If You institute patent litigation against any entity (including a +cross-claim or counterclaim in a lawsuit) alleging that the Work or a +Contribution incorporated within the Work constitutes direct or contributory +patent infringement, then any patent licenses granted to You under this License +for that Work shall terminate as of the date such litigation is filed. + +#### 4. Redistribution + +You may reproduce and distribute copies of the Work or Derivative Works thereof +in any medium, with or without modifications, and in Source or Object form, +provided that You meet the following conditions: + +* **(a)** You must give any other recipients of the Work or Derivative Works a copy of +this License; and +* **(b)** You must cause any modified files to carry prominent notices stating that You +changed the files; and +* **(c)** You must retain, in the Source form of any Derivative Works that You distribute, +all copyright, patent, trademark, and attribution notices from the Source form +of the Work, excluding those notices that do not pertain to any part of the +Derivative Works; and +* **(d)** If the Work includes a “NOTICE” text file as part of its distribution, then any +Derivative Works that You distribute must include a readable copy of the +attribution notices contained within such NOTICE file, excluding those notices +that do not pertain to any part of the Derivative Works, in at least one of the +following places: within a NOTICE text file distributed as part of the +Derivative Works; within the Source form or documentation, if provided along +with the Derivative Works; or, within a display generated by the Derivative +Works, if and wherever such third-party notices normally appear. The contents of +the NOTICE file are for informational purposes only and do not modify the +License. You may add Your own attribution notices within Derivative Works that +You distribute, alongside or as an addendum to the NOTICE text from the Work, +provided that such additional attribution notices cannot be construed as +modifying the License. + +You may add Your own copyright statement to Your modifications and may provide +additional or different license terms and conditions for use, reproduction, or +distribution of Your modifications, or for any such Derivative Works as a whole, +provided Your use, reproduction, and distribution of the Work otherwise complies +with the conditions stated in this License. + +#### 5. Submission of Contributions + +Unless You explicitly state otherwise, any Contribution intentionally submitted +for inclusion in the Work by You to the Licensor shall be under the terms and +conditions of this License, without any additional terms or conditions. +Notwithstanding the above, nothing herein shall supersede or modify the terms of +any separate license agreement you may have executed with Licensor regarding +such Contributions. + +#### 6. Trademarks + +This License does not grant permission to use the trade names, trademarks, +service marks, or product names of the Licensor, except as required for +reasonable and customary use in describing the origin of the Work and +reproducing the content of the NOTICE file. + +#### 7. Disclaimer of Warranty + +Unless required by applicable law or agreed to in writing, Licensor provides the +Work (and each Contributor provides its Contributions) on an “AS IS” BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, +including, without limitation, any warranties or conditions of TITLE, +NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are +solely responsible for determining the appropriateness of using or +redistributing the Work and assume any risks associated with Your exercise of +permissions under this License. + +#### 8. Limitation of Liability + +In no event and under no legal theory, whether in tort (including negligence), +contract, or otherwise, unless required by applicable law (such as deliberate +and grossly negligent acts) or agreed to in writing, shall any Contributor be +liable to You for damages, including any direct, indirect, special, incidental, +or consequential damages of any character arising as a result of this License or +out of the use or inability to use the Work (including but not limited to +damages for loss of goodwill, work stoppage, computer failure or malfunction, or +any and all other commercial damages or losses), even if such Contributor has +been advised of the possibility of such damages. + +#### 9. Accepting Warranty or Additional Liability + +While redistributing the Work or Derivative Works thereof, You may choose to +offer, and charge a fee for, acceptance of support, warranty, indemnity, or +other liability obligations and/or rights consistent with this License. However, +in accepting such obligations, You may act only on Your own behalf and on Your +sole responsibility, not on behalf of any other Contributor, and only if You +agree to indemnify, defend, and hold each Contributor harmless for any liability +incurred by, or claims asserted against, such Contributor by reason of your +accepting any such warranty or additional liability. diff --git a/README.md b/README.md index 66ab4fb..f7cf218 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,9 @@ -# awx-ee-custom +# AWX EE -Customised AWX EE \ No newline at end of file +An Ansible Execution Environment for AWX project. + +## Regenerating the build context: + +``` +$ tox -ebuild +``` diff --git a/_build/bindep.txt b/_build/bindep.txt new file mode 100644 index 0000000..db1a0d7 --- /dev/null +++ b/_build/bindep.txt @@ -0,0 +1,4 @@ +python38-devel [platform:rpm compile] +subversion [platform:rpm] +subversion [platform:dpkg] +git-lfs [platform:rpm] diff --git a/_build/bindep_combined.txt b/_build/bindep_combined.txt new file mode 100644 index 0000000..3303827 --- /dev/null +++ b/_build/bindep_combined.txt @@ -0,0 +1,13 @@ +openssl-devel [platform:rpm compile] # from collection ovirt.ovirt +gcc [platform:rpm compile] # from collection ovirt.ovirt +libcurl-devel [platform:rpm compile] # from collection ovirt.ovirt +libxml2-devel [platform:rpm compile] # from collection ovirt.ovirt +python3-pycurl [platform:rpm] # from collection ovirt.ovirt +python3-netaddr [platform:rpm] # from collection ovirt.ovirt +python3-jmespath [platform:rpm] # from collection ovirt.ovirt +python3-passlib [platform:rpm epel] # from collection ovirt.ovirt +qemu-img [platform:rpm] # from collection ovirt.ovirt +python38-devel [platform:rpm compile] # from collection user +subversion [platform:rpm] # from collection user +subversion [platform:dpkg] # from collection user +git-lfs [platform:rpm] # from collection user diff --git a/_build/requirements.yml b/_build/requirements.yml new file mode 100644 index 0000000..371265b --- /dev/null +++ b/_build/requirements.yml @@ -0,0 +1,13 @@ +--- +collections: + - name: awx.awx + - name: azure.azcollection + - name: amazon.aws + - name: theforeman.foreman + - name: google.cloud + - name: openstack.cloud + - name: community.vmware + - name: ovirt.ovirt + - name: kubernetes.core + - name: ansible.posix + - name: ansible.windows diff --git a/_build/requirements_combined.txt b/_build/requirements_combined.txt new file mode 100644 index 0000000..f42695e --- /dev/null +++ b/_build/requirements_combined.txt @@ -0,0 +1,59 @@ +boto>=2.49.0 # from collection amazon.aws +botocore>=1.12.249 # from collection amazon.aws +boto3>=1.9.249 # from collection amazon.aws +pytz # from collection awx.awx +python-dateutil>=2.7.0 # from collection awx.awx +awxkit # from collection awx.awx +packaging # from collection azure.azcollection +requests>=2.4.2 # from collection azure.azcollection,google.cloud,theforeman.foreman +xmltodict # from collection azure.azcollection +azure-cli-core==2.11.1 # from collection azure.azcollection +azure-cli-nspkg==3.0.2 # from collection azure.azcollection +azure-common==1.1.11 # from collection azure.azcollection +azure-mgmt-authorization==0.51.1 # from collection azure.azcollection +azure-mgmt-batch==5.0.1 # from collection azure.azcollection +azure-mgmt-cdn==3.0.0 # from collection azure.azcollection +azure-mgmt-compute==10.0.0 # from collection azure.azcollection +azure-mgmt-containerinstance==1.4.0 # from collection azure.azcollection +azure-mgmt-containerregistry==2.0.0 # from collection azure.azcollection +azure-mgmt-containerservice==9.1.0 # from collection azure.azcollection +azure-mgmt-datalake-store==0.5.0 # from collection azure.azcollection +azure-mgmt-dns==2.1.0 # from collection azure.azcollection +azure-mgmt-keyvault==1.1.0 # from collection azure.azcollection +azure-mgmt-marketplaceordering==0.1.0 # from collection azure.azcollection +azure-mgmt-monitor==0.5.2 # from collection azure.azcollection +azure-mgmt-managedservices==1.0.0 # from collection azure.azcollection +azure-mgmt-managementgroups==0.2.0 # from collection azure.azcollection +azure-mgmt-network==10.2.0 # from collection azure.azcollection +azure-mgmt-nspkg==2.0.0 # from collection azure.azcollection +azure-mgmt-privatedns==0.1.0 # from collection azure.azcollection +azure-mgmt-redis==5.0.0 # from collection azure.azcollection +azure-mgmt-resource==10.2.0 # from collection azure.azcollection +azure-mgmt-rdbms==1.9.0 # from collection azure.azcollection +azure-mgmt-servicebus==0.5.3 # from collection azure.azcollection +azure-mgmt-sql==0.10.0 # from collection azure.azcollection +azure-mgmt-storage==11.1.0 # from collection azure.azcollection +azure-mgmt-trafficmanager==0.50.0 # from collection azure.azcollection +azure-mgmt-web==0.41.0 # from collection azure.azcollection +azure-nspkg==2.0.0 # from collection azure.azcollection +azure-storage==0.35.1 # from collection azure.azcollection +msrest==0.6.10 # from collection azure.azcollection +msrestazure==0.6.4 # from collection azure.azcollection +azure-keyvault==1.0.0a1 # from collection azure.azcollection +azure-graphrbac==0.61.1 # from collection azure.azcollection +azure-mgmt-cosmosdb==0.5.2 # from collection azure.azcollection +azure-mgmt-hdinsight==0.1.0 # from collection azure.azcollection +azure-mgmt-devtestlabs==3.0.0 # from collection azure.azcollection +azure-mgmt-loganalytics==1.0.0 # from collection azure.azcollection +azure-mgmt-automation==0.1.1 # from collection azure.azcollection +azure-mgmt-iothub==0.7.0 # from collection azure.azcollection +azure-mgmt-recoveryservices==0.4.0 # from collection azure.azcollection +azure-mgmt-recoveryservicesbackup==0.6.0 # from collection azure.azcollection +pyvmomi # from collection community.vmware +git+https://github.com/vmware/vsphere-automation-sdk-python.git ; python_version >= '2.7' # Python 2.6 is not supported # from collection community.vmware +google-auth # from collection google.cloud +openshift>=0.6.2 # from collection kubernetes.core +requests-oauthlib # from collection kubernetes.core +openstacksdk>=0.13 # from collection openstack.cloud +ovirt-engine-sdk-python>=4.4.10 # from collection ovirt.ovirt +ipaddress # from collection theforeman.foreman \ No newline at end of file diff --git a/execution-environment.yml b/execution-environment.yml new file mode 100644 index 0000000..db7ae9f --- /dev/null +++ b/execution-environment.yml @@ -0,0 +1,14 @@ +--- +version: 1 +dependencies: + galaxy: _build/requirements.yml + system: _build/bindep.txt +additional_build_steps: + append: + - RUN alternatives --set python /usr/bin/python3 + - COPY --from=quay.io/project-receptor/receptor:0.9.7 /usr/bin/receptor /usr/bin/receptor + - RUN mkdir -p /var/run/receptor + - ADD run.sh /run.sh + - CMD /run.sh + - USER 1000 + - RUN git lfs install diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..f9e5cd1 --- /dev/null +++ b/requirements.txt @@ -0,0 +1 @@ +git+https://github.com/ansible/ansible-builder.git@devel#egg=ansible-builder diff --git a/run.sh b/run.sh new file mode 100755 index 0000000..b575803 --- /dev/null +++ b/run.sh @@ -0,0 +1,3 @@ +#! /bin/bash + +ansible-runner worker --private-data-dir=/runner diff --git a/tools/check_ansible_builder_changed.sh b/tools/check_ansible_builder_changed.sh new file mode 100755 index 0000000..75ad80b --- /dev/null +++ b/tools/check_ansible_builder_changed.sh @@ -0,0 +1,14 @@ +#!/bin/bash -e + +DIRTY=$(git status --porcelain | wc -l) +if [ "$DIRTY" -ne 0 ]; then + echo "ERROR: ansible-builder context is out of date, please re-run: " + echo "" + echo " tox -ebuild" + echo "" + echo "And commit changes." + git status + git diff + exit 1 +fi + diff --git a/tox.ini b/tox.ini new file mode 100644 index 0000000..e773891 --- /dev/null +++ b/tox.ini @@ -0,0 +1,34 @@ +[tox] +minversion = 1.6 +skipsdist = True + +[testenv] +basepython = python3 +install_command = pip install {opts} {packages} +deps = -r{toxinidir}/requirements.txt + +[testenv:podman] +passenv = + HOME +whitelist_external = + true +commands = + /bin/bash -c "podman rmi quay.io/ansible/awx-ee:latest || true" + ansible-builder build -v3 -c . -t quay.io/ansible/awx-ee {posargs} + + +[testenv:docker] +passenv = + HOME DOCKER_BUILDKIT +whitelist_external = + true +commands = + /bin/bash -c "podman rmi quay.io/ansible/awx-ee:latest || true" + ansible-builder build -v3 -c . -t quay.io/ansible/awx-ee {posargs} --container-runtime=docker + +[testenv:check-diff] +passenv = + {[testenv:docker]passenv} +commands = + {[testenv:docker]commands} + {toxinidir}/tools/check_ansible_builder_changed.sh