diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index eb7321dce..cf4c017b8 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -14,10 +14,12 @@ variables: GS_ACCESS_KEY_ID: $GS_KEY GS_SECRET_ACCESS_KEY: $GS_SECRET CONTAINER_ENGINE: docker - SSH_USER: root GCE_PREEMPTIBLE: "false" ANSIBLE_KEEP_REMOTE_FILES: "1" ANSIBLE_CONFIG: ./tests/ansible.cfg + ANSIBLE_REMOTE_USER: kubespray + ANSIBLE_PRIVATE_KEY_FILE: /tmp/id_rsa + ANSIBLE_INVENTORY: /tmp/inventory RESET_CHECK: "false" REMOVE_NODE_CHECK: "false" UPGRADE_TEST: "false" diff --git a/.gitlab-ci/molecule.yml b/.gitlab-ci/molecule.yml index b37cd03ba..2dd93af00 100644 --- a/.gitlab-ci/molecule.yml +++ b/.gitlab-ci/molecule.yml @@ -1,29 +1,15 @@ --- .molecule: - tags: [ffci-vm-med] + tags: [ffci] only: [/^pr-.*$/] except: ['triggers'] - image: quay.io/kubespray/vm-kubespray-ci:v13 - services: [] stage: deploy-part1 - needs: [] + image: $PIPELINE_IMAGE + needs: + - pipeline-image # - ci-not-authorized - variables: - VAGRANT_DEFAULT_PROVIDER: "libvirt" - VAGRANT_HOME: "$CI_PROJECT_DIR/.vagrant.d" - PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip" before_script: - - mkdir -p $VAGRANT_HOME - - groups - - python3 -m venv citest - - source citest/bin/activate - - vagrant plugin expunge --reinstall --force --no-tty - - vagrant plugin install vagrant-libvirt - - pip install --no-compile --no-cache-dir pip -U - - pip install --no-compile --no-cache-dir -r $CI_PROJECT_DIR/requirements.txt - - pip install --no-compile --no-cache-dir -r $CI_PROJECT_DIR/tests/requirements.txt - ./tests/scripts/rebase.sh - - ./tests/scripts/vagrant_clean.sh script: - ./tests/scripts/molecule_run.sh after_script: @@ -32,72 +18,39 @@ when: always paths: - molecule_logs/ - cache: - key: $CI_JOB_NAME_SLUG - paths: - - .vagrant.d/boxes - - .cache/pip - policy: pull-push # TODO: change to "pull" when not on main + +molecule: + extends: .molecule + script: + - ./tests/scripts/molecule_run.sh -i $ROLE + parallel: + matrix: + - ROLE: + - container-engine/cri-dockerd + - container-engine/containerd + - container-engine/cri-o + - adduser + - bastion-ssh-config + - bootstrap-os # CI template for periodic CI jobs # Enabled when PERIODIC_CI_ENABLED var is set -.molecule_periodic: +molecule_full: only: variables: - $PERIODIC_CI_ENABLED allow_failure: true - extends: .molecule - -molecule_full: - extends: .molecule_periodic - -molecule_no_container_engines: - extends: .molecule - script: - - ./tests/scripts/molecule_run.sh -e container-engine - when: on_success - -molecule_docker: - extends: .molecule - script: - - ./tests/scripts/molecule_run.sh -i container-engine/cri-dockerd - when: on_success - -molecule_containerd: - extends: .molecule - script: - - ./tests/scripts/molecule_run.sh -i container-engine/containerd - when: on_success - -molecule_cri-o: - extends: .molecule - stage: deploy-part1 - script: - - ./tests/scripts/molecule_run.sh -i container-engine/cri-o - allow_failure: true - when: on_success - -# # Stage 3 container engines don't get as much attention so allow them to fail -# molecule_kata: -# extends: .molecule -# stage: deploy-extended -# script: -# - ./tests/scripts/molecule_run.sh -i container-engine/kata-containers -# when: manual -# # FIXME: this test is broken (perma-failing) - -molecule_gvisor: - extends: .molecule - stage: deploy-extended - script: - - ./tests/scripts/molecule_run.sh -i container-engine/gvisor - when: manual -# FIXME: this test is broken (perma-failing) - -molecule_youki: - extends: .molecule - stage: deploy-extended - script: - - ./tests/scripts/molecule_run.sh -i container-engine/youki - when: manual -# FIXME: this test is broken (perma-failing) + extends: molecule + parallel: + matrix: + - ROLE: + - container-engine/cri-dockerd + - container-engine/containerd + - container-engine/cri-o + - adduser + - bastion-ssh-config + - bootstrap-os + # FIXME : tests below are perma-failing + - container-engine/kata-containers + - container-engine/gvisor + - container-engine/youki diff --git a/roles/adduser/molecule/default/molecule.yml b/roles/adduser/molecule/default/molecule.yml index 0fb4997df..eba7f2a42 100644 --- a/roles/adduser/molecule/default/molecule.yml +++ b/roles/adduser/molecule/default/molecule.yml @@ -2,22 +2,18 @@ role_name_check: 1 dependency: name: galaxy -driver: - name: vagrant - provider: - name: libvirt platforms: - - name: adduser-01 - box: generic/ubuntu2004 - cpus: 1 - memory: 512 - provider_options: - driver: kvm + - name: ubuntu20 + cloud_image: ubuntu-2004 + vm_cpu_cores: 1 + vm_memory: 512 provisioner: name: ansible config_options: defaults: callbacks_enabled: profile_tasks timeout: 120 + playbooks: + create: ../../../../tests/cloud_playbooks/create-packet.yml verifier: name: testinfra diff --git a/roles/bastion-ssh-config/molecule/default/molecule.yml b/roles/bastion-ssh-config/molecule/default/molecule.yml index 11cf91ce5..4c8485313 100644 --- a/roles/bastion-ssh-config/molecule/default/molecule.yml +++ b/roles/bastion-ssh-config/molecule/default/molecule.yml @@ -2,17 +2,11 @@ role_name_check: 1 dependency: name: galaxy -driver: - name: vagrant - provider: - name: libvirt platforms: - name: bastion-01 - box: generic/ubuntu2004 - cpus: 1 - memory: 512 - provider_options: - driver: kvm + cloud_image: ubuntu-2004 + vm_cpu_cores: 1 + vm_memory: 512 provisioner: name: ansible config_options: @@ -27,5 +21,7 @@ provisioner: bastion: hosts: bastion-01: + playbooks: + create: ../../../../tests/cloud_playbooks/create-packet.yml verifier: name: testinfra diff --git a/roles/bootstrap-os/molecule/default/converge.yml b/roles/bootstrap-os/molecule/default/converge.yml index 89a832559..0463f64db 100644 --- a/roles/bootstrap-os/molecule/default/converge.yml +++ b/roles/bootstrap-os/molecule/default/converge.yml @@ -2,5 +2,6 @@ - name: Converge hosts: all gather_facts: false + become: true roles: - role: bootstrap-os diff --git a/roles/bootstrap-os/molecule/default/molecule.yml b/roles/bootstrap-os/molecule/default/molecule.yml index ba5d6e602..dff5d1e83 100644 --- a/roles/bootstrap-os/molecule/default/molecule.yml +++ b/roles/bootstrap-os/molecule/default/molecule.yml @@ -2,35 +2,23 @@ role_name_check: 1 dependency: name: galaxy -driver: - name: vagrant - provider: - name: libvirt platforms: - name: ubuntu20 - box: generic/ubuntu2004 - cpus: 1 - memory: 512 - provider_options: - driver: kvm + cloud_image: ubuntu-2004 + vm_cpu_cores: 1 + vm_memory: 512 - name: ubuntu22 - box: generic/ubuntu2204 - cpus: 1 - memory: 1024 - provider_options: - driver: kvm + cloud_image: ubuntu-2204 + vm_cpu_cores: 1 + vm_memory: 512 - name: almalinux9 - box: almalinux/9 - cpus: 1 - memory: 512 - provider_options: - driver: kvm - - name: debian10 - box: generic/debian10 - cpus: 1 - memory: 512 - provider_options: - driver: kvm + cloud_image: almalinux-9 + vm_cpu_cores: 1 + vm_memory: 512 + - name: debian12 + cloud_image: debian-12 + vm_cpu_cores: 1 + vm_memory: 512 provisioner: name: ansible config_options: @@ -43,5 +31,7 @@ provisioner: user: name: foo comment: My test comment + playbooks: + create: ../../../../tests/cloud_playbooks/create-packet.yml verifier: name: testinfra diff --git a/roles/container-engine/containerd/molecule/default/molecule.yml b/roles/container-engine/containerd/molecule/default/molecule.yml index 3ea60dc95..e34edf86c 100644 --- a/roles/container-engine/containerd/molecule/default/molecule.yml +++ b/roles/container-engine/containerd/molecule/default/molecule.yml @@ -1,40 +1,30 @@ --- role_name_check: 1 -driver: - name: vagrant - provider: - name: libvirt platforms: - - name: ubuntu20 - box: generic/ubuntu2004 - cpus: 1 - memory: 1024 - groups: + - cloud_image: ubuntu-2004 + name: ubuntu20 + vm_cpu_cores: 1 + vm_memory: 1024 + node_groups: - kube_control_plane - kube_node - k8s_cluster - provider_options: - driver: kvm - - name: debian11 - box: generic/debian11 - cpus: 1 - memory: 1024 - groups: + - cloud_image: debian-11 + name: debian11 + vm_cpu_cores: 1 + vm_memory: 1024 + node_groups: - kube_control_plane - kube_node - k8s_cluster - provider_options: - driver: kvm - - name: almalinux9 - box: almalinux/9 - cpus: 1 - memory: 1024 - groups: + - cloud_image: almalinux-9 + name: almalinux9 + vm_cpu_cores: 1 + vm_memory: 1024 + node_groups: - kube_control_plane - kube_node - k8s_cluster - provider_options: - driver: kvm provisioner: name: ansible env: @@ -43,5 +33,7 @@ provisioner: defaults: callbacks_enabled: profile_tasks timeout: 120 + playbooks: + create: ../../../../../tests/cloud_playbooks/create-packet.yml verifier: name: testinfra diff --git a/roles/container-engine/cri-dockerd/molecule/default/molecule.yml b/roles/container-engine/cri-dockerd/molecule/default/molecule.yml index b526c64c0..21c4c0595 100644 --- a/roles/container-engine/cri-dockerd/molecule/default/molecule.yml +++ b/roles/container-engine/cri-dockerd/molecule/default/molecule.yml @@ -1,28 +1,18 @@ --- role_name_check: 1 -driver: - name: vagrant - provider: - name: libvirt platforms: - name: almalinux9 - box: almalinux/9 - cpus: 1 - memory: 1024 - nested: true - groups: + cloud_image: almalinux-9 + vm_cpu_cores: 1 + vm_memory: 1024 + node_groups: - kube_control_plane - provider_options: - driver: kvm - name: ubuntu20 - box: generic/ubuntu2004 - cpus: 1 - memory: 1024 - nested: true - groups: + cloud_image: ubuntu-2004 + vm_cpu_cores: 1 + vm_memory: 1024 + node_groups: - kube_control_plane - provider_options: - driver: kvm provisioner: name: ansible env: @@ -35,5 +25,7 @@ provisioner: group_vars: all: become: true + playbooks: + create: ../../../../../tests/cloud_playbooks/create-packet.yml verifier: name: testinfra diff --git a/roles/container-engine/cri-o/molecule/default/molecule.yml b/roles/container-engine/cri-o/molecule/default/molecule.yml index f19bd123b..449d5807a 100644 --- a/roles/container-engine/cri-o/molecule/default/molecule.yml +++ b/roles/container-engine/cri-o/molecule/default/molecule.yml @@ -1,50 +1,38 @@ --- role_name_check: 1 -driver: - name: vagrant - provider: - name: libvirt platforms: - name: ubuntu20 - box: generic/ubuntu2004 - cpus: 2 - memory: 1024 - groups: + cloud_image: ubuntu-2004 + vm_cpu_cores: 2 + vm_memory: 1024 + node_groups: - kube_control_plane - kube_node - k8s_cluster - provider_options: - driver: kvm - name: almalinux9 - box: almalinux/9 - cpus: 2 - memory: 1024 - groups: + cloud_image: almalinux-9 + vm_cpu_cores: 2 + vm_memory: 1024 + node_groups: - kube_control_plane - kube_node - k8s_cluster - provider_options: - driver: kvm - name: fedora - box: fedora/38-cloud-base - cpus: 2 - memory: 2048 - groups: + cloud_image: fedora-39 + vm_cpu_cores: 2 + vm_memory: 1024 + node_groups: - kube_control_plane - kube_node - k8s_cluster - provider_options: - driver: kvm - - name: debian10 - box: generic/debian10 - cpus: 2 - memory: 1024 - groups: + - name: debian12 + cloud_image: debian-12 + vm_cpu_cores: 2 + vm_memory: 1024 + node_groups: - kube_control_plane - kube_node - k8s_cluster - provider_options: - driver: kvm provisioner: name: ansible env: @@ -53,5 +41,7 @@ provisioner: defaults: callbacks_enabled: profile_tasks timeout: 120 + playbooks: + create: ../../../../../tests/cloud_playbooks/create-packet.yml verifier: name: testinfra diff --git a/tests/Makefile b/tests/Makefile index b05d5be63..db66e340c 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -1,28 +1,19 @@ -init-packet: - mkdir -p $(HOME)/.ssh - echo $(PACKET_VM_SSH_PRIVATE_KEY) | base64 -d > $(HOME)/.ssh/id_rsa - chmod 400 $(HOME)/.ssh/id_rsa - create-tf: ./scripts/create-tf.sh delete-tf: ./scripts/delete-tf.sh -$(INVENTORY_DIR): +$(ANSIBLE_INVENTORY): mkdir $@ -create-packet: init-packet | $(INVENTORY_DIR) +create-packet: | $(ANSIBLE_INVENTORY) ansible-playbook cloud_playbooks/create-packet.yml -c local \ - -e @"files/${CI_JOB_NAME}.yml" \ - -e test_name="$(subst .,-,$(CI_PIPELINE_ID)-$(CI_JOB_ID))" \ - -e branch="$(CI_COMMIT_BRANCH)" \ - -e pipeline_id="$(CI_PIPELINE_ID)" \ - -e inventory_path=$| + -e @"files/${CI_JOB_NAME}.yml" delete-packet: ; -create-vagrant: | $(INVENTORY_DIR) +create-vagrant: | $(ANSIBLE_INVENTORY) vagrant up cp $(CI_PROJECT_DIR)/.vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory $| diff --git a/tests/cloud_playbooks/create-packet.yml b/tests/cloud_playbooks/create-packet.yml index 26c39217f..e373cbda2 100644 --- a/tests/cloud_playbooks/create-packet.yml +++ b/tests/cloud_playbooks/create-packet.yml @@ -1,8 +1,24 @@ --- - - name: Provision Packet VMs hosts: localhost gather_facts: false become: true - roles: - - { role: packet-ci, vm_cleanup: false } + tasks: + - name: Create Kubevirt VMs + import_role: + name: packet-ci + - name: Update inventory for Molecule + meta: refresh_inventory + +- name: Wait until SSH is available + hosts: all + become: false + gather_facts: false + + tasks: + - name: Wait until SSH is available + wait_for: + host: "{{ ansible_host }}" + port: 22 + timeout: 240 + delegate_to: localhost diff --git a/tests/cloud_playbooks/roles/packet-ci/defaults/main.yml b/tests/cloud_playbooks/roles/packet-ci/defaults/main.yml index 034233e3d..ced8f8cfb 100644 --- a/tests/cloud_playbooks/roles/packet-ci/defaults/main.yml +++ b/tests/cloud_playbooks/roles/packet-ci/defaults/main.yml @@ -6,41 +6,13 @@ vm_cpu_sockets: 1 vm_cpu_threads: 2 vm_memory: 2048 -# Replace invalid characters so that we can use the branch name in kubernetes labels -branch_name_sane: "{{ branch | regex_replace('/', '-') }}" - # Request/Limit allocation settings cpu_allocation_ratio: 0.25 memory_allocation_ratio: 1 -# Default path for inventory -inventory_path: "/tmp/{{ test_name }}/inventory" - # Deployment mode mode: default -# Cloud init config for each os type -# distro: fedora -> I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IGZlZG9yYQp1c2VyczoKIC0gbmFtZToga3ViZXNwcmF5CiAgIGdyb3Vwczogd2hlZWwKICAgc3VkbzogJ0FMTD0oQUxMKSBOT1BBU1NXRDpBTEwnCiAgIHNoZWxsOiAvYmluL2Jhc2gKICAgbG9ja19wYXNzd2Q6IEZhbHNlCiAgIGhvbWU6IC9ob21lL2t1YmVzcHJheQogICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgIC0gc3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCQVFDYW5UaS9lS3gwK3RIWUpBZURocStzRlMyT2JVUDEvSTY5ZjdpVjNVdGtLbFQyMEpmVzFmNkZlWHQvMDRWZjI3V1FxK05xczZ2R0JxRDlRWFNZdWYrdDAvczdFUExqVGVpOW1lMW1wcXIrdVRlK0tEdFRQMzlwZkQzL2VWQ2FlQjcyNkdQMkZrYUQwRnpwbUViNjZPM05xaHhPUTk2R3gvOVhUdXcvSzNsbGo0T1ZENkdyalIzQjdjNFh0RUJzWmNacHBNSi9vSDFtR3lHWGRoMzFtV1FTcUFSTy9QOFU4R3d0MCtIR3BVd2gvaGR5M3QrU1lvVEIyR3dWYjB6b3lWd3RWdmZEUXpzbThmcTNhdjRLdmV6OGtZdU5ESnYwNXg0bHZVWmdSMTVaRFJYc0FuZGhReXFvWGRDTEFlMCtlYUtYcTlCa1d4S0ZiOWhQZTBBVWpqYTU= -# distro: rhel: -> I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IHJoZWwKdXNlcnM6CiAtIG5hbWU6IGt1YmVzcHJheQogICBncm91cHM6IHdoZWVsCiAgIHN1ZG86ICdBTEw9KEFMTCkgTk9QQVNTV0Q6QUxMJwogICBzaGVsbDogL2Jpbi9iYXNoCiAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICBob21lOiAvaG9tZS9rdWJlc3ByYXkKICAgc3NoX2F1dGhvcml6ZWRfa2V5czoKICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1Cgo= -# distro: rhel (+ sudo and hostname packages): -> I2Nsb3VkLWNvbmZpZwpwYWNrYWdlczoKIC0gc3VkbwogLSBob3N0bmFtZQpzeXN0ZW1faW5mbzoKICBkaXN0cm86IHJoZWwKdXNlcnM6CiAtIG5hbWU6IGt1YmVzcHJheQogICBncm91cHM6IHdoZWVsCiAgIHN1ZG86ICdBTEw9KEFMTCkgTk9QQVNTV0Q6QUxMJwogICBzaGVsbDogL2Jpbi9iYXNoCiAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICBob21lOiAvaG9tZS9rdWJlc3ByYXkKICAgc3NoX2F1dGhvcml6ZWRfa2V5czoKICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1Cgo= -# generic one -> I2Nsb3VkLWNvbmZpZwogdXNlcnM6CiAgLSBuYW1lOiBrdWJlc3ByYXkKICAgIHN1ZG86IEFMTD0oQUxMKSBOT1BBU1NXRDpBTEwKICAgIHNoZWxsOiAvYmluL2Jhc2gKICAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICAgaG9tZTogL2hvbWUva3ViZXNwcmF5CiAgICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1 -cloud_init: - centos-8: "I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IHJoZWwKdXNlcnM6CiAtIG5hbWU6IGt1YmVzcHJheQogICBncm91cHM6IHdoZWVsCiAgIHN1ZG86ICdBTEw9KEFMTCkgTk9QQVNTV0Q6QUxMJwogICBzaGVsbDogL2Jpbi9iYXNoCiAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICBob21lOiAvaG9tZS9rdWJlc3ByYXkKICAgc3NoX2F1dGhvcml6ZWRfa2V5czoKICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1Cgo=" - almalinux-8: "I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IHJoZWwKdXNlcnM6CiAtIG5hbWU6IGt1YmVzcHJheQogICBncm91cHM6IHdoZWVsCiAgIHN1ZG86ICdBTEw9KEFMTCkgTk9QQVNTV0Q6QUxMJwogICBzaGVsbDogL2Jpbi9iYXNoCiAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICBob21lOiAvaG9tZS9rdWJlc3ByYXkKICAgc3NoX2F1dGhvcml6ZWRfa2V5czoKICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1Cgo=" - almalinux-9: "I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IHJoZWwKdXNlcnM6CiAtIG5hbWU6IGt1YmVzcHJheQogICBncm91cHM6IHdoZWVsCiAgIHN1ZG86ICdBTEw9KEFMTCkgTk9QQVNTV0Q6QUxMJwogICBzaGVsbDogL2Jpbi9iYXNoCiAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICBob21lOiAvaG9tZS9rdWJlc3ByYXkKICAgc3NoX2F1dGhvcml6ZWRfa2V5czoKICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1Cgo=" - rockylinux-8: "I2Nsb3VkLWNvbmZpZwpwYWNrYWdlczoKIC0gc3VkbwogLSBob3N0bmFtZQpzeXN0ZW1faW5mbzoKICBkaXN0cm86IHJoZWwKdXNlcnM6CiAtIG5hbWU6IGt1YmVzcHJheQogICBncm91cHM6IHdoZWVsCiAgIHN1ZG86ICdBTEw9KEFMTCkgTk9QQVNTV0Q6QUxMJwogICBzaGVsbDogL2Jpbi9iYXNoCiAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICBob21lOiAvaG9tZS9rdWJlc3ByYXkKICAgc3NoX2F1dGhvcml6ZWRfa2V5czoKICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1Cgo=" - rockylinux-9: "I2Nsb3VkLWNvbmZpZwpwYWNrYWdlczoKIC0gc3VkbwogLSBob3N0bmFtZQpzeXN0ZW1faW5mbzoKICBkaXN0cm86IHJoZWwKdXNlcnM6CiAtIG5hbWU6IGt1YmVzcHJheQogICBncm91cHM6IHdoZWVsCiAgIHN1ZG86ICdBTEw9KEFMTCkgTk9QQVNTV0Q6QUxMJwogICBzaGVsbDogL2Jpbi9iYXNoCiAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICBob21lOiAvaG9tZS9rdWJlc3ByYXkKICAgc3NoX2F1dGhvcml6ZWRfa2V5czoKICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1Cgo=" - debian-11: "I2Nsb3VkLWNvbmZpZwogdXNlcnM6CiAgLSBuYW1lOiBrdWJlc3ByYXkKICAgIHN1ZG86IEFMTD0oQUxMKSBOT1BBU1NXRDpBTEwKICAgIHNoZWxsOiAvYmluL2Jhc2gKICAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICAgaG9tZTogL2hvbWUva3ViZXNwcmF5CiAgICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1" - debian-12: "I2Nsb3VkLWNvbmZpZwogdXNlcnM6CiAgLSBuYW1lOiBrdWJlc3ByYXkKICAgIHN1ZG86IEFMTD0oQUxMKSBOT1BBU1NXRDpBTEwKICAgIHNoZWxsOiAvYmluL2Jhc2gKICAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICAgaG9tZTogL2hvbWUva3ViZXNwcmF5CiAgICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1" - fedora-37: "I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IGZlZG9yYQp1c2VyczoKIC0gbmFtZToga3ViZXNwcmF5CiAgIGdyb3Vwczogd2hlZWwKICAgc3VkbzogJ0FMTD0oQUxMKSBOT1BBU1NXRDpBTEwnCiAgIHNoZWxsOiAvYmluL2Jhc2gKICAgbG9ja19wYXNzd2Q6IEZhbHNlCiAgIGhvbWU6IC9ob21lL2t1YmVzcHJheQogICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgIC0gc3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCQVFDYW5UaS9lS3gwK3RIWUpBZURocStzRlMyT2JVUDEvSTY5ZjdpVjNVdGtLbFQyMEpmVzFmNkZlWHQvMDRWZjI3V1FxK05xczZ2R0JxRDlRWFNZdWYrdDAvczdFUExqVGVpOW1lMW1wcXIrdVRlK0tEdFRQMzlwZkQzL2VWQ2FlQjcyNkdQMkZrYUQwRnpwbUViNjZPM05xaHhPUTk2R3gvOVhUdXcvSzNsbGo0T1ZENkdyalIzQjdjNFh0RUJzWmNacHBNSi9vSDFtR3lHWGRoMzFtV1FTcUFSTy9QOFU4R3d0MCtIR3BVd2gvaGR5M3QrU1lvVEIyR3dWYjB6b3lWd3RWdmZEUXpzbThmcTNhdjRLdmV6OGtZdU5ESnYwNXg0bHZVWmdSMTVaRFJYc0FuZGhReXFvWGRDTEFlMCtlYUtYcTlCa1d4S0ZiOWhQZTBBVWpqYTU=" - fedora-38: "I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IGZlZG9yYQp1c2VyczoKIC0gbmFtZToga3ViZXNwcmF5CiAgIGdyb3Vwczogd2hlZWwKICAgc3VkbzogJ0FMTD0oQUxMKSBOT1BBU1NXRDpBTEwnCiAgIHNoZWxsOiAvYmluL2Jhc2gKICAgbG9ja19wYXNzd2Q6IEZhbHNlCiAgIGhvbWU6IC9ob21lL2t1YmVzcHJheQogICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgIC0gc3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCQVFDYW5UaS9lS3gwK3RIWUpBZURocStzRlMyT2JVUDEvSTY5ZjdpVjNVdGtLbFQyMEpmVzFmNkZlWHQvMDRWZjI3V1FxK05xczZ2R0JxRDlRWFNZdWYrdDAvczdFUExqVGVpOW1lMW1wcXIrdVRlK0tEdFRQMzlwZkQzL2VWQ2FlQjcyNkdQMkZrYUQwRnpwbUViNjZPM05xaHhPUTk2R3gvOVhUdXcvSzNsbGo0T1ZENkdyalIzQjdjNFh0RUJzWmNacHBNSi9vSDFtR3lHWGRoMzFtV1FTcUFSTy9QOFU4R3d0MCtIR3BVd2gvaGR5M3QrU1lvVEIyR3dWYjB6b3lWd3RWdmZEUXpzbThmcTNhdjRLdmV6OGtZdU5ESnYwNXg0bHZVWmdSMTVaRFJYc0FuZGhReXFvWGRDTEFlMCtlYUtYcTlCa1d4S0ZiOWhQZTBBVWpqYTU=" - fedora-39: "I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IGZlZG9yYQp1c2VyczoKIC0gbmFtZToga3ViZXNwcmF5CiAgIGdyb3Vwczogd2hlZWwKICAgc3VkbzogJ0FMTD0oQUxMKSBOT1BBU1NXRDpBTEwnCiAgIHNoZWxsOiAvYmluL2Jhc2gKICAgbG9ja19wYXNzd2Q6IEZhbHNlCiAgIGhvbWU6IC9ob21lL2t1YmVzcHJheQogICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgIC0gc3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCQVFDYW5UaS9lS3gwK3RIWUpBZURocStzRlMyT2JVUDEvSTY5ZjdpVjNVdGtLbFQyMEpmVzFmNkZlWHQvMDRWZjI3V1FxK05xczZ2R0JxRDlRWFNZdWYrdDAvczdFUExqVGVpOW1lMW1wcXIrdVRlK0tEdFRQMzlwZkQzL2VWQ2FlQjcyNkdQMkZrYUQwRnpwbUViNjZPM05xaHhPUTk2R3gvOVhUdXcvSzNsbGo0T1ZENkdyalIzQjdjNFh0RUJzWmNacHBNSi9vSDFtR3lHWGRoMzFtV1FTcUFSTy9QOFU4R3d0MCtIR3BVd2gvaGR5M3QrU1lvVEIyR3dWYjB6b3lWd3RWdmZEUXpzbThmcTNhdjRLdmV6OGtZdU5ESnYwNXg0bHZVWmdSMTVaRFJYc0FuZGhReXFvWGRDTEFlMCtlYUtYcTlCa1d4S0ZiOWhQZTBBVWpqYTU=" - fedora-40: "I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IGZlZG9yYQp1c2VyczoKIC0gbmFtZToga3ViZXNwcmF5CiAgIGdyb3Vwczogd2hlZWwKICAgc3VkbzogJ0FMTD0oQUxMKSBOT1BBU1NXRDpBTEwnCiAgIHNoZWxsOiAvYmluL2Jhc2gKICAgbG9ja19wYXNzd2Q6IEZhbHNlCiAgIGhvbWU6IC9ob21lL2t1YmVzcHJheQogICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgIC0gc3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCQVFDYW5UaS9lS3gwK3RIWUpBZURocStzRlMyT2JVUDEvSTY5ZjdpVjNVdGtLbFQyMEpmVzFmNkZlWHQvMDRWZjI3V1FxK05xczZ2R0JxRDlRWFNZdWYrdDAvczdFUExqVGVpOW1lMW1wcXIrdVRlK0tEdFRQMzlwZkQzL2VWQ2FlQjcyNkdQMkZrYUQwRnpwbUViNjZPM05xaHhPUTk2R3gvOVhUdXcvSzNsbGo0T1ZENkdyalIzQjdjNFh0RUJzWmNacHBNSi9vSDFtR3lHWGRoMzFtV1FTcUFSTy9QOFU4R3d0MCtIR3BVd2gvaGR5M3QrU1lvVEIyR3dWYjB6b3lWd3RWdmZEUXpzbThmcTNhdjRLdmV6OGtZdU5ESnYwNXg0bHZVWmdSMTVaRFJYc0FuZGhReXFvWGRDTEFlMCtlYUtYcTlCa1d4S0ZiOWhQZTBBVWpqYTU=" - opensuse-leap-15: "I2Nsb3VkLWNvbmZpZwogdXNlcnM6CiAgLSBuYW1lOiBrdWJlc3ByYXkKICAgIHN1ZG86IEFMTD0oQUxMKSBOT1BBU1NXRDpBTEwKICAgIHNoZWxsOiAvYmluL2Jhc2gKICAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICAgaG9tZTogL2hvbWUva3ViZXNwcmF5CiAgICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1" - rhel-server-7: "I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IHJoZWwKdXNlcnM6CiAtIG5hbWU6IGt1YmVzcHJheQogICBncm91cHM6IHdoZWVsCiAgIHN1ZG86ICdBTEw9KEFMTCkgTk9QQVNTV0Q6QUxMJwogICBzaGVsbDogL2Jpbi9iYXNoCiAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICBob21lOiAvaG9tZS9rdWJlc3ByYXkKICAgc3NoX2F1dGhvcml6ZWRfa2V5czoKICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1Cgo=" - amazon-linux-2: "I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IHJoZWwKdXNlcnM6CiAtIG5hbWU6IGt1YmVzcHJheQogICBncm91cHM6IHdoZWVsCiAgIHN1ZG86ICdBTEw9KEFMTCkgTk9QQVNTV0Q6QUxMJwogICBzaGVsbDogL2Jpbi9iYXNoCiAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICBob21lOiAvaG9tZS9rdWJlc3ByYXkKICAgc3NoX2F1dGhvcml6ZWRfa2V5czoKICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1Cgo=" - ubuntu-2004: "I2Nsb3VkLWNvbmZpZwogdXNlcnM6CiAgLSBuYW1lOiBrdWJlc3ByYXkKICAgIHN1ZG86IEFMTD0oQUxMKSBOT1BBU1NXRDpBTEwKICAgIHNoZWxsOiAvYmluL2Jhc2gKICAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICAgaG9tZTogL2hvbWUva3ViZXNwcmF5CiAgICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1" - ubuntu-2204: "I2Nsb3VkLWNvbmZpZwogdXNlcnM6CiAgLSBuYW1lOiBrdWJlc3ByYXkKICAgIHN1ZG86IEFMTD0oQUxMKSBOT1BBU1NXRDpBTEwKICAgIHNoZWxsOiAvYmluL2Jhc2gKICAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICAgaG9tZTogL2hvbWUva3ViZXNwcmF5CiAgICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1" - ubuntu-2404: "I2Nsb3VkLWNvbmZpZwogdXNlcnM6CiAgLSBuYW1lOiBrdWJlc3ByYXkKICAgIHN1ZG86IEFMTD0oQUxMKSBOT1BBU1NXRDpBTEwKICAgIHNoZWxsOiAvYmluL2Jhc2gKICAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICAgaG9tZTogL2hvbWUva3ViZXNwcmF5CiAgICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1" - oracle-7: "I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IHJoZWwKdXNlcnM6CiAtIG5hbWU6IGt1YmVzcHJheQogICBncm91cHM6IHdoZWVsCiAgIHN1ZG86ICdBTEw9KEFMTCkgTk9QQVNTV0Q6QUxMJwogICBzaGVsbDogL2Jpbi9iYXNoCiAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICBob21lOiAvaG9tZS9rdWJlc3ByYXkKICAgc3NoX2F1dGhvcml6ZWRfa2V5czoKICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1Cgo=" - openeuler-2403: "I2Nsb3VkLWNvbmZpZwpwYWNrYWdlczoKIC0gc3VkbwogLSBob3N0bmFtZQpzeXN0ZW1faW5mbzoKICBkaXN0cm86IHJoZWwKdXNlcnM6CiAtIG5hbWU6IGt1YmVzcHJheQogICBncm91cHM6IHdoZWVsCiAgIHN1ZG86ICdBTEw9KEFMTCkgTk9QQVNTV0Q6QUxMJwogICBzaGVsbDogL2Jpbi9iYXNoCiAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICBob21lOiAvaG9tZS9rdWJlc3ByYXkKICAgc3NoX2F1dGhvcml6ZWRfa2V5czoKICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1Cgo=" +node_groups: +- 'all' +cluster_layout: "{{ molecule_yml.platforms | d(scenarios[mode]) }}" diff --git a/tests/cloud_playbooks/roles/packet-ci/tasks/main.yml b/tests/cloud_playbooks/roles/packet-ci/tasks/main.yml index b360e3944..5f620e7d5 100644 --- a/tests/cloud_playbooks/roles/packet-ci/tasks/main.yml +++ b/tests/cloud_playbooks/roles/packet-ci/tasks/main.yml @@ -1,14 +1,21 @@ --- - name: Include custom vars for ci job - include_vars: "../files/{{ ci_job_name }}.yml" + include_vars: "../files/{{ lookup('ansible.builtin.env', 'CI_JOB_NAME') }}.yml" + when: molecule_yml is not defined + +- name: Generate SSH keypair + community.crypto.openssh_keypair: + size: 2048 + path: "{{ lookup('env', 'ANSIBLE_PRIVATE_KEY_FILE') }}" + mode: '400' + register: ssh_key - name: Start vms for CI job - vars: - tvars: - kubespray_groups: "{{ item }}" kubernetes.core.k8s: - definition: "{{ lookup('template', 'vm.yml.j2', template_vars=tvars) }}" - loop: "{{ scenarios[mode | d('default')] }}" + definition: "{{ lookup('template', 'vm.yml.j2', template_vars=item) }}" + loop: "{{ cluster_layout }}" + loop_control: + index_var: index - name: Wait for vms to have IP addresses kubernetes.core.k8s_info: @@ -27,17 +34,17 @@ - name: Massage VirtualMachineInstance data into an Ansible inventory structure vars: ips: "{{ vmis.resources | map(attribute='status.interfaces.0.ipAddress') }}" - names: "{{ vmis.resources | map(attribute='metadata.name') }}" - _groups: "{{ vmis.resources | map(attribute='metadata.annotations.ansible_groups') | map('split', ',') }}" + names: "{{ vmis.resources | map(attribute='metadata.annotations.inventory_name') }}" + _groups: "{{ (vmis.resources | map(attribute='metadata.annotations.ansible_groups') | map('split', ','))}}" hosts: "{{ ips | zip(_groups, names) - | map('zip', ['ansible_host', 'ansible_groups', 'k8s_vmi_name']) + | map('zip', ['ansible_host', 'ansible_groups', 'inventory_name']) | map('map', 'reverse') | map('community.general.dict') }}" loop: "{{ hosts | map(attribute='ansible_groups') | flatten | unique }}" set_fact: ci_inventory: "{{ ci_inventory|d({}) | combine({ item: { 'hosts': hosts | selectattr('ansible_groups', 'contains', item) - | rekey_on_member('k8s_vmi_name') + | rekey_on_member('inventory_name') } }) }}" @@ -45,5 +52,5 @@ - name: Create inventory for CI tests copy: content: "{{ ci_inventory | to_yaml }}" - dest: "{{ inventory_path }}/ci_inventory.yml" + dest: "{{ ansible_inventory_sources[0] }}/ci_inventory.yml" mode: "0644" diff --git a/tests/cloud_playbooks/roles/packet-ci/templates/vm.yml.j2 b/tests/cloud_playbooks/roles/packet-ci/templates/vm.yml.j2 index 920944963..db80155fd 100644 --- a/tests/cloud_playbooks/roles/packet-ci/templates/vm.yml.j2 +++ b/tests/cloud_playbooks/roles/packet-ci/templates/vm.yml.j2 @@ -2,18 +2,18 @@ apiVersion: kubevirt.io/v1 kind: VirtualMachineInstance metadata: - generateName: test-vm- + generateName: {{ cloud_image }}- namespace: {{ pod_namespace }} annotations: kubespray.com/ci.template-path: "tests/cloud_playbooks/roles/packet-ci/templates/vm.yml.j2" - ansible_groups: "{{ kubespray_groups | join(',') }}" + ansible_groups: "{{ node_groups | join(',') }}" + inventory_name: "{{ name | d(cloud_image ~ '-' ~ index) }}" # This does not use a dns prefix because dots are hard to escape with map(attribute=) in Jinja labels: kubevirt.io/os: {{ cloud_image }} kubevirt.io/size: small - kubevirt.io/domain: "{{ test_name }}" ci_job_id: "{{ ci_job_id }}" - ci_job_name: "{{ ci_job_name }}" + ci_job_name: "{{ lookup('ansible.builtin.env', 'CI_JOB_NAME_SLUG') }}" # leverage the Kubernetes GC for resources cleanup ownerReferences: - apiVersion: v1 @@ -56,4 +56,12 @@ spec: image: quay.io/kubespray/vm-{{ cloud_image }} - name: cloudinitvolume cloudInitNoCloud: - userDataBase64: {{ cloud_init[cloud_image] }} + userData: | + #cloud-config + users: + - name: {{ lookup('env', 'ANSIBLE_REMOTE_USER') }} + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + lock_passwd: False + ssh_authorized_keys: + - {{ ssh_key.public_key }} diff --git a/tests/cloud_playbooks/roles/packet-ci/vars/main.yml b/tests/cloud_playbooks/roles/packet-ci/vars/main.yml index 8eb9c7dbe..e8bac22e9 100644 --- a/tests/cloud_playbooks/roles/packet-ci/vars/main.yml +++ b/tests/cloud_playbooks/roles/packet-ci/vars/main.yml @@ -2,36 +2,35 @@ # This is a list of nodes with groups for each scenario/cluster layouts scenarios: separate: - - ['kube_control_plane'] - - ['kube_node'] - - ['etcd'] + - node_groups: ['kube_control_plane'] + - node_groups: ['kube_node'] + - node_groups: ['etcd'] ha: - - ['kube_control_plane', 'etcd'] - - ['kube_control_plane', 'etcd'] - - ['kube_node', 'etcd'] + - node_groups: ['kube_control_plane', 'etcd'] + - node_groups: ['kube_control_plane', 'etcd'] + - node_groups: ['kube_node', 'etcd'] default: - - ['kube_control_plane', 'etcd'] - - ['kube_node'] + - node_groups: ['kube_control_plane', 'etcd'] + - node_groups: ['kube_node'] all-in-one: - - ['kube_control_plane', 'etcd', 'kube_node'] + - node_groups: ['kube_control_plane', 'etcd', 'kube_node'] ha-recover: - - ['kube_control_plane', 'etcd'] - - ['kube_control_plane', 'etcd', 'broken_kube_control_plane', 'broken_etcd'] - - ['kube_node', 'etcd'] + - node_groups: ['kube_control_plane', 'etcd'] + - node_groups: ['kube_control_plane', 'etcd', 'broken_kube_control_plane', 'broken_etcd'] + - node_groups: ['kube_node', 'etcd'] ha-recover-noquorum: - - ['kube_control_plane', 'etcd', 'broken_kube_control_plane', 'broken_etcd'] - - ['kube_control_plane', 'etcd', 'broken_kube_control_plane', 'broken_etcd'] - - ['kube_node', 'etcd'] + - node_groups: ['kube_control_plane', 'etcd', 'broken_kube_control_plane', 'broken_etcd'] + - node_groups: ['kube_control_plane', 'etcd', 'broken_kube_control_plane', 'broken_etcd'] + - node_groups: ['kube_node', 'etcd'] node-etcd-client: - - ['kube_node', 'kube_control_plane', 'etcd'] - - ['kube_node', 'etcd'] - - ['kube_node', 'etcd'] - - ['kube_node'] + - node_groups: ['kube_node', 'kube_control_plane', 'etcd'] + - node_groups: ['kube_node', 'etcd'] + - node_groups: ['kube_node', 'etcd'] + - node_groups: ['kube_node'] # Get pod metadata / CI vars from environment ci_job_id: "{{ lookup('ansible.builtin.env', 'CI_JOB_ID', default=undefined) }}" -ci_job_name: "{{ lookup('ansible.builtin.env', 'CI_JOB_NAME', default=undefined) }}" pod_name: "{{ lookup('ansible.builtin.env', 'POD_NAME', default=undefined) }}" pod_uid: "{{ lookup('ansible.builtin.env', 'POD_UID', default=undefined) }}" pod_namespace: "{{ lookup('ansible.builtin.env', 'POD_NAMESPACE', default=undefined) }}" diff --git a/tests/cloud_playbooks/wait-for-ssh.yml b/tests/cloud_playbooks/wait-for-ssh.yml deleted file mode 100644 index 54b268273..000000000 --- a/tests/cloud_playbooks/wait-for-ssh.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- name: Wait until SSH is available - hosts: all - become: false - gather_facts: false - - tasks: - - name: Wait until SSH is available - wait_for: - host: "{{ ansible_host }}" - port: 22 - timeout: 240 - delegate_to: localhost diff --git a/tests/scripts/testcases_run.sh b/tests/scripts/testcases_run.sh index 89a8d641a..1d97bbf4c 100755 --- a/tests/scripts/testcases_run.sh +++ b/tests/scripts/testcases_run.sh @@ -23,12 +23,10 @@ if [ "${UPGRADE_TEST}" != "false" ]; then git checkout "${CI_COMMIT_SHA}" -- tests/ fi -export ANSIBLE_REMOTE_USER=$SSH_USER export ANSIBLE_BECOME=true export ANSIBLE_BECOME_USER=root -export ANSIBLE_INVENTORY=/tmp/inventory/ -make -C tests INVENTORY_DIR=${ANSIBLE_INVENTORY} create-${CI_PLATFORM} -s +make -C tests create-${CI_PLATFORM} -s # Test collection build and install by installing our collection, emptying our repository, adding # cluster.yml, reset.yml, and remote-node.yml files that simply point to our collection's playbooks, and then @@ -65,8 +63,6 @@ EOF fi -ansible-playbook tests/cloud_playbooks/wait-for-ssh.yml - run_playbook () { playbook=$1 shift