From Fedora Project Wiki

Revision as of 15:17, 18 October 2019 by Fbo (talk | contribs)

Zuul Based CI

News

August 28, 2019 - Created Taiga EPIC

Flock 2019

What is Zuul/Nodepool

Zuul [1] is the CI and gating system from the Open Infrastructure Project [2]. It is able to scale fine and handles by default features such as artifacts sharing between jobs and cross Git repositories testing. You can see Zuul in action here [3].

Below is a list of features proposed by Zuul and its companion Nodepool:

  • Event-driven pipelines based on Code-Review or Pull-Request workflow: jobs can be triggered automatically when a PR is submitted, changed, approved, merged, or when the repository is tagged.
  • CI-as-code: jobs are defined as YAML + Ansible playbooks, pipeline definitions as YAML files. Zuul reads and loads those definitions directly from Git repositories.
  • Support for jobs inheritance, jobs dependencies, jobs chaining (with artifacts sharing).
  • Speculative testing of new jobs before merging: jobs will be run as they are submitted to make sure they behave as expected.
  • Cross repositories dependencies: a jobs' workspace can include unmerged patches from other projects if specified
  • Parallel job run, only capped by resources available or predefined quotas
  • Automated jobs resources lifecycle management: resources like VMs or containers needed by a given job can be defined in-repository, spawned on demand at a job's start, and destroyed when the job is finished, or held for debugging
  • Job resources support of OpenStack, OpenShift, K8S, Static nodes, AWS.
  • Well-defined, reproducible job environments to eliminate flakiness
  • Speculative testing before merging (gating): if several patches are about to land at the same time, they are tested on the repository's future state.

Until now, Zuul was only able to listen to Gerrit or Github events. Recently a new driver [4] allow Zuul to interface with Pagure as well. Pagure, Zuul and Nodepool could therefore combine into a very efficient CI/CD stack.

How to Zuul attach a Pagure repository on Zuul

Configure the repository for Zuul

In the project settings:

Add the repository into the Zuul configuration

Open a Pull Request on https://pagure.io/fedora-project-config

Edit resources/fedora.yaml and add the repository such as!

  • For a repository hosted on pagure.io:
resources:
  projects:
    Fedora-Zuul-CI:
      ...
      source-repositories:
        ...
        - repository-name


  • For a repository hosted on src.fedoraproject.org:
resources:
  projects:
    Fedora-Zuul-CI:
      ...
      source-repositories:
        ...
        - repository-name:
            connection: src.fedoraproject.org

Once the Pull Request is accepted and merged, the repository should be available in the Zuul prokect list: https://fedora.softwarefactory-project.io/zuul/projects

How to attach packaging jobs for a distgit repository on src.fedoraproject.org

We have managed to provide some standard Pull Request's jobs and workflow. This idea is to reduce the amount of manual steps to propose packaging changes to Fedora by taking advantage of CI.

We propose a set of templates (template can be seen as workfow of jobs reacting to Pull Request events). Templates are available here https://pagure.io/fedora-zuul-jobs/blob/master/f/zuul.d/templates.yaml.

The templates attach jobs through three type of pipeline (not the same as Jenkins/Gitlab pipeline concept):

  • check: Jobs within that pipeline are triggered when a Pull Request is Opened or Updated
  • gate: Jobs within that pipeline are triggered when a Pull Request is approved (prior to be merged and closed)
  • promote: Jobs with that pipeline are triggered when a Pull Request is closed and merged

Available templates:

  • build: run the rpm-scratch-build (scratch koji) job in the check pipeline.
  • build-lint: run the rpm-scratch-build job then run the rpm-linter + rpm-rpminspect jobs against the rpms built by the first job.
  • build-lint-test: run the rpm-scratch-build job then run the rpm-linter + rpm-rpminspect + rpm-test jobs against the rpms built by the first job.
  • build-lint-test-gate: same as build-lint-test + the CI will merge the Pull Request if the Pull Request receive the metadata tag "gateit".
  • build-lint-test-gate-promote: same as build-lint-test-gate + rpm-build (regular koji build) when the Pull Request is merged and closed.

There are some other templates available but now you should have a clear understanding of them.

To attach a template to a repository you need to open a Pull Request on https://pagure.io/fedora-zuul-jobs-config.

Edit zuul.d/projects.yaml to add: 

- project:
    name: repository
    templates:
      - build-lint-gate-promote

repository should be like "rpms/python-gear".

Once the Pull Request is merged should should the jobs of the chosen template displayed by clicking on the related project on the page https://fedora.softwarefactory-project.io/zuul/projects.

zuul-distro-jobs

pagure.io/zuul-distro-jobs [5] is a generic suite of jobs and roles for Zuul dedicated for the build and publish RPMs (and hopefully containers in the future). We are working on it with the idea to provide a ready to use Zuul jobs/roles library for Zuul users having to handle RPM build in the CI. Currently there is support for Koji, Copr, DLRN, Mock. Feel free to add more !

Nodepool nodes

For the moment three node labels are defined in Nodepool [6]

  • Fedora 29 cloud image (VM) [7]
  • Fedora 30 container (runc) [8]
  • Centos 7 container (runc) - This is the by default container provided by Software Factory. It is not customizable.

Additional image definitions and containers could be simply provided in fedora-project-config repository.

Retrieved from "https://fedoraproject.org/w/index.php?title=Zuul-based-ci&oldid=555252"