scl/kubespray
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
e86c0cf036b63896b84131cafb9ad4f9c7dc9b7b
kubespray/scripts/premoderator.sh
ERIK c3e73aabcf [2.21] Ensure that CI is available (#10673) 
* Convert exoscale tf provider to new version (#10646)

This is untested. It passes terraform validate to un-broke the CI.

* specify pyyaml version to 5.3.1

Signed-off-by: bo.jiang <bo.jiang@daocloud.io>

* Migrate CI_BUILD_ID to CI_JOB_ID and CI_BUILD_REF to CI_COMMIT_SHA (#10063)

* Use supported version of fedora in CI (#10108)

* tests: replace fedora35 with fedora37

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* tests: replace fedora36 with fedora38

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* docs: update fedora version in docs

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* molecule: upgrade fedora version

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* tests: upgrade fedora images for vagrant and kubevirt

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* vagrant: workaround to fix private network ip address in fedora

Fedora stop supporting syconfig network script so we added a workaround
here
https://github.com/hashicorp/vagrant/issues/12762#issuecomment-1535957837
to fix it.

* netowrkmanager: do not configure dns if using systemd-resolved

We should not configure dns if we point to systemd-resolved.
Systemd-resolved is using NetworkManager to infer the upstream DNS
server so if we set NetworkManager to 127.0.0.53 it will prevent
systemd-resolved to get the correct network DNS server.

Thus if we are in this case we just don't set this setting.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* image-builder: update centos7 image

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* gitlab-ci: mark fedora packet jobs as allow failure

Fedora networking is still broken on Packet, let's mark it as allow
failure for now.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
Co-authored-by: Max Gautier <mg@max.gautier.name>
Co-authored-by: Florian Ruynat <16313165+floryut@users.noreply.github.com>
Co-authored-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-12-01 04:42:21 +01:00

52 lines
2.1 KiB
Bash
Raw Blame History

#!/bin/bash
# A naive premoderation script to allow Gitlab CI pipeline on a specific PRs' comment
# Exits with 0, if the pipeline is good to go
# Exits with 1, if the user is not allowed to start pipeline
# Exits with 2, if script is unable to get issue id from CI_COMMIT_REF_NAME variable
# Exits with 3, if missing the magic comment in the pipeline to start the pipeline
CURL_ARGS="-fs --retry 4 --retry-delay 5"
MAGIC="${MAGIC:-ci check this}"
exit_code=0
# Get PR number from CI_COMMIT_REF_NAME
issue=$(echo ${CI_COMMIT_REF_NAME} | perl -ne '/^pr-(\d+)-\S+$/ && print $1')
if [ "$issue" = "" ]; then
echo "Unable to get issue id from: $CI_COMMIT_REF_NAME"
exit 2
fi
echo "Fetching labels from PR $issue"
labels=$(curl ${CURL_ARGS} "https://api.github.com/repos/kubernetes-sigs/kubespray/issues/${issue}?access_token=${GITHUB_TOKEN}" | jq '{labels: .labels}' | jq '.labels[].name' | jq -s '')
labels_to_patch=$(echo -n $labels | jq '. + ["needs-ci-auth"]' | tr -d "\n")
echo "Checking for '$MAGIC' comment in PR $issue"
# Get the user name from the PR comments with the wanted magic incantation casted
user=$(curl ${CURL_ARGS} "https://api.github.com/repos/kubernetes-sigs/kubespray/issues/${issue}/comments" | jq -M "map(select(.body | contains (\"$MAGIC\"))) | .[0] .user.login" | tr -d '"')
# Check for the required user group membership to allow (exit 0) or decline (exit >0) the pipeline
if [ "$user" = "" ] || [ "$user" = "null" ]; then
echo "Missing '$MAGIC' comment from one of the OWNERS"
exit_code=3
else
echo "Found comment from user: $user"
curl ${CURL_ARGS} "https://api.github.com/orgs/kubernetes-sigs/members/${user}"
if [ $? -ne 0 ]; then
echo "User does not have permissions to start CI run"
exit_code=1
else
labels_to_patch=$(echo -n $labels | jq '. - ["needs-ci-auth"]' | tr -d "\n")
exit_code=0
echo "$user has allowed CI to start"
fi
fi
# Patch labels on PR
curl ${CURL_ARGS} --request PATCH "https://api.github.com/repos/kubernetes-sigs/kubespray/issues/${issue}?access_token=${GITHUB_TOKEN}" -H "Content-Type: application/json" -d "{\"labels\": ${labels_to_patch}}"
exit $exit_code
Reference in New Issue View Git Blame Copy Permalink