Merge branch 'Adding_in_v13_runner' into 'main'

variables:

    GIT_STRATEGY: clone

    TF_IMAGE: "registry.gitlab.com/gitlab-org/terraform-images/stable:latest"

    TF_ROOT: ${CI_PROJECT_DIR}/terraform

    TF_ROOT: ${CI_PROJECT_DIR}

    TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/k8s-cluster

    ANSIBLE_TERRAFORM_IMAGE: code.ornl.gov:4567/rse/images/ansible-terraform/ubuntu:0.2.0

# This import is for the func_rse_docker_* functions

before_script:

    - docker login --username=$CI_REGISTRY_USER --password=$CI_REGISTRY_PASSWORD $CI_REGISTRY

    #- docker login --username=$CI_REGISTRY_USER --password=$CI_REGISTRY_PASSWORD $CI_REGISTRY

    - curl https://code.ornl.gov/rse-deployment/rse-sharables/raw/master/rse-bash-modules.sh -O

    - source rse-bash-modules.sh

    - curl https://code.ornl.gov/rse-terraform-modules/shareable-scripts/raw/main/docker-terraform.sh -O

    - source docker-terraform.sh

    - func_rse_docker_cleanup

    - sudo rm -rf ${TF_ROOT}/.terraform || true

    - mv ${SSH_KEY} ${TF_ROOT}/ssh-key

    - chmod 600 ${TF_ROOT}/ssh-key

    - ssh-keygen -y -f ${TF_ROOT}/ssh-key > ${TF_ROOT}/ssh-key.pub

    #- mv ${SSH_KEY} ${TF_ROOT}/ssh-key

    #- chmod 600 ${TF_ROOT}/ssh-key

    #- ssh-keygen -y -f ${TF_ROOT}/ssh-key > ${TF_ROOT}/ssh-key.pub

    - export OS_AUTH_URL=${NEW_OS_AUTH_URL}    

    - export OS_PROJECT_ID=${NEW_OS_PROJECT_ID}    

    - export OS_PROJECT_NAME=${NEW_OS_PROJECT_NAME}    

    - export OS_PASSWORD=${NEW_OS_PASSWORD}

after_script:

    - source rse-bash-modules.sh

    - func_rse_docker_cleanup

    #- source rse-bash-modules.sh

    #- func_rse_docker_cleanup

    - sudo chown -R gitlab-runner .

    - sudo rm -rf ${TF_ROOT}/terraform/.terraform

    #- sudo rm -rf ${TF_ROOT}/terraform/.terraform

stages:

    - prepare

    - validate

    - build 

    - deploy

    - configure

    - post-setup

    #- configure

    #- post-setup

    - destroy

init:

plan:

    stage: build

    script:

    - mv ${TFVARS_FILE} ${TF_ROOT}/terraform.tfvars

    - mv ${SSH_KEY} ${TF_ROOT}/ssh-key

    - chmod 600 ${TF_ROOT}/ssh-key

    - ssh-keygen -y -f ./ssh-key > ./ssh-key.pub

    - docker_terraform init

    - docker_terraform_with_openstack "plan -var=ssh_key_file=ssh-key"

    - docker_terraform_with_openstack plan-json

apply:

    stage: deploy

    script:

    - mv ${SSH_KEY} ${TF_ROOT}/ssh-key

    - chmod 600 ${TF_ROOT}/ssh-key

    - ssh-keygen -y -f ./ssh-key > ./ssh-key.pub

    - apt-key adv --keyserver keyserver.ubuntu.com --recv-keys D8FF8E1F7DF8B07E

    - docker_terraform init

    - docker_terraform_with_openstack apply

    dependencies:

    tags:

        - neutrons-multi-builder

configure-storage:

.configure-storage:

  stage: configure

  extends: .ansible-playbook

  variables:

    PLAYBOOK: "persistent-volume.yaml" 

setup-docker:

.setup-docker:

  stage: post-setup

  extends: .ansible-playbook

  variables:

        - main

    tags:

        - neutrons-multi-builder

terraform {

  required_version = ">= 1.0"

  required_providers {

    openstack = {

      source = "terraform-provider-openstack/openstack"

    }

  }

  backend "http" {} 

}

locals {

  runner_projects_green = var.runner_projects_list

  runner_projects_blue  = var.runner_projects_list

  runner_tokens_green = [

    for name in local.runner_projects_green : var.projects_token_map[name]

  ]

  runner_tokens_blue = [

    for name in local.runner_projects_blue : var.projects_token_map[name]

  ]

}

resource "openstack_networking_secgroup_v2" "secgroup" {

  name        = var.security_group_name

  description = var.security_group_description

}

resource "openstack_networking_secgroup_rule_v2" "allow_prometheus_metrics" {

  direction         = "ingress"

  ethertype         = "IPv4"

  protocol          = "tcp"

  port_range_min    = 9252

  port_range_max    = 9252

  remote_ip_prefix  = "0.0.0.0/0"

  security_group_id = openstack_networking_secgroup_v2.secgroup.id 

}

module "drtsans_lfs_runners_green" {

  source        = "git::https://code.ornl.gov/rse-terraform-modules/ornl-cloud-gitlab-runners//modules/ornl-cloud-gitlab-runners?ref=v0.13"

  prefix                = "drtsans-lfs-runner-green"

  runner_count          = 1

  flavor                = var.flavor

  image_uuid            = var.image_uuid

  ssh_key_file          = var.ssh_key_file  

  volume_size           = 10

  ssh_username          = var.user

  network_name          = var.network_name

  runner_tokens         = local.runner_tokens_green

  runner_tags           = var.runner_multi_builder_tags

  runner_listen_address = ":9252"

  security_groups       = ["default", var.security_group_name]

  user_data             = <<EOF

    echo "TODO: Add monitoring here!"

EOF

}

module "drtsans_lfs_runners_blue" {

  source        = "git::https://code.ornl.gov/rse-terraform-modules/ornl-cloud-gitlab-runners//modules/ornl-cloud-gitlab-runners?ref=v0.13"

  prefix                = "drtsans-lfs-runner-blue"

  runner_count          = 0

  flavor                = var.flavor

  image_uuid            = var.image_uuid

  ssh_key_file          = var.ssh_key_file  

  volume_size           = 40

  ssh_username          = var.user

  network_name          = var.network_name

  runner_tokens         = local.runner_tokens_blue

  runner_tags           = var.runner_multi_builder_tags

  runner_listen_address = ":9252"

  security_groups       = ["default", var.security_group_name]

  user_data             = <<EOF

    echo "TODO: Add monitoring here!"

EOF

}

output "ip_runners_green" {

  value = module.drtsans_lfs_runners_green.ip

}

output "ip_runners_blue" {

  value = module.drtsans_lfs_runners_blue.ip

}

terraform {

  required_version = ">= 1.0"

  required_providers {

    openstack = {

      source = "terraform-provider-openstack/openstack"

    }

    ansible = {

      source = "nbering/ansible"

      version = "1.0.4"

    }

  }

  backend "http" {}

}

resource "openstack_compute_keypair_v2" "key" {

  name = "drtsans_lfs"

  public_key = file("${var.ssh_key_file}.pub")

}

resource "openstack_compute_instance_v2" "drtsans_lfs_nodes" {

  name            = "drtsans_lfs-${count.index}"

  count           = var.node_count

  image_id        = var.node_image_id

  security_groups = var.security_groups

  flavor_name     = var.node_flavor

  key_pair        = openstack_compute_keypair_v2.key.name 

  block_device {

    uuid                  = var.node_image_id

    source_type           = "image"

    destination_type      = "volume"

    volume_size           = var.node_ephemeral_volume_size

    boot_index            = 0

    delete_on_termination = true

  }

  network {

    name = var.network_name

  }

  connection {

    user        = var.ssh_username

    host        = self.access_ip_v4

    private_key = file("${var.ssh_key_file}")

  }

  provisioner "remote-exec" {

    inline = [

        "echo 'Hello, drtsans_lfs ${count.index} is up!'"

    ]

  }

}

resource "ansible_host" "drtsans_lfs" {

    inventory_hostname = openstack_compute_instance_v2.drtsans_lfs_nodes[0].access_ip_v4

    groups = ["drtsans_lfs_node"]

    vars = {

        ansible_user = var.ssh_username

        ansible_host = openstack_compute_instance_v2.drtsans_lfs_nodes[0].access_ip_v4

        access_ip_v4 = openstack_compute_instance_v2.drtsans_lfs_nodes[0].access_ip_v4

        access_ip    = openstack_compute_instance_v2.drtsans_lfs_nodes[0].access_ip_v4

        ip           = openstack_compute_instance_v2.drtsans_lfs_nodes[0].access_ip_v4

    }

}

output "nodes" {

  value = openstack_compute_instance_v2.drtsans_lfs_nodes.*.access_ip_v4

}