This page is not maintained
please check Working with CPE day to day - CentOS for the updated workflow
Index
Contents
Asking for your project to be added
So, your project or your SIG need to run specific CI tests to validate the whole stack and you want to benefit from the CentOS CI environment ? Here are the steps to get "onboarded" :
BareMetal Nodes
Visit https://bugs.centos.org/
- Report an Issue under the 'CentOS CI' project
- Include the following information in your report:
- Your Name
- The project you are working with / SIG name if a SIG
- Your Desired Username
- Your Email Address
SSH pubkey (This key will be used to let you enter the CI environment (Where Jenkins slave will be hosted) and to every node provisioned/given to you through the Duffy middleware(see http://wiki.centos.org/QaWiki/CI/Duffy)
- Your gpg pubkey (for sending some information (like credentials) through gpg encrypted email, if needed)
Separate Jenkins Master
Visit https://bugs.centos.org/
- Report an Issue under the 'CentOS CI' project
- Include the following information in your report:
- Your Name
- The project you are working with
- Your Desired Username
- Your Email Address
- Your gpg pubkey (attach this to the bug please)
Account Approval
Special Interest Group Members: Contact your SIG Chair to comment his/her approval on the bug
Upstream Projects: We will work with you to designate a coordinator to approve new members of your project in ci
How to use it
BareMetal Nodes
As soon as your account is created, you'll be able to :
use jump.ci.centos.org as a jump host (see https://wiki.centos.org/TipsAndTricks/SshTips/JumpHost) , example of ~/.ssh/config :
Host jump.ci Hostname jump.ci.centos.org ProxyCommand none ForwardAgent yes GSSAPIAuthentication no Host *.ci.centos.org ProxyCommand ssh jump.ci -W %h:%p ForwardAgent yes GSSAPIAuthentication no
- connect to the VM that will host your Jenkins slave (probably slave01.ci.centos.org) with the same credentials, but through the jump-host
- connect on the Jenkins WebUI (see credentials)
- run your Jenkins slave (see credentials)
You'll receive the following credentials :
- Duffy apikey, specific to your $project
- Jenkins password
- Jenkins slave node name dedicated for your project and specific jenkins secret key to use to connect that slave to jenkins master
Separate Jenkins master
You will receive your encrypted credentials in your email (provided during reporting an issue) to log to the OpenShift console as Admin.
Requesting node[s] for the CI tests
Duffy is the name of the small middleware used to provision nodes for the CI tests. Read the dedicated page on how to use to request/return back nodes before/after CI tests. You can request multiple bare metal nodes (see http://wiki.centos.org/QaWiki/PubHardware) installed with :
- CentOS 7 - x86_64
- CentOS 6 - x86_64 or/and i386
- CentOS 5 - x86_64 or/and i386
You can find an example python build script at https://github.com/kbsingh/centos-ci-scripts; You will need to substitute the api key in, and modify the cmd= line to suite your requirements. This script also has the added advantage of letting you maintain the actual test suite in its own git repo, outside of the ci.centos.org infrastructure.
Building a Jenkins Job
- In the Jenkins job definition, be sure to select "Restrict where this project can be run" and enter your project name in the "Label Expression" field. This will request nodes from your project's workspace.
Integrating with Github
It may be useful to trigger jobs on events in Github (like pull requests, or pushes to specific branches). You can find some common scenarios, and step-by-step instructions for putting these together here: QaWiki/CI/GithubIntegration
Exporting artifacts (if needed) to a storage box
Projects can publish artifacts from their builds (e.g. VM images) to a publicly accessible folder (available at http://artifacts.ci.centos.org/). The rsync username is the name of the project user and the password is the first 13 characters (including the dash) of the duffy api key. For example: if the project's duffy key is 9c67d9c6-b5e2-11e4-b2af-525400ea212d the rsync password would be 9c67d9c6-b5e2.
Projects can sync to the artifact location using the following snippet:
RSYNC_PASSWORD='9c67d9c6-b5e2' rsync -av files-in-workdir-to-sync/ <project>@artifacts.ci.centos.org::<project>/
Tips, Tricks, Caveats, and Provisos
Using the BuildTimeout plugin with a Python Build Step in the centos-ci-scripts pattern may result in orphaned hosts after the job is timed out