SovereignCloudStack
diff --git a/‎.ansible-lint
+10 b/‎.ansible-lint
+10
diff --git a/‎.github/workflows/ansible-lint.yml
+21 b/‎.github/workflows/ansible-lint.yml
+21
diff --git a/‎.github/workflows/check-yaml-syntax.yml
+25 b/‎.github/workflows/check-yaml-syntax.yml
+25
diff --git a/‎.yamllint.yml
+13 b/‎.yamllint.yml
+13
diff --git a/‎.zuul.yaml
+72 b/‎.zuul.yaml
+72
diff --git a/‎playbooks/dependencies.yaml
+61 b/‎playbooks/dependencies.yaml
+61
diff --git a/‎playbooks/openstack/cleanup.yaml
+48 b/‎playbooks/openstack/cleanup.yaml
+48
@@ -0,0 +1,10 @@
+---
+use_default_rules: true
+skip_list:
+  - yaml # disabled because we use yamllint
+# Roles and modules imported from https://opendev.org/zuul/zuul-jobs
+mock_roles:
+  - ensure-docker
+  - ensure-go
+mock_modules:
+  - zuul_return
@@ -0,0 +1,21 @@
+---
+name: Ansible lint
+
+"on":
+  push:
+    branches:
+      - main
+    paths:
+      - 'playbooks/**'
+  pull_request:
+    paths:
+      - 'playbooks/**'
+
+jobs:
+  build:
+    name: Ansible Lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run ansible-lint
+        uses: ansible/ansible-lint@v24
@@ -0,0 +1,25 @@
+---
+name: Check yaml syntax
+
+"on":
+  push:
+    branches:
+      - main
+    paths:
+      - '**.yaml'
+      - '**.yml'
+  pull_request:
+    paths:
+      - '**.yaml'
+      - '**.yml'
+
+jobs:
+  check-yaml-syntax:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: '3.x'
+      - run: pip3 install yamllint
+      - run: yamllint .
@@ -0,0 +1,13 @@
+---
+extends: default
+
+rules:
+  comments: enable
+  line-length: disable
+  # accept both     key:
+  #                   - item
+  # and             key:
+  #                 - item
+  # (the latter is very common in k8s land)
+  indentation:
+    indent-sequences: whatever
@@ -0,0 +1,72 @@
+---
+- job:
+    name: openstack-e2e-abstract
+    abstract: true
+    parent: openstack-access-base
+    description: |
+      An abstract job for e2e testing of cluster stacks project.
+      This job is not intended to be run directly, but instead
+      must be inherited from it.
+    pre-run: playbooks/dependencies.yaml
+    run: playbooks/openstack/e2e.yaml
+    cleanup-run: playbooks/openstack/cleanup.yaml  # executed also when the job is canceled
+    vars:
+      wait_for_cluster_stack_resource: 120  # 2min
+      wait_for_clusteraddons: 120  # 2min
+      wait_for_cluster_stack: 1440  # 24min
+      wait_for_cluster: 600  # 10min
+      sonobouy:
+        enabled: false
+      scs_compliance:
+        enabled: false
+
+- job:
+    name: e2e-openstack-conformance
+    parent: openstack-e2e-abstract
+    description: |
+      Run e2e tests of cluster-stacks project using
+      [sonobuoy](https://sonobuoy.io/) with mode conformance and
+      SCS compliance checks meaning it will test if the Kubernetes
+      cluster is conformant to the CNCF and to the SCS.
+    timeout: 10800  # 3h
+    vars:
+      wait_for_cluster: 1200  # 20min
+      sonobouy:
+        enabled: true
+        mode: conformance
+      scs_compliance:
+        enabled: true
+
+- job:
+    name: e2e-openstack-quick
+    parent: openstack-e2e-abstract
+    description: |
+      Run e2e tests of cluster-stacks project using
+      [sonobuoy](https://sonobuoy.io/) with mode quick and
+      SCS compliance checks.
+    timeout: 7200  # 2h
+    vars:
+      wait_for_cluster: 1200  # 20min
+      sonobouy:
+        enabled: true
+        mode: quick
+      scs_compliance:
+        enabled: true
+
+
+- project:
+    name: SovereignCloudStack/cluster-stacks
+    default-branch: main
+    merge-mode: "squash-merge"
+    e2e-test:
+      jobs:
+        - e2e-openstack-conformance
+    unlabel-on-update-e2e-test:
+      jobs:
+        - noop
+    e2e-quick-test:
+      jobs:
+        - e2e-openstack-quick
+    unlabel-on-update-e2e-quick-test:
+      jobs:
+        - noop
@@ -0,0 +1,61 @@
+---
+- name: Ensure cluster stacks dependencies
+  hosts: all
+  vars:
+    kind_version: "0.22.0"
+    kubectl_version: "1.29.3"
+    clusterctl_version: "1.7.2"
+    helm_version: "3.14.4"
+    yq_version: "4.44.1"
+    envsubst_version: "1.4.2"
+    install_dir: "{{ ansible_user_dir }}/.local/bin"
+  roles:  # https://opendev.org/zuul/zuul-jobs
+    - role: ensure-docker
+    - role: ensure-go
+      vars:
+        go_version: 1.21.6
+  environment:
+    PATH: "{{ install_dir }}:{{ ansible_env.PATH }}"
+  tasks:
+    - name: Make sure installation directory exists
+      ansible.builtin.file:
+        path: "{{ install_dir }}"
+        state: directory
+        mode: 0755
+    - name: Install clusterctl
+      ansible.builtin.get_url:
+        url: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v{{ clusterctl_version }}/clusterctl-linux-amd64"
+        dest: "{{ install_dir }}/clusterctl"
+        mode: "+x"
+    - name: Install envsubst
+      ansible.builtin.get_url:
+        url: "https://github.com/a8m/envsubst/releases/download/v{{ envsubst_version }}/envsubst-Linux-x86_64"
+        dest: "{{ install_dir }}/envsubst"
+        mode: "+x"
+    - name: Install yq
+      ansible.builtin.get_url:
+        url: "https://github.com/mikefarah/yq/releases/download/v{{ yq_version }}/yq_linux_amd64"
+        dest: "{{ install_dir }}/yq"
+        mode: "+x"
+    - name: Install KinD
+      ansible.builtin.get_url:
+        url: "https://kind.sigs.k8s.io/dl/v{{ kind_version }}/kind-linux-amd64"
+        dest: "{{ install_dir }}/kind"
+        mode: "+x"
+    - name: Install kubectl
+      ansible.builtin.get_url:
+        url: "https://dl.k8s.io/release/v{{ kubectl_version }}/bin/linux/amd64/kubectl"
+        dest: "{{ install_dir }}/kubectl"
+        mode: "+x"
+    # TODO: Install csctl and csctl-openstack from the release when it will be available
+    - name: Install csctl and csctl-openstack
+      ansible.builtin.import_tasks: tasks/csctl.yaml
+    - name: Install helm
+      ansible.builtin.unarchive:
+        src: "https://get.helm.sh/helm-v{{ helm_version }}-linux-amd64.tar.gz"
+        dest: "{{ install_dir }}"
+        extra_opts: "--strip-components=1"
+        mode: "+x"
+        remote_src: true
+      args:
+        creates: "{{ install_dir }}/helm"
@@ -0,0 +1,48 @@
+---
+- name: Cleanup
+  hosts: all
+  vars:
+    cloud_name: "{{ cloud }}"  # inherited from the parent job
+  environment:
+    PATH: "{{ ansible_user_dir }}/.local/bin:{{ ansible_env.PATH }}"
+  tasks:
+    - name: Delete server groups
+      when: scs_compliance.enabled
+      block:
+      - name: List existing server groups
+        ansible.builtin.command: "openstack server group list -f value -c Name -c ID"
+        register: server_groups
+        environment:
+          OS_CLOUD: "{{ cloud_name }}"
+        changed_when: true
+      - name: Parse test-cluster-controller srvgrp and assign ID to srvgrp_controller
+        ansible.builtin.set_fact:
+          srvgrp_controller: "{{ item.split(' ')[0] }}"
+        loop: "{{ server_groups.stdout_lines }}"
+        when: "server_groups is defined and server_groups.stdout_lines | length > 0 and 'test-cluster-controller' in item.split(' ')"
+      - name: Parse test-cluster-worker srvgrp and assign ID to srvgrp_worker
+        ansible.builtin.set_fact:
+          srvgrp_worker: "{{ item.split(' ')[0] }}"
+        loop: "{{ server_groups.stdout_lines }}"
+        when: "server_groups is defined and server_groups.stdout_lines | length > 0 and 'test-cluster-worker' in item.split(' ')"
+      - name: Delete Server Group for worker nodes
+        ansible.builtin.command: "openstack server group delete {{ srvgrp_worker }}"
+        environment:
+          OS_CLOUD: "{{ cloud_name }}"
+        when: srvgrp_worker is defined
+        changed_when: true
+      - name: Delete Server Group for control-plane nodes
+        ansible.builtin.command: "openstack server group delete {{ srvgrp_controller }}"
+        environment:
+          OS_CLOUD: "{{ cloud_name }}"
+        when: srvgrp_controller is defined
+        changed_when: true
+    - name: Check if test-cluster exists
+      ansible.builtin.command: "kubectl get cluster test-cluster"
+      register: cluster_check
+      ignore_errors: true
+      changed_when: true
+    - name: Cleanup workload cluster
+      ansible.builtin.command: "kubectl delete -f {{ ansible_user_dir }}/cluster.yaml"
+      when: cluster_check.rc == 0
+      changed_when: true