# CentOS CI - On-boarding

Note to users:

Please note that Infra space is for Fedora and CentOS related projects to

consume. Decision may take some time (often up to 2 weeks) as these are decided

by the whole team.

Once decided as go, we will create you a namespace in a openshift cluster where

you can configure your CI. We do provide a Jenkins template in case you want to be

able to consume vms/baremetal nodes to perform your CI.

Please answer the following questions so that we understand your requirement.

* How does your project relates to Fedora/CentOS?

* Describe your work flow and if you need any special permissions (other than

  admin access to namespace), please tell us and provide a reason for them.

* Do you need bare-metal/vms checkout capability? (we prefer your workflow

  containerized)

* Resources required

  * PVs:

```

Project_name:

Project_members:

 - user1@ACO_registered_email_address

 - user2@ACO_registered_email_address

```

## Steps

1. Create an entry in duffy db (with ssh key) - [follow adding-duffy-api-key.md](/operations/ci/adding_cico_tenant/adding    -duffy-api-key/)

2. Create an OpenShift namespace/project (done with ansible)

3. Create a PV(Persistent Volume) and deploy Jenkins instance (done with ansible)

## Create an entry in duffy db (with ssh key) - [follow adding-duffy-api-key.md](/operations/ci/adding_cico_tenant/adding-duffy-api-key/)

### Create an OpenShift namespace

!!! important 

    we don't use the previous specific git repo for projects, as it's now all using the `ocp-admin` ansible role, see below

To create the openshift namespace/project, just add edit the inventory/host_vars/<ocp_controller_node> and add the new project to the existin `ocp_projects_list` ansible list.

Example:

```

# Declaring projects that will be created in ocp.ci

ocp_projects_list:

  - name: ci-infra-test

    members:

      - ci-user1@centos.org

      - ci-user2@centos.org

```

Once done, don't forget to commit/push and you can also play that role directly with a specific tag.

```

ansible-playbook playbooks/role-ocp-admin-node.yml --tags "projects"

PLAY [hostgroup-role-ocp-admin-node] *****************************************************************************

TASK [ocp-admin-node : Rendering template for projects] **********************************************************

Tuesday 21 December 2021  09:20:42 +0100 (0:00:00.116)       0:00:00.116 ****** 

ok: [ocp-admin.ci.centos.org] => (item=ci-infra-test)

changed: [ocp-admin.ci.centos.org] => (item=samba)

TASK [ocp-admin-node : Creating/modifying project if needed] *****************************************************

Tuesday 21 December 2021  09:20:47 +0100 (0:00:05.123)       0:00:05.240 ****** 

skipping: [ocp-admin.ci.centos.org] => (item=ci-infra-test) 

changed: [ocp-admin.ci.centos.org] => (item=samba)

PLAY RECAP *******************************************************************************************************

ocp-admin.ci.centos.org    : ok=2    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

Tuesday 21 December 2021  09:20:48 +0100 (0:00:01.075)       0:00:06.316 ****** 

```

!!! note

    If you need to also modify members and/or email addresses, you can just follow the same process and replay the same playbook : that will reflect changes in openshift. If you need access to that private git repository (to be fixed and moved elsewhere in the official `centos` namespace, reach out to another infra team member

## Deploy a PV (Persistent Volume) and Jenkins instance

!!! note

    In case you just need to create a PV *outside* of jenkins, follow [Persistent storage via NFS](https://docs.infra.centos.org/operations/ci/installation/persistant_storage_nfs/). 

We have an ad-hoc ansible task (adhoc-ocp-deploy-jenkins-for-ci-tenant.yml) that will create the needed PV , create a template and apply it with the correct ssh keys and duffy api key so ensure that you followed previous steps so that you have the project keys into pkistore git repo (using project name) and also duffy api key ready (as script will ask you for it):

```

ansible-playbook-ci playbooks/adhoc-ocp-deploy-jenkins-for-ci-tenant.yml

```

Just answer the following questions (project has to exist first ! :

```

Existing project/namespace in ocp we'll deploy jenkins to/for (has to exist before !) : samba

Persistent Volume size (example 10Gi) : 10Gi

Existing Duffy API key : <duffy_api_key>

```

Now you just have to wait for jenkins to be up and running 

!!! important

    We recently had an issue with the default jenkins image having outdated (and not working) [openshift sync plugin](https://plugins.jenkins.io/openshift-sync/) so be sure that you have at least 1.0.51 running in openshift. If not, update it first, and then configmap will be synced to jenkins, for the `cico-workspace` pod template