I'm still kinda trying to make the openqa roles usable outside
of infra, so now I have a minute, let's do this: it makes the
static UID/GID for geekotest optional and configurable, instead
of hard coding it. For infra we set the value to 601, as we
are already using, in the openqa and openqa-stg group config.
this is a database value and there's no openQA API function to
set it, so we have to do it directly in the database...this
*should* work. I think. I should add equivalent functionality
for sqlite use as well, really...
there seems to be a bug in python2-guestfs which causes the
disk image with an updates.img file to be broken (the updates
image is only 4096 bytes long and incomplete). When built with
Python 3 the image seems to be fine. So, run the script with
python3 (as its hashbang says) and ensure necessary packages
are installed.
seems like we need the internal inbound relay but the public
outbound relay? I don't even know...but we definitely can't
connect to busgateway01.phx2.fedoraproject.org:3999
i think the relay 'fix' is only needed for stg, because there
was a firewall rule added for prod but not stg. It's not really
a 'fix' either (it'll stop messages getting out) but it at
least prevents fedmsg-relay failing, so keep it for now.
Ralph *mostly* fixed it, but the config we get from fedmsg/base
still doesn't quite work, so this just hacks it up after that
role's done. This will go away with a couple more fixes to the
fedmsg/base role.
with openQA jobs being scheduled and wiki results reported
(well, when we get that working again) by fedmsg-hub consumers,
we have to let the fedmsg user read these files.
we really shouldn't always_run these, as they actually *do*
stuff. That does mean that in check mode we won't check if
database init and admin user creation are necessary, but these
are only ever necessary exactly one time at initial deployment
which is likely to be kicked off manually anyway, so it should
not be a problem. We adjust the 'when' condition for the 'wait
for services to start up' action, so it will work in check mode
with the 'services' variable undefined (because the step that
defines it now won't be run).
This puts in place the bits needed to use the new createhdds.py
for image generation, which works much nicer with ansible than
the old createhdds.sh. For now, the disk creation step is
disabled, because creating some images (including the ones that
get refreshed regularly) requires running VMs, and the openqa
server hosts are VMs themselves and do not currently have nested
virt enabled, so the creation would run extremely slow. Once we
get nested virt enabled, I'll change the condition for the image
creation step to what it should be. Until then I'll carry on
handling image creation manually (both hosts have all the images
at present anyhow).
basically, dump the config from the server before loading the
templates file, dump it after, and use json_diff to compare.
I wanted to make the actual template loading script from openQA
do some kind of check in '--clean' mode, but given how it's
designed that's not really terribly practical without doing
some major re-architecting, and this seems like a relatively
simple alternative. With this change, the actual "Load tests"
step will never show 'changed', but the subsequent 'Check if
the tests changed in previous step' step will show as changed
when appropriate.
