WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-01 05:51:56 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
2bc9ab059f4baab034dafd062dba9dfd50ec2c4e
fedora-infra_ansible/playbooks/groups/buildvm.yml
Clement Verna 2364d11684 Add build_from parameter to osbs.conf on koji builders 
Signed-off-by: Clement Verna <cverna@tutanota.com>
2018-06-06 21:59:33 +02:00

218 lines
7.6 KiB
YAML
Raw Blame History

# create a new koji builder
# NOTE: should be used with --limit most of the time
# NOTE: make sure there is room/space for this builder on the buildvmhost
# NOTE: most of these vars_path come from group_vars/buildvm or from hostvars
- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=buildvm:buildvm-stg:buildvm-aarch64:buildvm-armv7:buildvm-ppc64:buildvm-ppc64le:buildvm-ppc64-stg:buildvm-ppc64le-stg:buildvm-aarch64-stg:buildvm-armv7-stg"
- name: make koji builder(s)
hosts: buildvm:buildvm-stg:buildvm-aarch64:buildvm-armv7:buildvm-ppc64:buildvm-ppc64le:buildvm-ppc64-stg:buildvm-ppc64le-stg:buildvm-aarch64-stg:buildvm-armv7-stg:buildvm-s390x:buildvm-s390x-stg
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
pre_tasks:
- import_tasks: "{{ tasks_path }}/yumrepos.yml"
roles:
- base
- hosts
- { role: nfs/client, mnt_dir: '/mnt/fedora_koji', nfs_src_dir: "{{ koji_hub_nfs }}", when: "env == 'staging' or createrepo" }
- { role: fas_client, when: not inventory_hostname.startswith('bkernel') }
- { role: sudo, when: not inventory_hostname.startswith('bkernel') }
- koji_builder
- role: keytab/service
kt_location: /etc/kojid/kojid.keytab
service: compile
- role: keytab/service
owner_user: root
owner_group: root
service: osbs
host: "osbs.fedoraproject.org"
when: env == "production"
- role: keytab/service
owner_user: root
owner_group: root
service: osbs
host: "osbs.stg.fedoraproject.org"
when: env == "staging"
- role: keytab/service
owner_user: root
owner_group: root
service: innercompose
host: "odcs{{ env_suffix }}.fedoraproject.org"
kt_location: /etc/kojid/secrets/odcs_inner.keytab
when: env == "staging"
tasks:
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
when: not inventory_hostname.startswith('bkernel')
- import_tasks: "{{ tasks_path }}/motd.yml"
when: not inventory_hostname.startswith('bkernel')
- name: make sure kojid is running
service: name=kojid state=started enabled=yes
handlers:
- import_tasks: "{{ handlers_path }}/restart_services.yml"
- name: configure osbs on koji builders
hosts: buildvm:buildvm-stg
tags:
- osbs
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
pre_tasks:
- import_tasks: "{{ tasks_path }}/osbs_certs.yml"
- import_tasks: "{{ tasks_path }}/osbs_repos.yml"
- import_tasks: "{{ tasks_path }}/osbs_koji_token.yml"
roles:
- {
role: osbs-client,
when: env == 'staging' and ansible_architecture == 'x86_64',
general: {
verbose: 0,
build_json_dir: '/usr/share/osbs/',
openshift_required_version: 1.1.0,
},
default: {
username: "{{ osbs_koji_stg_username }}",
password: "{{ osbs_koji_stg_password }}",
koji_use_kerberos: True,
koji_kerberos_keytab: "FILE:/etc/krb5.osbs_{{osbs_url}}.keytab",
koji_kerberos_principal: "osbs/{{osbs_url}}@{{ipa_realm}}",
openshift_url: 'https://{{ osbs_url }}/',
registry_uri: 'https://{{ docker_registry }}/v2',
source_registry_uri: 'https://{{ source_registry }}/v2',
build_host: '{{ osbs_url }}',
koji_root: 'http://{{ koji_root }}',
koji_hub: 'https://koji.stg.fedoraproject.org/kojihub',
sources_command: 'fedpkg sources',
build_type: 'prod',
authoritative_registry: 'registry.stg.fedoraproject.org',
vendor: 'Fedora Project',
verify_ssl: true,
use_auth: true,
builder_use_auth: true,
distribution_scope: 'private',
registry_api_versions: 'v2',
builder_openshift_url: 'https://{{osbs_url}}',
client_config_secret: 'client-config-secret',
reactor_config_secret: 'reactor-config-secret',
registry_secret_name: 'registry-secret',
token_secrets: 'x86-64-osbs:/var/run/secrets/atomic-reactor/x86-64-stg-orchestrator',
token_file: '/etc/osbs/x86-64-osbs-stg-koji',
namespace: 'osbs-fedora',
can_orchestrate: true,
builder_odcs_url: "https://odcs{{ env_suffix }}.fedoraproject.org",
builder_odcs_openidc_secret: "odcs-oidc-secret",
builder_pdc_url: "https://pdc.stg.fedoraproject.org/api/1",
flatpak_base_image: "registry.fedoraproject.org/fedora:28",
reactor_config_map: "reactor-config-map",
reactor_config_map_scratch: "reactor-config-map-scratch",
build_from: "image:buildroot:latest"
}
}
- {
role: osbs-client,
when: env == 'production' and ansible_architecture == 'x86_64',
general: {
verbose: 0,
build_json_dir: '/etc/osbs/input/',
openshift_required_version: 1.1.0,
},
default: {
username: "{{ osbs_koji_prod_username }}",
password: "{{ osbs_koji_prod_password }}",
koji_use_kerberos: True,
koji_kerberos_keytab: "FILE:/etc/krb5.osbs_{{osbs_url}}.keytab",
koji_kerberos_principal: "osbs/{{osbs_url}}@{{ipa_realm}}",
openshift_url: 'https://{{ osbs_url }}/',
registry_uri: 'https://{{ docker_registry }}/v2',
source_registry_uri: 'https://{{ source_registry }}/v2',
build_host: '{{ osbs_url }}',
koji_root: 'http://{{ koji_root }}',
koji_hub: 'https://koji.fedoraproject.org/kojihub',
sources_command: 'fedpkg sources',
build_type: 'prod',
authoritative_registry: 'registry.fedoraproject.org',
vendor: 'Fedora Project',
verify_ssl: true,
use_auth: true,
builder_use_auth: true,
distribution_scope: 'private',
registry_api_versions: 'v2',
builder_openshift_url: 'https://{{osbs_url}}'
}
}
handlers:
- import_tasks: "{{ handlers_path }}/restart_services.yml"
- name: configure varnish cache on buildvm-s390x-07.s390.fedoraproject.org
hosts: buildvm-s390x-07.s390.fedoraproject.org
tags:
- varnish
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
roles:
- varnish
handlers:
- import_tasks: "{{ handlers_path }}/restart_services.yml"
- name: configure sshfs on buildvm-s390x-01
hosts: buildvm-s390x-01.s390.fedoraproject.org:buildvm-s390x-01.stg.s390.fedoraproject.org
tags:
- sshfs
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
tasks:
- name: Put sshfs key in place
copy: src="{{ private }}/files/releng/sshkeys/primary-s390x-sshfs{{ '-staging' if env == 'staging' else '' }}"
dest="/etc/primary-s390x-sshfs"
owner=root group=root mode=0600
tags:
- sshfs
- name: Install sshfs
package: name=sshfs
state=present
tags:
- sshfs
- name: Add /mnt/fedora_koji sshfs
mount: path="/mnt/fedora_koji"
state=present
fstype=fuse.sshfs
src="root@koji01{{ env_suffix }}.phx2.fedoraproject.org:/mnt/fedora_koji"
opts="noauto,_netdev,ServerAliveInterval=20,IdentityFile=/etc/primary-s390x-sshfs"
tags:
- sshfs
handlers:
- import_tasks: "{{ handlers_path }}/restart_services.yml"
Reference in New Issue View Git Blame Copy Permalink