WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-04 06:05:08 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
2bc9ab059f4baab034dafd062dba9dfd50ec2c4e
fedora-infra_ansible/roles/relvalconsumer/tasks/main.yml

102 lines
3.4 KiB
YAML
Raw Blame History

# This role creates Wikitcms release validation events. There should
# always be exactly one host in infra with this role set up and
# relvalconsumer_prod set to True, or else we'll stop getting events.
#
# Required vars
# - wikitcms_user
## string - FAS username for creating wiki pages
# - wikitcms_password
## string - password for wikitcms_user
#
# Required vars with defaults
# - relvalconsumer_prod
## bool - whether this is the production instance. **SHOULD ONLY
## EVER BE TRUE ON ONE SYSTEM IN THE WORLD**
## default - False
# note: kept around for when we need packages from u-t
#- name: Install required packages (testing)
# dnf: name={{ item }} state=present enablerepo="updates-testing"
# with_items:
# - python2-fedfind
# - python2-wikitcms
# tags:
# - packages
- name: Install required packages
dnf: name={{ item }} state=present
with_items:
- python2-fedfind
- python2-wikitcms
- python2-fedmsg-consumers
- python2-mwclient
- python-setuptools
- relval
tags:
- packages
- name: Install required packages (wiki oidc auth)
dnf: name={{ item }} state=present enablerepo="updates"
with_items:
- python2-openidc-client
when: "wikitcms_token is defined"
tags:
- packages
# next two duplicated with openqa/dispatcher, but I kinda don't want to
# move them up somewhere shared, I like the roles to be somewhat usable
# outside of Fedora infra...
- name: Create /etc/fedora (credentials files location)
file: path=/etc/fedora state=directory owner=root group=fedmsg mode=0750
# We actually want to handle the case where wikitcms_user isn't defined
# even though it makes this role essentially do nothing, as we don't
# really want openqa-stg creating stuff in the staging wiki all the
# time. So in that case install the role but don't set up a credentials
# file and leave the role disabled
- name: Write wikitcms credentials file
template: src=credentials.j2 dest=/etc/fedora/credentials owner=root group=fedmsg mode=0640
when: "wikitcms_user is defined and wikitcms_password is defined"
tags:
- config
- name: Create /root/.openidc (token file location for manual runs as root)
file: path=/root/.openidc state=directory owner=root group=root mode=0700
- name: Create /usr/share/fedmsg/.openidc (token file location for fedmsg consumer runs)
file: path=/usr/share/fedmsg/.openidc state=directory owner=root group=fedmsg mode=0770
- name: Write wikitcms token file for root
copy: src={{ wikitcms_token }} dest=/root/.openidc/oidc_wikitcms.json owner=root group=root mode=0600
when: "wikitcms_token is defined"
tags:
- config
- name: Write wikitcms token file for fedmsg
copy: src={{ wikitcms_token }} dest=/usr/share/fedmsg/.openidc/oidc_wikitcms.json owner=root group=fedmsg mode=0660
when: "wikitcms_token is defined"
tags:
- config
- name: Check out relvalconsumer
git:
repo: https://pagure.io/fedora-qa/relvalconsumer.git
dest: /root/relvalconsumer
register: gitrvc
- name: Install relvalconsumer
command: "python setup.py install"
args:
chdir: /root/relvalconsumer
when: "gitrvc is changed"
notify:
- restart fedmsg-hub
- name: Enable fedmsg consumer
template: src=relvalconsumer.py.j2 dest=/etc/fedmsg.d/relvalconsumer.py owner=root group=root mode=0644
when: "wikitcms_user is defined and (wikitcms_password is defined or wikitcms_token is defined)"
notify:
- restart fedmsg-hub
tags:
- config
Reference in New Issue View Git Blame Copy Permalink