Fixes for quick-start playbooks
* Tell folks to run 'sudo docker-compose up' in case their user is not in the docker group. * Turn off fact gathering in playbooks because we've seen some leakage of device information from the host into the container which causes ansible to query device info that doesn't exist. We don't use facts anyway so this is faster too. * Use register instead of rescue to figure out if users/projects need to be created. It makes the ansible output tidier since there won't be any (expected) failure tasks. * Use the alpine image instead of centos for the gerritconfig container. We're more likely to be able to re-use this layer between this and the Zuul images than we would with centos (because the gerrit container over-specifies the centos version). * Capitalize the task names in playbooks. It looks better. Change-Id: I428a2aea4e7544e04771d89e8d5627431cfaf1de
This commit is contained in:
parent
011d765915
commit
1bd3fe9075
|
@ -1,5 +1,3 @@
|
|||
FROM centos:7
|
||||
FROM python:alpine
|
||||
|
||||
RUN yum install -y openssh git
|
||||
RUN curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && python get-pip.py
|
||||
RUN pip install ansible
|
||||
RUN apk add --no-cache openssh git build-base openssl-dev libffi-dev bash && pip install ansible
|
||||
|
|
|
@ -2,14 +2,15 @@
|
|||
# Gerrit's SSH host keys to the known hosts_file before starting.
|
||||
|
||||
- hosts: localhost
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: wait for gerrit to start
|
||||
- name: Wait for gerrit to start
|
||||
wait_for:
|
||||
host: gerrit
|
||||
port: 29418
|
||||
- name: make ssh dir
|
||||
- name: Ensure SSH directory exists
|
||||
file:
|
||||
state: directory
|
||||
path: /root/.ssh
|
||||
- name: fetch ssh host keys from gerrit
|
||||
- name: Fetch SSH host keys from Gerrit
|
||||
shell: ssh-keyscan -p 29418 gerrit > /root/.ssh/known_hosts
|
||||
|
|
|
@ -1,19 +1,22 @@
|
|||
- block:
|
||||
- name: check if {{ project }} project exists
|
||||
uri:
|
||||
url: http://gerrit:8080/projects/{{ project }}
|
||||
rescue:
|
||||
- name: create temp dir for {{ project }} creation
|
||||
- name: Check if {{ project }} project exists
|
||||
uri:
|
||||
url: http://gerrit:8080/projects/{{ project }}
|
||||
status_code: 200, 404
|
||||
register: project_check
|
||||
- name: Create {{ project }}
|
||||
when: project_check.status==404
|
||||
block:
|
||||
- name: Create temp dir for {{ project }} creation
|
||||
shell: mktemp -d
|
||||
register: project_tmp
|
||||
- name: create {{ project }} project
|
||||
- name: Create {{ project }} project in Gerrit
|
||||
uri:
|
||||
url: http://gerrit:8080/a/projects/{{ project }}
|
||||
method: PUT
|
||||
user: admin
|
||||
password: secret
|
||||
status_code: 201
|
||||
- name: create initial commit
|
||||
- name: Create initial commit in {{ project }}
|
||||
shell:
|
||||
executable: /bin/bash
|
||||
chdir: "{{ project_tmp.stdout }}"
|
||||
|
|
|
@ -2,12 +2,13 @@
|
|||
# in order to start.
|
||||
|
||||
- hosts: localhost
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: wait for gerrit to start
|
||||
- name: Wait for Gerrit to start
|
||||
wait_for:
|
||||
host: gerrit
|
||||
port: 29418
|
||||
- name: wait for zuul user to be created
|
||||
- name: Wait for zuul user to be created
|
||||
uri:
|
||||
url: http://gerrit:8080/a/accounts/zuul/sshkeys
|
||||
method: GET
|
||||
|
|
|
@ -1,33 +1,36 @@
|
|||
- hosts: localhost
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: wait for gerrit to start
|
||||
- name: Wait for Gerrit to start
|
||||
wait_for:
|
||||
host: gerrit
|
||||
port: 29418
|
||||
- name: generate admin ssh key
|
||||
- name: Generate admin SSH key for Gerrit
|
||||
command: ssh-keygen -f /var/ssh/admin -N ''
|
||||
args:
|
||||
creates: /var/ssh/admin.pub
|
||||
- name: generate zuul ssh key for gerrit
|
||||
- name: Generate Zuul SSH key for Gerrit
|
||||
command: ssh-keygen -f /var/ssh/zuul -N ''
|
||||
args:
|
||||
creates: /var/ssh/zuul.pub
|
||||
- name: generate zuul ssh key for nodepool
|
||||
- name: Generate Zuul SSH key for Nodepool
|
||||
command: ssh-keygen -f /var/ssh/nodepool -N ''
|
||||
args:
|
||||
creates: /var/ssh/nodepool.pub
|
||||
- name: add nodepool key to node authorized_keys file
|
||||
- name: Add Nodepool key to node authorized_keys file
|
||||
command: cp /var/ssh/nodepool.pub /var/node/authorized_keys
|
||||
args:
|
||||
creates: /var/node/authorized_keys
|
||||
- name: get first login screen
|
||||
# The Gerrit container puts up a helpful info page the first time
|
||||
# you hit the web server; get past that.
|
||||
- name: Get Gerrit first login screen
|
||||
uri:
|
||||
url: http://gerrit:8080/a/accounts/self/sshkeys
|
||||
method: GET
|
||||
user: admin
|
||||
password: secret
|
||||
ignore_errors: true
|
||||
- name: add admin ssh key to gerrit
|
||||
- name: Add admin SSH key to Gerrit
|
||||
uri:
|
||||
url: http://gerrit:8080/a/accounts/self/sshkeys
|
||||
method: POST
|
||||
|
@ -36,24 +39,24 @@
|
|||
body: "{{ lookup('file', '/var/ssh/admin.pub') }}"
|
||||
status_code: 201
|
||||
|
||||
- name: create temp dir for config update
|
||||
- name: Create temp dir for Gerrit config update
|
||||
shell: mktemp -d
|
||||
register: gerrit_tmp
|
||||
- name: set fact
|
||||
- name: Set All-Project repo location
|
||||
set_fact:
|
||||
all_projects_repo: "{{ gerrit_tmp.stdout }}/All-Projects"
|
||||
- name: checkout all-projects config
|
||||
- name: Checkout All-Projects config
|
||||
git:
|
||||
repo: ssh://gerrit:29418/All-Projects/
|
||||
ssh_opts: "-o StrictHostKeyChecking=no -i /var/ssh/admin -l admin"
|
||||
dest: "{{ all_projects_repo }}"
|
||||
refspec: '+refs/meta/config:refs/meta/config'
|
||||
version: refs/meta/config
|
||||
- name: copy all-projects config
|
||||
- name: Copy new All-Projects config into place
|
||||
copy:
|
||||
src: "/var/playbooks/project.config"
|
||||
dest: "{{ all_projects_repo }}/project.config"
|
||||
- name: update all-projects config
|
||||
- name: Update All-Projects config in Gerrit
|
||||
shell: |
|
||||
git config user.email 'admin@example.com'
|
||||
git commit -a -m 'update config'
|
||||
|
@ -62,17 +65,17 @@
|
|||
chdir: "{{ all_projects_repo }}"
|
||||
warn: false
|
||||
|
||||
- name: create zuul-config project
|
||||
- name: Create zuul-config project
|
||||
include_role:
|
||||
name: create_project
|
||||
vars:
|
||||
project: zuul-config
|
||||
- name: create test1 project
|
||||
- name: Create test1 project
|
||||
include_role:
|
||||
name: create_project
|
||||
vars:
|
||||
project: test1
|
||||
- name: create test2 project
|
||||
- name: Create test2 project
|
||||
include_role:
|
||||
name: create_project
|
||||
vars:
|
||||
|
@ -81,22 +84,23 @@
|
|||
# The Zuul user is created last because it is an atomic operation
|
||||
# which signals that Gerrit is ready for use and it is safe for
|
||||
# the Zuul scheduler to start.
|
||||
- block:
|
||||
- name: check if zuul user exists
|
||||
uri:
|
||||
url: http://gerrit:8080/accounts/zuul
|
||||
rescue:
|
||||
- name: create zuul gerrit account
|
||||
uri:
|
||||
url: http://gerrit:8080/a/accounts/zuul
|
||||
method: PUT
|
||||
user: admin
|
||||
password: secret
|
||||
status_code: 201
|
||||
body_format: json
|
||||
body:
|
||||
name: Zuul
|
||||
ssh_key: "{{ lookup('file', '/var/ssh/zuul.pub') }}"
|
||||
http_password: secret
|
||||
groups:
|
||||
- "Non-Interactive Users"
|
||||
- name: Check if zuul user exists
|
||||
uri:
|
||||
url: http://gerrit:8080/accounts/zuul
|
||||
status_code: 200, 404
|
||||
register: zuul_user_check
|
||||
- name: Create zuul Gerrit account
|
||||
when: zuul_user_check.status==404
|
||||
uri:
|
||||
url: http://gerrit:8080/a/accounts/zuul
|
||||
method: PUT
|
||||
user: admin
|
||||
password: secret
|
||||
status_code: 201
|
||||
body_format: json
|
||||
body:
|
||||
name: Zuul
|
||||
ssh_key: "{{ lookup('file', '/var/ssh/zuul.pub') }}"
|
||||
http_password: secret
|
||||
groups:
|
||||
- "Non-Interactive Users"
|
||||
|
|
|
@ -46,7 +46,7 @@ docker-compose in order to start Zuul, Nodepool and Gerrit.
|
|||
.. code-block:: shell
|
||||
|
||||
cd zuul/doc/source/admin/examples
|
||||
docker-compose up
|
||||
sudo docker-compose up
|
||||
|
||||
All of the services will be started with debug-level logging sent to
|
||||
the standard output of the terminal where docker-compose is running.
|
||||
|
|
Loading…
Reference in New Issue