From 59c88c05e4607b5d0c67a9332f73bc2060ca61cd Mon Sep 17 00:00:00 2001 From: Adam Miller Date: Mon, 7 Mar 2016 22:09:45 +0000 Subject: [PATCH] add osbs ca to stage koji --- handlers/update_ca_trust.yml | 6 ++++++ playbooks/groups/buildhw.yml | 1 + playbooks/groups/buildvm.yml | 1 + playbooks/groups/koji-hub.yml | 3 +++ tasks/osbs_certs.yml | 11 +++++++++++ 5 files changed, 22 insertions(+) create mode 100644 handlers/update_ca_trust.yml create mode 100644 tasks/osbs_certs.yml diff --git a/handlers/update_ca_trust.yml b/handlers/update_ca_trust.yml new file mode 100644 index 0000000000..e24c66ae2f --- /dev/null +++ b/handlers/update_ca_trust.yml @@ -0,0 +1,6 @@ +######################################## +# Handlers for updating ca trust +# + +- name: update ca trust + shell: "update-ca-trust" diff --git a/playbooks/groups/buildhw.yml b/playbooks/groups/buildhw.yml index e4b9b5d574..283ed6b768 100644 --- a/playbooks/groups/buildhw.yml +++ b/playbooks/groups/buildhw.yml @@ -14,6 +14,7 @@ pre_tasks: - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/osbs_certs.yml" roles: - base diff --git a/playbooks/groups/buildvm.yml b/playbooks/groups/buildvm.yml index 65c08027b7..a1b79443aa 100644 --- a/playbooks/groups/buildvm.yml +++ b/playbooks/groups/buildvm.yml @@ -17,6 +17,7 @@ pre_tasks: - include: "{{ tasks }}/yumrepos.yml" + - include: "{{ tasks }}/osbs_certs.yml" roles: - base diff --git a/playbooks/groups/koji-hub.yml b/playbooks/groups/koji-hub.yml index ec3c2e95b5..1e63733286 100644 --- a/playbooks/groups/koji-hub.yml +++ b/playbooks/groups/koji-hub.yml @@ -16,6 +16,9 @@ - "/srv/private/ansible/vars.yml" - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + pre_tasks: + - include: "{{ tasks }}/osbs_certs.yml" + roles: - base - rkhunter diff --git a/tasks/osbs_certs.yml b/tasks/osbs_certs.yml new file mode 100644 index 0000000000..e7c8f734fd --- /dev/null +++ b/tasks/osbs_certs.yml @@ -0,0 +1,11 @@ +--- + +- include: "{{ handlers }}/update_ca_trust.yml" + +- name: put the osbs certs in place + copy: + src: "{{private}}/files/osbs/osbs-dev.certs/osbs-dev.fedorainfracloud.org.crt" + dest: "/etc/pki/ca-trust/source/anchors/osbs-dev.fedorainfracloud.org.crt" + when: env == "staging" + handlers: + - update ca trust