From 7aa01a3f3d394541585e0f4c26294ea478813033 Mon Sep 17 00:00:00 2001
From: Pavel Raiskup <praiskup@redhat.com>
Date: Thu, 13 Jun 2019 10:51:57 +0200
Subject: [PATCH] copr: aarch64 hypervisor setup

This is for documentation purposes only (at least for now).  The
stuff I'm adding now will be referenced by Copr SOP to some extent
(especially the way how to prepare copr builder image for aarch64)
---
 inventory/inventory                           |  4 ++
 playbooks/groups/copr-aarch64-hypervisors.yml | 11 +++++
 .../files/builder-repositories.repo           | 26 ++++++++++
 .../files/prepare-disk                        | 40 +++++++++++++++
 .../copr_hypervisor_aarch64/files/upload-disk | 24 +++++++++
 roles/copr_hypervisor_aarch64/tasks/main.yml  | 49 +++++++++++++++++++
 6 files changed, 154 insertions(+)
 create mode 100644 playbooks/groups/copr-aarch64-hypervisors.yml
 create mode 100644 roles/copr_hypervisor_aarch64/files/builder-repositories.repo
 create mode 100755 roles/copr_hypervisor_aarch64/files/prepare-disk
 create mode 100755 roles/copr_hypervisor_aarch64/files/upload-disk
 create mode 100644 roles/copr_hypervisor_aarch64/tasks/main.yml

diff --git a/inventory/inventory b/inventory/inventory
index f797c6a562..01c8cd0f36 100644
--- a/inventory/inventory
+++ b/inventory/inventory
@@ -1248,6 +1248,10 @@ copr_back_dev
 copr_keygen_dev
 copr_dist_git_dev
 
+[copr_hypervisors_aarch64]
+virthost-aarch64-os01.fedorainfracloud.org
+virthost-aarch64-os02.fedorainfracloud.org
+
 [libravatar]
 libravatar.fedorainfracloud.org
 
diff --git a/playbooks/groups/copr-aarch64-hypervisors.yml b/playbooks/groups/copr-aarch64-hypervisors.yml
new file mode 100644
index 0000000000..5e5e9272d1
--- /dev/null
+++ b/playbooks/groups/copr-aarch64-hypervisors.yml
@@ -0,0 +1,11 @@
+- name: provision aarch64 box
+  hosts: copr_hypervisors_aarch64
+  gather_facts: false
+  user: copr
+
+  vars_files:
+   - /srv/web/infra/ansible/vars/global.yml
+   - /srv/private/ansible/vars.yml
+
+  roles:
+  - copr_hypervisor_aarch64
diff --git a/roles/copr_hypervisor_aarch64/files/builder-repositories.repo b/roles/copr_hypervisor_aarch64/files/builder-repositories.repo
new file mode 100644
index 0000000000..6b3ad2324f
--- /dev/null
+++ b/roles/copr_hypervisor_aarch64/files/builder-repositories.repo
@@ -0,0 +1,26 @@
+[infrastructure-tags]
+name=Fedora Infrastructure tag $releasever - $basearch
+baseurl=https://kojipkgs.fedoraproject.org/repos-dist/f$releasever-infra/latest/$basearch/
+enabled=1
+gpgcheck=1
+gpgkey=https://infrastructure.fedoraproject.org/repo/infra/RPM-GPG-KEY-INFRA-TAGS
+exclude=mock
+
+[infrastructure-tags-stg]
+name=Fedora Infrastructure staging tag $releasever - $basearch
+baseurl=https://kojipkgs.fedoraproject.org/repos-dist/f$releasever-infra-stg/latest/$basearch/
+enabled=0
+gpgcheck=1
+gpgkey=https://infrastructure.fedoraproject.org/repo/infra/RPM-GPG-KEY-INFRA-TAGS
+exclude=mock
+
+# [group_copr-copr]
+# name=Copr repo for copr owned by @copr
+# baseurl=https://copr-be.cloud.fedoraproject.org/results/@copr/copr/fedora-$releasever-x86_64/
+# type=rpm-md
+# skip_if_unavailable=False
+# gpgcheck=1
+# gpgkey=https://copr-be.cloud.fedoraproject.org/results/@copr/copr/pubkey.gpg
+# repo_gpgcheck=0
+# enabled=0
+# enabled_metadata=1
diff --git a/roles/copr_hypervisor_aarch64/files/prepare-disk b/roles/copr_hypervisor_aarch64/files/prepare-disk
new file mode 100755
index 0000000000..0ca122216b
--- /dev/null
+++ b/roles/copr_hypervisor_aarch64/files/prepare-disk
@@ -0,0 +1,40 @@
+#! /bin/sh -x
+
+set -e
+
+sourcedir=$(dirname "$(readlink -f "$0")")
+
+src_img=$1
+dst_img=/tmp/newdisk.qcow2
+
+cp "$src_img" "$dst_img"
+
+# We could be using 'virt-resize --expand /dev/sda2' instead, but we are
+# running too old hypervisor to handle Fedora images:
+# e2fsck: Get a newer version of e2fsck!
+
+guestfish -a "$dst_img" <<EOF
+run
+mount /dev/sda2 /
+write        /etc/rc.d/rc.local "#! /bin/sh\n"
+write-append /etc/rc.d/rc.local "set -e\n"
+write-append /etc/rc.d/rc.local "mkdir -p /config\n"
+write-append /etc/rc.d/rc.local "mount /dev/disk/by-label/copr_config /config\n"
+write-append /etc/rc.d/rc.local "sh -x /config/pre-network-script.sh\n"
+write-append /etc/rc.d/rc.local "mkswap /dev/vdc && swapon /dev/vdc\n"
+chmod 0755   /etc/rc.d/rc.local
+EOF
+
+install_packages=copr-builder
+install() { install_packages="$install_packages,$1" ; }
+
+install cloud-utils-growpart    # growpart called in pre-network-script.sh
+install qemu-guest-agent        # allow VM inspect from the outside
+
+virt-customize -a "$dst_img" \
+    --copy-in "$sourcedir/builder-repositories.repo":/etc/yum.repos.d \
+    --update \
+    --install "$install_packages" \
+    --uninstall cloud-init \
+    --ssh-inject root:string:"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCeTO0ddXuhDZYM9HyM0a47aeV2yIVWhTpddrQ7/RAIs99XyrsicQLABzmdMBfiZnP0FnHBF/e+2xEkT8hHJpX6bX81jjvs2bb8KP18Nh8vaXI3QospWrRygpu1tjzqZT0Llh4ZVFscum8TrMw4VWXclzdDw6x7csCBjSttqq8F3iTJtQ9XM9/5tCAAOzGBKJrsGKV1CNIrfUo5CSzY+IUVIr8XJ93IB2ZQVASK34T/49egmrWlNB32fqAbDMC+XNmobgn6gO33Yq5Ly7Dk4kqTUx2TEaqDkZfhsVu0YcwV81bmqsltRvpj6bIXrEoMeav7nbuqKcPLTxWEY/2icePF copr-backend" \
+    --selinux-relabel
diff --git a/roles/copr_hypervisor_aarch64/files/upload-disk b/roles/copr_hypervisor_aarch64/files/upload-disk
new file mode 100755
index 0000000000..ee115b12ac
--- /dev/null
+++ b/roles/copr_hypervisor_aarch64/files/upload-disk
@@ -0,0 +1,24 @@
+#! /bin/sh -x
+
+die() { echo >&2 "$*" ; exit 1 ; }
+image=$1
+
+volume=copr-builder
+pool=images
+backup_volume=copr-builder-$(date +"%Y%m%d_%H%M%S")
+
+connections='
+    qemu:///system
+    qemu+ssh://copr@virthost-aarch64-os02.fedorainfracloud.org/system
+'
+
+export VIRSH_DEFAULT_CONNECT_URI=
+
+test -n "$image" || die "first argument (image) required"
+test -f "$image" || die "image $image not found"
+
+for connection in $connections; do
+    export VIRSH_DEFAULT_CONNECT_URI=$connection
+    virsh vol-clone "$volume" "$backup_volume" --pool "$pool"
+    virsh vol-upload "$volume" --sparse --pool "$pool" "$image"
+done
diff --git a/roles/copr_hypervisor_aarch64/tasks/main.yml b/roles/copr_hypervisor_aarch64/tasks/main.yml
new file mode 100644
index 0000000000..a3d692c74d
--- /dev/null
+++ b/roles/copr_hypervisor_aarch64/tasks/main.yml
@@ -0,0 +1,49 @@
+## Note that this is mostly for documentation purposes;  nobody executed
+## this playbook so far (all was setup manually, and I wouldn't probably
+## have rights to do execute this)
+
+- name: assure that copr-be can ssh there as copr@...
+  authorized_key: user=copr key="{{ item }}"
+  with_file:
+  - "provision/files/buildsys.pub"
+
+# todo: generate it's own key
+- name: make sure hostA can ssh to hostB
+  copy:
+    src: "{{ private }}/files/copr/buildsys.priv"
+    dest: /home/copr/.ssh/id_rsa
+    owner: copr
+    group: copr
+    mode: 0600
+
+- name: "check that 'images' pool exists"
+  shell: virsh --connect=qemu:///system pool-list
+  register: images_pool_check
+  changed_when:
+  - images_pool_check.rc == 0
+  - '" images " not in images_pool_check.stdout'
+  failed_when:
+  - images_pool_check.rc != 0
+
+- name: "create 'images' pool"
+  shell: \
+      virsh --connect=qemu:///system pool-define-as --name images --target /var/lib/libvirt/images --type dir --help
+      virsh --connect=qemu:///system pool-autostart images
+      virsh --connect=qemu:///system pool-start images
+  when: images_pool_check.changed
+
+- name: create directory image management
+  file:
+    path=/home/copr/vm-manage
+    owner=copr
+    group=copr
+    state=directory
+
+- name: copy the helper scripts
+  copy:
+      src={{ item }}
+      dest=/home/copr/vm-manage/{{ item }}
+  with_items:
+  - builder-repositories.repo
+  - prepare-disk
+  - upload-disk