copr-builder: cleanup provision scripts
- add copr_builder_fedora_version variable, because production sometimes differs from devel for a short period of time - drop the epel-8 -> centos-stream+epel-8 links, this is now done all against RHEL - katello hack package is not in s390x images anymore, since we generate the images by 'copr-image', not by IBM Cloud snapshots - kernel-core is now fixed for aws builders, update it as well as other packages when updating the image - don't install subscription-manager when spawning builder, it is already available from image preparation time - copr-rh-subscribe.sh script is also prepare_base_image only - we don't modify /etc/copr-rpmbuild/mock.cfg.j2 for quite some time, drop the hack - the /usr/bin/copr-update-builder is fixed upstream, drop the lineinfile hack - epel-8 configs are installed via files/mock/epel now - no need to touch /etc/rpkg.conf nowadays on f35 - prepare mockbuilder user only when preparing image, not spawning - disable coredumps only when preparing the image - disable services only when preparing the image - don't update rubygem-gem2rpm all the time, on F35 we have new enough version - the /etc/copr-rpmbuild/rpkg.conf.j2 is to be kept as is on F35
This commit is contained in:
Pavel Raiskup
parent
8ebc8d97bc
commit
7fbfb87a1c
8 changed files with 49 additions and 36 deletions
|
|
@ -45,6 +45,9 @@ copr_aws_region: us-east-1
|
||||||
|
|
||||||
# eth0, eth1
|
# eth0, eth1
|
||||||
copr_backend_ips: ["52.44.175.77", "172.30.2.203"]
|
copr_backend_ips: ["52.44.175.77", "172.30.2.203"]
|
||||||
|
|
||||||
|
copr_builder_fedora_version: 34
|
||||||
|
|
||||||
copr_builder_images:
|
copr_builder_images:
|
||||||
aws:
|
aws:
|
||||||
aarch64: ami-068c2760406b9e3c9
|
aarch64: ami-068c2760406b9e3c9
|
||||||
|
|
|
||||||
|
|
@ -44,6 +44,9 @@ copr_aws_region: us-east-1
|
||||||
|
|
||||||
# eth0, eth1
|
# eth0, eth1
|
||||||
copr_backend_ips: ["18.208.10.131", "172.30.2.207"]
|
copr_backend_ips: ["18.208.10.131", "172.30.2.207"]
|
||||||
|
|
||||||
|
copr_builder_fedora_version: 35
|
||||||
|
|
||||||
copr_builder_images:
|
copr_builder_images:
|
||||||
aws:
|
aws:
|
||||||
aarch64: ami-090ab561fdd57643e
|
aarch64: ami-090ab561fdd57643e
|
||||||
|
|
|
||||||
|
|
@ -1 +1 @@
|
||||||
/etc/mock/centos+epel-8-aarch64.cfg
|
/etc/mock/rhel+epel-8-aarch64.cfg
|
||||||
|
|
@ -1 +1 @@
|
||||||
/etc/mock/centos+epel-8-ppc64le.cfg
|
/etc/mock/rhel+epel-8-ppc64le.cfg
|
||||||
1
roles/copr/backend/files/provision/files/mock/epel-8-s390x.cfg
Symbolic link
1
roles/copr/backend/files/provision/files/mock/epel-8-s390x.cfg
Symbolic link
|
|
@ -0,0 +1 @@
|
||||||
|
/etc/mock/rhel+epel-8-s390x.cfg
|
||||||
|
|
@ -1 +1 @@
|
||||||
/etc/mock/centos+epel-8-x86_64.cfg
|
/etc/mock/rhel+epel-8-x86_64.cfg
|
||||||
|
|
@ -1,10 +1,12 @@
|
||||||
---
|
---
|
||||||
|
# TODO: Drop this entirely once we are on F35+
|
||||||
- name: remove the hackish package breaking s390x subscriptions
|
- name: remove the hackish package breaking s390x subscriptions
|
||||||
shell:
|
shell:
|
||||||
cmd: rpm -evh `rpm -qa | grep katello-` ; subscription-manager clean
|
cmd: rpm -evh `rpm -qa | grep katello-` ; subscription-manager clean
|
||||||
when:
|
when:
|
||||||
- prepare_base_image is not defined
|
- prepare_base_image is not defined
|
||||||
- "'s390x' in lookup('env', 'RESALLOC_NAME')"
|
- "'s390x' in lookup('env', 'RESALLOC_NAME')"
|
||||||
|
- copr_builder_fedora_version == 34
|
||||||
|
|
||||||
- name: setup the hostname so we can easily identify the box
|
- name: setup the hostname so we can easily identify the box
|
||||||
hostname: name="{{ lookup('env', 'RESALLOC_NAME') | default('unknown-builder') | replace('_', '-') }}"
|
hostname: name="{{ lookup('env', 'RESALLOC_NAME') | default('unknown-builder') | replace('_', '-') }}"
|
||||||
|
|
@ -19,7 +21,7 @@
|
||||||
copy: src=files/dnf/infra-tags-stg.repo dest=/etc/yum.repos.d
|
copy: src=files/dnf/infra-tags-stg.repo dest=/etc/yum.repos.d
|
||||||
when:
|
when:
|
||||||
- devel
|
- devel
|
||||||
- not prepare_base_image is defined
|
- prepare_base_image is not defined
|
||||||
|
|
||||||
- name: disable updates-testing
|
- name: disable updates-testing
|
||||||
file:
|
file:
|
||||||
|
|
@ -30,8 +32,6 @@
|
||||||
dnf:
|
dnf:
|
||||||
state: latest
|
state: latest
|
||||||
name: "*"
|
name: "*"
|
||||||
exclude:
|
|
||||||
- kernel-core # https://bugzilla.redhat.com/show_bug.cgi?id=2013183
|
|
||||||
when: prepare_base_image is defined
|
when: prepare_base_image is defined
|
||||||
register: system_updated
|
register: system_updated
|
||||||
|
|
||||||
|
|
@ -51,7 +51,7 @@
|
||||||
# - devel
|
# - devel
|
||||||
# - prepare_base_image is not defined
|
# - prepare_base_image is not defined
|
||||||
|
|
||||||
- name: clean dnf cache
|
- name: clean dnf cache before checking for updated packages
|
||||||
shell: dnf clean all
|
shell: dnf clean all
|
||||||
when:
|
when:
|
||||||
- prepare_base_image is defined
|
- prepare_base_image is defined
|
||||||
|
|
@ -77,20 +77,29 @@
|
||||||
failed_when: false
|
failed_when: false
|
||||||
when: prepare_base_image is defined
|
when: prepare_base_image is defined
|
||||||
|
|
||||||
|
# TODO: Drop this entirely once we are on F35+
|
||||||
- package_facts: manager=auto
|
- package_facts: manager=auto
|
||||||
|
when:
|
||||||
|
- copr_builder_fedora_version == 34
|
||||||
|
|
||||||
|
# TODO: Drop this entirely once we are on F35+
|
||||||
- name: install subscription-manager
|
- name: install subscription-manager
|
||||||
package: name=subscription-manager state=present
|
package: name=subscription-manager state=present
|
||||||
# TODO: we should use 'when: prepare_base_image is defined' instead, but a new
|
# TODO: we should use 'when: prepare_base_image is defined' instead, but a new
|
||||||
# set of builder images needs to be generated first so the image contains the
|
# set of builder images needs to be generated first so the image contains the
|
||||||
# subscription-manager by default.
|
# subscription-manager by default.
|
||||||
when: "'subscription-manager' not in ansible_facts.packages"
|
when:
|
||||||
|
- copr_builder_fedora_version == 34
|
||||||
|
- "'subscription-manager' not in ansible_facts.packages"
|
||||||
|
|
||||||
|
# TODO: Fix this once we are on F35+. This should be prepare_base_image only.
|
||||||
- name: install the subscription-manager script
|
- name: install the subscription-manager script
|
||||||
copy:
|
copy:
|
||||||
src: copr-rh-subscribe.sh
|
src: copr-rh-subscribe.sh
|
||||||
dest: /usr/local/bin/copr-rh-subscribe.sh
|
dest: /usr/local/bin/copr-rh-subscribe.sh
|
||||||
mode: 0755
|
mode: 0755
|
||||||
|
when:
|
||||||
|
- copr_builder_fedora_version == 34 or prepare_base_image is defined
|
||||||
|
|
||||||
- name: Activate Red Hat Subscription
|
- name: Activate Red Hat Subscription
|
||||||
shell:
|
shell:
|
||||||
|
|
@ -109,14 +118,6 @@
|
||||||
packages:
|
packages:
|
||||||
- copr-builder
|
- copr-builder
|
||||||
|
|
||||||
- name: stat /etc/copr-rpmbuild/mock.cfg.j2.rpmnew
|
|
||||||
stat: path=/etc/copr-rpmbuild/mock.cfg.j2.rpmnew
|
|
||||||
register: mock_cfg_new
|
|
||||||
|
|
||||||
- name: restore mock.cfg.j2 from package contents
|
|
||||||
shell: mv -f /etc/copr-rpmbuild/mock.cfg.j2.rpmnew /etc/copr-rpmbuild/mock.cfg.j2
|
|
||||||
when: mock_cfg_new.stat.exists
|
|
||||||
|
|
||||||
- name: put updated mock configs into /etc/mock
|
- name: put updated mock configs into /etc/mock
|
||||||
copy: src=files/mock/ dest=/etc/copr-rpmbuild/mock-config-overrides
|
copy: src=files/mock/ dest=/etc/copr-rpmbuild/mock-config-overrides
|
||||||
# conditional, per https://pagure.io/copr/copr/issue/1189 - as we don't want
|
# conditional, per https://pagure.io/copr/copr/issue/1189 - as we don't want
|
||||||
|
|
@ -124,10 +125,6 @@
|
||||||
when:
|
when:
|
||||||
- prepare_base_image is not defined
|
- prepare_base_image is not defined
|
||||||
|
|
||||||
- name: don't remove rpmnew files, but always use them
|
|
||||||
lineinfile: state=absent regexp='^find /etc/mock.*-delete'
|
|
||||||
path=/usr/bin/copr-update-builder
|
|
||||||
|
|
||||||
- name: run /bin/copr-update-builder from copr-builder package
|
- name: run /bin/copr-update-builder from copr-builder package
|
||||||
shell: /usr/bin/copr-update-builder
|
shell: /usr/bin/copr-update-builder
|
||||||
|
|
||||||
|
|
@ -143,20 +140,6 @@
|
||||||
# shell: /usr/bin/copr-update-builder
|
# shell: /usr/bin/copr-update-builder
|
||||||
# when: mock_updated.changed
|
# when: mock_updated.changed
|
||||||
|
|
||||||
- name: "Link Mock EPEL 8 configs to rhel+epel-8"
|
|
||||||
file:
|
|
||||||
src: "/etc/mock/rhel+epel-8-{{ item }}.cfg"
|
|
||||||
force: true
|
|
||||||
path: "/etc/mock/epel-8-{{ item }}.cfg"
|
|
||||||
state: link
|
|
||||||
loop:
|
|
||||||
- x86_64
|
|
||||||
- aarch64
|
|
||||||
- ppc64le
|
|
||||||
- s390x
|
|
||||||
tags:
|
|
||||||
- provision_config
|
|
||||||
|
|
||||||
- name: put copr-rpmbuild configuration file in the right place
|
- name: put copr-rpmbuild configuration file in the right place
|
||||||
copy: src=files/main.ini dest=/etc/copr-rpmbuild/main.ini
|
copy: src=files/main.ini dest=/etc/copr-rpmbuild/main.ini
|
||||||
|
|
||||||
|
|
@ -166,18 +149,27 @@
|
||||||
copy: src=files/rpkg.conf dest=/etc/rpkg.conf
|
copy: src=files/rpkg.conf dest=/etc/rpkg.conf
|
||||||
when:
|
when:
|
||||||
- prepare_base_image is not defined
|
- prepare_base_image is not defined
|
||||||
|
- copr_builder_fedora_version == 34
|
||||||
|
|
||||||
- name: mockbuilder user
|
- name: mockbuilder user
|
||||||
user: name=mockbuilder groups=mock
|
user: name=mockbuilder groups=mock
|
||||||
|
when:
|
||||||
|
- prepare_base_image is defined
|
||||||
|
|
||||||
- name: mockbuilder .ssh
|
- name: mockbuilder .ssh
|
||||||
file: state=directory path=/home/mockbuilder/.ssh mode=0700 owner=mockbuilder group=mockbuilder
|
file: state=directory path=/home/mockbuilder/.ssh mode=0700 owner=mockbuilder group=mockbuilder
|
||||||
|
when:
|
||||||
|
- prepare_base_image is defined
|
||||||
|
|
||||||
- name: mockbuilder authorized_keys
|
- name: mockbuilder authorized_keys
|
||||||
authorized_key: user=mockbuilder key='{{ lookup('file', 'files/buildsys.pub') }}'
|
authorized_key: user=mockbuilder key='{{ lookup('file', 'files/buildsys.pub') }}'
|
||||||
|
when:
|
||||||
|
- prepare_base_image is defined
|
||||||
|
|
||||||
- name: root authorized_keys
|
- name: root authorized_keys
|
||||||
authorized_key: user=root key='{{ lookup('file', 'files/buildsys.pub') }}'
|
authorized_key: user=root key='{{ lookup('file', 'files/buildsys.pub') }}'
|
||||||
|
when:
|
||||||
|
- prepare_base_image is defined
|
||||||
|
|
||||||
- name: setup 10x more fds in limits.conf
|
- name: setup 10x more fds in limits.conf
|
||||||
copy:
|
copy:
|
||||||
|
|
@ -193,24 +185,32 @@
|
||||||
|
|
||||||
- name: disable core dumps
|
- name: disable core dumps
|
||||||
ini_file: dest=/etc/systemd/coredump.conf section=Coredump option=Storage value=none
|
ini_file: dest=/etc/systemd/coredump.conf section=Coredump option=Storage value=none
|
||||||
|
when:
|
||||||
|
- prepare_base_image is defined
|
||||||
|
|
||||||
- name: 'Remove %_install_langs from /etc/rpm/macros.image-language-conf'
|
- name: 'Remove %_install_langs from /etc/rpm/macros.image-language-conf'
|
||||||
lineinfile:
|
lineinfile:
|
||||||
dest: '/etc/rpm/macros.image-language-conf'
|
dest: '/etc/rpm/macros.image-language-conf'
|
||||||
regexp: '^%_install_lang.*'
|
regexp: '^%_install_lang.*'
|
||||||
state: 'absent'
|
state: 'absent'
|
||||||
|
when:
|
||||||
|
- prepare_base_image is defined
|
||||||
|
|
||||||
- name: Disable DNF makecache timer
|
- name: Disable DNF makecache timer
|
||||||
systemd:
|
systemd:
|
||||||
name: dnf-makecache.timer
|
name: dnf-makecache.timer
|
||||||
state: stopped
|
state: stopped
|
||||||
enabled: no
|
enabled: no
|
||||||
|
when:
|
||||||
|
- prepare_base_image is defined
|
||||||
|
|
||||||
- name: Disable DNF makecache service
|
- name: Disable DNF makecache service
|
||||||
systemd:
|
systemd:
|
||||||
name: dnf-makecache.service
|
name: dnf-makecache.service
|
||||||
state: stopped
|
state: stopped
|
||||||
enabled: no
|
enabled: no
|
||||||
|
when:
|
||||||
|
- prepare_base_image is defined
|
||||||
|
|
||||||
- name: mount cache filesystem on /var/cache/mock
|
- name: mount cache filesystem on /var/cache/mock
|
||||||
mount: path=/var/cache/mock state=mounted src=mock_cache_tmpfs fstype=tmpfs opts="size=32G"
|
mount: path=/var/cache/mock state=mounted src=mock_cache_tmpfs fstype=tmpfs opts="size=32G"
|
||||||
|
|
@ -235,6 +235,8 @@
|
||||||
# copr-rpmbuild package.
|
# copr-rpmbuild package.
|
||||||
- name: Update gem2rpm package to the latest version
|
- name: Update gem2rpm package to the latest version
|
||||||
dnf: state=latest pkg=rubygem-gem2rpm
|
dnf: state=latest pkg=rubygem-gem2rpm
|
||||||
|
when:
|
||||||
|
- copr_builder_fedora_version == 34
|
||||||
|
|
||||||
# We want to drop this change with F35, too.
|
# We want to drop this change with F35, too.
|
||||||
# See https://pagure.io/copr/copr/pull-request/1950
|
# See https://pagure.io/copr/copr/pull-request/1950
|
||||||
|
|
@ -242,7 +244,9 @@
|
||||||
copy: src=files/copr-rpmbuild/rpkg.conf.j2 dest=/etc/copr-rpmbuild/rpkg.conf.j2
|
copy: src=files/copr-rpmbuild/rpkg.conf.j2 dest=/etc/copr-rpmbuild/rpkg.conf.j2
|
||||||
when:
|
when:
|
||||||
- prepare_base_image is not defined
|
- prepare_base_image is not defined
|
||||||
|
- copr_builder_fedora_version == 34
|
||||||
|
|
||||||
|
# Should be dropped once we resolve: https://pagure.io/copr/copr/issue/2015
|
||||||
- name: install the CentOS DistGit config file
|
- name: install the CentOS DistGit config file
|
||||||
copy:
|
copy:
|
||||||
src: files/copr-distgit-client/centos-stream.ini
|
src: files/copr-distgit-client/centos-stream.ini
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,8 @@
|
||||||
---
|
---
|
||||||
devel: {% if devel is defined and devel %}true{% else %}false{% endif %}
|
devel: {% if devel is defined and devel %}true{% else %}false{% endif %}
|
||||||
|
|
||||||
|
copr_builder_fedora_version: {{ copr_builder_fedora_version }}
|
||||||
|
|
||||||
{% if copr_red_hat_subscription_password is defined %}
|
{% if copr_red_hat_subscription_password is defined %}
|
||||||
copr_red_hat_subscription_password: "{{ copr_red_hat_subscription_password }}"
|
copr_red_hat_subscription_password: "{{ copr_red_hat_subscription_password }}"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue