From ad3d1a3a5431188f2627546ebb82637f3e5ef11d Mon Sep 17 00:00:00 2001
From: Jakub Kadlcik <frostyx@email.cz>
Date: Tue, 29 Oct 2024 18:16:48 +0100
Subject: [PATCH] copr-backend: configure an access to a Pulp instance

---
 roles/copr/backend/tasks/main.yml          |  6 ++++
 roles/copr/backend/tasks/pulp.yml          | 33 ++++++++++++++++++++++
 roles/copr/backend/templates/pulp-cli.toml | 29 +++++++++++++++++++
 3 files changed, 68 insertions(+)
 create mode 100644 roles/copr/backend/tasks/pulp.yml
 create mode 100644 roles/copr/backend/templates/pulp-cli.toml

diff --git a/roles/copr/backend/tasks/main.yml b/roles/copr/backend/tasks/main.yml
index 7939456a37..7388b81eef 100644
--- a/roles/copr/backend/tasks/main.yml
+++ b/roles/copr/backend/tasks/main.yml
@@ -371,6 +371,12 @@
   - config
   - aws_config
 
+- name: setup Pulp
+  import_tasks: "pulp.yml"
+  tags:
+  - config
+  - pulp
+
 - name: copr-ping-account
   import_tasks: copr-ping.yml
   tags: copr_ping
diff --git a/roles/copr/backend/tasks/pulp.yml b/roles/copr/backend/tasks/pulp.yml
new file mode 100644
index 0000000000..18d79ad5ad
--- /dev/null
+++ b/roles/copr/backend/tasks/pulp.yml
@@ -0,0 +1,33 @@
+---
+# We don't rely on the pulp-cli tool but it will be helpful for operations
+# The package is available only on F40+
+# - name: install pulp-cli
+#   dnf: state=present name=pulp-cli
+
+- name: Create pulp config directory
+  file:
+    state: directory
+    path: /home/copr/.config/pulp/
+    owner: copr
+    group: copr
+    mode: 0700
+
+- name: Install Pulp auth certificates
+  copy:
+    src: "{{ private }}/files/copr/pulp/{{ name }}"
+    dest: "/home/copr/.config/pulp/"
+    owner: copr
+    group: copr
+    mode: 0600
+  with_items:
+  - copr-pulp-prod.crt
+  - copr-pulp-prod.key
+  when: env == "production"
+
+- name: Install Pulp config file
+  template:
+    src: pulp-cli.toml
+    dest: "{{ item.homedir }}/.aws/config"
+    owner: copr
+    group: copr
+    mode: 0600
diff --git a/roles/copr/backend/templates/pulp-cli.toml b/roles/copr/backend/templates/pulp-cli.toml
new file mode 100644
index 0000000000..c4133f8455
--- /dev/null
+++ b/roles/copr/backend/templates/pulp-cli.toml
@@ -0,0 +1,29 @@
+{% if env == "production" %}
+[cli]
+base_url = "https://mtls.internal.console.redhat.com"
+api_root = "/api/pulp/"
+username = ""
+password = ""
+domain = "public-copr"
+cert = "/home/copr/.config/pulp/copr-pulp-prod.crt"
+key = "/home/copr/.config/pulp/copr-pulp-prod.key"
+verify_ssl = true
+format = "json"
+dry_run = false
+timeout = 0
+verbose = 0
+{% else %}
+[cli]
+base_url = "https://pulp.stage.devshift.net"
+api_root = "/api/pulp/"
+username = "copr"
+password = "TODO"
+domain = "copr"
+cert = ""
+key = ""
+verify_ssl = false
+format = "json"
+dry_run = false
+timeout = 0
+verbose = 0
+{% endif %}