diff --git a/playbooks/groups/bkernel.yml b/playbooks/groups/bkernel.yml index 0d0ce58017..663f6ef836 100644 --- a/playbooks/groups/bkernel.yml +++ b/playbooks/groups/bkernel.yml @@ -14,9 +14,9 @@ roles: - base + - koji_builder tasks: - - include: "{{ tasks }}/koji/base_builder.yml" - include: "{{ tasks }}/koji/builder_kernel_config.yml" - include: "{{ tasks }}/koji/bkernel-setup.yml" diff --git a/playbooks/groups/buildhw.yml b/playbooks/groups/buildhw.yml index c15f185e47..ec756b50b1 100644 --- a/playbooks/groups/buildhw.yml +++ b/playbooks/groups/buildhw.yml @@ -15,18 +15,15 @@ roles: - base + - koji_builder tasks: - include: "{{ tasks }}/yumrepos.yml" - include: "{{ tasks }}/hosts.yml" - - include: "{{ tasks }}/koji/base_builder.yml" handlers: - include: "{{ handlers }}/restart_services.yml" - - name: restart kojid - action: service name=kojid state=restarted - - name: make koji builder(s) on raw hw hosts: buildhw user: root @@ -47,6 +44,3 @@ handlers: - include: "{{ handlers }}/restart_services.yml" - - - name: restart kojid - action: service name=kojid state=restarted diff --git a/playbooks/groups/buildvm.yml b/playbooks/groups/buildvm.yml index ad4f6cb8bb..a6aff106fc 100644 --- a/playbooks/groups/buildvm.yml +++ b/playbooks/groups/buildvm.yml @@ -33,15 +33,12 @@ roles: - base + - koji_builder tasks: - include: "{{ tasks }}/hosts.yml" - include: "{{ tasks }}/yumrepos.yml" - - include: "{{ tasks }}/koji/base_builder.yml" - include: "{{ tasks }}/koji/builder_kernel_config.yml" handlers: - include: "{{ handlers }}/restart_services.yml" - - - name: restart kojid - action: service name=kojid state=restarted diff --git a/files/kojibuilder/arm-koji.conf b/roles/koji_builder/files/arm-koji.conf similarity index 100% rename from files/kojibuilder/arm-koji.conf rename to roles/koji_builder/files/arm-koji.conf diff --git a/files/kojibuilder/arm-kojid.conf b/roles/koji_builder/files/arm-kojid.conf similarity index 100% rename from files/kojibuilder/arm-kojid.conf rename to roles/koji_builder/files/arm-kojid.conf diff --git a/files/kojibuilder/builder-infrastructure.repo b/roles/koji_builder/files/builder-infrastructure.repo similarity index 100% rename from files/kojibuilder/builder-infrastructure.repo rename to roles/koji_builder/files/builder-infrastructure.repo diff --git a/files/kojibuilder/builders/bkernel-eth0-network b/roles/koji_builder/files/builders/bkernel-eth0-network similarity index 100% rename from files/kojibuilder/builders/bkernel-eth0-network rename to roles/koji_builder/files/builders/bkernel-eth0-network diff --git a/files/kojibuilder/builders/bkernel-site-defaults.cfg b/roles/koji_builder/files/builders/bkernel-site-defaults.cfg similarity index 100% rename from files/kojibuilder/builders/bkernel-site-defaults.cfg rename to roles/koji_builder/files/builders/bkernel-site-defaults.cfg diff --git a/files/kojibuilder/builders/fedora-branched-pungi-armhfp.cfg b/roles/koji_builder/files/builders/fedora-branched-pungi-armhfp.cfg similarity index 100% rename from files/kojibuilder/builders/fedora-branched-pungi-armhfp.cfg rename to roles/koji_builder/files/builders/fedora-branched-pungi-armhfp.cfg diff --git a/files/kojibuilder/builders/fedora-branched-pungi-i386.cfg b/roles/koji_builder/files/builders/fedora-branched-pungi-i386.cfg similarity index 100% rename from files/kojibuilder/builders/fedora-branched-pungi-i386.cfg rename to roles/koji_builder/files/builders/fedora-branched-pungi-i386.cfg diff --git a/files/kojibuilder/builders/fedora-branched-pungi-x86_64.cfg b/roles/koji_builder/files/builders/fedora-branched-pungi-x86_64.cfg similarity index 100% rename from files/kojibuilder/builders/fedora-branched-pungi-x86_64.cfg rename to roles/koji_builder/files/builders/fedora-branched-pungi-x86_64.cfg diff --git a/files/kojibuilder/builders/fedora-rawhide-pungi-armhfp.cfg b/roles/koji_builder/files/builders/fedora-rawhide-pungi-armhfp.cfg similarity index 100% rename from files/kojibuilder/builders/fedora-rawhide-pungi-armhfp.cfg rename to roles/koji_builder/files/builders/fedora-rawhide-pungi-armhfp.cfg diff --git a/files/kojibuilder/builders/fedora-rawhide-pungi-i386.cfg b/roles/koji_builder/files/builders/fedora-rawhide-pungi-i386.cfg similarity index 100% rename from files/kojibuilder/builders/fedora-rawhide-pungi-i386.cfg rename to roles/koji_builder/files/builders/fedora-rawhide-pungi-i386.cfg diff --git a/files/kojibuilder/builders/fedora-rawhide-pungi-x86_64.cfg b/roles/koji_builder/files/builders/fedora-rawhide-pungi-x86_64.cfg similarity index 100% rename from files/kojibuilder/builders/fedora-rawhide-pungi-x86_64.cfg rename to roles/koji_builder/files/builders/fedora-rawhide-pungi-x86_64.cfg diff --git a/files/kojibuilder/builders/site-defaults.cfg b/roles/koji_builder/files/builders/site-defaults.cfg similarity index 100% rename from files/kojibuilder/builders/site-defaults.cfg rename to roles/koji_builder/files/builders/site-defaults.cfg diff --git a/files/kojibuilder/ftbfs_auth_keys b/roles/koji_builder/files/ftbfs_auth_keys similarity index 100% rename from files/kojibuilder/ftbfs_auth_keys rename to roles/koji_builder/files/ftbfs_auth_keys diff --git a/files/kojibuilder/history_off.sh b/roles/koji_builder/files/history_off.sh similarity index 100% rename from files/kojibuilder/history_off.sh rename to roles/koji_builder/files/history_off.sh diff --git a/files/kojibuilder/idmapd.conf b/roles/koji_builder/files/idmapd.conf similarity index 100% rename from files/kojibuilder/idmapd.conf rename to roles/koji_builder/files/idmapd.conf diff --git a/files/kojibuilder/koji.conf b/roles/koji_builder/files/koji.conf similarity index 100% rename from files/kojibuilder/koji.conf rename to roles/koji_builder/files/koji.conf diff --git a/files/kojibuilder/kojid.conf b/roles/koji_builder/files/kojid.conf similarity index 100% rename from files/kojibuilder/kojid.conf rename to roles/koji_builder/files/kojid.conf diff --git a/files/kojibuilder/limits.conf b/roles/koji_builder/files/limits.conf similarity index 100% rename from files/kojibuilder/limits.conf rename to roles/koji_builder/files/limits.conf diff --git a/files/kojibuilder/mock_auth_keys b/roles/koji_builder/files/mock_auth_keys similarity index 100% rename from files/kojibuilder/mock_auth_keys rename to roles/koji_builder/files/mock_auth_keys diff --git a/files/kojibuilder/root_auth_keys b/roles/koji_builder/files/root_auth_keys similarity index 100% rename from files/kojibuilder/root_auth_keys rename to roles/koji_builder/files/root_auth_keys diff --git a/files/kojibuilder/route-eth1 b/roles/koji_builder/files/route-eth1 similarity index 100% rename from files/kojibuilder/route-eth1 rename to roles/koji_builder/files/route-eth1 diff --git a/roles/koji_builder/tasks/main.yml b/roles/koji_builder/tasks/main.yml new file mode 100644 index 0000000000..faaa6cc6e7 --- /dev/null +++ b/roles/koji_builder/tasks/main.yml @@ -0,0 +1,146 @@ +# +# This is a base koji_builder role. +# +- name: set root passwd + user: name=root password={{ builder_rootpw }} state=present + +- name: add mock user as 425 + used: name=mock uid=425 state=present home=/var/lib/mock createhome=yes system=yes + +- name: make mock homedir perms + file: state=directory path=/var/lib/mock mode=2775 owner=root group=mock + +- name: add mock ssh dir + file: state=directory path=/var/lib/mock/.ssh mode=700 owner=mock group=mock + +- name: add mock ssh keys + copy: src=mock_auth_keys dest=/var/lib/mock/.ssh/authorized_keys mode=640 owner=mock group=mock + +- name: add kojibuilder + user: name=kojibuilder groups=mock + +- name: add mockbuilder + user: name=mockbuilder groups=mock + +- name: mockbuilder .ssh dir + file: state=directory path=/home/mockbuilder/.ssh mode=700 owner=mockbuilder group=mockbuilder + +- name: mockbuilder ssh key + copy: src=ftbfs_auth_keys dest=/home/mockbuilder/.ssh/authorized_keys mode=644 owner=mockbuilder group=mockbuilder + +- name: make a bunch of dirs + file: state=directory path={{ item }} + with_items: + - /pub + - /mnt/fedora_koji + - /pub/fedora + - /pub/epel + +- name: add builder infra yum repo + copy: src=builder-infrastructure.repo dest=/etc/yum.repos.d/builder-infrastructure.repo + +- name: clean up packages we do not need + yum: state=removed pkg={{ item }} + with_items: + - 'cronie\*' + +- name: add pkgs + yum: state=installed pkg={{ item }} + with_items: + - yum-utils + - koji-builder + - strace + - mock + - nfs-utils + - kernel-firmware + - ntp + - ntpdate + - rsyslog + - audit + +- name: /etc/kojid/kojid.conf + copy: src=kojid.conf dest=/etc/kojid/kojid.conf + when: not inventory_hostname.startswith(('arm01','arm03')) + notify: + - restart kojid + +- name: arm /etc/kojid/kojid.conf + copy: src=arm-kojid.conf dest=/etc/kojid/kojid.conf + when: inventory_hostname.startswith(('arm01','arm03')) + notify: + - restart kojid + +- name: /etc/koji/koji.conf + copy: src=koji.conf dest=/etc/koji.conf + when: not inventory_hostname.startswith(('arm01','arm03')) + +- name: /etc/koji/koji.conf + copy: src=arm-koji.conf dest=/etc/koji.conf + when: inventory_hostname.startswith(('arm01','arm03')) + +- name: copy over koji ca cert + copy: src="{{ private }}/files/koji/buildercerts/fedora-ca.cert" dest=/etc/kojid/cacert.pem + +- name: copy over /etc/security/limits.conf + copy: src=limits.conf dest=/etc/security/limits.conf + +- name: copy over builder cert to /etc/kojid/kojibuilder.pem + copy: src="{{ private }}/files/koji/buildercerts/{{ inventory_hostname }}.pem" dest=/etc/kojid/kojibuilder.pem mode=600 + +# idmapd and make sure it's set to run +- name: idmapd.conf + copy: src=idmapd.conf dest=/etc/idmapd.conf + tags: + - configs + +- name: route config for netapp network + copy: src=route-eth1 dest=/etc/sysconfig/network-scripts/route-eth1 + +- name: check for netapp route + command: ip route show + register: netapproute + always_run: yes + changed_when: "1 != 1" + +- name: run netapp route + command: /etc/sysconfig/network-scripts/ifup-routes eth1 + when: netapproute.stdout.find("10.5.88.0") == -1 + +- name: nfs mount points + mount: name=/mnt/fedora_koji src=vtap-fedora-nfs01.storage.phx2.redhat.com:/vol/fedora_koji fstype=nfs opts=ro,hard,bg,intr,noatime,nodev,nosuid passno=0 dump=0 state=mounted + when: inventory_hostname.startswith('build') + +- name: make a mnt/koji link + file: state=link src=/mnt/fedora_koji/koji dest=/mnt/koji + when: inventory_hostname.startswith('build') + +# mock configs for pungify job +- name: put extra special mock configs in + copy: src=builders/{{ item }} dest="/etc/mock/{{ item }}" mode=644 + with_items: + - fedora-branched-pungi-armhfp.cfg + - fedora-branched-pungi-i386.cfg + - fedora-branched-pungi-x86_64.cfg + - fedora-rawhide-pungi-i386.cfg + - fedora-rawhide-pungi-x86_64.cfg + - fedora-rawhide-pungi-armhfp.cfg + +- name: mock site-defaults.cfg + copy: src=builders/site-defaults.cfg dest=/etc/mock/site-defaults.cfg mode=0644 owner=root group=mock + when: not inventory_hostname.startswith('bkernel') + +- name: ntp steptickers + copy: src="{{ files }}/common/step-tickers" dest=/etc/ntp/step-tickers + +- name: ntp.conf + copy: src="{{ files }}/common/ntp.conf" dest=/etc/ntp.conf + +- name: enable services and start them + service: name={{ item }} enabled=true state=started + with_items: + - iptables + - kojid + - ntpd + - nfs-lock + - nfs-idmap + - nfs-mountd diff --git a/tasks/koji/base_builder.yml b/tasks/koji/base_builder.yml deleted file mode 100644 index dd649a2614..0000000000 --- a/tasks/koji/base_builder.yml +++ /dev/null @@ -1,147 +0,0 @@ -- name: set root passwd - action: user name=root password={{ builder_rootpw }} state=present - -- name: add mock user as 425 - action: user name=mock uid=425 state=present home=/var/lib/mock createhome=yes system=yes - -- name: make mock homedir perms - action: file state=directory path=/var/lib/mock mode=2775 owner=root group=mock - -- name: add mock ssh dir - action: file state=directory path=/var/lib/mock/.ssh mode=700 owner=mock group=mock - -- name: add mock ssh keys - action: copy src="{{ files }}/kojibuilder/mock_auth_keys" dest=/var/lib/mock/.ssh/authorized_keys mode=640 owner=mock group=mock - -- name: add kojibuilder - action: user name=kojibuilder groups=mock - -- name: add mockbuilder - action: user name=mockbuilder groups=mock - -- name: mockbuilder .ssh dir - action: file state=directory path=/home/mockbuilder/.ssh mode=700 owner=mockbuilder group=mockbuilder - -- name: mockbuilder ssh key - action: copy src="{{ files }}/kojibuilder/ftbfs_auth_keys" dest=/home/mockbuilder/.ssh/authorized_keys mode=644 owner=mockbuilder group=mockbuilder - -- name: make a bunch of dirs - action: file state=directory path={{ item }} - with_items: - - /pub - - /mnt/fedora_koji - - /pub/fedora - - /pub/epel - - /var/spool/rsyslog - -- name: add builder infra yum repo - action: copy src="{{ files }}/kojibuilder/builder-infrastructure.repo" dest=/etc/yum.repos.d/builder-infrastructure.repo - -- name: clean up packages we do not need - action: yum state=removed pkg={{ item }} - with_items: - - 'cronie\*' - -- name: add pkgs - action: yum state=installed pkg={{ item }} - with_items: - - yum-utils - - koji-builder - - strace - - mock - - nfs-utils - - kernel-firmware - - ntp - - ntpdate - - rsyslog - - audit - -- name: /etc/kojid/kojid.conf - action: copy src="{{ files }}/kojibuilder/kojid.conf" dest=/etc/kojid/kojid.conf - when: not inventory_hostname.startswith(('arm01','arm03')) - notify: - - restart kojid - -- name: arm /etc/kojid/kojid.conf - action: copy src="{{ files }}/kojibuilder/arm-kojid.conf" dest=/etc/kojid/kojid.conf - when: inventory_hostname.startswith(('arm01','arm03')) - notify: - - restart kojid - -- name: /etc/koji/koji.conf - action: copy src="{{ files }}/kojibuilder/koji.conf" dest=/etc/koji.conf - when: not inventory_hostname.startswith(('arm01','arm03')) - -- name: /etc/koji/koji.conf - action: copy src="{{ files }}/kojibuilder/arm-koji.conf" dest=/etc/koji.conf - when: inventory_hostname.startswith(('arm01','arm03')) - -- name: copy over koji ca cert - action: copy src="{{ private }}/files/koji/buildercerts/fedora-ca.cert" dest=/etc/kojid/cacert.pem - -- name: copy over /etc/security/limits.conf - action: copy src="{{ files }}/kojibuilder/limits.conf" dest=/etc/security/limits.conf - -- name: copy over builder cert to /etc/kojid/kojibuilder.pem - action: copy src="{{ private }}/files/koji/buildercerts/{{ inventory_hostname }}.pem" dest=/etc/kojid/kojibuilder.pem mode=600 - -- name: chkconfig kojid on and leave it running - action: service name=kojid enabled=on state=started - -# idmapd and make sure it's set to run -- name: idmapd.conf - action: copy src="{{ files }}/kojibuilder/idmapd.conf" dest=/etc/idmapd.conf - tags: - - configs -- name: enable nfs-related services and run them - action: service name={{ item }} enabled=true state=started - with_items: - - nfs-lock - - nfs-idmap - - nfs-mountd - -- name: route config for netapp network - action: copy src="{{ files }}/kojibuilder/route-eth1" dest=/etc/sysconfig/network-scripts/route-eth1 - -- name: check for netapp route - command: ip route show - register: netapproute - always_run: yes - changed_when: "1 != 1" - -- name: run netapp route - command: /etc/sysconfig/network-scripts/ifup-routes eth1 - when: netapproute.stdout.find("10.5.88.0") == -1 - -- name: nfs mount points - action: mount name=/mnt/fedora_koji src=vtap-fedora-nfs01.storage.phx2.redhat.com:/vol/fedora_koji fstype=nfs opts=ro,hard,bg,intr,noatime,nodev,nosuid passno=0 dump=0 state=mounted - when: inventory_hostname.startswith('build') - -- name: make a mnt/koji link - action: file state=link src=/mnt/fedora_koji/koji dest=/mnt/koji - when: inventory_hostname.startswith('build') - -# mock configs for pungify job -# TODO: restore this to "copy:", this is a temporary "fix" for https://github.com/ansible/ansible/issues/4377 -- name: put extra special mock configs in - template: src="{{ files }}/kojibuilder/builders/{{ item }}" dest="/etc/mock/{{ item }}" mode=644 - with_items: - - fedora-branched-pungi-armhfp.cfg - - fedora-branched-pungi-i386.cfg - - fedora-branched-pungi-x86_64.cfg - - fedora-rawhide-pungi-i386.cfg - - fedora-rawhide-pungi-x86_64.cfg - - fedora-rawhide-pungi-armhfp.cfg - -- name: mock site-defaults.cfg - action: copy src="{{ files }}/kojibuilder/builders/site-defaults.cfg" dest=/etc/mock/site-defaults.cfg mode=0644 owner=root group=mock - when: not inventory_hostname.startswith('bkernel') - -- name: ntp steptickers - action: copy src="{{ files }}/common/step-tickers" dest=/etc/ntp/step-tickers - -- name: ntp.conf - action: copy src="{{ files }}/common/ntp.conf" dest=/etc/ntp.conf - -- name: enable ntpd - action: service name=ntpd enabled=true state=started