211 lines
7.5 KiB
YAML
211 lines
7.5 KiB
YAML
# Required vars
|
|
# - openqa_workers
|
|
## integer - number of worker instances to create/run
|
|
|
|
# Required vars with defaults
|
|
# - openqa_hostname
|
|
## string - hostname of openQA server to run jobs for
|
|
## default - localhost
|
|
# - openqa_repo
|
|
## string - Repo to enable when updating openQA packages. Set to
|
|
## 'updates-testing' to use packages from updates-testing
|
|
## default - 'updates', which is effectively a no-op
|
|
# - openqa_nfs_worker
|
|
## bool - whether this worker expects to share the factory dir with
|
|
## the server via NFS. If set, the nfs-client task will be
|
|
## run to set up the share. The worker should also be included
|
|
## in the server's openqa_nfs_clients var so it is granted
|
|
## access to the share
|
|
## default - false
|
|
# - openqa_hdds_worker
|
|
## bool - whether this worker creates base disk images for a shared
|
|
## factory dir. There should be only *one* of these per arch
|
|
## per deployment
|
|
## default - false
|
|
# - openqa_tap
|
|
## bool - whether this is the tap- and swtpm-enabled host or not
|
|
## each deployment should have *one* tap-capable worker host
|
|
## default - false
|
|
|
|
# Optional vars
|
|
# - openqa_rngd
|
|
## string - if set to any value, rng-tools package will be
|
|
## installed and rngd.service enabled/started
|
|
# - openqa_worker_class
|
|
## string - custom WORKER_CLASS value for workers.ini
|
|
# - openqa_scratch
|
|
## list - A list of task IDs of scratch builds to install. If set, we
|
|
## will download the scratch build(s) and set up a side repo
|
|
## containing them. We do this because openQA staging is our
|
|
## main platform for testing new openQA releases; we need to
|
|
## be able to run scratch builds to see if a new release is
|
|
## really bad before submitting it as an update, we don't want
|
|
## to send new builds to updates-testing if they have problems
|
|
# - openqa_static_uid
|
|
## int - a static ID for the geekotest group if desired. this is useful
|
|
## for NFS mounting openQA data files. The _openqa_worker user,
|
|
## which os-autoinst runs as, will be added to this group. The
|
|
## idea is that the same group with the same GID exists on the
|
|
## NFS server and is the group of the shared asset directories,
|
|
## so os-autoinst can write to the shared asset directories,
|
|
## which it needs to do when uncompressing compressed disk assets
|
|
|
|
- name: Remove scratch repo directory
|
|
file: path=/var/tmp/scratchrepo state=absent
|
|
|
|
- name: (Re-)create scratch repo directory
|
|
file: path=/var/tmp/scratchrepo state=directory owner=root group=root
|
|
when: "openqa_scratch is defined"
|
|
|
|
- name: Install Koji CLI client and createrepo
|
|
package:
|
|
name: ["koji", "createrepo"]
|
|
state: present
|
|
tags:
|
|
- packages
|
|
when: "openqa_scratch is defined"
|
|
|
|
- name: Download scratch builds
|
|
command: "koji download-task --arch=noarch --arch={{ ansible_architecture }} {{ item }}"
|
|
args:
|
|
chdir: /var/tmp/scratchrepo
|
|
loop: "{{ openqa_scratch|flatten(levels=1) }}"
|
|
when: "openqa_scratch is defined"
|
|
|
|
- name: Write repodata
|
|
command: "createrepo ."
|
|
args:
|
|
chdir: /var/tmp/scratchrepo
|
|
when: "openqa_scratch is defined"
|
|
|
|
- name: Write scratch build repo config
|
|
copy: src=scratchrepo.repo dest=/etc/yum.repos.d/scratchrepo.repo owner=root group=root mode=0644
|
|
when: "openqa_scratch is defined"
|
|
|
|
- name: Delete scratch build repo config
|
|
file: path=/etc/yum.repos.d/scratchrepo.repo state=absent
|
|
when: "openqa_scratch is not defined"
|
|
|
|
- name: Install required packages
|
|
package:
|
|
name: ['openqa-worker', 'os-autoinst']
|
|
state: latest
|
|
enablerepo: "{{ openqa_repo }}"
|
|
notify:
|
|
- restart openqa workers
|
|
tags:
|
|
- packages
|
|
|
|
- name: Install packages used by tests
|
|
package:
|
|
name: ['perl-JSON', 'perl-REST-Client']
|
|
state: latest
|
|
tags:
|
|
- packages
|
|
|
|
- name: Install packages used by ansible plays
|
|
package:
|
|
name: ['python3-libselinux', 'git']
|
|
state: present
|
|
tags:
|
|
- packages
|
|
|
|
- name: Create geekotest group with static GID
|
|
group: "name=geekotest gid={{ openqa_static_uid }} system=yes"
|
|
when: "openqa_static_uid is defined"
|
|
|
|
- name: Add _openqa_worker user to geekotest group
|
|
user: name=_openqa-worker groups=geekotest append=yes
|
|
when: "openqa_static_uid is defined"
|
|
|
|
- name: Install UEFI firmware package (x86_64 only)
|
|
package: name=edk2-ovmf state=present
|
|
tags:
|
|
- packages
|
|
when: "ansible_architecture is defined and ansible_architecture == 'x86_64'"
|
|
|
|
- name: Install UEFI firmware package (aarch64 only)
|
|
package: name=edk2-aarch64 state=present
|
|
tags:
|
|
- packages
|
|
when: "ansible_architecture is defined and ansible_architecture == 'aarch64'"
|
|
|
|
- name: Install arm UEFI firmware package (aarch64 only)
|
|
package: name=edk2-arm state=present
|
|
tags:
|
|
- packages
|
|
when: "ansible_architecture is defined and ansible_architecture == 'aarch64'"
|
|
|
|
- name: Install rng-tools (if specified by openqa_rngd var)
|
|
package: name=rng-tools state=present
|
|
tags:
|
|
- packages
|
|
when: "openqa_rngd is defined and openqa_rngd"
|
|
|
|
- name: Install script to set /dev/kvm perms and disable SMT (ppc64 only)
|
|
copy: src=openqa-ppc64-prep.sh dest=/etc/cron.hourly/openqa-ppc64-prep owner=root group=root mode=0755
|
|
when: "ansible_architecture is defined and ansible_architecture == 'ppc64le'"
|
|
|
|
- name: Install systemd service to run boot script (ppc64 only)
|
|
copy: src=openqa-ppc64-prep.service dest=/etc/systemd/system/openqa-ppc64-prep.service
|
|
when: "ansible_architecture is defined and ansible_architecture == 'ppc64le'"
|
|
register: prepservice
|
|
|
|
- name: Do systemctl daemon-reload to register new service (ppc64 only)
|
|
systemd:
|
|
daemon_reload: yes
|
|
when: "prepservice is defined and prepservice is changed"
|
|
|
|
- name: Enable systemd service to run boot script (ppc64 only)
|
|
service: name=openqa-ppc64-prep enabled=yes state=started
|
|
when: "ansible_architecture is defined and ansible_architecture == 'ppc64le'"
|
|
|
|
- name: Enable rngd.service (if specified by openqa_rngd var)
|
|
service: name=rngd enabled=yes state=started
|
|
when: "openqa_rngd is defined and openqa_rngd"
|
|
|
|
- include_tasks: nfs-client.yml
|
|
when: openqa_nfs_worker|bool
|
|
|
|
- include_tasks: tap-setup.yml
|
|
when: openqa_tap|bool
|
|
|
|
- name: Tell git it's OK for _openqa-worker to run 'git' on the test dir
|
|
command: git config --global --add safe.directory /var/lib/openqa/share/tests/fedora
|
|
become: yes
|
|
become_user: _openqa-worker
|
|
when: openqa_nfs_worker|bool
|
|
|
|
# this is kinda lazy - we could have a separate openqa_swtpm var so we
|
|
# we could potentially separate tap worker hosts from swtpm ones - but
|
|
# it makes workers.ini templating annoyingly awkward (we need way more
|
|
# conditionals to account for four possibilities rather than two) and
|
|
# for now it's fine to just assume the tap host(s) is/are also the
|
|
# swtpm host(s)
|
|
- name: Install swtpm packages
|
|
package:
|
|
name: ['swtpm', 'swtpm-tools']
|
|
state: latest
|
|
enablerepo: "{{ openqa_repo }}"
|
|
tags:
|
|
- packages
|
|
when: openqa_tap|bool
|
|
|
|
- name: openQA client config
|
|
template: src=client.conf.j2 dest=/etc/openqa/client.conf owner=_openqa-worker group=root mode=0600
|
|
tags:
|
|
- config
|
|
|
|
- name: openQA worker config
|
|
template: src=workers.ini.j2 dest=/etc/openqa/workers.ini owner=_openqa-worker group=root mode=0644
|
|
notify:
|
|
- restart openqa workers
|
|
tags:
|
|
- config
|
|
|
|
- include_tasks: createhdds.yml
|
|
when: openqa_hdds_worker|bool
|
|
|
|
- name: Enable and start worker services
|
|
service: name=openqa-worker@{{ item }} enabled=yes state=started
|
|
loop: "{{ range(1, openqa_workers + 1)|list }}"
|