Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
ansible/playbooks/manual/sign-and-import.yml
Patrick Uiterwijk bd754cae62 Refuse to sign-and-import unless really intended 
This is to force people to use the new infra tags

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-09-25 17:28:29 +00:00

80 lines
2.5 KiB
YAML
Raw Blame History

# This playbook takes new rpms specified with a fileglob, signs them, and adds
# them to the infrastructure repo.
#
# To push to infra-testing:
# requires --extra-vars="rpmdir='/home/fedora/ralph/rpms/' testing=True rhel=6"
#
# To push to infra:
# requires --extra-vars="rpmdir='/home/fedora/ralph/rpms/' rhel=6"
#
# To push to fedora 20:
# requires --extra-vars="rpmdir='/home/fedora/ralph/rpms/' rhel=20"
#
# TODO -- grab rpms from koji build/task ids beforehand?
# TODO -- other arches than x86_64?
- name: batch sign and import a directory full of rpms
user: root
hosts: localhost
connection: local
# Toggle this variable to import to the testing repo as opposed to the staging
# repo. Since we're in freeze right now, we'll default to the testing repo.
# It would be nice to be able to toggle this from the command line.
vars:
- repodir: /mnt/fedora/app/fi-repo/{% if testing %}testing/{% endif %}{{ rhel }}
- testing: False
tasks:
- fail: msg="Please use the infra tags from now on"
when: no_use_infratags is not defined
- fail: msg="Please specify rhel version with rhel=6/7"
when: rhel is not defined
- name: Fail if no rpmdir provided
fail: msg="No rpmdir provided"
when: rpmdir is not defined
# TODO -- I'd also like to fail if rpmdir does not exist.
# TODO -- I'd also like to fail if there are no *.rpm files in there.
- name: sign all the rpms with our gpg key
shell: /bin/rpm --resign {{ rpmdir }}/*.rpm
- name: make a directory where we store the rpms afterwards
file: path={{ rpmdir }}-old state=directory
- name: copy the source rpms to the SRPMS dir of {{ repodir }}
copy: src={{ item }} dest={{ repodir }}/SRPMS/
with_fileglob:
- "{{ rpmdir }}/*.src.rpm"
- name: move processed srpms out to {{ rpmdir }}-old
command: /bin/mv {{ item }} {{ rpmdir }}-old/
when: not testing
with_fileglob:
- "{{ rpmdir }}/*.src.rpm"
- name: copy the binary rpms to the x86_64 dir of {{ repodir }}
copy: src={{ item }} dest={{ repodir }}/x86_64/
with_fileglob:
- "{{ rpmdir }}/*.rpm"
- name: copy the binary rpms to the i386 dir of {{ repodir }}
copy: src={{ item }} dest={{ repodir }}/i386/
with_fileglob:
- "{{ rpmdir }}/*.rpm"
- name: move processed rpms out to {{ rpmdir }}-old
command: /bin/mv {{ item }} {{ rpmdir }}-old/
when: not testing
with_fileglob:
- "{{ rpmdir }}/*.rpm"
- name: Run createrepo on each repo
command: createrepo --update {{ repodir }}/{{ item }}/
with_items:
- SRPMS
- x86_64
- i386
Reference in a new issue View git blame Copy permalink