system-config/playbooks/roles/zuul/tasks/main.yaml

- name: Create Zuul Group
  group:
    name: zuul
    gid: "{{ zuul_group_id }}"
    system: yes

- name: Create Zuul User
  user:
    name: zuul
    uid: "{{ zuul_user_id }}"
    comment: Zuul User
    shell: /bin/bash
    home: /home/zuul
    group: zuul
    create_home: yes
    system: yes
  # In order to run this in Zuul, we have to ignore errors.
  # That's because in Zuul, the test nodes have a Zuul user.
  failed_when: false

- name: Create Zuul Config dir
  file:
    state: directory
    path: /etc/zuul
    owner: zuul
    group: zuul

- name: Create Zuul SSL dir
  file:
    state: directory
    path: /etc/zuul/ssl
    owner: zuul
    group: zuul

- name: Write Gearman SSL CA
  copy:
    content: "{{ gearman_ssl_ca }}"
    dest: /etc/zuul/ssl/gearman-ca.pem
    owner: zuul
    group: zuul
    mode: 0644

- name: Write Gearman Client SSL Cert
  copy:
    content: "{{ gearman_client_ssl_cert }}"
    dest: /etc/zuul/ssl/gearman-client.pem
    owner: zuul
    group: zuul
    mode: 0644

- name: Write Gearman Client SSL Key
  when: gearman_client_ssl_key is defined
  copy:
    content: "{{ gearman_client_ssl_key }}"
    dest: /etc/zuul/ssl/gearman-client.key
    owner: zuul
    group: zuul
    mode: 0640

- name: Write Gearman Server SSL Cert
  when: gearman_server_ssl_cert is defined
  copy:
    content: "{{ gearman_server_ssl_cert }}"
    dest: /etc/zuul/ssl/gearman-server.pem
    owner: zuul
    group: zuul
    mode: 0644

- name: Write Gearman Server SSL Key
  when: gearman_server_ssl_key is defined
  copy:
    content: "{{ gearman_server_ssl_key }}"
    dest: /etc/zuul/ssl/gearman-server.key
    owner: zuul
    group: zuul
    mode: 0640

- name: Write Zuul Conf File
  template:
    src: zuul.conf.j2
    dest: /etc/zuul/zuul.conf
    owner: zuul
    group: zuul
    mode: 0600

- name: Create Zuul directories
  file:
    state: directory
    path: '{{ item }}'
    owner: zuul
    group: zuul
  loop:
    - /var/log/zuul
    - /var/run/zuul
    - /var/lib/zuul
    - /var/lib/zuul/ssh

- name: Write Zuul SSH Key
  copy:
    dest: /var/lib/zuul/ssh/id_rsa
    content: '{{ zuul_ssh_private_key_contents }}'
    owner: zuul
    group: zuul
    mode: 0400

- name: Create Zuul SSH directory
  file:
    state: directory
    path: /home/zuul/.ssh
    owner: zuul
    group: zuul
    mode: 0700

- name: Write Known Hosts
  copy:
    dest: /home/zuul/.ssh/known_hosts
    content: '{{ zuul_known_hosts }}'
    owner: zuul
    group: zuul
    mode: 0600

- name: Clone project-config repo
  git:
    repo: https://opendev.org/openstack/project-config
    dest: /opt/project-config
    force: yes

- name: Install docker-compose
  package:
    name:
      - docker-compose
    state: present