openstack-zuul-jobs/playbooks/legacy/pre.yaml

- hosts: all
  roles:
    - role: fetch-zuul-cloner
      destination: "/usr/zuul-env/bin/zuul-cloner"
      repo_src_dir: "/home/zuul/src/git.openstack.org"
    - legacy-copy-jenkins-scripts

  tasks:
    - name: Create nodepool directory
      file:
        path: /etc/nodepool
        state: directory
    - name: Create nodepool sub_nodes file
      copy:
        dest: /etc/nodepool/sub_nodes
        content: ""
    - name: Create nodepool sub_nodes_private file
      copy:
        dest: /etc/nodepool/sub_nodes_private
        content: ""
    - name: Populate nodepool sub_nodes file
      lineinfile:
        path: /etc/nodepool/sub_nodes
        line: "{{ hostvars[item]['nodepool']['public_ipv4'] }}"
      with_items: "{{ groups['subnodes'] }}"
      when: groups['subnodes'] is defined
    - name: Populate nodepool sub_nodes_private file
      lineinfile:
        path: /etc/nodepool/sub_nodes_private
        line: "{{ hostvars[item]['nodepool']['private_ipv4'] }}"
      with_items: "{{ groups['subnodes'] }}"
      when: groups['subnodes'] is defined
    - name: Create nodepool primary file
      copy:
        dest: /etc/nodepool/primary_node_private
        content: "{{ hostvars['primary']['nodepool']['private_ipv4'] }}"
      when: hostvars['primary'] is defined
    - name: Create nodepool node_private for this node
      copy:
        dest: /etc/nodepool/node_private
        content: "{{ nodepool.private_ipv4 }}"
    - name: Copy ssh keys to nodepool directory
      command: "cp .ssh/{{ item }} /etc/nodepool/{{ item }}"
      with_items:
        - id_rsa
        - id_rsa.pub

    - name: Add sudoers role for zuul-sudo-grep.sh
      copy:
        dest: /etc/sudoers.d/zuul-sudo-grep
        content: "zuul ALL = NOPASSWD:/usr/local/jenkins/slave_scripts/zuul-sudo-grep.sh\n"
        mode: 0440
      become: true

    - name: Validate sudoers config after edits
      command: "/usr/sbin/visudo -c"
      become: true

    - name: Show the environment passed in to job shell scripts
      shell:
        cmd: |
          env
        executable: /bin/bash
      environment: '{{ zuul | zuul_legacy_vars }}'
Add legacy-base job to handle /etc/nodepool Change-Id: I0c1bbdc84e888e16dfb151f720dd178030360dec 2017-09-22 11:04:05 -05:00			`- hosts: all`
Move fetch-zuul-cloner into legacy-base jobs Old legacy jobs depend on zuul-cloner, so move the role out of our base job into it. This will discourage non legacy jobs from using zuul-cloner. Change-Id: Ia09a4acc9c09535bf287208c77257bd3dca7a2bf Signed-off-by: Paul Belanger <pabelanger@redhat.com> 2017-10-18 11:19:25 -04:00			`roles:`
			`- role: fetch-zuul-cloner`
			`destination: "/usr/zuul-env/bin/zuul-cloner"`
			`repo_src_dir: "/home/zuul/src/git.openstack.org"`
Consolidate legacy scripts Create new role legacy-copy-jenkins-scripts to populate /usr/local/jenkins/slave_scripts. Move existing scripts from playbooks/legacy to the files directory of the new role. Use the new role instead of a task. Change-Id: I2dcfdf46f0d953afa8100557488a393962dba9bb 2018-02-09 08:02:11 +01:00			`- legacy-copy-jenkins-scripts`
Move fetch-zuul-cloner into legacy-base jobs Old legacy jobs depend on zuul-cloner, so move the role out of our base job into it. This will discourage non legacy jobs from using zuul-cloner. Change-Id: Ia09a4acc9c09535bf287208c77257bd3dca7a2bf Signed-off-by: Paul Belanger <pabelanger@redhat.com> 2017-10-18 11:19:25 -04:00
Add legacy-base job to handle /etc/nodepool Change-Id: I0c1bbdc84e888e16dfb151f720dd178030360dec 2017-09-22 11:04:05 -05:00			`tasks:`
			`- name: Create nodepool directory`
			`file:`
			`path: /etc/nodepool`
			`state: directory`
Create sub_nodes file before trying to modify it Otherwise we are seeing errors on multinode jobs. Change-Id: I8e7240f28e1aa991c637b8aee421a2f5b4eba9e9 2017-10-09 11:42:59 +00:00			`- name: Create nodepool sub_nodes file`
			`copy:`
			`dest: /etc/nodepool/sub_nodes`
			`content: ""`
			`- name: Create nodepool sub_nodes_private file`
Add legacy-base job to handle /etc/nodepool Change-Id: I0c1bbdc84e888e16dfb151f720dd178030360dec 2017-09-22 11:04:05 -05:00			`copy:`
			`dest: /etc/nodepool/sub_nodes_private`
			`content: ""`
Add sub_nodes and node_private files in /etc/nodepool TripleO-CI uses these for things. Change-Id: Id2fd8d0a0aeedfaedf84004dbab61e9988163fa7 2017-10-06 13:54:27 -05:00			`- name: Populate nodepool sub_nodes file`
			`lineinfile:`
			`path: /etc/nodepool/sub_nodes`
			`line: "{{ hostvars[item]['nodepool']['public_ipv4'] }}"`
			`with_items: "{{ groups['subnodes'] }}"`
			`when: groups['subnodes'] is defined`
			`- name: Populate nodepool sub_nodes_private file`
Add legacy-base job to handle /etc/nodepool Change-Id: I0c1bbdc84e888e16dfb151f720dd178030360dec 2017-09-22 11:04:05 -05:00			`lineinfile:`
			`path: /etc/nodepool/sub_nodes_private`
			`line: "{{ hostvars[item]['nodepool']['private_ipv4'] }}"`
			`with_items: "{{ groups['subnodes'] }}"`
			`when: groups['subnodes'] is defined`
			`- name: Create nodepool primary file`
			`copy:`
			`dest: /etc/nodepool/primary_node_private`
			`content: "{{ hostvars['primary']['nodepool']['private_ipv4'] }}"`
Don't write out nodepool primary file on non-primary node Change-Id: Ie866ba83c62a6fd45de6a783eecda217e90fd49e 2017-09-26 15:20:19 -05:00			`when: hostvars['primary'] is defined`
Add sub_nodes and node_private files in /etc/nodepool TripleO-CI uses these for things. Change-Id: Id2fd8d0a0aeedfaedf84004dbab61e9988163fa7 2017-10-06 13:54:27 -05:00			`- name: Create nodepool node_private for this node`
			`copy:`
			`dest: /etc/nodepool/node_private`
			`content: "{{ nodepool.private_ipv4 }}"`
Add legacy-base job to handle /etc/nodepool Change-Id: I0c1bbdc84e888e16dfb151f720dd178030360dec 2017-09-22 11:04:05 -05:00			`- name: Copy ssh keys to nodepool directory`
			`command: "cp .ssh/{{ item }} /etc/nodepool/{{ item }}"`
			`with_items:`
			`- id_rsa`
			`- id_rsa.pub`
Zuul versions of sudo grep checks Old legacy jobs will continue to want tocheck that the test user isn't using sudo if sudo has been disabled. Add a zuul version of the checker script and update the sudo rules to allow the zuul user to run it Change-Id: I3f941fb57e4574dcca04442b97a70e6acbc395e9 Co-Authored-By: Clark Boylan <clark.boylan@gmail.com> 2017-09-28 16:24:32 -05:00
			`- name: Add sudoers role for zuul-sudo-grep.sh`
			`copy:`
			`dest: /etc/sudoers.d/zuul-sudo-grep`
Swap order of sudoers manipulation Also use a command task to run visudo -c rather than validate as validate requires %s in the command string (and we don't need or want it). Change-Id: I9876af744ecf4995f857b6c7701e7de59b17fa98 2017-09-28 17:57:43 -05:00			`content: "zuul ALL = NOPASSWD:/usr/local/jenkins/slave_scripts/zuul-sudo-grep.sh\n"`
Zuul versions of sudo grep checks Old legacy jobs will continue to want tocheck that the test user isn't using sudo if sudo has been disabled. Add a zuul version of the checker script and update the sudo rules to allow the zuul user to run it Change-Id: I3f941fb57e4574dcca04442b97a70e6acbc395e9 Co-Authored-By: Clark Boylan <clark.boylan@gmail.com> 2017-09-28 16:24:32 -05:00			`mode: 0440`
			`become: true`

Swap order of sudoers manipulation Also use a command task to run visudo -c rather than validate as validate requires %s in the command string (and we don't need or want it). Change-Id: I9876af744ecf4995f857b6c7701e7de59b17fa98 2017-09-28 17:57:43 -05:00			`- name: Validate sudoers config after edits`
			`command: "/usr/sbin/visudo -c"`
			`become: true`

Print environment in pre playbook of legacy-base job We construct an environment for legacy purposes. Let's print it for help debugging things. Change-Id: I042e481ebe541d7cbc69a29d4e38b3779d48a936 2017-10-02 16:34:36 -05:00			`- name: Show the environment passed in to job shell scripts`
			`shell:`
			`cmd: \|`
			`env`
			`executable: /bin/bash`
			`environment: '{{ zuul \| zuul_legacy_vars }}'`