
According to our zuul-worker DIB element the path we want to remove to revoke zuul sudo access is /etc/sudoers.d/zuul: http://git.openstack.org/cgit/openstack-infra/project-config/tree/nodepool/elements/zuul-worker/install.d/60-zuul-worker Generated via: sed -i 's/zuul-sudo/zuul/' \ `git grep --files-with-match '/etc/sudoers.d/zuul-sudo'` Change-Id: Iea8cf915d815dbf876ca0cee74933f04152395b8
132 lines
4.4 KiB
YAML
132 lines
4.4 KiB
YAML
- hosts: all
|
|
name: Autoconverted job legacy-js-generator-openstack-nodejs6-npm-docs from old
|
|
job js-generator-openstack-nodejs6-npm-docs
|
|
tasks:
|
|
|
|
- name: Ensure legacy workspace directory
|
|
file:
|
|
path: '{{ ansible_user_dir }}/workspace'
|
|
state: directory
|
|
|
|
- shell:
|
|
cmd: |
|
|
set -e
|
|
set -x
|
|
CLONEMAP=`mktemp`
|
|
function cleanup {
|
|
# In cases where zuul-cloner is aborted during a git
|
|
# clone operation, git will remove the git work tree in
|
|
# its cleanup. The work tree in these jobs is the
|
|
# workspace directory, which means that subsequent
|
|
# jenkins post-build actions can not run because the
|
|
# workspace has been removed.
|
|
# To reduce the likelihood of this having an impact,
|
|
# recreate the workspace directory if needed
|
|
mkdir -p $WORKSPACE
|
|
rm -f $CLONEMAP
|
|
}
|
|
trap cleanup EXIT
|
|
cat > $CLONEMAP << EOF
|
|
clonemap:
|
|
- name: $ZUUL_PROJECT
|
|
dest: .
|
|
EOF
|
|
/usr/zuul-env/bin/zuul-cloner -m $CLONEMAP --cache-dir /opt/git \
|
|
git://git.openstack.org $ZUUL_PROJECT
|
|
executable: /bin/bash
|
|
chdir: '{{ ansible_user_dir }}/workspace'
|
|
environment: '{{ zuul | zuul_legacy_vars }}'
|
|
|
|
- shell:
|
|
cmd: /usr/local/jenkins/slave_scripts/install-distro-packages.sh
|
|
chdir: '{{ ansible_user_dir }}/workspace'
|
|
environment: '{{ zuul | zuul_legacy_vars }}'
|
|
|
|
- shell:
|
|
cmd: |
|
|
set -u
|
|
set -e
|
|
set -x
|
|
# Prerequisites
|
|
sudo apt-get update
|
|
sudo apt-get install -y apt-transport-https lsb-release curl
|
|
|
|
DISTRO=$(lsb_release -c -s)
|
|
|
|
# Install via nodesource
|
|
curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | sudo apt-key add -
|
|
|
|
echo "deb https://deb.nodesource.com/node_6.x $DISTRO main" | sudo tee /etc/apt/sources.list.d/nodesource.list
|
|
echo "deb-src https://deb.nodesource.com/node_6.x $DISTRO main" | sudo tee -a /etc/apt/sources.list.d/nodesource.list
|
|
|
|
sudo apt-get update
|
|
sudo apt-get install -y nodejs
|
|
|
|
# Output to the log for debugging sake.
|
|
node --version
|
|
npm --version
|
|
executable: /bin/bash
|
|
chdir: '{{ ansible_user_dir }}/workspace'
|
|
environment: '{{ zuul | zuul_legacy_vars }}'
|
|
|
|
- shell:
|
|
cmd: |
|
|
set -x
|
|
sudo rm -f /etc/sudoers.d/zuul
|
|
# Prove that general sudo access is actually revoked
|
|
! sudo -n true
|
|
executable: /bin/bash
|
|
chdir: '{{ ansible_user_dir }}/workspace'
|
|
environment: '{{ zuul | zuul_legacy_vars }}'
|
|
|
|
- shell:
|
|
cmd: |
|
|
set -u
|
|
set -e
|
|
set -x
|
|
export DISPLAY=:99
|
|
npm install --verbose
|
|
|
|
# Try running as a standard lifecycle script, otherwise try custom.
|
|
npm_lifecycle_phases="publish install version test stop start restart pack"
|
|
|
|
if [[ $npm_lifecycle_phases =~ (^| )docs($| ) ]]; then
|
|
npm docs --verbose
|
|
else
|
|
npm run docs --verbose
|
|
fi
|
|
|
|
# If no shrinkwrap exists, generate it.
|
|
if [ ! -f ./npm-shrinkwrap.json ]; then
|
|
npm prune # https://github.com/npm/npm/issues/6298
|
|
npm shrinkwrap
|
|
fi
|
|
executable: /bin/bash
|
|
chdir: '{{ ansible_user_dir }}/workspace'
|
|
environment: '{{ zuul | zuul_legacy_vars }}'
|
|
|
|
- shell:
|
|
cmd: |
|
|
OUT=`git ls-files --other --exclude-standard --directory`
|
|
if [ -z "$OUT" ]; then
|
|
echo "No extra files created during test."
|
|
exit 0
|
|
else
|
|
echo "The following un-ignored files were created during the test:"
|
|
echo "$OUT"
|
|
exit 0 # TODO: change to 1 to fail tests.
|
|
fi
|
|
executable: /bin/bash
|
|
chdir: '{{ ansible_user_dir }}/workspace'
|
|
environment: '{{ zuul | zuul_legacy_vars }}'
|
|
|
|
- shell:
|
|
cmd: |
|
|
set -e
|
|
set -x
|
|
MARKER_TEXT="Project: $ZUUL_PROJECT Ref: $ZUUL_REFNAME Build: $ZUUL_UUID Revision: $ZUUL_NEWREV"
|
|
echo $MARKER_TEXT > doc/build/html/.root-marker
|
|
executable: /bin/bash
|
|
chdir: '{{ ansible_user_dir }}/workspace'
|
|
environment: '{{ zuul | zuul_legacy_vars }}'
|