d3ff588013
According to our zuul-worker DIB element the path we want to remove to revoke zuul sudo access is /etc/sudoers.d/zuul: http://git.openstack.org/cgit/openstack-infra/project-config/tree/nodepool/elements/zuul-worker/install.d/60-zuul-worker Generated via: sed -i 's/zuul-sudo/zuul/' \ `git grep --files-with-match '/etc/sudoers.d/zuul-sudo'` Change-Id: Iea8cf915d815dbf876ca0cee74933f04152395b8
91 lines
2.9 KiB
YAML
91 lines
2.9 KiB
YAML
- hosts: all
|
|
name: Autoconverted job legacy-gerrit-package-buck from old job gerrit-package-buck
|
|
tasks:
|
|
|
|
- name: Ensure legacy workspace directory
|
|
file:
|
|
path: '{{ ansible_user_dir }}/workspace'
|
|
state: directory
|
|
|
|
- shell:
|
|
cmd: |
|
|
set -e
|
|
set -x
|
|
sudo bash -c "echo 'ant' >> /usr/local/jenkins/common_data/bindep-fallback.txt"
|
|
sudo bash -c "echo 'ant-optional' >> /usr/local/jenkins/common_data/bindep-fallback.txt"
|
|
sudo bash -c "echo 'default-jdk' >> /usr/local/jenkins/common_data/bindep-fallback.txt"
|
|
sudo bash -c "echo 'asciidoc' >> /usr/local/jenkins/common_data/bindep-fallback.txt"
|
|
sudo bash -c "echo 'nodejs' >> /usr/local/jenkins/common_data/bindep-fallback.txt"
|
|
executable: /bin/bash
|
|
chdir: '{{ ansible_user_dir }}/workspace'
|
|
environment: '{{ zuul | zuul_legacy_vars }}'
|
|
|
|
- shell:
|
|
cmd: /usr/local/jenkins/slave_scripts/install-distro-packages.sh
|
|
chdir: '{{ ansible_user_dir }}/workspace'
|
|
environment: '{{ zuul | zuul_legacy_vars }}'
|
|
|
|
- shell:
|
|
cmd: |
|
|
set -x
|
|
sudo rm -f /etc/sudoers.d/zuul
|
|
# Prove that general sudo access is actually revoked
|
|
! sudo -n true
|
|
executable: /bin/bash
|
|
chdir: '{{ ansible_user_dir }}/workspace'
|
|
environment: '{{ zuul | zuul_legacy_vars }}'
|
|
|
|
- shell:
|
|
cmd: |
|
|
set -e
|
|
set -x
|
|
if [[ ! -d "buck" ]]
|
|
then
|
|
git clone https://gerrit.googlesource.com/buck
|
|
cd buck
|
|
ant
|
|
fi
|
|
executable: /bin/bash
|
|
chdir: '{{ ansible_user_dir }}/workspace'
|
|
environment: '{{ zuul | zuul_legacy_vars }}'
|
|
|
|
- shell:
|
|
cmd: |
|
|
set -e
|
|
set -x
|
|
CLONEMAP=`mktemp`
|
|
function cleanup {
|
|
rm -f $CLONEMAP
|
|
}
|
|
trap cleanup EXIT
|
|
cat > $CLONEMAP << EOF
|
|
clonemap:
|
|
- name: openstack-infra/gerrit
|
|
dest: gerrit
|
|
EOF
|
|
/usr/zuul-env/bin/zuul-cloner -m $CLONEMAP \
|
|
--cache-dir /opt/git \
|
|
git://git.openstack.org openstack-infra/gerrit
|
|
cd gerrit
|
|
# This is necessary to build the core plugins
|
|
git submodule init
|
|
git submodule update
|
|
executable: /bin/bash
|
|
chdir: '{{ ansible_user_dir }}/workspace'
|
|
environment: '{{ zuul | zuul_legacy_vars }}'
|
|
|
|
- shell:
|
|
cmd: |
|
|
set -e
|
|
set -x
|
|
export PATH=`pwd`/buck/bin:$PATH
|
|
cd gerrit
|
|
/usr/local/jenkins/slave_scripts/version-properties.sh
|
|
source version.properties
|
|
buck clean
|
|
buck build release
|
|
cp buck-out/gen/release/release.war buck-out/gen/gerrit-$PROJECT_VER.war
|
|
executable: /bin/bash
|
|
chdir: '{{ ansible_user_dir }}/workspace'
|
|
environment: '{{ zuul | zuul_legacy_vars }}'
|