From 4f117bceccddd1cd4aa1206bc33e6fc7ceee0069 Mon Sep 17 00:00:00 2001
From: Jeremy Stanley <fungi@yuggoth.org>
Date: Wed, 29 May 2019 18:18:07 +0000
Subject: [PATCH] Project renames include keys on zuul scheduler

Add tasks to the rename_repos utility playbook for moving the
per-project secrets and ssh keys on the zuul scheduler's filesystem,
creating new namespace parent directories if they don't already
exist.

Change-Id: Iccce53953d5829bd4eb5fe4c33c9d2f195ae825c
---
 playbooks/rename_repos.yaml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/playbooks/rename_repos.yaml b/playbooks/rename_repos.yaml
index 3b65896ff2..71a2b0d228 100644
--- a/playbooks/rename_repos.yaml
+++ b/playbooks/rename_repos.yaml
@@ -79,6 +79,30 @@
       shell: echo 'update projects set name="{{ item.new }}" where name="{{ item.old }}";' | mysql --defaults-file=/etc/mysql/debian.cnf storyboard
       with_items: "{{ repos }}"
 
+- hosts: zuul-scheduler
+  gather_facts: False
+  remote_user: root
+  tasks:
+
+    - include_vars: "{{ repolist }}"
+
+    - name: Make organization dirs
+      file:
+        state: directory
+        path: "{{ (item[0] + item[1].new) | dirname }}"
+        group: zuul
+        owner: zuul
+        mode: 0755
+      with_nested:
+        - [ '/var/lib/zuul/keys/secrets/project/gerrit/', '/var/lib/zuul/keys/ssh/project/gerrit/' ]
+        - "{{ repos }}"
+
+    - name: Rename keys on Zuul
+      shell: mv {{ item[0] }}{{ item[1].old }} {{ item[0] }}{{ item[1].new }}
+      with_nested:
+        - [ '/var/lib/zuul/keys/secrets/project/gerrit/', '/var/lib/zuul/keys/ssh/project/gerrit/' ]
+        - "{{ repos }}"
+
 - hosts: review
   gather_facts: False
   remote_user: root