Run letsencrypt in zuul
It should run before other services but after base, so run it early and add it to the dependency list in the infra-prod-service-base job. Change-Id: I4f65b0ff0fbf3cf1f98060d2b3d3c77eb3c45ec7
This commit is contained in:
Monty Taylor
parent
4602751640
commit
2e4219dad3
25
.zuul.yaml
25
.zuul.yaml
|
|
@ -1479,6 +1479,27 @@
|
|||
- playbooks/roles/snmpd/.*
|
||||
- playbooks/roles/iptables/.*
|
||||
|
||||
- job:
|
||||
name: infra-prod-service-letsencrypt
|
||||
parent: infra-prod-playbook
|
||||
description: Run service-letsencrypt.yaml playbook
|
||||
vars:
|
||||
playbook_name: service-letsencrypt.yaml
|
||||
dependencies:
|
||||
- name: infra-prod-update-system-config
|
||||
- name: infra-prod-install-ansible
|
||||
soft: true
|
||||
- name: infra-prod-base
|
||||
soft: true
|
||||
files:
|
||||
- inventory/groups.yaml
|
||||
- playbooks/service-letsencrypt.yaml
|
||||
# Any touching of host_vars or group_vars can substantively
|
||||
# change the certs we're doing, so be greedy here.
|
||||
- playbooks/host_vars/.*
|
||||
- playbooks/group_vars/.*
|
||||
- playbooks/roles/letsencrypt-.*
|
||||
|
||||
- job:
|
||||
name: infra-prod-manage-projects
|
||||
parent: infra-prod-playbook
|
||||
|
|
@ -1502,6 +1523,8 @@
|
|||
soft: true
|
||||
- name: infra-prod-base
|
||||
soft: true
|
||||
- name: infra-prod-letsencrypt
|
||||
soft: true
|
||||
|
||||
- job:
|
||||
name: infra-prod-service-bridge
|
||||
|
|
@ -1865,6 +1888,7 @@
|
|||
- infra-prod-update-system-config
|
||||
- infra-prod-install-ansible
|
||||
- infra-prod-base
|
||||
- infra-prod-service-letsencrypt
|
||||
- infra-prod-manage-projects:
|
||||
files:
|
||||
- playbooks/manage-projects.yaml
|
||||
|
|
@ -1899,5 +1923,6 @@
|
|||
- infra-prod-update-system-config
|
||||
- infra-prod-install-ansible
|
||||
- infra-prod-base
|
||||
- infra-prod-service-letsencrypt
|
||||
- infra-prod-service-bridge
|
||||
- infra-prod-service-gitea-lb
|
||||
|
|
|
|||
|
|
@ -72,10 +72,6 @@ set +e
|
|||
# Run all the ansible playbooks under timeout to prevent them from getting
|
||||
# stuck if they are oomkilled
|
||||
|
||||
start_timer
|
||||
timeout -k 2m 30m ansible-playbook -f 50 ${ANSIBLE_PLAYBOOKS}/service-letsencrypt.yaml
|
||||
send_timer letsencrypt
|
||||
|
||||
start_timer
|
||||
timeout -k 2m 30m ansible-playbook -f 50 ${ANSIBLE_PLAYBOOKS}/service-nameserver.yaml
|
||||
send_timer nameserver
|
||||
|
|
|
|||
Loading…
Reference in New Issue