Cleanup opensuse mirroring configs entirely

This should cleanup our mirror update server so that we no longer have
configes (cron, scripts, logrotate rules, etc) for mirroring opensuse.
It won't clean up the afs volume, but we can get to that later (and it
will probably require manual intervention). This cleanup is done in a
way that it should be able to be applied to future cleanups too (like
when centos 8 stream goes away and everything is centos stream
specific).

Change-Id: Ib5d15ce800ff0620187345e1cfec0b7b5d65bee5
This commit is contained in:
Clark Boylan 2024-03-15 15:46:10 -07:00
parent a0ae3481dd
commit 515abdec64
4 changed files with 59 additions and 69 deletions

View File

@ -0,0 +1,9 @@
# Hash the full path to avoid any conflicts but remain idempotent.
- name: Create a unique config name
set_fact:
logrotate_generated_config_file_name: "{{ (logrotate_file_name | hash('sha1'))[0:6] }}.conf"
- name: Cleanup the indicated file
file:
state: absent
path: '/etc/logrotate.d/{{ logrotate_generated_config_file_name }}'

View File

@ -1,66 +0,0 @@
#!/bin/bash -xe
# Copyright 2017 SUSE Linux GmbH
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
source /usr/share/mirror-update/functions.sh
MIRROR_VOLUME=$1
# Runs with timeout under cron
if [[ ${UNDER_CRON:-0} -eq 0 ]]; then
echo_ts "Running interactively"
TIMEOUT=""
set -x
else
TIMEOUT="timeout -k 2m 90m"
fi
BASE="/afs/.openstack.org/mirror/opensuse"
MIRROR="rsync://mirror.clarkson.edu/opensuse/opensuse"
OBS_MIRROR="rsync://provo-mirror.opensuse.org/opensuse/repositories"
OBS_REPOS=()
K5START="k5start -t -f /etc/opensuse.keytab service/opensuse-mirror -- $TIMEOUT"
# NOTE(hwoarang): Ensure old distros are not mirrored aymore
for REPO in distribution/leap update/leap \
repositories/Cloud: \
repositories/Virtualization: \
repositories/network: ; do
if [ -d $BASE/$REPO ]; then
$K5START rm -rf $BASE/$REPO
fi
done
date --iso-8601=ns
for obs_repo in ${OBS_REPOS[@]}; do
REPO=repositories/${obs_repo}/
if ! [ -f $BASE/$REPO ]; then
$K5START mkdir -p $BASE/$REPO
fi
echo "Running rsync ${obs_repo} ..."
$K5START rsync -rltvz \
--delete --stats \
--delete-excluded \
--exclude="src/" \
--exclude="nosrc/" \
--exclude=".~tmp~" \
$OBS_MIRROR/$obs_repo/ $BASE/$REPO
done
date --iso-8601=ns | $K5START tee $BASE/timestamp.txt
echo "rsync completed successfully, running vos release."
vos_release $MIRROR_VOLUME
date --iso-8601=ns
echo "Done."

View File

@ -19,9 +19,15 @@
- epel - epel
- fedora - fedora
- openeuler - openeuler
- opensuse
- yum-puppetlabs - yum-puppetlabs
- name: Cleanup old unused rsync mirroring scripts
set_fact:
cleanup_rsync_update_scripts:
- opensuse
##### Script creation #####
- name: Copy keytab files in place - name: Copy keytab files in place
shell: 'echo "{{ lookup("vars", "mirror_update_keytab_" + item) }}" | base64 -d > /etc/{{ item }}.keytab' shell: 'echo "{{ lookup("vars", "mirror_update_keytab_" + item) }}" | base64 -d > /etc/{{ item }}.keytab'
args: args:
@ -60,3 +66,36 @@
logrotate_file_name: '/var/log/rsync-mirrors/{{ item }}.log' logrotate_file_name: '/var/log/rsync-mirrors/{{ item }}.log'
logrotate_frequency: 'weekly' logrotate_frequency: 'weekly'
loop: '{{ rsync_update_scripts }}' loop: '{{ rsync_update_scripts }}'
##### Script deletion #####
# Remove the cron first to avoid any races with cron execution.
- name: Delete old mirroring cron jobs
cron:
name: '{{ item }} mirror sync'
state: absent
job: 'flock -n /var/run/{{ item }}-mirror.lock {{ item }}-mirror-update mirror.{{ item }} >> /var/log/rsync-mirrors/{{ item }}.log 2>&1'
hour: '*/6'
minute: '{{ 45 | random(seed=item) }}'
loop: '{{ cleanup_rsync_update_scripts }}'
- name: Delete old keytab files
file:
path: '/etc/{{ item }}.keytab'
state: absent
loop: '{{ cleanup_rsync_update_scripts }}'
no_log: True
- name: Delete old rsync mirror scripts
file:
path: '/usr/local/bin/{{ item }}-mirror-update'
state: absent
loop: '{{ cleanup_rsync_update_scripts }}'
- name: Delete old logrotate rules
include_role:
name: logrotate
tasks_from: cleanup
vars:
logrotate_file_name: '/var/log/rsync-mirrors/{{ item }}.log'
loop: '{{ cleanup_rsync_update_scripts }}'

View File

@ -32,11 +32,15 @@ def test_rsync_scripts(host):
'epel', 'epel',
'fedora', 'fedora',
'openeuler', 'openeuler',
'opensuse',
'yum-puppetlabs']: 'yum-puppetlabs']:
f = host.file('/usr/local/bin/%s-mirror-update' % script) f = host.file('/usr/local/bin/%s-mirror-update' % script)
assert f.exists assert f.exists
def test_rsync_scripts_removed(host):
for script in ['opensuse']:
f = host.file('/usr/local/bin/%s-mirror-update' % script)
assert not f.exists
def test_publisher_script(host): def test_publisher_script(host):
f = host.file('/usr/local/bin/publish-mirror-logs') f = host.file('/usr/local/bin/publish-mirror-logs')
assert f.exists assert f.exists
@ -49,7 +53,6 @@ def test_keytabs(host):
'/etc/epel.keytab', '/etc/epel.keytab',
'/etc/fedora.keytab', '/etc/fedora.keytab',
'/etc/openeuler.keytab', '/etc/openeuler.keytab',
'/etc/opensuse.keytab',
'/etc/yum-puppetlabs.keytab', '/etc/yum-puppetlabs.keytab',
'/etc/reprepro.keytab']: '/etc/reprepro.keytab']:
@ -58,6 +61,11 @@ def test_keytabs(host):
assert f.sha256sum == KEYTAB_SHA256 assert f.sha256sum == KEYTAB_SHA256
assert f.mode == 0o400 assert f.mode == 0o400
def test_keytabs_removed(host):
for keytab in ['/etc/opensuse.keytab']:
f = host.file(keytab)
assert not f.exists
def test_afs_release_script(host): def test_afs_release_script(host):
f = host.file('/opt/afs-release/release-volumes.py') f = host.file('/opt/afs-release/release-volumes.py')
assert f.exists assert f.exists