opendev
/
system-config
Code Issues Proposed changes

Add /etc/openafs/ to trusted_ro_paths for zuul-executor 

We should no depend on this long term and write a proper ansible role
to setup this directly within bubblewrap.

Change-Id: I067658b62fe41fee98683c1974d9242e760443da
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This commit is contained in:
Paul Belanger 2017-08-31 12:44:03 -04:00
parent 8f9698b3b1
commit 9e2768bf0d
No known key found for this signature in database
GPG Key ID: 611A80832067AF38
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
manifests/site.pp
View File

@ -1099,7 +1099,9 @@ node /^ze\d+\.openstack\.org$/ {
gearman_client_ssl_cert => hiera('gearman_client_ssl_cert'),
gearman_client_ssl_key => hiera('gearman_client_ssl_key'),
gearman_ssl_ca => hiera('gearman_ssl_ca'),
trusted_ro_paths => ['/var/lib/zuul/ssh'],
#TODO(pabelanger): Add openafs role for zuul-jobs to setup /etc/openafs
# properly. We need to revisting this post Queens PTG.
trusted_ro_paths => ['/etc/openafs', '/var/lib/zuul/ssh'],
disk_limit_per_job => 500, # Megabytes
site_variables_yaml_file => $::project_config::zuul_site_variables_yaml,
require => $::project_config::config_dir,