From 4e0cb89d123589d3a2146cae575d7c93af6b8ab9 Mon Sep 17 00:00:00 2001 From: Devananda van der Veen Date: Thu, 9 Aug 2012 10:56:52 -0700 Subject: [PATCH] allow injection of SSH keys into Jenkins user The SSH key in the openstack-ci-puppet repo will be used by default, unless the JENKINS_SSH_KEY env var is present, in which case that will be used instead. Change-Id: If61b10679940f632f49a09fe6f320c82f2a4c25d --- README.md | 13 +++++++------ devstack-vm-update-image.py | 17 +++++++++++++---- 2 files changed, 20 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 3275f6e4..ac5f7208 100644 --- a/README.md +++ b/README.md @@ -225,12 +225,13 @@ you're working as is called "jenkins"): python vmdatabase.py sqlite3 /home/jenkins/vm.db -Currently the update-image script will produce a VM that only members -of the OpenStack CI team can log into. You should start by patching -devstack-vm-update-image.py to have an option to install your own -local ssh key, and if you don't want to use the "jenkins" user, it -should also create whatever user you want to use. Send that patch -upstream to us so it can be merged. Then run: +By default, the update-image script will produce a VM that only members +of the OpenStack CI team can log into. You can inject your SSH public +key by setting the appropriate env variable, like so: + + export JENKINS_SSH_KEY=$(head -1 ~/.ssh/authorized_keys) + +Then run: ./devstack-vm-update-image.sh ./devstack-vm-launch.py diff --git a/devstack-vm-update-image.py b/devstack-vm-update-image.py index fde14c1e..53f63b45 100755 --- a/devstack-vm-update-image.py +++ b/devstack-vm-update-image.py @@ -36,6 +36,13 @@ DEVSTACK_GATE_PREFIX = os.environ.get('DEVSTACK_GATE_PREFIX', '') DEVSTACK = os.path.join(WORKSPACE, 'devstack') PROVIDER_NAME = sys.argv[1] +JENKINS_SSH_KEY = os.environ.get('JENKINS_SSH_KEY', False) +if JENKINS_SSH_KEY: + PUPPET_CLASS="class {'openstack_project::slave_template': " + " install_users => false, ssh_key => '%s' }" % JENKINS_SSH_KEY +else: + PUPPET_CLASS="class {'openstack_project::slave_template': }" + PROJECTS = ['openstack/nova', 'openstack/glance', 'openstack/keystone', @@ -154,7 +161,7 @@ def bootstrap_server(provider, server, admin_pass, key): 'openstack-ci-puppet.git' client.ssh("set hostname", "sudo hostname %s" % server.name) client.ssh("get puppet repo deb", - "/usr/bin/wget " + "sudo /usr/bin/wget " "http://apt.puppetlabs.com/puppetlabs-release-" "`lsb_release -c -s`.deb -O /root/puppet-repo.deb") client.ssh("install puppet repo deb", "sudo dpkg -i /root/puppet-repo.deb") @@ -169,10 +176,12 @@ def bootstrap_server(provider, server, admin_pass, key): ' --assume-yes install git puppet') client.ssh("clone puppret repo", "sudo git clone %s /root/openstack-ci-puppet" % gerrit_url) + client.ssh("install puppet modules", + "/bin/bash /root/openstack-ci-puppet/install_modules.sh") client.ssh("run puppet", - "sudo puppet apply " - "--modulepath=/root/openstack-ci-puppet/modules " - "/root/openstack-ci-puppet/manifests/site.pp") + "sudo puppet apply --modulepath=/root/openstack-ci-puppet/modules:" + "/etc/puppet/modules " + "-e '%s'" % PUPPET_CLASS) def configure_server(server, branches):