zuul/zuul-jobs
Code Issues Proposed changes

Merge "Add option to prefer https/ssl in configure-mirrors"

Browse Source
This commit is contained in:
Zuul 2020-05-26 12:09:36 +00:00 committed by Gerrit Code Review
commit 4bd67e2bbb
9 changed files with 51 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
roles/configure-mirrors/README.rst
View File

@ -7,6 +7,13 @@ An ansible role to configure services to use mirrors.
The base host for mirror servers. The base host for mirror servers.
.. zuul:rolevar:: mirror_use_ssl
:default: False
Use ssl to communicate to mirror endpoints. Note if the platform
cannot use ssl (for example Ubuntu Xenial apt needs additional packages)
this will still use http instead of https when set for that platform.
.. zuul:rolevar:: pypi_fqdn .. zuul:rolevar:: pypi_fqdn
:default: {{ mirror_fqdn }} :default: {{ mirror_fqdn }}

13
roles/configure-mirrors/defaults/main.yaml
View File

@ -1,5 +1,12 @@
set_apt_mirrors_trusted: False
mirror_fqdn: "{{ zuul_site_mirror_fqdn|default(omit) }}" mirror_fqdn: "{{ zuul_site_mirror_fqdn|default(omit) }}"
pypi_fqdn: "{{ mirror_fqdn }}" pypi_fqdn: "{{ mirror_fqdn }}"
pypi_mirror: "http://{{ pypi_fqdn }}/pypi/simple" mirror_use_ssl: False
set_apt_mirrors_trusted: False http_or_https: >-
wheel_mirror: "http://{{ mirror_fqdn }}/wheel/{{ ansible_distribution | lower }}-{{ ansible_distribution_version }}-{{ ansible_architecture | lower }}" {%- if mirror_use_ssl and ansible_distribution_release not in ['xenial', 'stretch'] -%}
https
{%- else -%}
http
{%- endif -%}
pypi_mirror: "{{ http_or_https }}://{{ pypi_fqdn }}/pypi/simple"
wheel_mirror: "{{ http_or_https }}://{{ mirror_fqdn }}/wheel/{{ ansible_distribution | lower }}-{{ ansible_distribution_version }}-{{ ansible_architecture | lower }}"

4
roles/configure-mirrors/vars/CentOS.yaml
View File

@ -1,2 +1,2 @@
package_mirror: "http://{{ mirror_fqdn }}/{{ ansible_distribution | lower }}" package_mirror: "{{ http_or_https }}://{{ mirror_fqdn }}/{{ ansible_distribution | lower }}"
epel_mirror: "http://{{ mirror_fqdn }}/epel" epel_mirror: "{{ http_or_https }}://{{ mirror_fqdn }}/epel"

4
roles/configure-mirrors/vars/Debian.yaml
View File

@ -1,2 +1,2 @@
package_mirror: "http://{{ mirror_fqdn }}/{{ ansible_distribution | lower }}" package_mirror: "{{ http_or_https }}://{{ mirror_fqdn }}/{{ ansible_distribution | lower }}"
security_mirror: "http://{{ mirror_fqdn }}/{{ ansible_distribution | lower }}-security" security_mirror: "{{ http_or_https }}://{{ mirror_fqdn }}/{{ ansible_distribution | lower }}-security"

2
roles/configure-mirrors/vars/Fedora.yaml
View File

@ -1 +1 @@
package_mirror: "http://{{ mirror_fqdn }}/{{ ansible_distribution | lower }}" package_mirror: "{{ http_or_https }}://{{ mirror_fqdn }}/{{ ansible_distribution | lower }}"

4
roles/configure-mirrors/vars/Suse.yaml
View File

@ -1,7 +1,7 @@
package_mirror: "http://{{ mirror_fqdn }}/opensuse"
wheels_slug: "{%- if ansible_distribution == 'openSUSE Tumbleweed' -%} wheels_slug: "{%- if ansible_distribution == 'openSUSE Tumbleweed' -%}
opensuse-tumbleweed-{{ ansible_architecture | lower }} opensuse-tumbleweed-{{ ansible_architecture | lower }}
{%- else -%} {%- else -%}
{{ ansible_distribution | lower }}-{{ ansible_distribution_version }}-{{ ansible_architecture | lower }} {{ ansible_distribution | lower }}-{{ ansible_distribution_version }}-{{ ansible_architecture | lower }}
{%- endif -%}" {%- endif -%}"
wheel_mirror: "http://{{ mirror_fqdn }}/wheel/{{ wheels_slug }}" package_mirror: "{{ http_or_https }}://{{ mirror_fqdn }}/opensuse"
wheel_mirror: "{{ http_or_https }}://{{ mirror_fqdn }}/wheel/{{ wheels_slug }}"

2
roles/configure-mirrors/vars/Ubuntu.aarch64.yaml
View File

@ -1 +1 @@
package_mirror: "http://{{ mirror_fqdn }}/{{ ansible_distribution | lower }}-ports" package_mirror: "{{ http_or_https }}://{{ mirror_fqdn }}/{{ ansible_distribution | lower }}-ports"

2
roles/configure-mirrors/vars/Ubuntu.yaml
View File

@ -1 +1 @@
package_mirror: "http://{{ mirror_fqdn }}/{{ ansible_distribution | lower }}" package_mirror: "{{ http_or_https }}://{{ mirror_fqdn }}/{{ ansible_distribution | lower }}"

27
test-playbooks/base-roles/configure-mirrors.yaml
View File

@ -1,4 +1,4 @@
- name: Test the configure-mirrors role - name: Test the configure-mirrors role with http
hosts: all hosts: all
roles: roles:
- role: configure-mirrors - role: configure-mirrors
@ -9,7 +9,30 @@
set_fact: set_fact:
emacs_package: app-editors/emacs emacs_package: app-editors/emacs
when: ansible_distribution == 'Gentoo' when: ansible_distribution == 'Gentoo'
- name: Install a package to sanity check the mirror configuration - name: Install a package to sanity check the http mirror configuration
package:
name: "{{ emacs_package | default('emacs') }}"
state: "present"
become: yes
- name: Test the configure-mirrors role with https
hosts: all
roles:
- role: configure-mirrors
mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
mirror_use_ssl: True
set_apt_mirrors_trusted: True
post_tasks:
- name: Set emacs package fact for gentoo
set_fact:
emacs_package: app-editors/emacs
when: ansible_distribution == 'Gentoo'
- name: Remove existing emacs package install
package:
name: "{{ emacs_package | default('emacs') }}"
state: "absent"
become: yes
- name: Install a package to sanity check the https mirror configuration
package: package:
name: "{{ emacs_package | default('emacs') }}" name: "{{ emacs_package | default('emacs') }}"
state: "present" state: "present"