112 lines
3.6 KiB
YAML
112 lines
3.6 KiB
YAML
- hosts: localhost
|
|
gather_facts: false
|
|
tasks:
|
|
- name: Generate ZooKeeper certs
|
|
shell: |
|
|
/var/zuul-tools/zk-ca.sh /var/certs examples_zk_1.examples_default
|
|
chmod -R a+rX /var/certs
|
|
- name: Wait for Gerrit to start
|
|
wait_for:
|
|
host: gerrit
|
|
port: 29418
|
|
- name: Generate admin SSH key for Gerrit
|
|
command: ssh-keygen -f /var/ssh/admin -N ''
|
|
args:
|
|
creates: /var/ssh/admin.pub
|
|
- name: Generate Zuul SSH key for Gerrit
|
|
command: ssh-keygen -f /var/ssh/zuul -N '' -t rsa -m PEM
|
|
args:
|
|
creates: /var/ssh/zuul.pub
|
|
- name: Generate Zuul SSH key for Nodepool
|
|
command: ssh-keygen -f /var/ssh/nodepool -N '' -t rsa -m PEM
|
|
args:
|
|
creates: /var/ssh/nodepool.pub
|
|
- name: Add Nodepool key to node authorized_keys file
|
|
command: cp /var/ssh/nodepool.pub /var/node/authorized_keys
|
|
args:
|
|
creates: /var/node/authorized_keys
|
|
# The Gerrit container puts up a helpful info page the first time
|
|
# you hit the web server; get past that.
|
|
- name: Get Gerrit first login screen
|
|
uri:
|
|
url: http://gerrit:8080/a/accounts/self/sshkeys
|
|
method: GET
|
|
user: admin
|
|
password: secret
|
|
ignore_errors: true
|
|
- name: Add admin SSH key to Gerrit
|
|
uri:
|
|
url: http://gerrit:8080/a/accounts/self/sshkeys
|
|
method: POST
|
|
user: admin
|
|
password: secret
|
|
body: "{{ lookup('file', '/var/ssh/admin.pub') }}"
|
|
status_code: 201
|
|
HEADER_Content-Type: text/plain
|
|
|
|
- name: Create temp dir for Gerrit config update
|
|
shell: mktemp -d
|
|
register: gerrit_tmp
|
|
- name: Set All-Project repo location
|
|
set_fact:
|
|
all_projects_repo: "{{ gerrit_tmp.stdout }}/All-Projects"
|
|
- name: Checkout All-Projects config
|
|
git:
|
|
repo: ssh://gerrit:29418/All-Projects/
|
|
ssh_opts: "-o StrictHostKeyChecking=no -i /var/ssh/admin -l admin"
|
|
dest: "{{ all_projects_repo }}"
|
|
refspec: '+refs/meta/config:refs/meta/config'
|
|
version: refs/meta/config
|
|
- name: Copy new All-Projects config into place
|
|
copy:
|
|
src: "/var/playbooks/project.config"
|
|
dest: "{{ all_projects_repo }}/project.config"
|
|
- name: Update All-Projects config in Gerrit
|
|
shell: |
|
|
git config user.email 'admin@example.com'
|
|
git commit -a -m 'update config'
|
|
git push http://admin:secret@gerrit:8080/All-Projects +HEAD:refs/meta/config
|
|
args:
|
|
chdir: "{{ all_projects_repo }}"
|
|
warn: false
|
|
|
|
- name: Create zuul-config project
|
|
include_role:
|
|
name: create_project
|
|
vars:
|
|
project: zuul-config
|
|
- name: Create test1 project
|
|
include_role:
|
|
name: create_project
|
|
vars:
|
|
project: test1
|
|
- name: Create test2 project
|
|
include_role:
|
|
name: create_project
|
|
vars:
|
|
project: test2
|
|
|
|
# The Zuul user is created last because it is an atomic operation
|
|
# which signals that Gerrit is ready for use and it is safe for
|
|
# the Zuul scheduler to start.
|
|
- name: Check if zuul user exists
|
|
uri:
|
|
url: http://gerrit:8080/accounts/zuul
|
|
status_code: 200, 404
|
|
register: zuul_user_check
|
|
- name: Create zuul Gerrit account
|
|
when: zuul_user_check.status==404
|
|
uri:
|
|
url: http://gerrit:8080/a/accounts/zuul
|
|
method: PUT
|
|
user: admin
|
|
password: secret
|
|
status_code: 201
|
|
body_format: json
|
|
body:
|
|
name: Zuul
|
|
ssh_key: "{{ lookup('file', '/var/ssh/zuul.pub') }}"
|
|
http_password: secret
|
|
groups:
|
|
- "Non-Interactive Users"
|