| |
@@ -1,148 +0,0 @@
|
| |
- ---
|
| |
- - name: Build a fedora cloud image suitable for Zuul
|
| |
- hosts: localhost
|
| |
- vars:
|
| |
- image_url: "http://mirror.in2p3.fr/pub/fedora/linux/releases/30/Cloud/x86_64/images/Fedora-Cloud-Base-30-1.2.x86_64.qcow2"
|
| |
- image_checksum: "sha256:72b6ae7b4ed09a4dccd6e966e1b3ac69bd97da419de9760b410e837ba00b4e26"
|
| |
- image_cache_file: "/var/cache/nodepool/Fedora-Cloud-Base-30-1.2.x86_64.qcow2"
|
| |
- image_cache_dir: "/var/cache/nodepool"
|
| |
- image_tmp_dir: "/var/tmp/{{ image_output | basename }}"
|
| |
- extra_packages:
|
| |
- # For validate-host and prepare-workspace
|
| |
- - traceroute
|
| |
- - iproute
|
| |
- - git
|
| |
- - rsync
|
| |
- # Extra system tools
|
| |
- - pigz
|
| |
- - bridge-utils
|
| |
- - wget
|
| |
- - unzip
|
| |
- # Basic CI tools
|
| |
- - make
|
| |
- - gcc
|
| |
- - patch
|
| |
- # RPM building tools
|
| |
- - redhat-lsb-core
|
| |
- - redhat-rpm-config
|
| |
- - rpm-build
|
| |
- - rpm-sign
|
| |
- - rpmlint
|
| |
- - createrepo
|
| |
- - gnupg2
|
| |
- - expect
|
| |
- - libselinux-python
|
| |
- # Devel libraries
|
| |
- - libffi-devel
|
| |
- - libpcap-devel
|
| |
- - libseccomp-devel
|
| |
- - libxml2-devel
|
| |
- - libxslt-devel
|
| |
- - mariadb-devel
|
| |
- - openldap-devel
|
| |
- - openssl-devel
|
| |
- - python-devel
|
| |
- - readline-devel
|
| |
- - ruby-devel
|
| |
- - systemd-devel
|
| |
- - zlib-devel
|
| |
- # Python
|
| |
- - PyYAML
|
| |
- - python-virtualenv
|
| |
- - python-six
|
| |
- # Haskell
|
| |
- - hlint
|
| |
- tasks:
|
| |
- - name: Ensure libvirt is started
|
| |
- service:
|
| |
- name: libvirtd
|
| |
- state: started
|
| |
-
|
| |
- - name: Check if image is already downloaded
|
| |
- stat:
|
| |
- path: "{{ image_cache_file }}"
|
| |
- get_checksum: no
|
| |
- register: _image_cache_file_stat
|
| |
-
|
| |
- - name: Download if checksum doesn't match
|
| |
- get_url:
|
| |
- url: "{{ image_url }}"
|
| |
- dest: "{{ image_cache_file }}"
|
| |
- checksum: "{{ image_checksum }}"
|
| |
- when: not _image_cache_file_stat.stat.exists
|
| |
-
|
| |
- - name: Update the cache
|
| |
- command: "virt-customize -m 1024 -a {{ image_cache_file }} --update"
|
| |
-
|
| |
- - name: Customize the image for zuul ci
|
| |
- block:
|
| |
- - name: Create tmp directory
|
| |
- file:
|
| |
- path: "{{ image_tmp_dir }}"
|
| |
- state: directory
|
| |
- mode: 0755
|
| |
-
|
| |
- - name: Set filename copy fact
|
| |
- set_fact:
|
| |
- image_file: "{{ image_tmp_dir }}/{{ image_cache_file | basename }}"
|
| |
-
|
| |
- - name: Copy the image
|
| |
- copy:
|
| |
- src: "{{ image_cache_file }}"
|
| |
- dest: "{{ image_file }}"
|
| |
- remote_src: true
|
| |
- mode: 0644
|
| |
-
|
| |
- - name: Prepare the sudoers file
|
| |
- copy:
|
| |
- content: |
|
| |
- Defaults !requiretty
|
| |
- zuul-worker ALL=(ALL) NOPASSWD:ALL
|
| |
- dest: "{{ image_tmp_dir }}/zuul"
|
| |
-
|
| |
- - name: Prepare the authorized_keys file
|
| |
- copy:
|
| |
- src: /var/lib/nodepool/.ssh/zuul_rsa.pub
|
| |
- dest: "{{ image_tmp_dir }}/authorized_keys"
|
| |
- remote_src: true
|
| |
-
|
| |
- - name: Customize the image
|
| |
- command: >-
|
| |
- virt-customize -m 1024 -a {{ image_file }}
|
| |
- {# Ensure zuul user exists #}
|
| |
- --run-command 'adduser -m zuul-worker'
|
| |
- {# Setup authorized_keys #}
|
| |
- --mkdir '/home/zuul-worker/.ssh'
|
| |
- --chmod '0700:/home/zuul-worker/.ssh'
|
| |
- --copy-in '{{ image_tmp_dir }}/authorized_keys:/home/zuul-worker/.ssh/'
|
| |
- --chmod '0600:/home/zuul-worker/.ssh/authorized_keys'
|
| |
- --run-command 'chown -R zuul-worker:zuul-worker /home/zuul-worker/.ssh/'
|
| |
- {# Setup sudoers file #}
|
| |
- --copy-in '{{ image_tmp_dir }}/zuul:/etc/sudoers.d/'
|
| |
- --chmod '0440:/etc/sudoers.d/zuul'
|
| |
- {# Install extra packages #}
|
| |
- --install '{{ extra_packages | join(',') }}'
|
| |
- {# Disable IPv6 because rdo-cloud does not route v6 #}
|
| |
- --append-line '/etc/sysctl.conf:net.ipv6.conf.all.disable_ipv6 = 1'
|
| |
- --append-line '/etc/sysctl.conf:net.ipv6.conf.default.disable_ipv6 = 1'
|
| |
- --append-line '/etc/sysconfig/network:IPV6INIT=no'
|
| |
- --append-line '/etc/sysconfig/network:IPV6_AUTOCONF=no'
|
| |
- --append-line '/etc/sysconfig/network:IPV6_DEFROUTE=no'
|
| |
- {# Ensure yum is only resolve using ipv4 #}
|
| |
- --append-line '/etc/yum.conf:ip_resolve=4'
|
| |
- {# Ensure selinux labels are correct #}
|
| |
- --selinux-relabel
|
| |
-
|
| |
- - name: Create raw file
|
| |
- command: "qemu-img convert -O raw {{ image_file }} {{ image_output }}.raw"
|
| |
- when: raw_type | default(False) | bool
|
| |
-
|
| |
- - name: Create qcow file
|
| |
- command: "mv {{ image_file }} {{ image_output }}.qcow2"
|
| |
- when: qcow2_type | default(False) | bool
|
| |
-
|
| |
- always:
|
| |
- - name: Remove tmp directory
|
| |
- file:
|
| |
- path: "{{ image_tmp_dir }}"
|
| |
- state: absent
|
| |