From 068cbb7263bcc8fcf93e5df19116de77d69d68ec Mon Sep 17 00:00:00 2001
From: Eugene Zamriy <ezamriy@msvsphere-os.ru>
Date: Sat, 16 Dec 2023 00:45:54 +0300
Subject: [PATCH] Adds koji_cli role

---
 roles/koji_cli/README.md               | 36 ++++++++++++++
 roles/koji_cli/defaults/main.yml       |  6 +++
 roles/koji_cli/meta/argument_specs.yml | 35 +++++++++++++
 roles/koji_cli/meta/main.yml           | 15 ++++++
 roles/koji_cli/tasks/main.yml          | 68 ++++++++++++++++++++++++++
 5 files changed, 160 insertions(+)
 create mode 100644 roles/koji_cli/README.md
 create mode 100644 roles/koji_cli/defaults/main.yml
 create mode 100644 roles/koji_cli/meta/argument_specs.yml
 create mode 100644 roles/koji_cli/meta/main.yml
 create mode 100644 roles/koji_cli/tasks/main.yml

diff --git a/roles/koji_cli/README.md b/roles/koji_cli/README.md
new file mode 100644
index 0000000..87bae2a
--- /dev/null
+++ b/roles/koji_cli/README.md
@@ -0,0 +1,36 @@
+# msvsphere.ci.koji_cli
+
+An Ansible role that installs and configures Koji CLI tools.
+
+## Variables
+
+| Variable          | Default value | Type | Description               | Required |
+| ----------------- | ------------- | ---- | ------------------------- | -------- |
+| koji_domain_name  |               | str  | Koji server domain name.  | yes      |
+| koji_cli_user     |               | str  | Koji CLI tools user name. | no       |
+| koji_profile      | "koji"        | str  | Koji profile name.        | no       |
+| koji_ca_cert_path |               | str  | Koji CA certificate path. | no       |
+| koji_topdir       | "/mnt/koji"   | str  | Koji top directory path.  | no       |
+
+If `koji_cli_user` is omitted, the role will modify the system-wide configuration
+file `/etc/koji.conf`, otherwise, a configuration file will be generated for the
+specified user.
+
+## Example playbook
+
+```yaml
+---
+- hosts: all
+  roles:
+    - role: msvsphere.ci.koji_cli
+      koji_domain_name: 'build.msvsphere.test'
+      koji_ca_cert_path: '/etc/pki/koji/koji-ca.crt'
+```
+
+## License
+
+MIT.
+
+## Authors
+
+* [Eugene Zamriy](mailto:ezamriy@msvsphere-os.ru)
diff --git a/roles/koji_cli/defaults/main.yml b/roles/koji_cli/defaults/main.yml
new file mode 100644
index 0000000..092efec
--- /dev/null
+++ b/roles/koji_cli/defaults/main.yml
@@ -0,0 +1,6 @@
+---
+koji_domain_name:
+koji_cli_user:
+koji_profile: 'koji'
+koji_ca_cert_path:
+koji_topdir: '/mnt/koji'
diff --git a/roles/koji_cli/meta/argument_specs.yml b/roles/koji_cli/meta/argument_specs.yml
new file mode 100644
index 0000000..487aa8a
--- /dev/null
+++ b/roles/koji_cli/meta/argument_specs.yml
@@ -0,0 +1,35 @@
+---
+argument_specs:
+  main:
+    short_description: A role that installs and configures Koji CLI tools.
+    author: Eugene Zamriy
+    version_added: '0.1.4'
+    options:
+      koji_domain_name:
+        description: Koji server domain name.
+        type: str
+        required: true
+
+      koji_cli_user:
+        description:
+          - Koji CLI tools user name.
+          - If omitted, the system-wide configuration file /etc/koji.conf will be updated.
+        type: 'str'
+        required: false
+
+      koji_profile:
+        description: Koji profile name.
+        default: 'koji'
+        type: 'str'
+        required: false
+
+      koji_ca_cert_path:
+        description: Koji CA certificate path.
+        type: 'str'
+        required: false
+
+      koji_topdir:
+        description: Koji top directory path.
+        default: '/mnt/koji'
+        type: 'str'
+        required: false
diff --git a/roles/koji_cli/meta/main.yml b/roles/koji_cli/meta/main.yml
new file mode 100644
index 0000000..008e7f7
--- /dev/null
+++ b/roles/koji_cli/meta/main.yml
@@ -0,0 +1,15 @@
+---
+galaxy_info:
+  author: Eugene Zamriy
+  description: A role that installs and configures Koji CLI tools.
+  company: Softline PJSC
+  license: MIT
+  min_ansible_version: 2.13
+  platforms:
+    - name: EL
+      versions:
+        - "9"
+  galaxy_tags:
+    - koji
+
+dependencies: []
diff --git a/roles/koji_cli/tasks/main.yml b/roles/koji_cli/tasks/main.yml
new file mode 100644
index 0000000..236529f
--- /dev/null
+++ b/roles/koji_cli/tasks/main.yml
@@ -0,0 +1,68 @@
+---
+- name: Check if required variables are defined
+  ansible.builtin.fail:
+    msg: "{{ item }} is not defined or empty"
+  when: |
+    (vars[item] is undefined)
+    or (vars[item] is none)
+    or (vars[item] | trim | length == 0)    
+  with_items:
+    - koji_domain_name
+    - koji_profile
+    - koji_topdir
+
+- name: Install Koji client
+  ansible.builtin.dnf:
+    name: koji
+    state: installed
+
+- block:
+    - name: Configure system-wide Koji client
+      community.general.ini_file:
+        path: /etc/koji.conf
+        section: "{{ koji_profile }}"
+        option: "{{ item.key }}"
+        value: "{{ item.value }}"
+      with_items: "{{ config_vars | selectattr('value') }}"
+      when: not koji_cli_user
+    
+    - name: Configure per user Koji client
+      block:
+        - name: Get Koji client user information
+          ansible.builtin.getent:
+            database: passwd
+            key: "{{ koji_cli_user }}"
+
+        - name: Get user group information
+          ansible.builtin.getent:
+            database: group
+            key: "{{ getent_passwd[koji_cli_user][2]}}"
+
+        - name: Create user ~/.koji directory
+          ansible.builtin.file:
+            path: "{{ (getent_passwd[koji_cli_user][4], '.koji') | path_join }}"
+            state: directory
+            owner: "{{ koji_cli_user }}"
+            group: "{{ getent_group | first }}"
+            mode: '0700'
+
+        - name: Configure user Koji client
+          community.general.ini_file:
+            path: "{{ (getent_passwd[koji_cli_user][4], '.koji', 'config') | path_join }}"
+            section: "{{ koji_profile }}"
+            option: "{{ item.key }}"
+            value: "{{ item.value }}"
+            owner: "{{ koji_cli_user }}"
+            group: "{{ getent_group | first }}"
+            mode: '0600'
+          with_items: "{{ config_vars | selectattr('value') }}"
+      when: koji_cli_user
+  vars:
+    config_vars:
+      - { key: 'authtype', value: 'kerberos' }
+      - { key: 'server', value: "https://{{ koji_domain_name }}/kojihub" }
+      - { key: 'weburl', value: "https://{{ koji_domain_name }}/koji" }
+      - { key: 'topurl', value: "https://{{ koji_domain_name }}/kojifiles" }
+      - { key: 'topdir', value: "{{ koji_topdir }}" }
+      - { key: 'serverca', value: "{{ koji_ca_cert_path}}" }
+ 
\ No newline at end of file