You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
101 lines
3.0 KiB
101 lines
3.0 KiB
---
|
|
- name: Check if required variables are defined
|
|
ansible.builtin.fail:
|
|
msg: "{{ item }} is not defined or empty"
|
|
when: |
|
|
(vars[item] is undefined)
|
|
or (vars[item] is none)
|
|
or (vars[item] | trim | length == 0)
|
|
with_items:
|
|
- koji_domain_name
|
|
- koji_kerberos_realm
|
|
- koji_builder_git_server_url
|
|
- koji_builder_storage_url
|
|
- koji_builder_storage_proto
|
|
- koji_builder_principal
|
|
- koji_builder_keytab
|
|
- koji_builder_distribution
|
|
- koji_builder_packager
|
|
- koji_builder_vendor
|
|
|
|
- name: Create /mnt/koji directory
|
|
ansible.builtin.file:
|
|
path: /mnt/koji
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '0755'
|
|
|
|
- block:
|
|
- name: Install nfs-utils
|
|
ansible.builtin.dnf:
|
|
name: nfs-utils
|
|
state: installed
|
|
|
|
- name: Mount /mnt/koji NFS directory
|
|
ansible.posix.mount:
|
|
src: "{{ koji_domain_name }}:/mnt/koji"
|
|
path: /mnt/koji
|
|
fstype: nfs4
|
|
opts: ro
|
|
state: mounted
|
|
when: koji_builder_nfs_mount
|
|
|
|
- name: Add Koji CA certificate to system
|
|
ansible.builtin.file:
|
|
src: "{{ koji_builder_ca_cert_path }}"
|
|
dest: /etc/pki/ca-trust/source/anchors/koji-ca.crt
|
|
state: link
|
|
register: koji_builder_ca_anchor
|
|
|
|
- name: Trust Koji CA certificate
|
|
command: update-ca-trust extract
|
|
when: koji_builder_ca_anchor.changed
|
|
notify:
|
|
- restart kojid
|
|
|
|
- name: Install koji-builder
|
|
ansible.builtin.dnf:
|
|
name: koji-builder
|
|
state: present
|
|
|
|
# TODO: add FreeIPA support
|
|
- name: Generate koji-builder principal keytab
|
|
ansible.builtin.include_role:
|
|
name: msvsphere.ci.kerberos_principal
|
|
vars:
|
|
kerberos_principal_name: "{{ koji_builder_principal }}"
|
|
kerberos_principal_keytab_path: "{{ koji_builder_keytab }}"
|
|
|
|
- name: Configure kojid
|
|
community.general.ini_file:
|
|
path: /etc/kojid/kojid.conf
|
|
section: kojid
|
|
option: "{{ item.key }}"
|
|
value: "{{ item.value }}"
|
|
with_items:
|
|
- { key: 'server', value: "https://{{ koji_domain_name }}/kojihub" }
|
|
- { key: 'topurl', value: "https://{{ koji_domain_name }}/kojifiles" }
|
|
- { key: 'topdir', value: '/mnt/koji' }
|
|
- { key: 'workdir', value: '/tmp/koji' }
|
|
- { key: 'allowed_scms', value: "{{ koji_builder_git_server_url }}:/*:false:inferitpkg-get-sources,--storage-proto,{{ koji_builder_storage_proto }},--storage-url,{{ koji_builder_storage_url }}" }
|
|
- { key: 'krb_principal', value: "{{ koji_builder_principal }}" }
|
|
- { key: 'keytab', value: "{{ koji_builder_keytab }}" }
|
|
- { key: 'vendor', value: "{{ koji_builder_vendor }}" }
|
|
- { key: 'packager', value: "{{ koji_builder_packager }}" }
|
|
- { key: 'distribution', value: "{{ koji_builder_distribution }}" }
|
|
- { key: 'use_createrepo_c', value: 'True' }
|
|
# NOTE: this setting allows building i686 and x86_64 architectures in parallel
|
|
- { key: 'build_arch_can_fail', value: 'True' }
|
|
notify:
|
|
- restart kojid
|
|
|
|
- name: Configure mock
|
|
import_tasks: mock.yml
|
|
|
|
- name: Enable and start kojid service
|
|
ansible.builtin.service:
|
|
name: kojid
|
|
enabled: true
|
|
state: started
|