You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ansible-msvsphere.ci/roles/koji_builder/tasks/main.yml

98 lines
3.0 KiB

---
- name: Check if required variables are defined
ansible.builtin.fail:
msg: "{{ item }} is not defined or empty"
when: |
(vars[item] is undefined)
or (vars[item] is none)
or (vars[item] | trim | length == 0)
with_items:
- koji_domain_name
- koji_kerberos_realm
- koji_builder_git_server_url
- koji_builder_storage_url
- koji_builder_storage_proto
- koji_builder_principal
- koji_builder_keytab
- koji_builder_distribution
- koji_builder_packager
- koji_builder_vendor
- name: Create /mnt/koji directory
ansible.builtin.file:
path: /mnt/koji
state: directory
owner: root
group: root
mode: '0755'
- block:
- name: Install nfs-utils
ansible.builtin.dnf:
name: nfs-utils
state: installed
- name: Mount /mnt/koji NFS directory
ansible.posix.mount:
src: "{{ koji_domain_name }}:/mnt/koji"
path: /mnt/koji
fstype: nfs4
opts: ro
state: mounted
when: koji_builder_nfs_mount
- name: Add Koji CA certificate to system
ansible.builtin.file:
src: "{{ koji_builder_ca_cert_path }}"
dest: /etc/pki/ca-trust/source/anchors/koji-ca.crt
state: link
register: koji_builder_ca_anchor
- name: Trust Koji CA certificate
command: update-ca-trust extract
when: koji_builder_ca_anchor.changed
notify:
- restart kojid
- name: Install koji-builder
ansible.builtin.dnf:
name: koji-builder
state: present
# TODO: add FreeIPA support
- name: Generate koji-builder principal keytab
ansible.builtin.include_role:
name: msvsphere.ci.kerberos_principal
vars:
kerberos_principal_name: "{{ koji_builder_principal }}"
kerberos_principal_keytab_path: "{{ koji_builder_keytab }}"
- name: Configure kojid
community.general.ini_file:
path: /etc/kojid/kojid.conf
section: kojid
option: "{{ item.key }}"
value: "{{ item.value }}"
with_items:
- { key: 'server', value: "https://{{ koji_domain_name }}/kojihub" }
- { key: 'topurl', value: "https://{{ koji_domain_name }}/kojifiles" }
- { key: 'topdir', value: '/mnt/koji' }
- { key: 'workdir', value: '/tmp/koji' }
- { key: 'allowed_scms', value: "{{ koji_builder_git_server_url }}:/*:false:inferitpkg-get-sources,--storage-proto,{{ koji_builder_storage_proto }},--storage-url,{{ koji_builder_storage_url }}" }
- { key: 'krb_principal', value: "{{ koji_builder_principal }}" }
- { key: 'keytab', value: "{{ koji_builder_keytab }}" }
- { key: 'vendor', value: "{{ koji_builder_vendor }}" }
- { key: 'packager', value: "{{ koji_builder_packager }}" }
- { key: 'distribution', value: "{{ koji_builder_distribution }}" }
- { key: 'use_createrepo_c', value: 'True' }
# NOTE: this setting allows building i686 and x86_64 architectures in parallel
- { key: 'build_arch_can_fail', value: 'True' }
notify:
- restart kojid
- name: Enable and start kojid service
ansible.builtin.service:
name: kojid
enabled: true
state: started