From 93be2fd82e9062ec08a2728458501bcd1a4d35fa Mon Sep 17 00:00:00 2001 From: Paul Belanger Date: Tue, 4 Apr 2017 15:23:53 -0400 Subject: [PATCH] Add reprepro for docker Add the bits needed to mirror apt.dockerproject.org into openstack-infra. Change-Id: Id8b34407fcc5b1705f3db17a5fc26a4a79034baa Signed-off-by: Paul Belanger --- .../files/reprepro/debian-docker-updates | 7 ++++ .../files/reprepro/docker-mirror-gpg-key.asc | 29 +++++++++++++++++ modules/openstack_project/manifests/mirror.pp | 11 +++++++ .../manifests/mirror_update.pp | 32 +++++++++++++++++++ .../reprepro/distributions.debian-docker.erb | 12 +++++++ 5 files changed, 91 insertions(+) create mode 100644 modules/openstack_project/files/reprepro/debian-docker-updates create mode 100644 modules/openstack_project/files/reprepro/docker-mirror-gpg-key.asc create mode 100644 modules/openstack_project/templates/reprepro/distributions.debian-docker.erb diff --git a/modules/openstack_project/files/reprepro/debian-docker-updates b/modules/openstack_project/files/reprepro/debian-docker-updates new file mode 100644 index 0000000000..0b0db55d91 --- /dev/null +++ b/modules/openstack_project/files/reprepro/debian-docker-updates @@ -0,0 +1,7 @@ +Name: debian-docker +Method: https://apt.dockerproject.org/repo/ +Components: main +UDebComponents: main +Architectures: amd64 +GetInRelease: no +VerifyRelease: 0EBFCD88 diff --git a/modules/openstack_project/files/reprepro/docker-mirror-gpg-key.asc b/modules/openstack_project/files/reprepro/docker-mirror-gpg-key.asc new file mode 100644 index 0000000000..399c0d889c --- /dev/null +++ b/modules/openstack_project/files/reprepro/docker-mirror-gpg-key.asc @@ -0,0 +1,29 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFWln24BEADrBl5p99uKh8+rpvqJ48u4eTtjeXAWbslJotmC/CakbNSqOb9o +ddfzRvGVeJVERt/Q/mlvEqgnyTQy+e6oEYN2Y2kqXceUhXagThnqCoxcEJ3+KM4R +mYdoe/BJ/J/6rHOjq7Omk24z2qB3RU1uAv57iY5VGw5p45uZB4C4pNNsBJXoCvPn +TGAs/7IrekFZDDgVraPx/hdiwopQ8NltSfZCyu/jPpWFK28TR8yfVlzYFwibj5WK +dHM7ZTqlA1tHIG+agyPf3Rae0jPMsHR6q+arXVwMccyOi+ULU0z8mHUJ3iEMIrpT +X+80KaN/ZjibfsBOCjcfiJSB/acn4nxQQgNZigna32velafhQivsNREFeJpzENiG +HOoyC6qVeOgKrRiKxzymj0FIMLru/iFF5pSWcBQB7PYlt8J0G80lAcPr6VCiN+4c +NKv03SdvA69dCOj79PuO9IIvQsJXsSq96HB+TeEmmL+xSdpGtGdCJHHM1fDeCqkZ +hT+RtBGQL2SEdWjxbF43oQopocT8cHvyX6Zaltn0svoGs+wX3Z/H6/8P5anog43U +65c0A+64Jj00rNDr8j31izhtQMRo892kGeQAaaxg4Pz6HnS7hRC+cOMHUU4HA7iM +zHrouAdYeTZeZEQOA7SxtCME9ZnGwe2grxPXh/U/80WJGkzLFNcTKdv+rwARAQAB +tDdEb2NrZXIgUmVsZWFzZSBUb29sIChyZWxlYXNlZG9ja2VyKSA8ZG9ja2VyQGRv +Y2tlci5jb20+iQI4BBMBAgAiBQJVpZ9uAhsvBgsJCAcDAgYVCAIJCgsEFgIDAQIe +AQIXgAAKCRD3YiFXLFJgnbRfEAC9Uai7Rv20QIDlDogRzd+Vebg4ahyoUdj0CH+n +Ak40RIoq6G26u1e+sdgjpCa8jF6vrx+smpgd1HeJdmpahUX0XN3X9f9qU9oj9A4I +1WDalRWJh+tP5WNv2ySy6AwcP9QnjuBMRTnTK27pk1sEMg9oJHK5p+ts8hlSC4Sl +uyMKH5NMVy9c+A9yqq9NF6M6d6/ehKfBFFLG9BX+XLBATvf1ZemGVHQusCQebTGv +0C0V9yqtdPdRWVIEhHxyNHATaVYOafTj/EF0lDxLl6zDT6trRV5n9F1VCEh4Aal8 +L5MxVPcIZVO7NHT2EkQgn8CvWjV3oKl2GopZF8V4XdJRl90U/WDv/6cmfI08GkzD +YBHhS8ULWRFwGKobsSTyIvnbk4NtKdnTGyTJCQ8+6i52s+C54PiNgfj2ieNn6oOR +7d+bNCcG1CdOYY+ZXVOcsjl73UYvtJrO0Rl/NpYERkZ5d/tzw4jZ6FCXgggA/Zxc +jk6Y1ZvIm8Mt8wLRFH9Nww+FVsCtaCXJLP8DlJLASMD9rl5QS9Ku3u7ZNrr5HWXP +HXITX660jglyshch6CWeiUATqjIAzkEQom/kEnOrvJAtkypRJ59vYQOedZ1sFVEL +MXg2UCkD/FwojfnVtjzYaTCeGwFQeqzHmM241iuOmBYPeyTY5veF49aBJA1gEJOQ +TvBR8Q== +=Fm3p +-----END PGP PUBLIC KEY BLOCK----- diff --git a/modules/openstack_project/manifests/mirror.pp b/modules/openstack_project/manifests/mirror.pp index 65c0db6368..af5906cda7 100644 --- a/modules/openstack_project/manifests/mirror.pp +++ b/modules/openstack_project/manifests/mirror.pp @@ -196,6 +196,17 @@ class openstack_project::mirror ( ] } + # Create the symlink to deb-docker. + file { "${www_root}/deb-docker": + ensure => link, + target => "${mirror_root}/deb-docker", + owner => root, + group => root, + require => [ + File["${www_root}"], + ] + } + # TODO(pabelanger): We can remove this after puppet runs a few times. file { "${www_root}/mariadb": ensure => absent, diff --git a/modules/openstack_project/manifests/mirror_update.pp b/modules/openstack_project/manifests/mirror_update.pp index fc315932de..6e4f918c5a 100644 --- a/modules/openstack_project/manifests/mirror_update.pp +++ b/modules/openstack_project/manifests/mirror_update.pp @@ -258,6 +258,38 @@ class openstack_project::mirror_update ( key_source => 'puppet:///modules/openstack_project/reprepro/ceph-mirror-gpg-key.asc', } + ## Docker APT mirror + ::openstack_project::reprepro { 'debian-docker-reprepro-mirror': + confdir => '/etc/reprepro/debian-docker', + basedir => '/afs/.openstack.org/mirror/deb-docker', + distributions => 'openstack_project/reprepro/distributions.debian-docker.erb', + updates_file => 'puppet:///modules/openstack_project/reprepro/debian-docker-updates', + releases => ['xenial'], + } + + cron { 'reprepro debian docker': + user => $user, + hour => '*/2', + minute => '0', + command => 'flock -n /var/run/reprepro/debian-docker.lock reprepro-mirror-update /etc/reprepro/debian-docker mirror.deb-docker >>/var/log/reprepro/debian-docker-mirror.log 2>&1', + environment => 'PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin', + require => [ + File['/usr/local/bin/reprepro-mirror-update'], + File['/etc/afsadmin.keytab'], + File['/etc/reprepro.keytab'], + ::Openstack_project::Reprepro['debian-docker-reprepro-mirror'], + ] + } + + gnupg_key { 'Docker Archive': + ensure => present, + # 9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88 + key_id => '0EBFCD88', + user => 'root', + key_type => 'public', + key_source => 'puppet:///modules/openstack_project/reprepro/docker-mirror-gpg-key.asc', + } + ### CentOS mirror ### file { '/etc/centos.keytab': owner => 'root', diff --git a/modules/openstack_project/templates/reprepro/distributions.debian-docker.erb b/modules/openstack_project/templates/reprepro/distributions.debian-docker.erb new file mode 100644 index 0000000000..aa09f1810a --- /dev/null +++ b/modules/openstack_project/templates/reprepro/distributions.debian-docker.erb @@ -0,0 +1,12 @@ +<% @releases.each do |release| -%> +Origin: Docker +Codename: <%= release %> +Description: Docker <%= release.capitalize %> mirror +Architectures: amd64 source +Components: main +UDebComponents: main +Contents: .gz +Update: debian-docker +Log: <%= @logdir %>/debian-docker-<%= release %>.log + +<% end -%>