4f117bcecc
Add tasks to the rename_repos utility playbook for moving the per-project secrets and ssh keys on the zuul scheduler's filesystem, creating new namespace parent directories if they don't already exist. Change-Id: Iccce53953d5829bd4eb5fe4c33c9d2f195ae825c
150 lines
4.5 KiB
YAML
150 lines
4.5 KiB
YAML
- hosts: review
|
|
gather_facts: False
|
|
remote_user: root
|
|
tasks:
|
|
|
|
- include_vars: "{{ repolist }}"
|
|
|
|
- name: Stop Gerrit
|
|
shell: invoke-rc.d gerrit stop
|
|
|
|
- name: Update account_project_watches in gerrit database
|
|
shell: echo 'update account_project_watches set project_name = "{{ item.new }}" where project_name = "{{ item.old }}";' | mysql --defaults-file=/root/.gerrit_db.cnf reviewdb
|
|
with_items: "{{ repos }}"
|
|
|
|
- name: Update changes in gerrit database
|
|
shell: echo 'update changes set dest_project_name = "{{ item.new }}", created_on = created_on where dest_project_name = "{{ item.old }}";' | mysql --defaults-file=/root/.gerrit_db.cnf reviewdb
|
|
with_items: "{{ repos }}"
|
|
|
|
- name: Make organization dir
|
|
file:
|
|
state: directory
|
|
path: "{{ (item[0] + item[1].new) | dirname }}"
|
|
group: gerrit2
|
|
owner: gerrit2
|
|
mode: 0755
|
|
with_nested:
|
|
- [ '~gerrit2/review_site/git/', '/opt/lib/git/' ]
|
|
- "{{ repos }}"
|
|
|
|
- name: Rename git repos on gerrit
|
|
shell: mv {{ item[0] }}{{ item[1].old }}.git {{ item[0] }}{{ item[1].new }}.git
|
|
with_nested:
|
|
- [ '~gerrit2/review_site/git/', '/opt/lib/git/' ]
|
|
- "{{ repos }}"
|
|
|
|
- hosts: gitea
|
|
gather_facts: False
|
|
vars:
|
|
gitea_url: https://localhost:3000
|
|
tasks:
|
|
- name: Get a CSRF token
|
|
uri:
|
|
url: "{{ gitea_url }}/"
|
|
validate_certs: false
|
|
user: root
|
|
password: "{{ gitea_root_password }}"
|
|
force_basic_auth: true
|
|
register: gitea_token
|
|
- name: Parse CSRF taken
|
|
set_fact:
|
|
gitea_token: "{{ gitea_token.cookies._csrf|regex_replace('%3D','=') }}"
|
|
- name: Move gitea repo
|
|
include_tasks: gitea-rename-tasks.yaml
|
|
loop: "{{ repos }}"
|
|
loop_control:
|
|
loop_var: repo
|
|
|
|
- hosts: storyboard-dev
|
|
gather_facts: False
|
|
remote_user: root
|
|
tasks:
|
|
|
|
- include_vars: "{{ repolist }}"
|
|
|
|
- name: Rename projects in storyboard
|
|
shell: echo 'update projects set name="{{ item.new }}" where name="{{ item.old }}";' | mysql --defaults-file=/etc/mysql/debian.cnf storyboard
|
|
with_items: "{{ repos }}"
|
|
# We don't want to be blocked by errors on the dev server.
|
|
ignore_errors: yes
|
|
|
|
- hosts: storyboard
|
|
gather_facts: False
|
|
remote_user: root
|
|
tasks:
|
|
|
|
- include_vars: "{{ repolist }}"
|
|
|
|
- name: Rename projects in storyboard
|
|
shell: echo 'update projects set name="{{ item.new }}" where name="{{ item.old }}";' | mysql --defaults-file=/etc/mysql/debian.cnf storyboard
|
|
with_items: "{{ repos }}"
|
|
|
|
- hosts: zuul-scheduler
|
|
gather_facts: False
|
|
remote_user: root
|
|
tasks:
|
|
|
|
- include_vars: "{{ repolist }}"
|
|
|
|
- name: Make organization dirs
|
|
file:
|
|
state: directory
|
|
path: "{{ (item[0] + item[1].new) | dirname }}"
|
|
group: zuul
|
|
owner: zuul
|
|
mode: 0755
|
|
with_nested:
|
|
- [ '/var/lib/zuul/keys/secrets/project/gerrit/', '/var/lib/zuul/keys/ssh/project/gerrit/' ]
|
|
- "{{ repos }}"
|
|
|
|
- name: Rename keys on Zuul
|
|
shell: mv {{ item[0] }}{{ item[1].old }} {{ item[0] }}{{ item[1].new }}
|
|
with_nested:
|
|
- [ '/var/lib/zuul/keys/secrets/project/gerrit/', '/var/lib/zuul/keys/ssh/project/gerrit/' ]
|
|
- "{{ repos }}"
|
|
|
|
- hosts: review
|
|
gather_facts: False
|
|
remote_user: root
|
|
become: yes
|
|
become_user: gerrit2
|
|
tasks:
|
|
|
|
- name: Make backup of gerrit index
|
|
shell: cp -ax /home/gerrit2/review_site/index /home/gerrit2/index.backup.$(date +%s)
|
|
|
|
- hosts: review
|
|
gather_facts: False
|
|
remote_user: root
|
|
tasks:
|
|
|
|
- name: Start gerrit
|
|
shell: invoke-rc.d gerrit start
|
|
|
|
- hosts: review
|
|
gather_facts: False
|
|
remote_user: root
|
|
become: yes
|
|
become_user: gerrit2
|
|
tasks:
|
|
|
|
- include_vars: "{{ repolist }}"
|
|
|
|
# TODO: Replace this with a wait_for?
|
|
- pause:
|
|
prompt: "Make sure that Gerrit ssh api is accepting requests. Use Enter or ^C c to continue. ^C a to abort."
|
|
|
|
- name: Set base ssh command fact
|
|
set_fact:
|
|
gerrit_ssh_command: ssh -p 29418 -i /home/gerrit2/review_site/etc/ssh_project_rsa_key openstack-project-creator@review.opendev.org gerrit
|
|
|
|
- name: Rename groups in gerrit
|
|
shell: "{{ gerrit_ssh_command }} rename-group {{ item.old }} {{ item.new }}"
|
|
with_items: "{{ gerrit_groups|default([]) }}"
|
|
|
|
- name: Start online reindex of accounts
|
|
shell: "{{ gerrit_ssh_command }} index start accounts --force"
|
|
|
|
- name: Start online reindex of changes
|
|
shell: "{{ gerrit_ssh_command }} index start changes --force"
|