From 1952b31a715051f440f2e462368e8086262ca79c Mon Sep 17 00:00:00 2001 From: Paul Belanger Date: Tue, 17 Nov 2020 18:15:42 -0500 Subject: [PATCH] Add zuul-regsitry group Depends-On: https://review.opendev.org/763098 Depends-On: https://review.opendev.org/763069 Change-Id: I03430ac4793bbecbc152178506c228a6fe713e6d Signed-off-by: Paul Belanger --- ansible/group_vars/zuul-registry.yaml | 74 +++++++++++++++++++++++++++ ansible/hosts | 3 ++ zuul-registry/registry.yaml.j2 | 18 +++++++ 3 files changed, 95 insertions(+) create mode 100644 ansible/group_vars/zuul-registry.yaml create mode 100644 zuul-registry/registry.yaml.j2 diff --git a/ansible/group_vars/zuul-registry.yaml b/ansible/group_vars/zuul-registry.yaml new file mode 100644 index 0000000..3718e35 --- /dev/null +++ b/ansible/group_vars/zuul-registry.yaml @@ -0,0 +1,74 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +# windmill.zuul +zuul_registry_user_shell: /bin/bash + +zuul_registry_file_registry_yaml_src: "{{ windmill_config_git_dest }}/zuul-registry/registry.yaml.j2" + +zuul_registry_pip_virtualenv_python: python3 +zuul_registry_pip_virtualenv: /opt/venv/zuul-registry-untagged +zuul_registry_pip_virtualenv_symlink: /opt/venv/zuul-registry + +zuul_registry_file_ssl_cert_content: | + -----BEGIN CERTIFICATE----- + MIIDQTCCAikCCQDWIKrPJpjpMjANBgkqhkiG9w0BAQsFADBiMQswCQYDVQQGEwJV + UzEOMAwGA1UECAwFVGV4YXMxDzANBgNVBAcMBkF1c3RpbjEdMBsGA1UECgwUT3Bl + blN0YWNrIEZvdW5kYXRpb24xEzARBgNVBAMMCmdlYXJtYW4tY2EwHhcNMTgwMzI4 + MDIzNTAzWhcNMjgwMzI1MDIzNTAzWjBjMQswCQYDVQQGEwJVUzEOMAwGA1UECAwF + VGV4YXMxDzANBgNVBAcMBkF1c3RpbjEdMBsGA1UECgwUT3BlblN0YWNrIEZvdW5k + YXRpb24xFDASBgNVBAMMC3p1dWwtY2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOC + AQ8AMIIBCgKCAQEA0lHkUiVv+xKNgpXeWh/mEjxVBLvY9X0Jv+cIRnT2jgTIXzDT + An6g0pgfVOtXJ+Zg4wpcQgreJXI1dqHzYfGp5SfOCJz8UAzarp8ISR0Dmv5iD9yo + 0++XJcfYSMI8if95jORCg07VrwcaA3G+EqVCrEV43rzbt+lwNuqaXUsAZsawV1GX + pNKBGUkMGaKbgOn+tBMTsplsYEgZDL9CjdWyZrmjdXe+/G86KbmBvxTVHOpsjVLZ + v6JHuPd8i21d4cBdpvZq1OjHMP+wyVOCited0U0ACq2tDy/JG7IZxTe93nIXnzbB + bTQ8bJmDt5xS9wR4sobih+HFuSwL05rfrRVNQwIDAQABMA0GCSqGSIb3DQEBCwUA + A4IBAQBfB1Cf1rbeym5VGubIlYr3u+mrn1stHDhBANxzazNkmmHXER4z4fJPgkq0 + 8Nkq0YUptfQeJ1yoEpVHqLOGCyvgff8MWxuBEQXJXahvlbS2fV73gqWXFq/RFGoc + PDSH2WLPqcYHDx7+083q6YrjuJTGNNcJYCYf3R3+V90JGrfoKhi3OL31gkGzuZUl + QPkgA7AlYi8tLPThCPF/0RFTlp+6mRCeT30GkrjZ9521tV3H0vfFIhKO0vGuNhLh + zLSZhFOb11cvw3HHpeWuSiqbNjLHbNXi3vqQIuOb+eYncapTkFQafaBj3Ho4dhxP + EcoJZhxBAsiPa3u08rhLyXnCNKrf + -----END CERTIFICATE----- + +zuul_registry_file_ssl_key_content: | + -----BEGIN PRIVATE KEY----- + MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDSUeRSJW/7Eo2C + ld5aH+YSPFUEu9j1fQm/5whGdPaOBMhfMNMCfqDSmB9U61cn5mDjClxCCt4lcjV2 + ofNh8anlJ84InPxQDNqunwhJHQOa/mIP3KjT75clx9hIwjyJ/3mM5EKDTtWvBxoD + cb4SpUKsRXjevNu36XA26ppdSwBmxrBXUZek0oEZSQwZopuA6f60ExOymWxgSBkM + v0KN1bJmuaN1d778bzopuYG/FNUc6myNUtm/oke493yLbV3hwF2m9mrU6Mcw/7DJ + U4KK153RTQAKra0PL8kbshnFN73echefNsFtNDxsmYO3nFL3BHiyhuKH4cW5LAvT + mt+tFU1DAgMBAAECggEAJ+24JQhKfCYHi5UcQ4vux+OAWIe5JtH4OeCIp6eo70ll + KP1B8iVMLu8Gc77CKycHmdLrtPYPOpi2IbGZXSzeDk1CRkxXcnMeSSyUDB1gA9rr + jwtbWfEQhvGr1BRcHe7Mir0DC5653qLAg4rihPOu9rmxusesBvxge2yKpc+JYfla + Kue6tii1D9w8QVG69pBltVd5QmY+r8rTl3CxaagIkzi5OX8KfTb6X1ALfs/XWsTx + v2OypDJpK5oliCszLpQd437wXIQ9JDWRlglBOK0PXdYQ8SRj00veZYgoQBUlmmeX + HxE4voAl34oq5AUhJQxaUFmQb+OFPAvVbz2vDIJdYQKBgQD9X/YRfOdCRVI9ro6O + Qs+fsISJqO4nDK2IHKUAfIc/HIQ6cqxquUf53vLm/+N5rPy03E3lvNzvNJH82VPX + nNZZNKPLPcA+irMP1WfmvQLSFLAuRDL8iXsiSYp5WZwji5wahGjy49Etw+K+Swdp + +VmSvu4P71ynaxYV0P09vw13uwKBgQDUf7vdxMHSjFWysRONVuOX+N/XUmSXoLCD + JZfKw4rldTnN3gp/A0xLpM4zZjJsdg3N/QlbDhDUYZjKa1ifSyRxLOJTTs15SoSj + rUm8cCp4onPGo8L4yi/nr+fjaL1aYl3L6nHMEsWGFeL1XHM5hQX6eK5+NNpxO6tZ + fbdjFp4UGQKBgBTlfijREU2Q5Ah8RfuLnQ4Bg9zKluGXlRQ9sIoKuyjEVE9xt7CR + mVMNRSEyB3O4hZrw9Ge3HM2Jm2SsE9Mbdz4iLkQL0rgVvlDW+9u2yO3EkQcvzriv + Kf2Y7Re3AT6ZPAWf1/v4N/87QY8KJxFhZDbLEl00E4MnPMoN02TtRdITAoGAaJxF + WQSOwl8RpTllPbRjsKH1WCQYn0ic/MMZ+djP3Owbu8wucJ6oBakpVcZe1mQ7oYeK + /odrI5K0TBoSc8DjPM/yzz5BCw/zQjyBy0GQtviKdGSUDDRE5xMC3kHmzcMVF9jf + kq4/DSZjJ5UOqGdjLQ4SINFWJF5SmWi5Sg+NXKkCgYEAzD22Q8ttCKORyg7/Zi+9 + 84bn2tirCKSWPYkx2Zs/XB8qgZCZJcA0XxvnHUepP0F7T9nrvgRLe2wjOKDi0OJh + QqE7FEp7UZbDEVLb1xBaijmjkuq300f4olW+UNKzC23kSiX/VL3ngpxt0saNTWN+ + GGE1XO4oxVDrkeDSIUmxN60= + -----END PRIVATE KEY----- diff --git a/ansible/hosts b/ansible/hosts index 01ea2d1..eaefbb7 100644 --- a/ansible/hosts +++ b/ansible/hosts @@ -31,6 +31,9 @@ zf01 ansible_host=127.0.8.1 [zuul-merger] zm01 ansible_host=127.0.4.1 +[zuul-registry] +zr01 ansible_host=127.0.10.1 + [zuul-scheduler] zs01 ansible_host=127.0.5.1 diff --git a/zuul-registry/registry.yaml.j2 b/zuul-registry/registry.yaml.j2 new file mode 100644 index 0000000..4114f72 --- /dev/null +++ b/zuul-registry/registry.yaml.j2 @@ -0,0 +1,18 @@ +--- +registry: + address: {{ hostvars['zr01'].ansible_host }} + port: 9000 + tls-cert: /etc/zuul-registry/ssl/cert.pem + tls-key: /etc/zuul-registry/ssl/cert.key + secret: test_token_secret + public-url: https://{{ hostvars['zr01'].ansible_host }}:9000 + users: + - name: testuser + pass: testpass + access: write + - name: anonymous + pass: '' + access: read + storage: + driver: filesystem + root: /var/lib/zuul-registry/storage