Add pre/post gerrit roles and top-level playbooks

2015-04-18 22:43:12 +02:00 · 2015-04-18 22:43:12 +02:00 · 8ba4e42579
commit 8ba4e42579
parent 3c27378cc9
4 changed files with 56 additions and 0 deletions
--- a/post_puppet_gerrit.yml
+++ b/post_puppet_gerrit.yml
@ -0,0 +1,7 @@
+---
+# file: post_puppet_gerrit.yml
+- hosts: meta-infra_type_gerrit
+  user: ubuntu
+  sudo: true
+  roles:
+    - { role: post_puppet_gerrit }
--- a/pre_puppet_gerrit.yml
+++ b/pre_puppet_gerrit.yml
@ -0,0 +1,7 @@
+---
+# file: pre_puppet_gerrit.yml
+- hosts: meta-infra_type_gerrit
+  user: ubuntu
+  sudo: true
+  roles:
+    - { role: pre_puppet_gerrit }
--- a/roles/post_puppet_gerrit/tasks/main.yml
+++ b/roles/post_puppet_gerrit/tasks/main.yml
@ -0,0 +1,26 @@
+---
+# Enable ssh agent forwarding with sudo
+- lineinfile: dest=/etc/sudoers state=present regexp='^Defaults env_keep\+\=SSH_AUTH_SOCK' line='Defaults env_keep+=SSH_AUTH_SOCK'
+
+- pause: 
+    prompt: | 
+      Please login to "{{ groups['meta-infra_type_gerrit'][0] }}" 
+      with your OpenID, set your user preferences and enter
+      your user account name 
+  register: gerrit_prompt_var
+
+- command: hiera -c /etc/puppet/hiera.yaml zuul_ssh_public_key_contents environment=production
+  delegate_to: "{{ groups['meta-infra_type_puppetmaster'][0] }}"
+  register: zuul_ssh_public_key_contents
+
+- command: hiera -c /etc/puppet/hiera.yaml ssh_project_rsa_pubkey_contents environment=production
+  delegate_to: "{{ groups['meta-infra_type_puppetmaster'][0] }}"
+  register: ssh_project_rsa_pubkey_contents
+
+- command: ssh -p 29418 -o StrictHostKeyChecking=no "{{ gerrit_prompt_var.user_input }}"@localhost gerrit create-group "'Project Bootstrappers'"
+
+- command: ssh -p 29418 -o StrictHostKeyChecking=no "{{ gerrit_prompt_var.user_input }}"@localhost gerrit create-group "'Continuous Integration Tools'"
+
+- command: ssh -p 29418 -o StrictHostKeyChecking=no "{{ gerrit_prompt_var.user_input }}"@localhost gerrit create-account --group "'Continuous Integration Tools'" --group Administrators --full-name "'Project Creator'" --email creator@infra-ansible.cloud --ssh-key "'{{ ssh_project_rsa_pubkey_contents.stdout }}'" openstack-project-creator
+
+- command: ssh -p 29418 -o StrictHostKeyChecking=no "{{ gerrit_prompt_var.user_input }}"@localhost gerrit create-account --group "'Continuous Integration Tools'" --full-name "'Zuul'" --email zuul@infra-ansible.cloud --ssh-key "'{{ zuul_ssh_public_key_contents.stdout }}'" jenkins
--- a/roles/pre_puppet_gerrit/tasks/main.yml
+++ b/roles/pre_puppet_gerrit/tasks/main.yml
@ -0,0 +1,16 @@
+---
+- command: hiera -c /etc/puppet/hiera.yaml gerrit_mysql_password environment=production
+  delegate_to: "{{ groups['meta-infra_type_puppetmaster'][0] }}"
+  register: gerrit_mysql_password
+  no_log: True
+
+- apt: name=mysql-server state=present
+
+- apt: name=python-mysqldb state=present
+
+- mysql_db: name=reviewdb state=present
+
+- service: name=mysql state=running enabled=yes
+
+- mysql_user: user=gerrit2 password="{{ gerrit_mysql_password.stdout }}" priv=*.*:ALL,GRANT state=present
+  no_log: True