Merge "Add the post-reboot-tasks role"

This commit is contained in:
Zuul 2022-06-17 15:46:53 +00:00 committed by Gerrit Code Review
commit 21faa1a9d8
6 changed files with 32 additions and 2 deletions

View File

@ -36,6 +36,7 @@ General Purpose Roles
.. zuul:autorole:: prepare-workspace
.. zuul:autorole:: prepare-workspace-git
.. zuul:autorole:: prepare-workspace-openshift
.. zuul:autorole:: post-reboot-tasks
.. zuul:autorole:: remove-build-sshkey
.. zuul:autorole:: remove-build-winrm-cert
.. zuul:autorole:: remove-gpgkey

View File

@ -2,3 +2,7 @@ Enable FIPS on a node.
Set a node into FIPS mode, to test functionality when crypto
policies are set to FIPS in RHEL 8/Centos 8.
The role will set the node into FIPS mode, reboot the node, and
then call the post-reboot-tasks role. This role requires a role
parameter - nslookup_target.

View File

@ -50,9 +50,9 @@
reboot:
reboot_timeout: 1800
- name: Run start-zuul-console role
- name: Run post-boot tasks
include_role:
name: start-zuul-console
name: post-reboot-tasks
- name: Ensure FIPS mode is enabled
become: true

View File

@ -0,0 +1,14 @@
Ensure that processes are running after a node reboot.
Some roles (like the enable-fips role) need to reboot the node
in order to complete their operations.
This role can be invoked to ensure that the node is sufficiently
up again before continuing by doing some basic checks for
connectivity (ssh), restarting the zuul-console and making sure
DNS is up.
A role parameter nslookup_target is required to specify the DNS name
to ensure DNS is working. If working in a mirrored environment, it
is a good idea to use $zuul_site_mirror_fqdn, because this is what
will be needed for package installs in any case.

View File

@ -0,0 +1,10 @@
---
- name: check if node is available for ssh
wait_for_connection:
- name: Run start-zuul-console role
include_role:
name: start-zuul-console
- name: confirm that dns is up
command: "nslookup -retry=60 {{ nslookup_target }}"

View File

@ -342,6 +342,7 @@
run: test-playbooks/simple-role-test.yaml
vars:
role_name: enable-fips
nslookup_target: opendev.org
nodeset:
nodes:
- name: centos-8-stream