Add a role to mirror a git repository to a remote git server

This role is meant to replicate a successfully tested git repository
to a remote git server over SSH during the POST pipeline.

Change-Id: I562802ede7358c809c915f09f229884d81cc5b31
Depends-On: https://review.openstack.org/643435
This commit is contained in:
David Moreau Simard 2019-03-14 12:35:54 -04:00 committed by James E. Blair
parent 4b3adfeea6
commit 614c6c043e
4 changed files with 87 additions and 0 deletions

View File

@ -30,6 +30,7 @@ General Purpose Roles
.. zuul:autorole:: start-zuul-console .. zuul:autorole:: start-zuul-console
.. zuul:autorole:: test-setup .. zuul:autorole:: test-setup
.. zuul:autorole:: trigger-readthedocs .. zuul:autorole:: trigger-readthedocs
.. zuul:autorole:: upload-git-mirror
.. zuul:autorole:: validate-dco-license .. zuul:autorole:: validate-dco-license
.. zuul:autorole:: validate-host .. zuul:autorole:: validate-host
.. zuul:autorole:: version-from-git .. zuul:autorole:: version-from-git

View File

@ -0,0 +1,30 @@
Mirrors a git repository to a remote git server
Meant to be used after a change was successfully merged, this role mirrors a
tested git repository to a remote git server over SSH.
The role assumes that git has been previously installed and does not require
superuser privileges to run.
**Role Variables**
.. zuul:rolevar:: git_mirror_credentials
Dictionary that provides the remote git repository credentials
.. zuul:rolevar:: user
SSH user for the remote git repository
.. zuul:rolevar:: host
SSH host for the remote git repository
.. zuul:rolevar:: key
Literal private key contents.
Should start with something like ``-----BEGIN RSA PRIVATE KEY-----``.
.. zuul:rolevar:: repository
Path of the remote git repository

View File

@ -0,0 +1,9 @@
---
# git push --mirror {{ git_mirror_credentials.user }}@{{ git_mirror_credentials.host }}:{{ git_mirror_credentials.repository }}
# git_mirror_credentials:
# user:
# host:
# key:
# Repository to replicate to
# git_mirror_repository:

View File

@ -0,0 +1,47 @@
- block:
- name: Create SSH private key tempfile
tempfile:
state: file
register: ssh_private_key_tmp
- name: Set up private key
copy:
content: "{{ git_mirror_credentials.key }}"
dest: "{{ ssh_private_key_tmp.path }}"
mode: 0600
- name: Generate SSH configuration
set_fact:
ssh_config: |
host {{ git_mirror_credentials.host }}
HostName {{ git_mirror_credentials.host }}
IdentityFile {{ ssh_private_key_tmp.path }}
User {{ git_mirror_credentials.user }}
- name: Write SSH configuration to ~/.ssh/config
blockinfile:
state: present
path: "{{ ansible_user_dir }}/.ssh/config"
create: yes
mode: 0600
block: "{{ ssh_config }}"
- name: Mirror the git repository
command: git push --mirror {{ git_mirror_credentials.user }}@{{ git_mirror_credentials.host }}:{{ git_mirror_repository }}
args:
chdir: "{{ ansible_user_dir }}/{{ zuul.project.src_dir }}"
tags:
- skip_ansible_lint
always:
# Registered variables below are only used for integration testing
- name: Remove SSH private key from disk
command: "shred --remove {{ ssh_private_key_tmp.path }}"
register: git_mirror_key_removed
- name: Remove SSH configuration in ~/.ssh/config
blockinfile:
state: absent
path: "{{ ansible_user_dir }}/.ssh/config"
mode: 0600
block: "{{ ssh_config }}"
register: git_mirror_ssh_config_removed