zuul/zuul-jobs
Code Issues Proposed changes

More E208

Browse Source 
Change-Id: I8c3d224682d7d6780d6ad7823e390c47114e702b
This commit is contained in:
Sorin Sbarnea 2020-11-04 08:19:35 +00:00 committed by zbr
parent 88ef27b414
commit 90d263941a
5 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
roles/pull-from-intermediate-registry/tasks/main.yaml
View File

@ -25,10 +25,12 @@
file: file:
path: "/etc/docker/certs.d/127.0.0.1:{{ socat_port }}/" path: "/etc/docker/certs.d/127.0.0.1:{{ socat_port }}/"
state: directory state: directory
mode: 0755
- name: Write registry TLS certificate - name: Write registry TLS certificate
copy: copy:
content: "{{ buildset_registry.cert }}" content: "{{ buildset_registry.cert }}"
dest: "/etc/docker/certs.d/127.0.0.1:{{ socat_port }}/ca.crt" dest: "/etc/docker/certs.d/127.0.0.1:{{ socat_port }}/ca.crt"
mode: 0644
# Update user config for intermediate and buildset registries # Update user config for intermediate and buildset registries
- name: Ensure docker user directory exists - name: Ensure docker user directory exists

2
roles/push-to-intermediate-registry/tasks/push.yaml
View File

@ -25,10 +25,12 @@
file: file:
path: "/etc/docker/certs.d/127.0.0.1:{{ socat_port }}/" path: "/etc/docker/certs.d/127.0.0.1:{{ socat_port }}/"
state: directory state: directory
mode: 0755
- name: Write registry TLS certificate - name: Write registry TLS certificate
copy: copy:
content: "{{ buildset_registry.cert }}" content: "{{ buildset_registry.cert }}"
dest: "/etc/docker/certs.d/127.0.0.1:{{ socat_port }}/ca.crt" dest: "/etc/docker/certs.d/127.0.0.1:{{ socat_port }}/ca.crt"
mode: 0644
# Update user config for intermediate and buildset registries # Update user config for intermediate and buildset registries
- name: Ensure docker user directory exists - name: Ensure docker user directory exists

2
roles/run-buildset-registry/tasks/main.yaml
View File

@ -20,6 +20,7 @@
file: file:
state: directory state: directory
path: "{{ buildset_registry_root }}/{{ zj_dir }}" path: "{{ buildset_registry_root }}/{{ zj_dir }}"
mode: 0755
loop: loop:
- tls - tls
- conf - conf
@ -33,6 +34,7 @@
template: template:
src: registry.yaml.j2 src: registry.yaml.j2
dest: "{{ buildset_registry_root }}/conf/registry.yaml" dest: "{{ buildset_registry_root }}/conf/registry.yaml"
mode: 0600
- name: Generate a TLS key for the registry - name: Generate a TLS key for the registry
command: "openssl req -x509 -newkey rsa:2048 -keyout {{ buildset_registry_root }}/tls/cert.key -out {{ buildset_registry_root }}/tls/cert.pem -days 365 -nodes -subj '/C=US/ST=California/L=Oakland/O=Company Name/OU=Org/CN={{ ansible_host }}' -addext 'subjectAltName = DNS:zuul-jobs.buildset-registry,DNS:{{ ansible_host }},IP:{{ ansible_host }},IP:127.0.0.1'" command: "openssl req -x509 -newkey rsa:2048 -keyout {{ buildset_registry_root }}/tls/cert.key -out {{ buildset_registry_root }}/tls/cert.pem -days 365 -nodes -subj '/C=US/ST=California/L=Oakland/O=Company Name/OU=Org/CN={{ ansible_host }}' -addext 'subjectAltName = DNS:zuul-jobs.buildset-registry,DNS:{{ ansible_host }},IP:{{ ansible_host }},IP:127.0.0.1'"
- name: Read TLS certificate - name: Read TLS certificate

1
roles/stage-output/tasks/main.yaml
View File

@ -55,6 +55,7 @@
path: "{{ stage_dir }}/{{ zj_output_dirs }}" path: "{{ stage_dir }}/{{ zj_output_dirs }}"
state: directory state: directory
owner: "{{ ansible_user }}" owner: "{{ ansible_user }}"
mode: 0755
with_items: with_items:
- docs - docs
- artifacts - artifacts

1
roles/upload-logs/tasks/main.yaml
View File

@ -39,6 +39,7 @@
delegate_to: localhost delegate_to: localhost
archive: archive:
path: "{{ zuul.executor.log_root }}/{{ zj_log }}" path: "{{ zuul.executor.log_root }}/{{ zj_log }}"
mode: 0644
with_items: with_items:
- job-output.txt - job-output.txt
- job-output.json - job-output.json