From 5756a7ab1b2d31d0e705ae902a572a1263857a94 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Wed, 22 Apr 2020 14:19:15 +0300 Subject: Change: worker-vmdb2.yml --- worker-vmdb2.yml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/worker-vmdb2.yml b/worker-vmdb2.yml index a202e15..112839d 100644 --- a/worker-vmdb2.yml +++ b/worker-vmdb2.yml @@ -13,6 +13,11 @@ auto eth0 iface eth0 inet dhcp dest: /etc/network/interfaces + - copy: + content: "{{ ci_prod_signing_key }}" + dest: /etc/apt/trusted.gpg.d/ci_prod.asc + - apt_repository: + repo: "deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main" - apt: name: - ansible @@ -58,3 +63,33 @@ vars: host: worker ansible_python_interpreter: /usr/bin/python3 + ci_prod_signing_key: | + -----BEGIN PGP PUBLIC KEY BLOCK----- + + mQINBFrLO7kBEADdz6mHstYmKU5Dp6OSjxWtWaqTDOX1sJdmmaIK/9EKVIH0Maxp + 5kvVO5G6mULLAjv/kLG0MxasHPrq8I2A/y8AqKAGVL8QelwLjQMIFZ30/VbGQPHS + +T5TZXEnoQtNce1GUhFwJ38ZyjjwHBFV9tSec7rZ2Q3YeM3nNnGPf6DacXGfEOPO + HIN4sXAN2hzNXNjKRzTIvxQseb6nr7afUh/SlZ3yhQOCrIzmYlD7tP9WJe7ofL0p + JY4pDQYw8rT6nC2BE/ioemh84kERCT1vCe+OVFlSRuMlqfEv+ZpKQ+itOmPDQ/lM + jpUm1K2hrW/lWpxT/ZxHKo/w1K36J5WshgMZxfUu5BMCL9LMqMcrXNhNjDMfxDMM + 3yBPOvQ4ls6fecOZ/bsFo1p8VzMk/w/eG8vPs5yuNa5XxN95yFMXoOHGb5Xbu8D4 + 6yiW+Af70LbiSNpGdmNdneiGB2fY38NxBukPw5u3S5qG8HedSmMr1RvSr5kHoAAe + UbOY+BYaaKsTAT7+1skUW1o3FJSqoRKCHAzTsMWC6zzhR8hRn7jVrrguH1hGbqq5 + TZSCFQZExuTJ7uXrTLG0WoBXIjB5wWNcSeXn8myUWYB51nJNF4tJBouZOz9JwWGl + kiAQkrHnBttLQWdW9FyjbIoTZMtpvVx+m6ObGTGdGL1cNlLAvWprMXGc+QARAQAB + tDJJY2sgQVBUIHJlcG9zaXRvcnkgc2lnbmluZyBrZXkgKDIwMTgpIDxsaXdAbGl3 + LmZpPokCTgQTAQgAOBYhBKL1uyDoXyxUH3O717Wr+TZVS6PGBQJayzu5AhsDBQsJ + CAcCBhUICQoLAgQWAgMBAh4BAheAAAoJELWr+TZVS6PGB5QQANTcikhRUHwt9N4h + dGc/Hp6CbqdshMoWlwpFskttoVDxQG5OAobuZl5XyzGcmja1lT85RGkZFfbca0IZ + LnXOLLSAu51QBkXNaj4OhjK/0uQ+ITrvL6RQSXNgHiUTR/W2XD1GIUq6nBqe2GSN + 31S1baYKKVj5QIMsi7Dq8ls3BBXuPCE+xTSaNmGWjes2t9pPidcRvxsksCLY1qgw + P1GFXBeMkBQ29kBP87SUL15SIk7OiQLlEURCy5iRls5rt/YEsdEpRWIb0Tm5Nrjv + 2M3VM+iBhfNXTwj0rJ34mlycF1qQmA7YcTEobT7z587GPY0VWzBpQUnEQj7rQWPM + cDYY0b+I6kQ8VKOaL4wVAtE98d7HzFIrIrwhTKufnrWrVDPYsmLZ+LPC1jiF7JBD + SR6Vftb+SdDR9xoE1yRuXbC6IfoW+5/qQNrdQ2mm9BFw5jOonBqchs18HTTf3441 + 6SWwP9fY3Vi+IZphPPi0Gf85oMStgnv/Wnw6LacEL32ek39Desero/D8iGLZernK + Q2mC9mua5A/bYGVhsNWyURNFkKdbFa+/wW3NfdKYyZnsSfo+jJ2luNewrhAY7Kod + GWXTer9RxzTGA3EXFGvNr+BBOOxSj0SfWTl0Olo7J5dnxof+jLAUS1VHpceHGHps + GSJSdir7NkZidgwoCPA7BTqsb5LN + =dXB0 + -----END PGP PUBLIC KEY BLOCK----- -- cgit v1.2.1 From 716a6c0a991796816ade2816778bfde0c9fb55e1 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Thu, 23 Apr 2020 11:06:46 +0300 Subject: Change: use Ansible for configuring worker, not apt-get --- contractor | 61 ++++++++++++++++++++++++++++++++++++++++++----------------- contractor.md | 22 +++++++++++++++++---- vm.vmdb | 1 + 3 files changed, 63 insertions(+), 21 deletions(-) diff --git a/contractor b/contractor index 2a9136f..2f1f372 100755 --- a/contractor +++ b/contractor @@ -91,7 +91,6 @@ class ContractorApplication(cliapp.Application): TryUnmountWS(), MountWS(), ChownWS(), - Mkdir('/mnt/src', owner=WORKER_UID, group=WORKER_GID), ] self.exec_quietly(manager, *execs) timer.report('setup') @@ -103,6 +102,10 @@ class ContractorApplication(cliapp.Application): self.sync_to_workspace(ws, dest, '.') timer.report('upload-saved-workspace') + execs = [ + Mkdir('/mnt/src', owner=WORKER_UID, group=WORKER_GID), + ] + self.exec_quietly(manager, *execs) src = bs.source() self.sync_to_workspace(src, dest, 'src') timer.report('upload-source') @@ -116,18 +119,20 @@ class ContractorApplication(cliapp.Application): timer.report('wait-for-worker') self.exec_quietly(manager, AttachWS()) + self.verbose('attached') worker = OnWorker( dest, 'worker@{}'.format(worker_ip), verbose=self.verbose) self.exec_quietly(worker, Mkdir('/workspace'), MountWSonWorker()) - execs = [] - install = bs.install() - if install: - execs.append(AptInstall(install)) + ansible = bs.ansible() + if ansible: + self.exec_quietly(manager, Ansible(ansible, worker_ip)) - execs.append(Chdir('/workspace/src')) - execs.append(Build(bs.build())) + execs = [ + Chdir('/workspace/src'), + Build(bs.build()), + ] self.exec_verbosely(worker, *execs) timer.report('build') @@ -313,17 +318,30 @@ class TrueCmd(RemoteExecution): return ['true'] -class AptInstall(RemoteExecution): +class Ansible(RemoteExecution): - def __init__(self, packages): - self._packages = packages + def __init__(self, playbook, worker_ip): + self._playbook = playbook + self._worker_ip = worker_ip def msg(self): - return 'installing packages: ' + ' '.join(self._packages) + return 'running Ansible playbook on worker' def argv(self): - return ['sudo', 'DEBIAN_FRONTEND=noninteractive', - 'apt-get', '-y', 'install'] + self._packages + x = ['sh', '-c', ''' +cat > hosts << EOF +[all] +worker ansible_ssh_host={ip} +EOF + +cat > worker.yaml << EOF +{playbook} +EOF + +ansible-playbook -i hosts worker.yaml +'''.format(ip=self._worker_ip, playbook=yaml.safe_dump(self._playbook))] + logging.debug('Ansible: {!r}'.format(x)) + return x class Chdir(RemoteExecution): @@ -539,6 +557,15 @@ echo "$ip" '''] +class Find(RemoteExecution): + + def __init__(self, dirname): + self._dirname = dirname + + def argv(self): + return ['sudo', 'find', self._dirname, '-ls'] + + class BuildSpec: def __init__(self, yaml_text): @@ -546,14 +573,14 @@ class BuildSpec: self._image = os.path.expanduser(self._get(spec, 'worker-image')) self._source = os.path.expanduser(self._get(spec, 'source')) self._workspace = os.path.expanduser(self._get(spec, 'workspace', '')) - self._install = self._get(spec, 'install', []) + self._ansible = self._get(spec, 'ansible', []) self._build = self._get(spec, 'build') def worker_image(self): return self._image - def install(self): - return self._install + def ansible(self): + return self._ansible def source(self): return self._source @@ -567,7 +594,7 @@ class BuildSpec: def as_dict(self): return { 'worker-image': self.worker_image(), - 'install': self.install(), + 'ansible': self.ansible(), 'source': self.source(), 'workspace': self.workspace(), 'build': self.build(), diff --git a/contractor.md b/contractor.md index 42ed3c8..9a19a39 100644 --- a/contractor.md +++ b/contractor.md @@ -312,8 +312,15 @@ then the JSON output matches dump.yaml ~~~{.file #dump.yaml .yaml .numberLines} worker-image: worker.img -install: - - build-essential +ansible: + - hosts: worker + remote_user: worker + become: yes + tasks: + - apt: + name: build-essential + vars: + ansible_python_interpreter: /usr/bin/python3 source: . workspace: workspace build: | @@ -354,8 +361,15 @@ int main() ~~~{.file #hello.yaml .yaml .numberLines} worker-image: worker.img -install: - - build-essential +ansible: + - hosts: worker + remote_user: worker + become: yes + tasks: + - apt: + name: build-essential + vars: + ansible_python_interpreter: /usr/bin/python3 source: . workspace: ws build: | diff --git a/vm.vmdb b/vm.vmdb index 82b0ab6..45def5e 100644 --- a/vm.vmdb +++ b/vm.vmdb @@ -34,6 +34,7 @@ steps: - python3 - sudo - ssh + - ansible tag: / unless: rootfs_unpacked -- cgit v1.2.1