diff options
-rw-r--r-- | ick-cluster.yml | 4 | ||||
-rw-r--r-- | ick-workers.yml | 3 | ||||
-rw-r--r-- | liw.yml | 11 | ||||
-rw-r--r-- | roles/qvisqve/tasks/main.yml | 10 | ||||
-rw-r--r-- | roles/qvisqve/templates/worker.j2 | 26 | ||||
-rw-r--r-- | toy.ick | 27 |
6 files changed, 72 insertions, 9 deletions
diff --git a/ick-cluster.yml b/ick-cluster.yml index e94d639..499cf6e 100644 --- a/ick-cluster.yml +++ b/ick-cluster.yml @@ -11,6 +11,10 @@ - ick-artifact-store - ick-notifier - muck + tasks: + - shell: | + sed -i 's/self._verify = None/self._verify = False/' /usr/lib/python3/dist-packages/ick2/client.py + sed -i 's/self._verify = verify/self._verify = False/' /usr/lib/python3/dist-packages/ick2/client.py vars: sane_debian_system_version: 1 sane_debian_system_codename: buster diff --git a/ick-workers.yml b/ick-workers.yml index 737cc9f..00a4153 100644 --- a/ick-workers.yml +++ b/ick-workers.yml @@ -6,6 +6,9 @@ - comfortable - unix_users - ick-worker + tasks: + - shell: | + sed -i "s/'uapi_logs_id_get',/'uapi_logs_id_get','create','update','show','delete',/" /usr/bin/worker_manager vars: sane_debian_system_version: 1 sane_debian_system_codename: buster @@ -58,15 +58,8 @@ qvisqve_liw_salt: "{{ lookup('pipe', 'pass show ick2/liw_salt') }}" qvisqve_controller_secret: "{{ lookup('pipe', 'pass show ick2/controller_secret') }}" qvisqve_controller_hash: "{{ lookup('pipe', 'pass show ick2/controller_hash') }}" qvisqve_controller_salt: "{{ lookup('pipe', 'pass show ick2/controller_salt') }}" -qvisqve_worker1_hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" -qvisqve_worker1_salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" -qvisqve_worker2_hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" -qvisqve_worker2_salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" -qvisqve_worker3_hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" -qvisqve_worker3_salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" -qvisqve_worker4_hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" -qvisqve_worker4_salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" - +qvisqve_worker_hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" +qvisqve_worker_salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" # I like to have an addition "dist" in the APT repository, liwdev, so # I can have ick build from a liw/dev branch, in addition to master, diff --git a/roles/qvisqve/tasks/main.yml b/roles/qvisqve/tasks/main.yml index 9ef636a..1634b69 100644 --- a/roles/qvisqve/tasks/main.yml +++ b/roles/qvisqve/tasks/main.yml @@ -70,6 +70,16 @@ owner: _qvisqve group: _qvisqve +- name: "install Ick worker clients" + template: + src: worker.j2 + dest: "/var/lib/qvisqve/client/{{ item }}" + mode: 0600 + owner: _qvisqve + group: _qvisqve + with_items: + - worker1 + - name: "enable and restart Qvisqve services" service: name: "{{ item }}" diff --git a/roles/qvisqve/templates/worker.j2 b/roles/qvisqve/templates/worker.j2 new file mode 100644 index 0000000..6a0c050 --- /dev/null +++ b/roles/qvisqve/templates/worker.j2 @@ -0,0 +1,26 @@ +# secret: /{{ worker_secret }}/ +allowed_scopes: +- uapi_version_get +- uapi_workers_post +- uapi_work_get +- uapi_work_post +- uapi_blobs_id_put +- uapi_blobs_id_get +- uapi_notify_post +- uapi_builds_id_get +- uapi_logs_id_get +- uapi_version_get +- uapi_projects_get +- create +- update +- show +- delete +hashed_secret: + N: 16384 + hash: {{ qvisqve_worker_hash }} + key_len: 128 + p: 1 + r: 8 + salt: {{ qvisqve_worker_salt }} + version: 1 +id: {{ item }} @@ -0,0 +1,27 @@ +projects: + +- project: systree + parameters: + debian_codename: buster + packages: + - apt-transport-https + - jq + - python3 + artifact_name: systree + pipelines: + - ick/build_debian_systree + +- project: hello + parameters: + systree_name: systree + notify: [] + pipelines: &deb_ci_pipelines + - hello + +pipelines: + +- pipeline: hello + actions: + - where: container + shell: | + echo hello, world |