.tox/
+cloud-env.json
+*.retry
--- /dev/null
+---
+- hosts: all
+ become_user: root
+ become_method: sudo
+
+ pre_tasks:
+ - include_role: name=system-update
+
+ - name: Install base packages
+ include_tasks: '{{item}}'
+ with_first_found:
+ - 'install-base-pkgs-{{ansible_distribution}}.yaml'
+ - 'install-base-pkgs-{{ansible_os_family}}.yaml'
+
+ - name: Setup SELINUX
+ selinux:
+ policy: targeted
+ state: enforcing
+ when: ansible_os_family == 'RedHat'
+ become: yes
+
+ - name: Allow jenkins user sudo access
+ copy:
+ dest: /etc/sudoers.d/89-jenkins-user-defaults
+ content: |
+ Defaults:jenkins !requiretty
+ jenkins ALL = NOPASSWD: ALL
+ validate: /usr/sbin/visudo -cf %s
+ become: yes
+
+ roles:
+ - lf-recommended-tools
+ - haveged-install
+ - java-install
+ - puppet-install
+ - python-install
+ - shellcheck-install
+ - sysstat-install
+
+ post_tasks:
+ - name: Update /etc/nss-switch.conf to map hostname with IP
+ # Update /etc/nss-switch.conf to map hostname with IP instead of using `localhost`
+ # from /etc/hosts which is required by some of the Java API's to avoid
+ # Java UnknownHostException: "Name or service not known" error.
+ shell: sed -i "/^hosts:/s/$/ myhostname/" /etc/nsswitch.conf
+ become: yes
+
+ - name: Disable periodic updates
+ block:
+ - name: Set all periodic update options to 0
+ replace:
+ path: /etc/apt/apt.conf.d/10periodic
+ regexp: '1'
+ replace: '0'
+ - name: Disable unattended upgrades
+ lineinfile:
+ path: /etc/apt/apt.conf.d/10periodic
+ regexp: '^APT::Periodic::Unattended-Upgrade'
+ line: 'APT::Periodic::Unattended-Upgrade "0";'
+ create: yes
+ when: ansible_distribution == 'Ubuntu'
+ become: yes
+
+ - name: System Reseal
+ include_tasks: system-reseal.yaml
--- /dev/null
+---
+- name: Install base packages
+ yum:
+ name: '{{pkg}}'
+ state: latest
+ with_items:
+ - '@base'
+ - '@development'
+ - yum-utils
+ - https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
+ loop_control:
+ loop_var: pkg
+ become: yes
--- /dev/null
+---
+- name: Install base packages
+ apt:
+ name: '{{pkg}}'
+ state: latest
+ with_items:
+ - build-essential
+ - devscripts
+ - dh-systemd
+ - equivs
+ - gdebi
+ loop_control:
+ loop_var: pkg
+ become: yes
--- /dev/null
+#!/bin/bash
+# SPDX-License-Identifier: EPL-1.0
+##############################################################################
+# Copyright (c) 2018 The Linux Foundation and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+##############################################################################
+# vi: ts=4 sw=4 sts=4 et :
+
+# Ansible requires Python 2 so check availability and install as necessary.
+if ! command -v /usr/bin/python; then
+ # Ubuntu 16.04 does not come with Python 2 by default.
+ if command -v apt; then
+ apt -y update
+ apt install -y python-minimal
+ fi
+fi
--- /dev/null
+#!/bin/bash
+# SPDX-License-Identifier: EPL-1.0
+##############################################################################
+# Copyright (c) 2016 The Linux Foundation and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+##############################################################################
+# vi: ts=4 sw=4 sts=4 et :
+
+/bin/sed -i 's/ requiretty/ !requiretty/' /etc/sudoers;
--- /dev/null
+---
+- name: System reseal
+ file:
+ path: '{{del}}'
+ state: absent
+ with_items:
+ - ~/.viminfo
+ - /etc/Pegasus/*.cnf
+ - /etc/Pegasus/*.crt
+ - /etc/Pegasus/*.csr
+ - /etc/Pegasus/*.pem
+ - /etc/Pegasus/*.srl
+ - /etc/ssh/ssh*key*
+ - /root/.ssh/*
+ - /root/anaconda-ks.cfg
+ - /root/anaconda-post.log
+ - /root/initial-setup-ks.cfg
+ - /root/install.log
+ - /root/install.log.syslog
+ - /tmp/*
+ - /var/cache/fontconfig/*
+ - /var/cache/gdm/*
+ - /var/cache/man/*
+ - /var/lib/AccountService/users/*
+ - /var/lib/cloud/*
+ - /var/lib/fprint/*
+ - /var/lib/logrotate.status
+ - /var/log/*.log*
+ - /var/log/BackupPC/LOG
+ - /var/log/ConsoleKit/*
+ - /var/log/anaconda.syslog
+ - /var/log/anaconda/*
+ - /var/log/apache2/*_log
+ - /var/log/apache2/*_log-*
+ - /var/log/apt/*
+ - /var/log/aptitude*
+ - /var/log/audit/*
+ - /var/log/btmp*
+ - /var/log/ceph/*.log
+ - /var/log/chrony/*.log
+ - /var/log/cron*
+ - /var/log/cups/*_log
+ - /var/log/debug*
+ - /var/log/dmesg*
+ - /var/log/exim4/*
+ - /var/log/faillog*
+ - /var/log/gdm/*
+ - /var/log/glusterfs/*glusterd.vol.log
+ - /var/log/glusterfs/glusterfs.log
+ - /var/log/httpd/*log
+ - /var/log/installer/*
+ - /var/log/jetty/jetty-console.log
+ - /var/log/journal/*
+ - /var/log/lastlog*
+ - /var/log/libvirt/libvirtd.log
+ - /var/log/libvirt/lxc/*.log
+ - /var/log/libvirt/qemu/*.log
+ - /var/log/libvirt/uml/*.log
+ - /var/log/lightdm/*
+ - /var/log/mail/*
+ - /var/log/maillog*
+ - /var/log/messages*
+ - /var/log/ntp
+ - /var/log/ntpstats/*
+ - /var/log/ppp/connect-errors
+ - /var/log/rhsm/*
+ - /var/log/sa/*
+ - /var/log/secure*
+ - /var/log/setroubleshoot/*.log
+ - /var/log/spooler*
+ - /var/log/squid/*.log
+ - /var/log/syslog*
+ - /var/log/tallylog*
+ - /var/log/tuned/tuned.log
+ - /var/log/wtmp*
+ - /var/named/data/named.run
+ loop_control:
+ loop_var: del
+ become: yes
+
+- name: Force system sync and sleep for 10 seconds
+ block:
+ - shell: sync
+ - pause:
+ seconds: 10
--- /dev/null
+#!/bin/bash
+# SPDX-License-Identifier: EPL-1.0
+##############################################################################
+# Copyright (c) 2016 The Linux Foundation and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+##############################################################################
+# vi: ts=4 sw=4 sts=4 et :
+
+# Nothing to do for Ubuntu specific provisioning
--- /dev/null
+{
+ "variables": {
+ "base_image": null,
+ "distro": null,
+ "cloud_auth_url": null,
+ "cloud_user": null,
+ "cloud_pass": null,
+ "cloud_network": null,
+ "cloud_tenant": null,
+ "cloud_user_data": null,
+ "ssh_user": null,
+ "ssh_proxy_host": ""
+ },
+ "builders": [
+ {
+ "name": "vexxhost",
+ "image_name": "ZZCI - {{user `distro`}} - builder - {{isotime \"20060102-1504\"}}",
+ "source_image_name": "{{user `base_image`}}",
+ "type": "openstack",
+ "identity_endpoint": "{{user `cloud_auth_url`}}",
+ "username": "{{user `cloud_user`}}",
+ "password": "{{user `cloud_pass`}}",
+ "tenant_name": "{{user `cloud_tenant`}}",
+ "domain_name": "Default",
+ "region": "ca-ymq-1",
+ "availability_zone": "ca-ymq-2",
+ "networks": [
+ "{{user `cloud_network`}}"
+ ],
+ "user_data_file": "{{user `cloud_user_data`}}",
+ "ssh_username": "{{user `ssh_user`}}",
+ "ssh_proxy_host": "{{user `ssh_proxy_host`}}",
+ "flavor": "v1-standard-1",
+ "metadata": {
+ "ci_managed": "yes"
+ }
+ }
+ ],
+ "provisioners": [
+ {
+ "type": "shell",
+ "scripts": [
+ "provision/install-python.sh"
+ ],
+ "execute_command": "chmod +x {{ .Path }}; if [ \"$UID\" == \"0\" ]; then {{ .Vars }} '{{ .Path }}'; else {{ .Vars }} sudo -E '{{ .Path }}'; fi"
+ },
+ {
+ "type": "ansible",
+ "playbook_file": "provision/baseline.yaml",
+ "ansible_env_vars": [
+ "ANSIBLE_NOCOWS=1",
+ "ANSIBLE_ROLES_PATH=lf-ansible/roles",
+ "ANSIBLE_STDOUT_CALLBACK=debug"
+ ]
+ }
+ ]
+}
--- /dev/null
+{
+ "base_image": "LF - CentOS 7.1711 (2017-11-05)",
+ "distro": "CentOS 7",
+ "ssh_user": "centos",
+ "cloud_user_data": "provision/rh-user_data.sh"
+}
--- /dev/null
+{
+ "base_image": "LF - Ubuntu 16.04 LTS (2017-12-01)",
+ "distro": "Ubuntu 16.04",
+ "ssh_user": "ubuntu",
+ "cloud_user_data": "provision/ubuntu-user_data.sh"
+}
Code Review / releng / common-packer.git / commitdiff