diff --git a/inventory/testing/group_vars/zuul-connections.yaml b/inventory/testing/group_vars/zuul-connections.yaml new file mode 100644 index 0000000..e4e6388 --- /dev/null +++ b/inventory/testing/group_vars/zuul-connections.yaml @@ -0,0 +1,76 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +# windmill.ssh +zuul_connections_ssh: + - ssh_key_private_content: | + -----BEGIN RSA PRIVATE KEY----- + MIIJKAIBAAKCAgEA4sxcS8zPIPc3Hviv6cGVmUmvsMqMRX8lU3EBM22+yDNKfL/8 + uAj0B8y9QzWKeFPncmwvtxI3Z0igFyD+5C0coQSg7SMgSoWdFPdlkctPQAZ5jafp + FmhAMp6UpYqSAD9IlaYIzbEaR7yx+WH5vhBLCyKmQSyhC97oewfhZMg1qDoeKQZn + HcskUsIS4Bq8KMRGsAtEjiNWzR2EPNhJWsx74H+0t+0QDLW/kbi9PhXibETw5a8r + 0G7Jm0ZEXwaSu84lC62Afj4EYmDbYXX8qoR0+CdE7e5jXpn8HoZ+5Y2lqHfz4HHW + RwBQ8F9a6VRDi7ypH9qFMNg/spZenwM0pMxhr3l0buty0MMhGohTbXgDXEqyJm05 + 3ASjCDYHWw8XVANv+NctLDsGgp+0PgVZVJkGu82VU3LSpURtDrSymewIYt89ELvX + 8oH1ZgkVRT5f7+FRGnT0TV4ueSWX3pnI9RyRJ4tJtDPCnudJEKTwg3t2cM889ubY + cQrbwQMdzGNdRBewdRWGA2Y08h7eBOly2L0Csn5ZvEdJWunaYZWOKrqvX00tjKLX + iFF/YA9IcyK1+QiDmm53BWBhTUqSMDMGwMtNyHl3K9p0Vv2bKMA7bbOWLTAihx0X + ILe8eFx2XmCev6RLnEkOx835TuYBhYmlGKbOCvy19A/SGgiBVINgXLaoQY8CAwEA + AQKCAgAB6emJdjP1OkDL0Rti5JBHl9iUrFDcsUL2Xki9T1rBw7UIMnKGdwTgH/kk + 3QnLFCIq1ADfEZdIFtPK/itIb50DOs/E0HwQROpbZ+8CeO21Q5i4+ka8Oqr4AmCM + uQucVuxc3ubKHYl0O4Jg8VOzJ94KPQOcHy1ItVvO1fUv7YSOY9cnT3eFR9aJoDua + in819NoH2EB+1ot/9ZTNEqIj0v/kmA9FUgnFoa75Is7t/C9J7Jb/ySecfaLT3Zbs + GlkYnpevbopcBlfxIJIZU26LXczC30n0nANYpAH9m/LsKvLP5hs3tJ4zQSxtqtBQ + kbZ0MmZW73gaPmjjL+Oigdtq3JKibVnoZUSEeNZOYOwPzu+rzjk8TOX7S11+QH+h + G8ZANnu+lmVjg/VsqUWPk/ERq76I7MUzOfd4LnIC7tUQuA3fzDSduAbX4PLFubSp + wySzjoonAacmyLEAQSqNBQtxVRFYr/TvKm5a4zvnrCsivssueB0Oa5vSPhyKmPmZ + ukKKfOSj1/0ohr2nGNh41EHnXrqHdeS+h9iolE9q9Y/uq6kietCmNB3Clrh/o5V+ + P4NkdfPmw9GQf95oUxjFe/Rh/yPHhqUfQC/G5kMlv7lS66dDpKlUiKoKxGLBaF7b + pGkINC0O6s2xQGh2pSqBSQjNXbVeadPOta1fygeROGeXFnTYOQKCAQEA8k1zk2ln + 3dXFnqIRs0dkQdISJvya66jcqHmxh606QAXQYbycXHX0OESDoeKDRLla1cvWCJmr + OE3xg084SiyJCZMwLzbI2uUfcB9G3ezpCRkGmFgmCBi3sIZx0/yL2oPyFIWEkdzN + gJIwVgVs3XKp7WICnRqPom+cF3i9RofDuEDs+CgtJOOFiYljZ3os+LXU3zCN80uz + 9XnY6861FPLRD0AuINExz2J1JTsRd1RoH5LhIG8EiLhilVLVqABJBXdXiSZltb8M + mlUmPoEUGsvSflu/MmCEsj8b6s4JNDbA4/Mpv7L4XogLsEJnAsY6BbrZ0IwvE2yF + h9cd777WGAhCiwKCAQEA756I60ngoVioIm3lQm3adLgGUxIc1BldFxkvl3NdeV2g + Stx3LF1Y2EnWZQQwx3n5IWSSoeo1zf/sMdoZXCUP9eCJrxbKYrYn0qWwsbXTz47b + AvXCfYiWU9PE6p5oGIljJ1FSpVwuLWg4sZxuJMLYVkUuTy9d95FQMmGb6GYNXYZW + SkUQKwO6H/ItcApvSw81YfWZdE7uQp0NiHeZBLotDMwHlfKRime+5dMhUb089bwU + oatFJ8oogdFe1hTXW3eyA+vnVNcLaUUUKFlMpTQ6UuNkY7v3BT9slpGkrFNXiZk2 + 4fV6NbVJ3MtozwwNJg74JDDtf9R3nTOWaoSYpv0xjQKCAQAhHZ7HLefJNNdOh/39 + T6uPJ2PdujZ+MNT/nao6zd0hNOo3AW0pYeGf8xU+gdPJB8A3aiV1hXMWPejdNm2O + DaopCdnTChzHdfsm+s9Xs3JiEO6K0blY7+/jC2zxORnwIopqbZkhyli30sMSbqlj + VrGMxRFwYVnyLGjb+F9+DT4dp5n7jJom6YWtt35DfTo6P7e5TUyJTPZqfV29VMIA + +/LAr9feGllBa8Zw8TLA6WNVtWBZa3LmMLUgjXKwBGH2gkoPb5UFEvho+2w/rKqP + wv2g0W8/NlvMdL2fCMvPPBB+1xQEpDQ3z0Yxr9GeWnNBpzjvvMkOUY2qdCceRinC + nRZjAoIBAQDiiYg6ogq7n3y9qBYR+peIt55LFRmqMByBRO9oiMn7fteXTt1gVRQ0 + z4Hg2NhhDmDJADNc3ndlvSmJa/+DzQpM0653mN1X+4ykqr7lE9kfJpjKMJxiYCp3 + MAPAKGiToffa6Rhweziw9xJ6YEEFgixTS25fsJFvB7PBHeTvDuRd4i5cYvTJJenm + X+gzP7o+RS+b4Dzm5+R7l81+kktZW8ZRjecyDTUpm7GvyC58/6LNU7ZRrgFgf9BS + AyZc0TFVKVFkQbffzrrcGFHZX6uFmF33lUGIxODh1jeMFj+QJ+7fiLmJYLHcavtc + wfXhoSwhKg/Q72zp6G35chcntxo27bLVAoIBAEZlZfr/ifq9gmgTxjHQ//GJ80SV + 7y0K75e0bt/BkMU8EiqqsX5CywxSTH54tACzDIduMq0EFp+sK3bEzD7vPQ1QqJ3N + L2XkOO05o506RC4DbuwmQtYOCok+4IPuCF6FduCa0cYo/S8+UBxbjusauZET46J9 + r7KG1PGaIGfwQCcf4mzlAutR977M/FyN967J/gtP5QTBof1HEqPsTvaxe595KeUe + csgN17HFJXSaBudMf84xmCOc7rULAItXqmLIeNHTztjbjB4IAwpDon0qe+EfVt7z + eqZTcm7faWJiFVZNdnGD4uc0P+syWLmp1uX2hJfV/0WI+yPeDoRk6q+97W4= + -----END RSA PRIVATE KEY----- + + ssh_key_private_dest: /var/lib/zuul/.ssh/gerrit_id_rsa + ssh_key_public_content: | + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDizFxLzM8g9zce+K/pwZWZSa+wyoxFfyVTcQEzbb7IM0p8v/y4CPQHzL1DNYp4U+dybC+3EjdnSKAXIP7kLRyhBKDtIyBKhZ0U92WRy09ABnmNp+kWaEAynpSlipIAP0iVpgjNsRpHvLH5Yfm+EEsLIqZBLKEL3uh7B+FkyDWoOh4pBmcdyyRSwhLgGrwoxEawC0SOI1bNHYQ82ElazHvgf7S37RAMtb+RuL0+FeJsRPDlryvQbsmbRkRfBpK7ziULrYB+PgRiYNthdfyqhHT4J0Tt7mNemfwehn7ljaWod/PgcdZHAFDwX1rpVEOLvKkf2oUw2D+yll6fAzSkzGGveXRu63LQwyEaiFNteANcSrImbTncBKMINgdbDxdUA2/41y0sOwaCn7Q+BVlUmQa7zZVTctKlRG0OtLKZ7Ahi3z0Qu9fygfVmCRVFPl/v4VEadPRNXi55JZfemcj1HJEni0m0M8Ke50kQpPCDe3Zwzzz25thxCtvBAx3MY11EF7B1FYYDZjTyHt4E6XLYvQKyflm8R0la6dphlY4quq9fTS2MoteIUX9gD0hzIrX5CIOabncFYGFNSpIwMwbAy03IeXcr2nRW/ZsowDtts5YtMCKHHRcgt7x4XHZeYJ6/pEucSQ7HzflO5gGFiaUYps4K/LX0D9IaCIFUg2BctqhBjw== gerrit@example.org + + ssh_key_public_dest: /var/lib/zuul/.ssh/gerrit_id_rsa.pub + ssh_user_home: /var/lib/zuul + ssh_user_name: zuul diff --git a/inventory/testing/group_vars/zuul-executor.yaml b/inventory/testing/group_vars/zuul-executor.yaml index b700611..6d682d0 100644 --- a/inventory/testing/group_vars/zuul-executor.yaml +++ b/inventory/testing/group_vars/zuul-executor.yaml @@ -34,8 +34,8 @@ logrotate_configs: - notifempty # windmill.ssh -ssh_user_name: "{{ zuul_user_name|default('zuul') }}" -ssh_user_home: "{{ zuul_user_home|default('/var/lib/zuul') }}" +ssh_user_name: zuul +ssh_user_home: /var/lib/zuul ssh_key_private_content: | -----BEGIN RSA PRIVATE KEY----- diff --git a/inventory/testing/group_vars/zuul-scheduler.yaml b/inventory/testing/group_vars/zuul-scheduler.yaml index 9397ed6..8ec986e 100644 --- a/inventory/testing/group_vars/zuul-scheduler.yaml +++ b/inventory/testing/group_vars/zuul-scheduler.yaml @@ -32,66 +32,3 @@ logrotate_configs: - rotate 7 - daily - notifempty - -# windmill.ssh -ssh_user_name: "{{ zuul_user_name|default('zuul') }}" -ssh_user_home: "{{ zuul_user_home|default('/var/lib/zuul') }}" - -ssh_key_private_content: | - -----BEGIN RSA PRIVATE KEY----- - MIIJKAIBAAKCAgEA4sxcS8zPIPc3Hviv6cGVmUmvsMqMRX8lU3EBM22+yDNKfL/8 - uAj0B8y9QzWKeFPncmwvtxI3Z0igFyD+5C0coQSg7SMgSoWdFPdlkctPQAZ5jafp - FmhAMp6UpYqSAD9IlaYIzbEaR7yx+WH5vhBLCyKmQSyhC97oewfhZMg1qDoeKQZn - HcskUsIS4Bq8KMRGsAtEjiNWzR2EPNhJWsx74H+0t+0QDLW/kbi9PhXibETw5a8r - 0G7Jm0ZEXwaSu84lC62Afj4EYmDbYXX8qoR0+CdE7e5jXpn8HoZ+5Y2lqHfz4HHW - RwBQ8F9a6VRDi7ypH9qFMNg/spZenwM0pMxhr3l0buty0MMhGohTbXgDXEqyJm05 - 3ASjCDYHWw8XVANv+NctLDsGgp+0PgVZVJkGu82VU3LSpURtDrSymewIYt89ELvX - 8oH1ZgkVRT5f7+FRGnT0TV4ueSWX3pnI9RyRJ4tJtDPCnudJEKTwg3t2cM889ubY - cQrbwQMdzGNdRBewdRWGA2Y08h7eBOly2L0Csn5ZvEdJWunaYZWOKrqvX00tjKLX - iFF/YA9IcyK1+QiDmm53BWBhTUqSMDMGwMtNyHl3K9p0Vv2bKMA7bbOWLTAihx0X - ILe8eFx2XmCev6RLnEkOx835TuYBhYmlGKbOCvy19A/SGgiBVINgXLaoQY8CAwEA - AQKCAgAB6emJdjP1OkDL0Rti5JBHl9iUrFDcsUL2Xki9T1rBw7UIMnKGdwTgH/kk - 3QnLFCIq1ADfEZdIFtPK/itIb50DOs/E0HwQROpbZ+8CeO21Q5i4+ka8Oqr4AmCM - uQucVuxc3ubKHYl0O4Jg8VOzJ94KPQOcHy1ItVvO1fUv7YSOY9cnT3eFR9aJoDua - in819NoH2EB+1ot/9ZTNEqIj0v/kmA9FUgnFoa75Is7t/C9J7Jb/ySecfaLT3Zbs - GlkYnpevbopcBlfxIJIZU26LXczC30n0nANYpAH9m/LsKvLP5hs3tJ4zQSxtqtBQ - kbZ0MmZW73gaPmjjL+Oigdtq3JKibVnoZUSEeNZOYOwPzu+rzjk8TOX7S11+QH+h - G8ZANnu+lmVjg/VsqUWPk/ERq76I7MUzOfd4LnIC7tUQuA3fzDSduAbX4PLFubSp - wySzjoonAacmyLEAQSqNBQtxVRFYr/TvKm5a4zvnrCsivssueB0Oa5vSPhyKmPmZ - ukKKfOSj1/0ohr2nGNh41EHnXrqHdeS+h9iolE9q9Y/uq6kietCmNB3Clrh/o5V+ - P4NkdfPmw9GQf95oUxjFe/Rh/yPHhqUfQC/G5kMlv7lS66dDpKlUiKoKxGLBaF7b - pGkINC0O6s2xQGh2pSqBSQjNXbVeadPOta1fygeROGeXFnTYOQKCAQEA8k1zk2ln - 3dXFnqIRs0dkQdISJvya66jcqHmxh606QAXQYbycXHX0OESDoeKDRLla1cvWCJmr - OE3xg084SiyJCZMwLzbI2uUfcB9G3ezpCRkGmFgmCBi3sIZx0/yL2oPyFIWEkdzN - gJIwVgVs3XKp7WICnRqPom+cF3i9RofDuEDs+CgtJOOFiYljZ3os+LXU3zCN80uz - 9XnY6861FPLRD0AuINExz2J1JTsRd1RoH5LhIG8EiLhilVLVqABJBXdXiSZltb8M - mlUmPoEUGsvSflu/MmCEsj8b6s4JNDbA4/Mpv7L4XogLsEJnAsY6BbrZ0IwvE2yF - h9cd777WGAhCiwKCAQEA756I60ngoVioIm3lQm3adLgGUxIc1BldFxkvl3NdeV2g - Stx3LF1Y2EnWZQQwx3n5IWSSoeo1zf/sMdoZXCUP9eCJrxbKYrYn0qWwsbXTz47b - AvXCfYiWU9PE6p5oGIljJ1FSpVwuLWg4sZxuJMLYVkUuTy9d95FQMmGb6GYNXYZW - SkUQKwO6H/ItcApvSw81YfWZdE7uQp0NiHeZBLotDMwHlfKRime+5dMhUb089bwU - oatFJ8oogdFe1hTXW3eyA+vnVNcLaUUUKFlMpTQ6UuNkY7v3BT9slpGkrFNXiZk2 - 4fV6NbVJ3MtozwwNJg74JDDtf9R3nTOWaoSYpv0xjQKCAQAhHZ7HLefJNNdOh/39 - T6uPJ2PdujZ+MNT/nao6zd0hNOo3AW0pYeGf8xU+gdPJB8A3aiV1hXMWPejdNm2O - DaopCdnTChzHdfsm+s9Xs3JiEO6K0blY7+/jC2zxORnwIopqbZkhyli30sMSbqlj - VrGMxRFwYVnyLGjb+F9+DT4dp5n7jJom6YWtt35DfTo6P7e5TUyJTPZqfV29VMIA - +/LAr9feGllBa8Zw8TLA6WNVtWBZa3LmMLUgjXKwBGH2gkoPb5UFEvho+2w/rKqP - wv2g0W8/NlvMdL2fCMvPPBB+1xQEpDQ3z0Yxr9GeWnNBpzjvvMkOUY2qdCceRinC - nRZjAoIBAQDiiYg6ogq7n3y9qBYR+peIt55LFRmqMByBRO9oiMn7fteXTt1gVRQ0 - z4Hg2NhhDmDJADNc3ndlvSmJa/+DzQpM0653mN1X+4ykqr7lE9kfJpjKMJxiYCp3 - MAPAKGiToffa6Rhweziw9xJ6YEEFgixTS25fsJFvB7PBHeTvDuRd4i5cYvTJJenm - X+gzP7o+RS+b4Dzm5+R7l81+kktZW8ZRjecyDTUpm7GvyC58/6LNU7ZRrgFgf9BS - AyZc0TFVKVFkQbffzrrcGFHZX6uFmF33lUGIxODh1jeMFj+QJ+7fiLmJYLHcavtc - wfXhoSwhKg/Q72zp6G35chcntxo27bLVAoIBAEZlZfr/ifq9gmgTxjHQ//GJ80SV - 7y0K75e0bt/BkMU8EiqqsX5CywxSTH54tACzDIduMq0EFp+sK3bEzD7vPQ1QqJ3N - L2XkOO05o506RC4DbuwmQtYOCok+4IPuCF6FduCa0cYo/S8+UBxbjusauZET46J9 - r7KG1PGaIGfwQCcf4mzlAutR977M/FyN967J/gtP5QTBof1HEqPsTvaxe595KeUe - csgN17HFJXSaBudMf84xmCOc7rULAItXqmLIeNHTztjbjB4IAwpDon0qe+EfVt7z - eqZTcm7faWJiFVZNdnGD4uc0P+syWLmp1uX2hJfV/0WI+yPeDoRk6q+97W4= - -----END RSA PRIVATE KEY----- - -ssh_key_private_dest: "{{ ssh_user_home }}/.ssh/gerrit_id_rsa" - -ssh_key_public_content: | - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDizFxLzM8g9zce+K/pwZWZSa+wyoxFfyVTcQEzbb7IM0p8v/y4CPQHzL1DNYp4U+dybC+3EjdnSKAXIP7kLRyhBKDtIyBKhZ0U92WRy09ABnmNp+kWaEAynpSlipIAP0iVpgjNsRpHvLH5Yfm+EEsLIqZBLKEL3uh7B+FkyDWoOh4pBmcdyyRSwhLgGrwoxEawC0SOI1bNHYQ82ElazHvgf7S37RAMtb+RuL0+FeJsRPDlryvQbsmbRkRfBpK7ziULrYB+PgRiYNthdfyqhHT4J0Tt7mNemfwehn7ljaWod/PgcdZHAFDwX1rpVEOLvKkf2oUw2D+yll6fAzSkzGGveXRu63LQwyEaiFNteANcSrImbTncBKMINgdbDxdUA2/41y0sOwaCn7Q+BVlUmQa7zZVTctKlRG0OtLKZ7Ahi3z0Qu9fygfVmCRVFPl/v4VEadPRNXi55JZfemcj1HJEni0m0M8Ke50kQpPCDe3Zwzzz25thxCtvBAx3MY11EF7B1FYYDZjTyHt4E6XLYvQKyflm8R0la6dphlY4quq9fTS2MoteIUX9gD0hzIrX5CIOabncFYGFNSpIwMwbAy03IeXcr2nRW/ZsowDtts5YtMCKHHRcgt7x4XHZeYJ6/pEucSQ7HzflO5gGFiaUYps4K/LX0D9IaCIFUg2BctqhBjw== gerrit@example.org -ssh_key_public_dest: "{{ ssh_user_home }}/.ssh/gerrit_id_rsa.pub" diff --git a/inventory/testing/hosts b/inventory/testing/hosts index d9e5042..51d523b 100644 --- a/inventory/testing/hosts +++ b/inventory/testing/hosts @@ -40,3 +40,8 @@ zuul-fingergw zuul-merger zuul-scheduler zuul-web + +[zuul-connections:children] +zuul-executor +zuul-merger +zuul-scheduler diff --git a/playbooks/zuul.yaml b/playbooks/zuul.yaml index 4810bf2..9f348fe 100644 --- a/playbooks/zuul.yaml +++ b/playbooks/zuul.yaml @@ -12,8 +12,8 @@ # License for the specific language governing permissions and limitations # under the License. --- -- name: Bootstrap zuul-executor and zuul-scheduler - hosts: zuul-executor, zuul-scheduler +- name: Bootstrap SSH keys for zuul-connections + hosts: zuul-connections tasks: # NOTE(pabelanger): Because of ordering issues create the required home @@ -28,11 +28,23 @@ - name: Setup openstack.ssh role include_role: name: openstack.ssh + with_items: "{{ zuul_connections_ssh }}" + vars: + ssh_key_private_content: "{{ item.ssh_key_private_content }}" + ssh_key_private_dest: "{{ item.ssh_key_private_dest }}" + ssh_key_public_content: "{{ item.ssh_key_public_content }}" + ssh_key_public_dest: "{{ item.ssh_key_public_dest }}" + ssh_user_name: "{{ item.ssh_user_name }}" + ssh_user_home: "{{ item.ssh_user_home }}" - name: Bootstrap zuul-executor hosts: zuul-executor tasks: + - name: Setup openstack.ssh role + include_role: + name: openstack.ssh + # TODO(pabelanger): I'm thinking we should likely create # ansible-role-bubblewrap to allow user to better manage this dependency. - name: Ensure bubblewrap is present