There is no jenkins, only zuul! With zuulv3 running in production,
there is no more need to add jenkins user or scripts to our images.
Move chmod of /opt/cache/files from
nodepool/elements/jenkins-slave/install.d/20-jenkins-slave to
nodepool/elements/zuul-worker/install.d/60-zuul-worker
We also leave the jenkins-slave elements for now, in case 3rd party CI
use them.
Change-Id: Ia9750877fbc1a17ec467ca4ac685afdb9c1627f8
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We use paths relative to the current user's homedir to find the location
of the cached files for devstack. Unfortunately we only set up the
symlink for that in Jenkins' homedir and not Zuul's. Update that so
either user can find the cache.
Change-Id: Iff9bcb9700ad5eab36cf8c42d5b6c145dee342b5
Old legacy jobs will continue to want tocheck that the test user isn't
using sudo if sudo has been disabled. Add a zuul version of the checker
script and update the sudo rules to allow the zuul user to run it.
Change-Id: I10720cdec309dc8418b6cf7e9badf9a04aa8e98e
Not all distros - like openSUSE - create a separate group for each user.
Be explicit when creating zuul user like in
nodepool/elements/jenkins-slave/install.d/20-jenkins-slave.
Code later assumes that user and group are both named zuul, so we need
to set the specific zuul group.
Also, set /bin/bash as root shell following a similar change for
jenkins done in Ic671b7c5344a1e7980bede88bee730b50764e60b to keep these
two invocations in sync.
Change-Id: Iec8de3c0799aa023ace8f172f84bf8a137d0967b
The devuser element is designed to add a single development user and
manage their keys. Any local use of devuser by a developer thus
silently conflicts with zuul-worker.
Additionally, this is currently tacitly taking the public-key from
~/.ssh/id_rsa.pub -- i.e. the public key of the currently building
user. Mixing permissions from the builder into the final-image makes
sense for a development-user case, but not for deploying worker
accounts.
This simply creates the worker account by hand, which is easy enough.
To maintain the status-quo we still source ~/.ssh/id_rsa.pub by
default, but provide a documented flag to override this.
Change-Id: Ic9c9e415c158ad1f057b8d2aa2776dbe2bbd1e47