├── .gitignore ├── README.md ├── ansible-controller.yml ├── ansible.cfg ├── bootstrap.yml ├── dci-agent.yml ├── nodepool.yml ├── play.sh ├── requirements.txt ├── roles.yml ├── roles ├── bootstrap-pip │ ├── tasks │ │ └── main.yml │ └── vars │ │ ├── Debian.yml │ │ └── RedHat.yml └── dci-agent │ ├── defaults │ └── main.yaml │ ├── tasks │ ├── Debian.yaml │ ├── RedHat.yaml │ └── main.yaml │ └── templates │ ├── ansible.cfg │ └── env.sh ├── site.yml └── zuul.yml /.gitignore: -------------------------------------------------------------------------------- 1 | .vaultpass 2 | .environment 3 | files 4 | inventories 5 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # network-infra-playbooks 2 | Playbooks and roles for installing and managing Ansible networking CI 3 | -------------------------------------------------------------------------------- /ansible-controller.yml: -------------------------------------------------------------------------------- 1 | - hosts: ansible-controller 2 | connection: local 3 | 4 | tasks: 5 | - name: Create .config/openstack path 6 | file: 7 | path: ~/.config/openstack 8 | state: directory 9 | mode: 0755 10 | - name: "Copy the clouds.yaml file into .config/openstack" 11 | copy: 12 | src: 'files/{{ inventory_dir | basename }}/{{ inventory_hostname }}/clouds.yaml' 13 | dest: ~/.config/openstack/clouds.yaml 14 | mode: 0644 15 | - include_vars: 16 | file: 'files/{{ inventory_dir | basename }}/{{ inventory_hostname }}/resources.yml' 17 | - include_role: 18 | name: ansible-role-cloud-launcher 19 | - name: Wait for nodepool to be reachable 20 | wait_for_connection: 21 | remote_user: ubuntu 22 | delegate_to: "{{ hostvars['nodepool']['ansible_host'] }}" 23 | - name: Wait for dci-agent to be reachable 24 | wait_for_connection: 25 | remote_user: centos 26 | delegate_to: "{{ hostvars['dci-agent']['ansible_host'] }}" 27 | - name: Set up cronjob to run infra playbooks 28 | cron: 29 | name: "run infra playbooks" 30 | user: centos 31 | special_time: hourly 32 | job: /home/centos/network-infra-playbooks/play.sh 33 | when: hostvars['ansible-controller']['enable_play_cronjob'] 34 | -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | host_key_checking = no 3 | -------------------------------------------------------------------------------- /bootstrap.yml: -------------------------------------------------------------------------------- 1 | - hosts: localhost 2 | connection: local 3 | gather_facts: no 4 | 5 | tasks: 6 | - name: Create ssh-from-external security group 7 | os_security_group: 8 | state: present 9 | cloud: "{{ hostvars['ansible-controller']['bootstrap_cloud'] }}" 10 | name: ssh-from-external 11 | description: Allow SSH from all external IPs 12 | - name: Add rules to ssh-from-external security group 13 | os_security_group_rule: 14 | state: present 15 | cloud: "{{ hostvars['ansible-controller']['bootstrap_cloud'] }}" 16 | security_group: ssh-from-external 17 | protocol: tcp 18 | port_range_min: 22 19 | port_range_max: 22 20 | remote_ip_prefix: 0.0.0.0/0 21 | - name: Create ansible-controller VM 22 | os_server: 23 | state: present 24 | cloud: "{{ hostvars['ansible-controller']['bootstrap_cloud'] }}" 25 | name: ansible-controller 26 | image: CentOS-7-x86_64-GenericCloud-1706 27 | key_name: ansible-bootstrap 28 | flavor: m1.small 29 | floating_ips: "{{ hostvars['ansible-controller']['ansible_host'] }}" 30 | security_groups: ssh-from-external 31 | network: management-network 32 | 33 | - name: Wait for ansible-controller to be reachable 34 | wait_for_connection: 35 | remote_user: centos 36 | delegate_to: "{{ hostvars['ansible-controller']['ansible_host'] }}" 37 | 38 | - hosts: ansible-controller 39 | remote_user: centos 40 | 41 | tasks: 42 | - name: Install required packages 43 | yum: 44 | name: "{{ item }}" 45 | state: present 46 | update_cache: yes 47 | with_items: 48 | - gcc 49 | - python-devel 50 | - git 51 | become: yes 52 | - name: Remove packages that will be installed with pip later 53 | yum: 54 | name: "{{ item }}" 55 | state: absent 56 | with_items: 57 | - python-urllib3 58 | - requests 59 | become: yes 60 | - name: Copy SSH private key 61 | copy: 62 | content: "{{ lookup('file', '~/.ssh/ansible-bootstrap') }}" 63 | dest: /home/centos/.ssh/id_rsa 64 | mode: 0400 65 | - name: Clone network-infra-playbooks repo 66 | git: 67 | name: git@github.com:ansible/network-infra-playbooks.git 68 | dest: /home/centos/network-infra-playbooks 69 | accept_hostkey: yes 70 | - name: Clone network-infra repo 71 | git: 72 | name: git@github.com:ansible/network-infra.git 73 | dest: /home/centos/network-infra 74 | key_file: /home/centos/.ssh/id_rsa 75 | accept_hostkey: yes 76 | - name: Bootstrap pip 77 | include_role: 78 | name: bootstrap-pip 79 | - name: Install pip packages from requirements.txt 80 | pip: 81 | requirements: /home/centos/network-infra-playbooks/requirements.txt 82 | become: yes 83 | - command: ansible-galaxy install -r roles.yml -p /etc/ansible/roles 84 | args: 85 | chdir: /home/centos/network-infra-playbooks 86 | become: yes 87 | - name: Copy vault password to file for ongoing use 88 | copy: 89 | content: "{{ vaultpass }}" 90 | dest: /home/centos/network-infra-playbooks/.vaultpass 91 | - name: Copy ci_environment to file for ongoing use 92 | copy: 93 | content: "{{ inventory_dir | basename }}" 94 | dest: /home/centos/network-infra-playbooks/.ci_environment 95 | - name: Create images folder on centos home folder 96 | file: 97 | path: /home/centos/images 98 | state: directory 99 | mode: 0755 100 | - name: Copy local images folder contents on remote 101 | synchronize: 102 | src: ~/images/ 103 | dest: /home/centos/images 104 | - name: Create link to network-infra files 105 | file: 106 | src: /home/centos/network-infra/files 107 | dest: /home/centos/network-infra-playbooks/files 108 | state: link 109 | - name: Create link to network-infra inventories 110 | file: 111 | src: /home/centos/network-infra/inventories 112 | dest: /home/centos/network-infra-playbooks/inventories 113 | state: link 114 | - command: "flock -n /tmp/ansible-playbook.lock ansible-playbook --vault-password-file .vaultpass -i inventories/{{ inventory_dir | basename }} site.yml" 115 | args: 116 | chdir: /home/centos/network-infra-playbooks 117 | -------------------------------------------------------------------------------- /dci-agent.yml: -------------------------------------------------------------------------------- 1 | - hosts: dci-agent 2 | remote_user: centos 3 | 4 | tasks: 5 | - yum: 6 | name: "{{ item }}" 7 | update_cache: yes 8 | become: yes 9 | with_items: 10 | - unzip 11 | - git 12 | - include_role: 13 | name: dci-agent 14 | - file: 15 | path: /home/centos/.ssh 16 | state: directory 17 | mode: 0700 18 | - copy: 19 | src: 'files/{{ inventory_dir | basename }}/{{ inventory_hostname }}/id_rsa' 20 | dest: /home/centos/.ssh 21 | mode: 0600 22 | - copy: 23 | src: 'files/{{ inventory_dir | basename }}/{{ inventory_hostname }}/authorized_keys' 24 | dest: /home/centos/.ssh 25 | mode: 0600 26 | - name: Copy dci-ansible files 27 | copy: 28 | src: 'files/{{ inventory_dir | basename }}/{{ inventory_hostname }}/dci-ansible' 29 | dest: /home/centos 30 | - name: Create /usr/share/dci/roles folder if needed 31 | file: 32 | path: /usr/share/dci/roles 33 | state: directory 34 | mode: 0755 35 | become: yes 36 | - name: Copy dci-feeders foles files 37 | synchronize: 38 | src: 'files/{{ inventory_dir | basename }}/{{ inventory_hostname }}/ansible-role-dci-feeders/' 39 | dest: /usr/share/dci/roles/dci-feeders 40 | become: yes 41 | - name: Copy dci-feeders files 42 | synchronize: 43 | src: 'files/{{ inventory_dir | basename }}/{{ inventory_hostname }}/dci-feeders' 44 | dest: /usr/share/dci 45 | become: yes 46 | - name: Copy feeders.sh file 47 | copy: 48 | src: 'files/{{ inventory_dir | basename }}/{{ inventory_hostname }}/feeders.sh' 49 | dest: /etc/dci 50 | owner: centos 51 | group: centos 52 | become: yes 53 | - block: 54 | - name: Set cron for running dci feeders 55 | cron: 56 | name: dci feeders 57 | minute: '0' 58 | job: source /etc/dci/feeders.sh && bash -c "cd /usr/share/dci/dci-feeders/ && ansible-playbook playbook.yml" 59 | user: centos 60 | - name: Set cron for deleting old checouts 61 | cron: 62 | name: dci checkout cleanup 63 | minute: '0' 64 | job: 'find /home/centos/dci-workspace/ansible/ -mindepth 1 -maxdepth 1 -type d -mtime +3 -exec rm -rf {} \;' 65 | user: centos 66 | #################### 67 | 68 | ##### NOTE If you change the cron ensure you manually delete all existing cron entries on dci-agent before running this role 69 | 70 | - name: Set cron for running VyOS against Ansible devel 71 | cron: 72 | state: present 73 | name: VyOS devel 74 | minute: '0' 75 | hour: '1' 76 | job: source /etc/dci/vyos.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='vyos' -e topic='Ansible-devel'" 77 | user: centos 78 | - name: Set cron for running OpenvSwitch against Ansible devel 79 | cron: 80 | state: present 81 | name: OpenvSwitch devel 82 | minute: '0' 83 | hour: '2' 84 | job: source /etc/dci/openvswitch.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='openvswitch' -e topic='Ansible-devel'" 85 | user: centos 86 | - name: Set cron for running Junos against Ansible devel 87 | cron: 88 | state: present 89 | name: JUNOS devel 90 | minute: '0' 91 | hour: '3' 92 | job: source /etc/dci/junos.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='junos' -e topic='Ansible-devel'" 93 | user: centos 94 | - name: Set cron for running EOS against Ansible devel 95 | cron: 96 | state: present 97 | name: EOS devel 98 | minute: '0' 99 | hour: '4' 100 | job: source /etc/dci/eos.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='eos' -e topic='Ansible-devel'" 101 | user: centos 102 | - name: Set cron for running NXOS against Ansible devel 103 | cron: 104 | state: present 105 | name: NXOS devel 106 | minute: '0' 107 | hour: '5' 108 | job: source /etc/dci/nxos.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='nxos' -e topic='Ansible-devel'" 109 | user: centos 110 | - name: Set cron for running IOS against Ansible devel 111 | cron: 112 | state: present 113 | name: IOS devel 114 | minute: '0' 115 | hour: '6' 116 | job: source /etc/dci/ios.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='ios' -e topic='Ansible-devel'" 117 | user: centos 118 | - name: Set cron for running IOS-XR against Ansible devel 119 | cron: 120 | state: present 121 | name: IOS-XR devel 122 | minute: '0' 123 | hour: '7' 124 | job: source /etc/dci/iosxr.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='iosxr' -e topic='Ansible-devel'" 125 | user: centos 126 | #################### 127 | - name: Set cron for running VyOS against Ansible 2.6 128 | cron: 129 | state: present 130 | name: VyOS 2.6 131 | minute: '0' 132 | hour: '8' 133 | job: source /etc/dci/vyos.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='vyos' -e topic='Ansible-2.6'" 134 | user: centos 135 | - name: Set cron for running OpenvSwitch against Ansible 2.6 136 | cron: 137 | state: present 138 | name: OpenvSwitch 2.6 139 | minute: '0' 140 | hour: '9' 141 | job: source /etc/dci/openvswitch.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='openvswitch' -e topic='Ansible-2.6'" 142 | user: centos 143 | - name: Set cron for running JUNOS against Ansible 2.6 144 | cron: 145 | state: present 146 | name: JUNOS 2.6 147 | minute: '0' 148 | hour: '10' 149 | job: source /etc/dci/junos.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='junos' -e topic='Ansible-2.6'" 150 | user: centos 151 | - name: Set cron for running EOS against Ansible 2.6 152 | cron: 153 | state: present 154 | name: EOS 2.6 155 | minute: '0' 156 | hour: '11' 157 | job: source /etc/dci/eos.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='eos' -e topic='Ansible-2.6'" 158 | user: centos 159 | - name: Set cron for running NXOS against Ansible 2.6 160 | cron: 161 | state: present 162 | name: NXOS 2.6 163 | minute: '0' 164 | hour: '12' 165 | job: source /etc/dci/nxos.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='nxos' -e topic='Ansible-2.6'" 166 | user: centos 167 | - name: Set cron for running IOS against Ansible 2.6 168 | cron: 169 | state: present 170 | name: IOS 2.6 171 | minute: '0' 172 | hour: '13' 173 | job: source /etc/dci/ios.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='ios' -e topic='Ansible-2.6'" 174 | user: centos 175 | - name: Set cron for running IOS-XR against Ansible 2.6 176 | cron: 177 | state: present 178 | name: IOS-XR 2.6 179 | minute: '0' 180 | hour: '14' 181 | job: source /etc/dci/iosxr.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='iosxr' -e topic='Ansible-2.6'" 182 | user: centos 183 | #################### 184 | - name: Set cron for running VyOS against Ansible 2.7 185 | cron: 186 | state: present 187 | name: VyOS 2.7 188 | minute: '0' 189 | hour: '15' 190 | job: source /etc/dci/vyos.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='vyos' -e topic='Ansible-2.7'" 191 | user: centos 192 | - name: Set cron for running OpenvSwitch against Ansible 2.7 193 | cron: 194 | state: present 195 | name: OpenvSwitch 2.7 196 | minute: '0' 197 | hour: '16' 198 | job: source /etc/dci/openvswitch.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='openvswitch' -e topic='Ansible-2.7'" 199 | user: centos 200 | - name: Set cron for running Junos against Ansible 2.7 201 | cron: 202 | state: present 203 | name: JUNOS 2.7 204 | minute: '0' 205 | hour: '17' 206 | job: source /etc/dci/junos.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='junos' -e topic='Ansible-2.7'" 207 | user: centos 208 | - name: Set cron for running EOS against Ansible 2.7 209 | cron: 210 | state: present 211 | name: EOS 2.7 212 | minute: '0' 213 | hour: '18' 214 | job: source /etc/dci/eos.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='eos' -e topic='Ansible-2.7'" 215 | user: centos 216 | - name: Set cron for running NXOS against Ansible 2.7 217 | cron: 218 | state: present 219 | name: NXOS 2.7 220 | minute: '0' 221 | hour: '19' 222 | job: source /etc/dci/nxos.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='nxos' -e topic='Ansible-2.7'" 223 | user: centos 224 | - name: Set cron for running IOS against Ansible 2.7 225 | cron: 226 | state: present 227 | name: IOS 2.7 228 | minute: '0' 229 | hour: '20' 230 | job: source /etc/dci/ios.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='ios' -e topic='Ansible-2.7'" 231 | user: centos 232 | - name: Set cron for running IOS-XR against Ansible 2.7 233 | cron: 234 | state: present 235 | name: IOS-XR 2.7 236 | minute: '0' 237 | hour: '21' 238 | job: source /etc/dci/iosxr.sh && bash -c "cd dci-ansible && ansible-playbook -i inventory playbook.yml -e platform='iosxr' -e topic='Ansible-2.7'" 239 | user: centos 240 | when: hostvars['dci-agent']['enable_dci_cronjobs'] 241 | -------------------------------------------------------------------------------- /nodepool.yml: -------------------------------------------------------------------------------- 1 | - hosts: nodepool 2 | become: yes 3 | remote_user: ubuntu 4 | 5 | tasks: 6 | - user: 7 | name: nodepool 8 | home: /var/lib/nodepool 9 | - file: 10 | path: /var/lib/nodepool/.ssh 11 | owner: nodepool 12 | group: nodepool 13 | state: directory 14 | mode: 0700 15 | - copy: 16 | src: 'files/{{ inventory_dir | basename }}/{{ inventory_hostname }}/id_rsa' 17 | dest: /var/lib/nodepool/.ssh 18 | owner: nodepool 19 | group: nodepool 20 | mode: 0600 21 | - copy: 22 | src: 'files/{{ inventory_dir | basename }}/{{ inventory_hostname }}/authorized_keys' 23 | dest: /var/lib/nodepool/.ssh 24 | owner: nodepool 25 | group: nodepool 26 | mode: 0600 27 | - file: 28 | path: /var/lib/nodepool/.config/openstack 29 | state: directory 30 | owner: nodepool 31 | group: nodepool 32 | mode: 0755 33 | - copy: 34 | src: 'files/{{ inventory_dir | basename }}/{{ inventory_hostname }}/clouds.yaml' 35 | dest: /var/lib/nodepool/.config/openstack/clouds.yaml 36 | owner: nodepool 37 | group: nodepool 38 | mode: 0644 39 | - apt: 40 | name: python3-pip 41 | - name: Wait for dpkg lock to be released 42 | command: fuser /var/lib/dpkg/lock 43 | ignore_errors: yes 44 | register: result 45 | until: result.rc == 1 46 | retries: 5 47 | delay: 10 48 | - apt: 49 | name: build-essential 50 | - pip: 51 | name: "{{ item }}" 52 | with_items: 53 | - jinja2 54 | - junit_xml 55 | - pexpect 56 | - ncclient 57 | - jxmlease 58 | - scp 59 | - coverage 60 | - include_role: 61 | name: ansible-role-zookeeper 62 | - include_role: 63 | name: ansible-role-nodepool 64 | vars: 65 | nodepool_file_nodepool_yaml_src: 'files/{{ inventory_dir | basename }}/{{ inventory_hostname }}/nodepool.yaml' 66 | - name: Copy the Nodepool inventory folder 67 | copy: 68 | src: 'files/{{ inventory_dir | basename }}/{{ inventory_hostname }}/inventory' 69 | dest: /var/lib/nodepool 70 | owner: nodepool 71 | group: nodepool 72 | - name: Download openstack_inventory.py dynamic inventory from upstream 73 | get_url: 74 | url: https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/openstack_inventory.py 75 | dest: /var/lib/nodepool/inventory 76 | owner: nodepool 77 | group: nodepool 78 | mode: 0755 79 | - name: Make openstack_inventory.py dynamic inventory executable 80 | file: 81 | path: '/var/lib/nodepool/inventory/openstack_inventory.py' 82 | mode: 0744 83 | owner: nodepool 84 | group: nodepool 85 | -------------------------------------------------------------------------------- /play.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # This script is meant to be invoked in a cronjob to continously run our infra playbooks 3 | cd /home/centos/network-infra 4 | git checkout master -q 5 | git pull -q 6 | cd /home/centos/network-infra-playbooks 7 | git checkout master -q 8 | git pull -q 9 | flock -n /tmp/ansible-playbook.lock ansible-playbook --vault-password-file .vaultpass -i inventories/$(cat .ci_environment)/hosts site.yml 10 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | ansible 2 | python-openstackclient 3 | shade 4 | -------------------------------------------------------------------------------- /roles.yml: -------------------------------------------------------------------------------- 1 | - src: git+git://git.openstack.org/openstack/ansible-role-cloud-launcher 2 | - src: git+git://git.openstack.org/openstack/ansible-role-zookeeper 3 | - src: git+git://git.openstack.org/openstack/ansible-role-nodepool 4 | - src: git+git://git.openstack.org/openstack/ansible-role-zuul 5 | - geerlingguy.repo-epel 6 | 7 | -------------------------------------------------------------------------------- /roles/bootstrap-pip/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Load OS specific variables 3 | include_vars: "{{ item }}" 4 | with_first_found: 5 | - "{{ ansible_os_family }}.yml" 6 | 7 | - stat: 8 | path: "{{ pip_binary_path }}" 9 | register: st 10 | 11 | - block: 12 | - get_url: 13 | url: https://bootstrap.pypa.io/get-pip.py 14 | dest: /tmp 15 | validate_certs: no 16 | - shell: python /tmp/get-pip.py 17 | become: yes 18 | when: not st.stat.exists 19 | -------------------------------------------------------------------------------- /roles/bootstrap-pip/vars/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | pip_binary_path: /usr/local/bin/pip 3 | -------------------------------------------------------------------------------- /roles/bootstrap-pip/vars/RedHat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | pip_binary_path: /usr/bin/pip 3 | -------------------------------------------------------------------------------- /roles/dci-agent/defaults/main.yaml: -------------------------------------------------------------------------------- 1 | # DCI Credentials will be accessible to users in this group. 2 | dci_group_name: dci 3 | 4 | # Credentials for RemoteCIs are specified here. Each platform being tested 5 | # gets it's own RemoteCI. 6 | 7 | # remotecis: 8 | # - name: platform1 9 | # remoteci_id: YOUR_REMOTE_CI_ID_HERE 10 | # dci_control_url: https://api.distributed-ci.io 11 | # remoteci_api_key: YOUR_REMOTE_CI_API_KEY_HERE 12 | # 13 | # - name: platform2 14 | # ... 15 | -------------------------------------------------------------------------------- /roles/dci-agent/tasks/Debian.yaml: -------------------------------------------------------------------------------- 1 | - name: enable ansible repository to get the latest ansible release 2 | apt_repository: 3 | repo: ppa:ansible/ansible 4 | state: present 5 | 6 | - name: install neccessary packages 7 | apt: 8 | name: "{{ item }}" 9 | state: present 10 | with_items: 11 | - git 12 | - software-properties-common 13 | - ansible 14 | 15 | - name: install dci agent 16 | pip: 17 | name: git+https://github.com/redhat-cip/python-dciclient.git 18 | state: present 19 | editable: false 20 | 21 | - name: download ansible-dci from github 22 | git: 23 | repo: https://github.com/redhat-cip/dci-ansible.git 24 | dest: /tmp/redhat-cip/ 25 | 26 | - name: create directories 27 | file: 28 | path: /usr/share/dci/ 29 | state: directory 30 | mode: 0775 31 | owner: root 32 | group: "{{ dci_group_name }}" 33 | 34 | - name: install ansible-dci modules/plugins 35 | shell: "cp -r /tmp/redhat-cip/{{ item }} /usr/share/dci/{{ item }}" 36 | with_items: 37 | - callback 38 | - modules 39 | - module_utils 40 | 41 | - name: remove temporary files 42 | file: 43 | path: /tmp/redhat-cip/ 44 | state: absent 45 | -------------------------------------------------------------------------------- /roles/dci-agent/tasks/RedHat.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install dci-agent 3 | yum: 4 | name: https://packages.distributed-ci.io/dci-release.el7.noarch.rpm 5 | state: present 6 | become: yes 7 | 8 | - name: install dci-ansible 9 | yum: 10 | name: dci-ansible 11 | state: present 12 | become: yes 13 | 14 | - name: Add centos user to dci group 15 | user: 16 | name: centos 17 | groups: dci 18 | append: yes 19 | become: yes 20 | -------------------------------------------------------------------------------- /roles/dci-agent/tasks/main.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure required variables are defined 3 | fail: 4 | msg: "{{ item }} value missing and is required. See docs/agent_setup.md for details" 5 | when: "{{ item }} is not defined" 6 | with_items: 7 | - dci_group_name 8 | - remotecis 9 | 10 | - name: Ensure that the role is being used on a supported OS 11 | assert: 12 | that: (ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7') or 13 | (ansible_distribution == 'Ubuntu') 14 | 15 | - name: install EPEL 16 | include_role: 17 | name: geerlingguy.repo-epel 18 | when: ansible_os_family == "RedHat" 19 | become: yes 20 | 21 | - name: install pip 22 | package: 23 | name: python-pip 24 | state: present 25 | become: yes 26 | 27 | - name: Install dependencies 28 | pip: 29 | name: "{{ item }}" 30 | state: present 31 | with_items: 32 | - junit_xml # allows usage of the junit callback plugin 33 | - xunitmerge # allows user to merge junit into one file 34 | become: yes 35 | 36 | - name: create group for DCI files 37 | group: 38 | name: "{{ dci_group_name }}" 39 | state: present 40 | become: yes 41 | 42 | - name: create directory for storing api keys 43 | file: 44 | path: /etc/dci 45 | state: directory 46 | mode: 0770 47 | owner: root 48 | group: "{{ dci_group_name }}" 49 | become: yes 50 | 51 | - name: set up connection information 52 | template: 53 | src: env.sh 54 | dest: /etc/dci/{{ item.name }}.sh 55 | owner: root 56 | group: "{{ dci_group_name }}" 57 | mode: 0770 58 | with_items: "{{remotecis}}" 59 | no_log: true 60 | become: yes 61 | 62 | - name: include OS specific tasks 63 | block: 64 | - debug: msg="Running tasks for {{ ansible_os_family }} systems" 65 | - include: "{{ ansible_os_family }}.yaml" 66 | 67 | - name: setup correct ansible.cfg 68 | template: 69 | src: ansible.cfg 70 | dest: /etc/ansible/ansible.cfg 71 | become: yes 72 | -------------------------------------------------------------------------------- /roles/dci-agent/templates/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | library = /usr/share/dci/modules/ 3 | callback_whitelist = dci 4 | callback_plugins = /usr/share/dci/callback/ 5 | module_utils = /usr/share/dci/module_utils/ 6 | -------------------------------------------------------------------------------- /roles/dci-agent/templates/env.sh: -------------------------------------------------------------------------------- 1 | export DCI_CLIENT_ID='{{item.remoteci_id}}' 2 | export DCI_API_SECRET='{{item.remoteci_api_key}}' 3 | export DCI_CS_URL='{{item.dci_control_url}}' 4 | -------------------------------------------------------------------------------- /site.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - include: ansible-controller.yml 3 | - include: nodepool.yml 4 | - include: dci-agent.yml 5 | #- include: zuul.yml 6 | -------------------------------------------------------------------------------- /zuul.yml: -------------------------------------------------------------------------------- 1 | - hosts: zuul 2 | become: yes 3 | 4 | tasks: 5 | - apt: 6 | name: python3-pip 7 | state: present 8 | update_cache: yes 9 | - include_role: 10 | name: ansible-role-zuul 11 | --------------------------------------------------------------------------------