[libvirt-jenkins-ci PATCH 3/5] guests: Introduce the new 'gitlab' flavor
With the recent efforts in upstream libvirt to centralize our CI on
gitlab, let's add a new gitlab-specific flavor along with related
playbook tasks. This flavour revolves around installing and configuring
the gitlab-runner agent binary which requires the per-project
registration token to be specified in order for the runner to be
successfully registered with the gitlab server.
Note that as part of the registration process each runner acquires a new
unique access token. This means that we must ensure that the
registration is run only on the first update, otherwise a new runner
with a new access token is registered with the gitlab project.
Signed-off-by: Erik Skultety <eskultet(a)redhat.com>
---
guests/group_vars/all/main.yml | 3 ++
guests/playbooks/update/main.yml | 5 ++
guests/playbooks/update/tasks/gitlab.yml | 64 ++++++++++++++++++++++++
3 files changed, 72 insertions(+)
create mode 100644 guests/playbooks/update/tasks/gitlab.yml
diff --git a/guests/group_vars/all/main.yml b/guests/group_vars/all/main.yml
index b73795e..9d9a413 100644
--- a/guests/group_vars/all/main.yml
+++ b/guests/group_vars/all/main.yml
@@ -5,3 +5,6 @@
ansible_ssh_pass: root
jenkins_url: https://ci.centos.org/computer/{{ inventory_hostname }}/slave-agent.jnlp
+
+# In our case, ansible_system is either Linux or FreeBSD
+gitlab_runner_url:
https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-r...
ansible_system|lower }}-amd64
diff --git a/guests/playbooks/update/main.yml b/guests/playbooks/update/main.yml
index e82055b..9e63391 100644
--- a/guests/playbooks/update/main.yml
+++ b/guests/playbooks/update/main.yml
@@ -58,3 +58,8 @@
- include: '{{ playbook_base }}/tasks/jenkins.yml'
when:
- flavor == 'jenkins'
+
+ # Install the Gitlab runner agent
+ - include: '{{ playbook_base }}/tasks/gitlab.yml'
+ when:
+ - flavor == 'gitlab'
diff --git a/guests/playbooks/update/tasks/gitlab.yml
b/guests/playbooks/update/tasks/gitlab.yml
new file mode 100644
index 0000000..9a30140
--- /dev/null
+++ b/guests/playbooks/update/tasks/gitlab.yml
@@ -0,0 +1,64 @@
+---
+- name: Look up Gitlab runner secret
+ set_fact:
+ gitlab_runner_secret: '{{ lookup("file", gitlab_runner_token_file)
}}'
+ gitlab_runner_config_path: '/home/gitlab/.gitlab-runner/config.toml'
+
+- name: Download gitlab-runner agent
+ get_url:
+ url: '{{ gitlab_runner_url }}'
+ dest: /usr/local/bin/gitlab-runner
+ mode: '0755'
+ force: yes
+
+- name: Make sure the gitlab-runner config dir exists exists
+ file:
+ path: '{{ gitlab_runner_config_path | dirname }}'
+ owner: gitlab
+ group: gitlab
+ state: directory
+ register: rc_gitlab_runner_config_dir
+
+- name: Create and empty gitlab-runner config
+ file:
+ path: '{{ gitlab_runner_config_path }}'
+ owner: gitlab
+ group: gitlab
+ state: touch
+ when: rc_gitlab_runner_config_dir.changed
+
+# To ensure idempotency, we must run the registration only when we first
+# created the config dir, otherwise we'll register a new runner on every
+# update
+- name: Register the gitlab-runner agent
+ shell: 'gitlab-runner register --non-interactive --config
/home/gitlab/.gitlab-runner/config.toml --registration-token {{ gitlab_runner_secret }}
--url https://gitlab.com --executor shell --tag-list {{ inventory_hostname }}'
+ when: rc_gitlab_runner_config_dir.changed
+
+- block:
+ - name: Install the gitlab-runner service unit
+ template:
+ src: '{{ playbook_base }}/templates/gitlab-runner.service.j2'
+ dest: /etc/systemd/system/gitlab-runner.service
+
+ - name: Enable the gitlab-runner service
+ systemd:
+ name: gitlab-runner
+ state: started
+ enabled: yes
+ daemon_reload: yes
+ when: ansible_service_mgr == 'systemd'
+
+- block:
+ - name: Install the gitlab_runner rc service script
+ template:
+ src: '{{ playbook_base }}/templates/gitlab-runner.j2'
+ dest: '/usr/local/etc/rc.d/gitlab_runner'
+ mode: '0755'
+
+ - name: Enable the gitlab-runner rc service
+ service:
+ name: gitlab_runner
+ state: started
+ enabled: yes
+ when: ansible_service_mgr != 'systemd'
+
--
2.25.1