Re: [libvirt] [libvirt-jenkins-ci PATCH 4/6] guests: Implement developer flavor

The developer is given key-based SSH access to the guest and granted passwordless sudo privilege for maximum convenience. Signed-off-by: Andrea Bolognani <abologna(a)redhat.com&gt; --- guests/group_vars/all/main.yml | 4 +++- guests/host_vars/libvirt-freebsd-10/main.yml | 1 + guests/host_vars/libvirt-freebsd-11/main.yml | 1 + guests/lcitool | 9 ++++++++- guests/site.yml | 5 +++++ guests/tasks/developer.yml | 21 +++++++++++++++++++++ 6 files changed, 39 insertions(+), 2 deletions(-) create mode 100644 guests/tasks/developer.yml diff --git a/guests/group_vars/all/main.yml b/guests/group_vars/all/main.yml index d24af59..410077f 100644 --- a/guests/group_vars/all/main.yml +++ b/guests/group_vars/all/main.yml @@ -8,8 +8,10 @@ ansible_ssh_pass: root jenkins_url: https://ci.centos.org/computer/{{ inventory_hostname }}/slave-agent.jnlp -# Paths to various command. Can be overridden on a per-host basis +# Paths to various commands and files that might be OS-dependent. Can +# be overridden on a per-host basis bash: /bin/bash java: /usr/bin/java make: /usr/bin/make sudo: /usr/bin/sudo +sudoers: /etc/sudoers diff --git a/guests/host_vars/libvirt-freebsd-10/main.yml b/guests/host_vars/libvirt-freebsd-10/main.yml index 80d16d6..4f33c53 100644 --- a/guests/host_vars/libvirt-freebsd-10/main.yml +++ b/guests/host_vars/libvirt-freebsd-10/main.yml @@ -5,6 +5,7 @@ bash: /usr/local/bin/bash java: /usr/local/bin/java make: /usr/local/bin/gmake sudo: /usr/local/bin/sudo +sudoers: /usr/local/etc/sudoers projects: - base diff --git a/guests/host_vars/libvirt-freebsd-11/main.yml b/guests/host_vars/libvirt-freebsd-11/main.yml index 80d16d6..4f33c53 100644 --- a/guests/host_vars/libvirt-freebsd-11/main.yml +++ b/guests/host_vars/libvirt-freebsd-11/main.yml @@ -5,6 +5,7 @@ bash: /usr/local/bin/bash java: /usr/local/bin/java make: /usr/local/bin/gmake sudo: /usr/local/bin/sudo +sudoers: /usr/local/etc/sudoers projects: - base diff --git a/guests/lcitool b/guests/lcitool index bf270f1..018640b 100755 --- a/guests/lcitool +++ b/guests/lcitool @@ -141,6 +141,8 @@ do_install() die "$PROGRAM_NAME: $GUEST: Missing configuration, guest must be installed manually" } + load_config + # Load configuration files. Values don't get overwritten after being # set the first time, so loading the host-specific configuration before # the group configuration ensures overrides work as expected @@ -158,6 +160,11 @@ do_install() *kickstart*|*ks*) EXTRA_ARGS="ks=file:/${INSTALL_CONFIG##*/}" ;; esac + # Only configure autostart for the guest for the ci flavor + test "$FLAVOR" = ci && { + AUTOSTART="--autostart" + } + virt-install \ --name "$GUEST" \ --location "$INSTALL_URL" \ @@ -174,7 +181,7 @@ do_install() --sound none \ --initrd-inject "$INSTALL_CONFIG" \ --extra-args "console=ttyS0 $EXTRA_ARGS" \ - --autostart \ + $AUTOSTART \ --wait 0 } diff --git a/guests/site.yml b/guests/site.yml index 35e3220..76437bb 100644 --- a/guests/site.yml +++ b/guests/site.yml @@ -34,3 +34,8 @@ - projects is defined # jenkins is a pseudo-project - ( 'jenkins' in projects ) + + # Configure the developer account + - include: tasks/developer.yml + when: + - flavor == 'developer' diff --git a/guests/tasks/developer.yml b/guests/tasks/developer.yml new file mode 100644 index 0000000..1dad8fc --- /dev/null +++ b/guests/tasks/developer.yml @@ -0,0 +1,21 @@ +--- +- name: Create developer user account + user: + name: developer + comment: Developer + password: $6$YEzeb0A3t7jn/IwW$oMPH0mpKPPeuABH3gKDom08rLccOKBm6CrXT/deBsdP77MjBHxwHQ5EJM0MAc/sOsGKCNX0zjYYjlXP.KNUmP0

+ shell: '{{ bash }}' + +- name: Configure ssh access for the developer + authorized_key: + user: developer + key: '{{ lookup("file", lookup("env", "HOME") + "/.ssh/id_rsa.pub") }}' + state: present + +- name: Grant passwordless sudo access to the developer + lineinfile: + path: '{{ sudoers }}' + line: 'developer ALL=(ALL) NOPASSWD: ALL' + state: present + backup: yes + validate: 'visudo -cf %s' -- 2.13.6 -- libvir-list mailing list libvir-list(a)redhat.com https://www.redhat.com/mailman/listinfo/libvir-list