[libvirt] [libvirt-jenkins-ci PATCH 4/6] guests: Implement developer flavor
The developer is given key-based SSH access to the guest and
granted passwordless sudo privilege for maximum convenience.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
guests/group_vars/all/main.yml | 4 +++-
guests/host_vars/libvirt-freebsd-10/main.yml | 1 +
guests/host_vars/libvirt-freebsd-11/main.yml | 1 +
guests/lcitool | 9 ++++++++-
guests/site.yml | 5 +++++
guests/tasks/developer.yml | 21 +++++++++++++++++++++
6 files changed, 39 insertions(+), 2 deletions(-)
create mode 100644 guests/tasks/developer.yml
diff --git a/guests/group_vars/all/main.yml b/guests/group_vars/all/main.yml
index d24af59..410077f 100644
--- a/guests/group_vars/all/main.yml
+++ b/guests/group_vars/all/main.yml
@@ -8,8 +8,10 @@ ansible_ssh_pass: root
jenkins_url: https://ci.centos.org/computer/{{ inventory_hostname }}/slave-agent.jnlp
-# Paths to various command. Can be overridden on a per-host basis
+# Paths to various commands and files that might be OS-dependent. Can
+# be overridden on a per-host basis
bash: /bin/bash
java: /usr/bin/java
make: /usr/bin/make
sudo: /usr/bin/sudo
+sudoers: /etc/sudoers
diff --git a/guests/host_vars/libvirt-freebsd-10/main.yml
b/guests/host_vars/libvirt-freebsd-10/main.yml
index 80d16d6..4f33c53 100644
--- a/guests/host_vars/libvirt-freebsd-10/main.yml
+++ b/guests/host_vars/libvirt-freebsd-10/main.yml
@@ -5,6 +5,7 @@ bash: /usr/local/bin/bash
java: /usr/local/bin/java
make: /usr/local/bin/gmake
sudo: /usr/local/bin/sudo
+sudoers: /usr/local/etc/sudoers
projects:
- base
diff --git a/guests/host_vars/libvirt-freebsd-11/main.yml
b/guests/host_vars/libvirt-freebsd-11/main.yml
index 80d16d6..4f33c53 100644
--- a/guests/host_vars/libvirt-freebsd-11/main.yml
+++ b/guests/host_vars/libvirt-freebsd-11/main.yml
@@ -5,6 +5,7 @@ bash: /usr/local/bin/bash
java: /usr/local/bin/java
make: /usr/local/bin/gmake
sudo: /usr/local/bin/sudo
+sudoers: /usr/local/etc/sudoers
projects:
- base
diff --git a/guests/lcitool b/guests/lcitool
index bf270f1..018640b 100755
--- a/guests/lcitool
+++ b/guests/lcitool
@@ -141,6 +141,8 @@ do_install()
die "$PROGRAM_NAME: $GUEST: Missing configuration, guest must be installed
manually"
}
+ load_config
+
# Load configuration files. Values don't get overwritten after being
# set the first time, so loading the host-specific configuration before
# the group configuration ensures overrides work as expected
@@ -158,6 +160,11 @@ do_install()
*kickstart*|*ks*) EXTRA_ARGS="ks=file:/${INSTALL_CONFIG##*/}" ;;
esac
+ # Only configure autostart for the guest for the ci flavor
+ test "$FLAVOR" = ci && {
+ AUTOSTART="--autostart"
+ }
+
virt-install \
--name "$GUEST" \
--location "$INSTALL_URL" \
@@ -174,7 +181,7 @@ do_install()
--sound none \
--initrd-inject "$INSTALL_CONFIG" \
--extra-args "console=ttyS0 $EXTRA_ARGS" \
- --autostart \
+ $AUTOSTART \
--wait 0
}
diff --git a/guests/site.yml b/guests/site.yml
index 35e3220..76437bb 100644
--- a/guests/site.yml
+++ b/guests/site.yml
@@ -34,3 +34,8 @@
- projects is defined
# jenkins is a pseudo-project
- ( 'jenkins' in projects )
+
+ # Configure the developer account
+ - include: tasks/developer.yml
+ when:
+ - flavor == 'developer'
diff --git a/guests/tasks/developer.yml b/guests/tasks/developer.yml
new file mode 100644
index 0000000..1dad8fc
--- /dev/null
+++ b/guests/tasks/developer.yml
@@ -0,0 +1,21 @@
+---
+- name: Create developer user account
+ user:
+ name: developer
+ comment: Developer
+ password:
$6$YEzeb0A3t7jn/IwW$oMPH0mpKPPeuABH3gKDom08rLccOKBm6CrXT/deBsdP77MjBHxwHQ5EJM0MAc/sOsGKCNX0zjYYjlXP.KNUmP0
+ shell: '{{ bash }}'
+
+- name: Configure ssh access for the developer
+ authorized_key:
+ user: developer
+ key: '{{ lookup("file", lookup("env", "HOME") +
"/.ssh/id_rsa.pub") }}'
+ state: present
+
+- name: Grant passwordless sudo access to the developer
+ lineinfile:
+ path: '{{ sudoers }}'
+ line: 'developer ALL=(ALL) NOPASSWD: ALL'
+ state: present
+ backup: yes
+ validate: 'visudo -cf %s'
--
2.13.6