[libvirt-jenkins-ci PATCH 4/6] guests: Implement developer flavor

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The developer is given key-based SSH access to the guest and
granted passwordless sudo privilege for maximum convenience.

Signed-off-by: Andrea Bolognani <abologna@xxxxxxxxxx>
---
 guests/group_vars/all/main.yml               |  4 +++-
 guests/host_vars/libvirt-freebsd-10/main.yml |  1 +
 guests/host_vars/libvirt-freebsd-11/main.yml |  1 +
 guests/lcitool                               |  9 ++++++++-
 guests/site.yml                              |  5 +++++
 guests/tasks/developer.yml                   | 21 +++++++++++++++++++++
 6 files changed, 39 insertions(+), 2 deletions(-)
 create mode 100644 guests/tasks/developer.yml

diff --git a/guests/group_vars/all/main.yml b/guests/group_vars/all/main.yml
index d24af59..410077f 100644
--- a/guests/group_vars/all/main.yml
+++ b/guests/group_vars/all/main.yml
@@ -8,8 +8,10 @@ ansible_ssh_pass: root
 
 jenkins_url: https://ci.centos.org/computer/{{ inventory_hostname }}/slave-agent.jnlp
 
-# Paths to various command. Can be overridden on a per-host basis
+# Paths to various commands and files that might be OS-dependent. Can
+# be overridden on a per-host basis
 bash: /bin/bash
 java: /usr/bin/java
 make: /usr/bin/make
 sudo: /usr/bin/sudo
+sudoers: /etc/sudoers
diff --git a/guests/host_vars/libvirt-freebsd-10/main.yml b/guests/host_vars/libvirt-freebsd-10/main.yml
index 80d16d6..4f33c53 100644
--- a/guests/host_vars/libvirt-freebsd-10/main.yml
+++ b/guests/host_vars/libvirt-freebsd-10/main.yml
@@ -5,6 +5,7 @@ bash: /usr/local/bin/bash
 java: /usr/local/bin/java
 make: /usr/local/bin/gmake
 sudo: /usr/local/bin/sudo
+sudoers: /usr/local/etc/sudoers
 
 projects:
   - base
diff --git a/guests/host_vars/libvirt-freebsd-11/main.yml b/guests/host_vars/libvirt-freebsd-11/main.yml
index 80d16d6..4f33c53 100644
--- a/guests/host_vars/libvirt-freebsd-11/main.yml
+++ b/guests/host_vars/libvirt-freebsd-11/main.yml
@@ -5,6 +5,7 @@ bash: /usr/local/bin/bash
 java: /usr/local/bin/java
 make: /usr/local/bin/gmake
 sudo: /usr/local/bin/sudo
+sudoers: /usr/local/etc/sudoers
 
 projects:
   - base
diff --git a/guests/lcitool b/guests/lcitool
index bf270f1..018640b 100755
--- a/guests/lcitool
+++ b/guests/lcitool
@@ -141,6 +141,8 @@ do_install()
         die "$PROGRAM_NAME: $GUEST: Missing configuration, guest must be installed manually"
     }
 
+    load_config
+
     # Load configuration files. Values don't get overwritten after being
     # set the first time, so loading the host-specific configuration before
     # the group configuration ensures overrides work as expected
@@ -158,6 +160,11 @@ do_install()
         *kickstart*|*ks*) EXTRA_ARGS="ks=file:/${INSTALL_CONFIG##*/}" ;;
     esac
 
+    # Only configure autostart for the guest for the ci flavor
+    test "$FLAVOR" = ci && {
+        AUTOSTART="--autostart"
+    }
+
     virt-install \
         --name "$GUEST" \
         --location "$INSTALL_URL" \
@@ -174,7 +181,7 @@ do_install()
         --sound none \
         --initrd-inject "$INSTALL_CONFIG" \
         --extra-args "console=ttyS0 $EXTRA_ARGS" \
-        --autostart \
+        $AUTOSTART \
         --wait 0
 }
 
diff --git a/guests/site.yml b/guests/site.yml
index 35e3220..76437bb 100644
--- a/guests/site.yml
+++ b/guests/site.yml
@@ -34,3 +34,8 @@
         - projects is defined
         # jenkins is a pseudo-project
         - ( 'jenkins' in projects )
+
+    # Configure the developer account
+    - include: tasks/developer.yml
+      when:
+        - flavor == 'developer'
diff --git a/guests/tasks/developer.yml b/guests/tasks/developer.yml
new file mode 100644
index 0000000..1dad8fc
--- /dev/null
+++ b/guests/tasks/developer.yml
@@ -0,0 +1,21 @@
+---
+- name: Create developer user account
+  user:
+    name: developer
+    comment: Developer
+    password: $6$YEzeb0A3t7jn/IwW$oMPH0mpKPPeuABH3gKDom08rLccOKBm6CrXT/deBsdP77MjBHxwHQ5EJM0MAc/sOsGKCNX0zjYYjlXP.KNUmP0
+    shell: '{{ bash }}'
+
+- name: Configure ssh access for the developer
+  authorized_key:
+    user: developer
+    key: '{{ lookup("file", lookup("env", "HOME") + "/.ssh/id_rsa.pub") }}'
+    state: present
+
+- name: Grant passwordless sudo access to the developer
+  lineinfile:
+    path: '{{ sudoers }}'
+    line: 'developer ALL=(ALL) NOPASSWD: ALL'
+    state: present
+    backup: yes
+    validate: 'visudo -cf %s'
-- 
2.13.6

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]
  Powered by Linux