infrastructure/mono-infrastructure
7
0
Fork 0
mirror of https://github.com/rocky-linux/infrastructure synced 2024-11-24 14:11:26 +00:00
Code Issues Projects Releases Wiki Activity

Fix openqa iso download and repo permissions (#14998)

Browse Source 
* use built-in checksum of ansible get_url

* do not make everything executable, enable write by geekotest group
This commit is contained in:
Trevor Cooper 2021-10-26 20:31:01 -07:00 committed by GitHub
parent fb12494308
commit ed95b07b82
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
ansible/playbooks/tasks/openqa.yml
View File

@ -94,13 +94,13 @@
version: develop version: develop
when: not rocky_testing_repo.stat.exists when: not rocky_testing_repo.stat.exists
- name: Set permissions on repo dir - name: Set owner/group/permissions on repo contents
file: file:
path: "{{ openqa_homedir }}/share/tests/rocky" path: "{{ openqa_homedir }}/share/tests/rocky"
recurse: true recurse: true
owner: "{{ openqa_user }}" owner: "{{ openqa_user }}"
group: "{{ openqa_group }}" group: "{{ openqa_group }}"
mode: "0775" mode: "u+rwX,g+rwX,o+rX,o-w"
# fifloader.py will fail if the Demo user is not logged in # fifloader.py will fail if the Demo user is not logged in
- name: Authenticate to web UI the first time - name: Authenticate to web UI the first time
@ -123,22 +123,14 @@
- name: Download ISOs - name: Download ISOs
get_url: get_url:
dest: "{{ openqa_homedir }}/share/factory/iso/fixed/" dest: "{{ openqa_homedir }}/share/factory/iso/fixed/{{ item.name }}"
url: "{{ rocky_iso_download_url }}/{{ item }}" url: "{{ rocky_iso_download_url }}/{{ item.name }}"
checksum: "{{ item.checksum }}"
owner: "{{ openqa_user }}" owner: "{{ openqa_user }}"
group: "{{ openqa_group }}" group: "{{ openqa_group }}"
mode: "0775" tmp_dest: "/var/tmp"
loop: mode: "0644"
- CHECKSUM loop: "{{ openqa_isos }}"
- Rocky-{{ rocky_version }}-{{ rocky_arch }}-boot.iso
- Rocky-{{ rocky_version }}-{{ rocky_arch }}-dvd1.iso
- Rocky-{{ rocky_version }}-{{ rocky_arch }}-minimal.iso
- name: Verify ISO checksums
command: shasum -a 256 --ignore-missing -c CHECKSUM
changed_when: "1 != 1"
args:
chdir: "{{ openqa_homedir }}/share/factory/iso/fixed"
- name: Start {{ openqa_worker_count }} OpenQA workers - name: Start {{ openqa_worker_count }} OpenQA workers
ansible.builtin.systemd: ansible.builtin.systemd:

9
ansible/playbooks/vars/openqa.yml
View File

@ -18,6 +18,15 @@ rocky_arch: x86_64
# Public download URL for RockyLinux ISOs # Public download URL for RockyLinux ISOs
rocky_iso_download_url: "https://download.rockylinux.org/pub/rocky/8/isos/{{ rocky_arch }}" rocky_iso_download_url: "https://download.rockylinux.org/pub/rocky/8/isos/{{ rocky_arch }}"
# Rocky Linux ISOs
openqa_isos:
- name: "Rocky-{{ rocky_version }}-{{ rocky_arch }}-boot.iso"
checksum: "sha256:53a62a72881b931bdad6b13bcece7c3a2d4ca9c4a2f1e1a8029d081dd25ea61f"
- name: "Rocky-{{ rocky_version }}-{{ rocky_arch }}-dvd1.iso"
checksum: "sha256:ffe2fae67da6702d859cfb0b321561a5d616ce87a963d8a25b018c9c3d52d9a4"
- name: "Rocky-{{ rocky_version }}-{{ rocky_arch }}-minimal.iso"
checksum: "sha256:0de5f12eba93e00fefc06cdb0aa4389a0972a4212977362ea18bde46a1a1aa4f"
# The host the openqa-cli should access when it runs. # The host the openqa-cli should access when it runs.
# Change this if you want to access your OpenQA via an # Change this if you want to access your OpenQA via an
# alternative URL # alternative URL