url: 'https://review.fuel-infra.org/tools/sustaining/'
branches:
- origin/master
+ - git:
+ url: 'https://gerrit.mcp.mirantis.com/salt-models/reclass-system'
+ branches:
+ - origin/master
+ basedir: reclass-system
+ # credential-id: mcp-gerrit
wrappers:
- timestamps
adduser jenkins sudo
sh -c 'echo "jenkins ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/jenkins-user'
mkdir /home/jenkins/.ssh
-echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDci6MBY68s3FJ9V1OP5vdtVo/daJnkNXCPSPYbCX8/d0E3UJKgE81YvsxfuKp3r1rUNwTuGnkq+VUWcbIgpQNy69OuKxQkoGsRgYTA8n4ZZcuWz+dVenP90xLYHcnyACg63HUVEp5foLvu1WzOdH2A4bHmsl0ePM5IdnFyToHj+Nhwz1NSvbK1OkQHoEcIbkbIkIa/kWY2mgEIIUgb9YmaCI96eiVtQpFPQ4k7hpdrUAkG4e0jT8JA3zQoB++S12p0d0K3SQtJ3+YATUm+rKnHchHZ/uEAgBgoOLiu99p7Aiie76jlGxZp8A/hPqU/zS61z7ER4lJeyR/pXh53Ja+1 maintenance-ci" > /home/jenkins/.ssh/authorized_keys
+if [[ -f /tmp/authorized_keys ]] ; then
+ cp /tmp/authorized_keys /home/jenkins/.ssh/authorized_keys
+fi
+echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDci6MBY68s3FJ9V1OP5vdtVo/daJnkNXCPSPYbCX8/d0E3UJKgE81YvsxfuKp3r1rUNwTuGnkq+VUWcbIgpQNy69OuKxQkoGsRgYTA8n4ZZcuWz+dVenP90xLYHcnyACg63HUVEp5foLvu1WzOdH2A4bHmsl0ePM5IdnFyToHj+Nhwz1NSvbK1OkQHoEcIbkbIkIa/kWY2mgEIIUgb9YmaCI96eiVtQpFPQ4k7hpdrUAkG4e0jT8JA3zQoB++S12p0d0K3SQtJ3+YATUm+rKnHchHZ/uEAgBgoOLiu99p7Aiie76jlGxZp8A/hPqU/zS61z7ER4lJeyR/pXh53Ja+1 maintenance-ci" >> /home/jenkins/.ssh/authorized_keys
sed -i "s/PasswordAuthentication no/PasswordAuthentication yes/" /etc/ssh/sshd_config
sed -i "s/ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/" /etc/ssh/sshd_config
libffi-dev \
python-dev \
pkg-config \
-python-pip \
ubuntu-vm-builder \
bridge-utils \
python-seed-client \
sshpass
+curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
+python get-pip.py
+
+pip install -U setuptools wheel
pip install virtualenv
wget -O /home/jenkins/jenkins-swarm-client.jar https://repo.jenkins-ci.org/releases/org/jenkins-ci/plugins/swarm-client/3.9/swarm-client-3.9.jar
adduser jenkins sudo
sh -c 'echo "jenkins ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/jenkins-user'
mkdir /home/jenkins/.ssh
-echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDci6MBY68s3FJ9V1OP5vdtVo/daJnkNXCPSPYbCX8/d0E3UJKgE81YvsxfuKp3r1rUNwTuGnkq+VUWcbIgpQNy69OuKxQkoGsRgYTA8n4ZZcuWz+dVenP90xLYHcnyACg63HUVEp5foLvu1WzOdH2A4bHmsl0ePM5IdnFyToHj+Nhwz1NSvbK1OkQHoEcIbkbIkIa/kWY2mgEIIUgb9YmaCI96eiVtQpFPQ4k7hpdrUAkG4e0jT8JA3zQoB++S12p0d0K3SQtJ3+YATUm+rKnHchHZ/uEAgBgoOLiu99p7Aiie76jlGxZp8A/hPqU/zS61z7ER4lJeyR/pXh53Ja+1 maintenance-ci" > /home/jenkins/.ssh/authorized_keys
+if [[ -f /tmp/authorized_keys ]] ; then
+ cp /tmp/authorized_keys /home/jenkins/.ssh/authorized_keys
+fi
+echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDci6MBY68s3FJ9V1OP5vdtVo/daJnkNXCPSPYbCX8/d0E3UJKgE81YvsxfuKp3r1rUNwTuGnkq+VUWcbIgpQNy69OuKxQkoGsRgYTA8n4ZZcuWz+dVenP90xLYHcnyACg63HUVEp5foLvu1WzOdH2A4bHmsl0ePM5IdnFyToHj+Nhwz1NSvbK1OkQHoEcIbkbIkIa/kWY2mgEIIUgb9YmaCI96eiVtQpFPQ4k7hpdrUAkG4e0jT8JA3zQoB++S12p0d0K3SQtJ3+YATUm+rKnHchHZ/uEAgBgoOLiu99p7Aiie76jlGxZp8A/hPqU/zS61z7ER4lJeyR/pXh53Ja+1 maintenance-ci" >> /home/jenkins/.ssh/authorized_keys
sed -i "s/PasswordAuthentication no/PasswordAuthentication yes/" /etc/ssh/sshd_config
sed -i "s/ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/" /etc/ssh/sshd_config
libvirt-dev \
python-dev \
pkg-config \
-python-pip \
python-libvirt \
postgresql \
postgresql-server-dev-all \
python-seed-client \
sshpass
+curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
+python get-pip.py
+
cat > /home/jenkins/configure_libvirt_pool.sh <<EOF
#!/bin/bash
mkdir -p /var/lib/libvirt/images
aria2c --allow-overwrite=true --seed-time=0 --enable-dht=false -d /var/lib/transmission-daemon/downloads/ http://seed.fuel-infra.org/fuelweb-release/MirantisOpenStack-9.0.iso.torrent
+pip install -U setuptools wheel
pip install virtualenv
sudo -u jenkins -H bash -c "virtualenv /home/jenkins/qa-venv-9.x
source /home/jenkins/qa-venv-9.x/bin/activate
--- /dev/null
+import os
+import sys
+import yaml
+
+reclass_team_dir_path = sys.argv[1]
+ssh_keys = []
+
+team_data = yaml.load(open(os.path.join(reclass_team_dir_path,
+ "maintenance.yml")),
+ Loader=yaml.Loader)
+team_members = []
+for item in team_data['classes']:
+ if "team.members" in item:
+ username = item.split(".")[-1]
+ team_members.append(username)
+
+for username in team_members:
+ data = yaml.load(
+ open(os.path.join(reclass_team_dir_path,
+ "members",
+ "{}.yml".format(username))),
+ Loader=yaml.Loader)
+
+ for ssh_key in data[
+ 'parameters'][
+ 'openssh'][
+ 'server'][
+ 'user'][
+ username][
+ 'public_keys']:
+ ssh_keys.append(ssh_key['key'])
+
+with open("authorized_keys", "w") as f:
+ f.write("\n".join(ssh_keys))
cp /tmp/xenial-server-cloudimg-amd64-disk1.img xenial-server-cloudimg-amd64-disk1.img
fi
+# collect maintenance team ssh keys from reclass-system
+sudo -H pip install setuptools wheel
+sudo -H pip install pyyaml
+python maintenance-ci/common/scripts/generate_authorized_keys.py reclass-system/openssh/server/team
+
# sometimes archive.ubuntu.com is slow as hell - xtom mirrors is faster upstream
# mirror. also we do not want to reuse our mirrors because we need some kind of stable job
sudo sed -i "s/security.ubuntu.com/mirrors.xtom.com/g" /etc/apt/sources.list
sudo cp -f /etc/resolv.conf /mnt/image/etc/resolv.conf
sudo cp "${UPDATE_SCRIPT}" /mnt/image/tmp/build_image.sh
+sudo cp authorized_keys /mnt/image/tmp/authorized_keys
sudo cat > /mnt/image/tmp/jjb_creds.sh <<EOF
JJB_USER=${JJB_USER}
JJB_PASS=${JJB_PASS}
Code Review / tools / sustaining.git / commitdiff