particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

templates/packer: invert tag logic

Browse source 
With the rpmcopy or rpmrepo_osbuild tags, the `Install worker rpm` stage
got skipped on RHEL and CI. Invert the tag logic and use `--tags`
instead of `--skip-tags`.
This commit is contained in:
Sanne Raymaekers 2024-05-15 10:13:39 +02:00
parent 773bfe6c49
commit 13aae7d532
11 changed files with 54 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

2
templates/packer/ansible/roles/common/tasks/main.yml
View file

@ -16,4 +16,6 @@
- include_tasks: unregister.yml - include_tasks: unregister.yml
- name: Ensure SELinux contexts are updated - name: Ensure SELinux contexts are updated
tags:
- always
command: restorecon -Rv /etc command: restorecon -Rv /etc

34
templates/packer/ansible/roles/common/tasks/packages.yml
View file

@ -2,7 +2,7 @@
- name: Add osbuild-composer repository - name: Add osbuild-composer repository
tags: tags:
- rpmrepo_composer - ci
yum_repository: yum_repository:
name: "composer" name: "composer"
description: "osbuild-composer commit {{ COMPOSER_COMMIT }}" description: "osbuild-composer commit {{ COMPOSER_COMMIT }}"
@ -13,8 +13,8 @@
- name: Add osbuild repository - name: Add osbuild repository
tags: tags:
- rpmrepo_osbuild - ci
- rpmcopr - fedora
yum_repository: yum_repository:
name: "osbuild" name: "osbuild"
description: "osbuild commit {{ osbuild_commit }}" description: "osbuild commit {{ osbuild_commit }}"
@ -26,6 +26,8 @@
when: osbuild_commit is defined when: osbuild_commit is defined
- name: Upgrade all packages - name: Upgrade all packages
tags:
- always
package: package:
name: "*" name: "*"
state: latest state: latest
@ -34,11 +36,15 @@
until: result is success until: result is success
- name: Add Vector repo - name: Add Vector repo
tags:
- always
copy: copy:
src: "{{ playbook_dir }}/roles/common/files/timber-vector.repo" src: "{{ playbook_dir }}/roles/common/files/timber-vector.repo"
dest: /etc/yum.repos.d/ dest: /etc/yum.repos.d/
- name: Install required packages - name: Install required packages
tags:
- always
package: package:
name: name:
- jq - jq
@ -49,6 +55,8 @@
until: result is success until: result is success
- name: Download AWS CLI installer - name: Download AWS CLI installer
tags:
- always
get_url: get_url:
url: "https://awscli.amazonaws.com/awscli-exe-linux-{{ ansible_architecture }}.zip" url: "https://awscli.amazonaws.com/awscli-exe-linux-{{ ansible_architecture }}.zip"
dest: /tmp/awscli.zip dest: /tmp/awscli.zip
@ -57,15 +65,21 @@
until: result is success until: result is success
- name: Unpack AWS CLI installer - name: Unpack AWS CLI installer
tags:
- always
unarchive: unarchive:
src: /tmp/awscli.zip src: /tmp/awscli.zip
dest: /tmp dest: /tmp
remote_src: yes remote_src: yes
- name: Run AWS installer - name: Run AWS installer
tags:
- always
command: /tmp/aws/install command: /tmp/aws/install
- name: Cleanup AWS installer - name: Cleanup AWS installer
tags:
- always
file: file:
path: "{{ item }}" path: "{{ item }}"
state: absent state: absent
@ -75,7 +89,7 @@
- name: Create rpmbuild directory - name: Create rpmbuild directory
tags: tags:
- rpmcopy - rhel
file: file:
path: "{{ item }}" path: "{{ item }}"
state: directory state: directory
@ -85,7 +99,7 @@
- name: Push rpms - name: Push rpms
tags: tags:
- rpmcopy - rhel
ansible.posix.synchronize: ansible.posix.synchronize:
mode: push mode: push
src: "{{ playbook_dir }}/roles/common/files/rpmbuild/{{ ansible_architecture }}/RPMS" src: "{{ playbook_dir }}/roles/common/files/rpmbuild/{{ ansible_architecture }}/RPMS"
@ -93,7 +107,7 @@
- name: Add repo config - name: Add repo config
tags: tags:
- rpmcopy - rhel
copy: copy:
dest: /etc/yum.repos.d/osbuild.repo dest: /etc/yum.repos.d/osbuild.repo
content: | content: |
@ -106,8 +120,8 @@
- name: Install worker rpm - name: Install worker rpm
tags: tags:
- rpmcopy - ci
- rpmrepo_osbuild - rhel
package: package:
name: name:
- osbuild-composer-worker - osbuild-composer-worker
@ -115,7 +129,7 @@
- name: Install worker rpm from copr - name: Install worker rpm from copr
tags: tags:
- rpmcopr - fedora
shell: | shell: |
dnf copr enable -y @osbuild/osbuild-composer dnf copr enable -y @osbuild/osbuild-composer
COMPOSER_COMMIT_SHORT=$(echo {{ COMPOSER_COMMIT }} | head -c 9) COMPOSER_COMMIT_SHORT=$(echo {{ COMPOSER_COMMIT }} | head -c 9)
@ -128,6 +142,8 @@
dnf install -y $COMPOSER_RPMS dnf install -y $COMPOSER_RPMS
- name: Cleanup rpmbuild dir - name: Cleanup rpmbuild dir
tags:
- always
file: file:
path: "{{ item }}" path: "{{ item }}"
state: absent state: absent

6
templates/packer/ansible/roles/common/tasks/subscribe.yml
View file

@ -3,7 +3,7 @@
# the packer instances (RHUI, which might be older). # the packer instances (RHUI, which might be older).
- name: Subscribe - name: Subscribe
tags: tags:
- subscribe - rhel
community.general.redhat_subscription: community.general.redhat_subscription:
activationkey: "{{ RH_ACTIVATION_KEY }}" activationkey: "{{ RH_ACTIVATION_KEY }}"
org_id: "{{ RH_ORG_ID }}" org_id: "{{ RH_ORG_ID }}"
@ -14,14 +14,14 @@
- name: Enable repo mgmt through subman - name: Enable repo mgmt through subman
become: yes become: yes
tags: tags:
- subscribe - rhel
shell: >- shell: >-
subscription-manager config --rhsm.manage_repos 1 subscription-manager config --rhsm.manage_repos 1
- name: Enable cdn repos - name: Enable cdn repos
become: yes become: yes
tags: tags:
- subscribe - rhel
shell: >- shell: >-
subscription-manager repos \ subscription-manager repos \
--enable rhel-9-for-{{ ansible_architecture }}-appstream-rpms \ --enable rhel-9-for-{{ ansible_architecture }}-appstream-rpms \

2
templates/packer/ansible/roles/common/tasks/unregister.yml
View file

@ -3,6 +3,6 @@
- name: Unregister - name: Unregister
become: yes become: yes
tags: tags:
- subscribe - rhel
shell: >- shell: >-
subscription-manager unregister subscription-manager unregister

4
templates/packer/ansible/roles/common/tasks/worker-config.yml
View file

@ -1,11 +1,15 @@
--- ---
- name: Create osbuild-worker config directory - name: Create osbuild-worker config directory
tags:
- always
file: file:
path: /etc/osbuild-worker/ path: /etc/osbuild-worker/
state: directory state: directory
- name: Copy worker config stub - name: Copy worker config stub
tags:
- always
copy: copy:
src: "{{ playbook_dir }}/roles/common/files/osbuild-worker.toml" src: "{{ playbook_dir }}/roles/common/files/osbuild-worker.toml"
dest: /etc/osbuild-worker/osbuild-worker.toml dest: /etc/osbuild-worker/osbuild-worker.toml

12
templates/packer/ansible/roles/common/tasks/worker-initialization-service.yml
View file

@ -1,22 +1,30 @@
--- ---
- name: Copy worker initialization service - name: Copy worker initialization service
tags:
- always
copy: copy:
src: "{{ playbook_dir }}/roles/common/files/worker-initialization.service" src: "{{ playbook_dir }}/roles/common/files/worker-initialization.service"
dest: /etc/systemd/system/ dest: /etc/systemd/system/
- name: Enable worker initialization service - name: Enable worker initialization service
tags:
- always
systemd: systemd:
name: worker-initialization.service name: worker-initialization.service
enabled: yes enabled: yes
daemon_reload: yes # make sure the new service is loaded before enabling it daemon_reload: yes # make sure the new service is loaded before enabling it
- name: Create a directory for initialization scripts - name: Create a directory for initialization scripts
tags:
- always
file: file:
path: /usr/local/libexec/worker-initialization-scripts path: /usr/local/libexec/worker-initialization-scripts
state: directory state: directory
- name: Copy scripts used by the initialization service - name: Copy scripts used by the initialization service
tags:
- always
copy: copy:
src: "{{ item }}" src: "{{ item }}"
dest: /usr/local/libexec/worker-initialization-scripts dest: /usr/local/libexec/worker-initialization-scripts
@ -25,11 +33,15 @@
- "{{ playbook_dir }}/roles/common/files/worker-initialization-scripts/*" - "{{ playbook_dir }}/roles/common/files/worker-initialization-scripts/*"
- name: Copy worker executor service - name: Copy worker executor service
tags:
- always
copy: copy:
src: "{{ playbook_dir }}/roles/common/files/worker-executor.service" src: "{{ playbook_dir }}/roles/common/files/worker-executor.service"
dest: /etc/systemd/system/ dest: /etc/systemd/system/
- name: Enable worker executor service - name: Enable worker executor service
tags:
- always
systemd: systemd:
name: worker-executor.service name: worker-executor.service
enabled: yes enabled: yes

2
templates/packer/variables.pkr.hcl
View file

@ -33,7 +33,7 @@ variable "image_users" {
} }
# Skip ansible tags # Skip ansible tags
variable "ansible_skip_tags" { variable "ansible_tags" {
type = string type = string
default = "" default = ""
} }

2
templates/packer/worker.pkr.hcl
View file

@ -174,7 +174,7 @@ EOF
"-e", "COMPOSER_COMMIT=${var.composer_commit}", "-e", "COMPOSER_COMMIT=${var.composer_commit}",
"-e", "RH_ACTIVATION_KEY=${var.rh_activation_key}", "-e", "RH_ACTIVATION_KEY=${var.rh_activation_key}",
"-e", "RH_ORG_ID=${var.rh_org_id}", "-e", "RH_ORG_ID=${var.rh_org_id}",
"--skip-tags", "${var.ansible_skip_tags}", "--tags", "${var.ansible_tags}",
] ]
inventory_directory = "${path.root}/ansible/inventory/${source.name}" inventory_directory = "${path.root}/ansible/inventory/${source.name}"
} }

2
tools/appsre-build-fedora-worker-packer.sh
View file

@ -7,7 +7,7 @@ export SKIP_CREATE_AMI=false
export BUILD_RPMS=false export BUILD_RPMS=false
# Fedora community workers use osbuild form rpmrepo + composer from # Fedora community workers use osbuild form rpmrepo + composer from
# copr, as the osbuild rpms from copr disappear too quickly. # copr, as the osbuild rpms from copr disappear too quickly.
export SKIP_TAGS="rpmrepo_composer,rpmcopy,subscribe" export ANSIBLE_TAGS="fedora"
FEDORA=fedora-38 FEDORA=fedora-38
export PACKER_ONLY_EXCEPT=--only=amazon-ebs."$FEDORA"-x86_64,amazon-ebs."$FEDORA"-aarch64 export PACKER_ONLY_EXCEPT=--only=amazon-ebs."$FEDORA"-x86_64,amazon-ebs."$FEDORA"-aarch64
COMMIT_SHA="${COMMIT_SHA:-$(git rev-parse HEAD)}" COMMIT_SHA="${COMMIT_SHA:-$(git rev-parse HEAD)}"

4
tools/appsre-build-worker-packer.sh
View file

@ -7,7 +7,7 @@ COMMIT_BRANCH="${COMMIT_BRANCH:-$(git rev-parse --abbrev-ref HEAD)}"
SKIP_CREATE_AMI="${SKIP_CREATE_AMI:-false}" SKIP_CREATE_AMI="${SKIP_CREATE_AMI:-false}"
BUILD_RPMS="${BUILD_RPMS:-true}" BUILD_RPMS="${BUILD_RPMS:-true}"
# RHEL workers build their own rpms. # RHEL workers build their own rpms.
SKIP_TAGS="${SKIP_TAGS:-rpmrepo_composer,rpmrepo_osbuild,rpmcopr}" ANSIBLE_TAGS="${ANSIBLE_TAGS:-rhel}"
# Build rhel only # Build rhel only
PACKER_ONLY_EXCEPT="${PACKER_ONLY_EXCEPT:---only=amazon-ebs.rhel-9-x86_64,amazon-ebs.rhel-9-aarch64}" PACKER_ONLY_EXCEPT="${PACKER_ONLY_EXCEPT:---only=amazon-ebs.rhel-9-x86_64,amazon-ebs.rhel-9-aarch64}"
@ -102,7 +102,7 @@ $CONTAINER_RUNTIME run --rm \
-e PKR_VAR_aws_secret_key="$PACKER_AWS_SECRET_ACCESS_KEY" \ -e PKR_VAR_aws_secret_key="$PACKER_AWS_SECRET_ACCESS_KEY" \
-e PKR_VAR_image_name="osbuild-composer-worker-$COMMIT_BRANCH-$COMMIT_SHA" \ -e PKR_VAR_image_name="osbuild-composer-worker-$COMMIT_BRANCH-$COMMIT_SHA" \
-e PKR_VAR_composer_commit="$COMMIT_SHA" \ -e PKR_VAR_composer_commit="$COMMIT_SHA" \
-e PKR_VAR_ansible_skip_tags="$SKIP_TAGS" \ -e PKR_VAR_ansible_tags="$ANSIBLE_TAGS" \
-e PKR_VAR_skip_create_ami="$SKIP_CREATE_AMI" \ -e PKR_VAR_skip_create_ami="$SKIP_CREATE_AMI" \
-e PKR_VAR_rh_activation_key="$RH_ACTIVATION_KEY" \ -e PKR_VAR_rh_activation_key="$RH_ACTIVATION_KEY" \
-e PKR_VAR_rh_org_id="$RH_ORG_ID" \ -e PKR_VAR_rh_org_id="$RH_ORG_ID" \

4
tools/ci-build-worker-packer.sh
View file

@ -7,7 +7,7 @@ COMMIT_BRANCH=$(git rev-parse --abbrev-ref HEAD)
SKIP_CREATE_AMI=false SKIP_CREATE_AMI=false
BUILD_RPMS=false BUILD_RPMS=false
# Use prebuilt rpms on CI # Use prebuilt rpms on CI
SKIP_TAGS="rpmcopy,rpmcopr,subscribe" ANSIBLE_TAGS="ci"
if [ -n "$CI_COMMIT_SHA" ]; then if [ -n "$CI_COMMIT_SHA" ]; then
COMMIT_SHA="$CI_COMMIT_SHA" COMMIT_SHA="$CI_COMMIT_SHA"
@ -30,5 +30,5 @@ else
PACKER_ONLY_EXCEPT=--except=amazon-ebs.dummy PACKER_ONLY_EXCEPT=--except=amazon-ebs.dummy
fi fi
export COMMIT_SHA COMMIT_BRANCH SKIP_CREATE_AMI BUILD_RPMS SKIP_TAGS PACKER_ONLY_EXCEPT export COMMIT_SHA COMMIT_BRANCH SKIP_CREATE_AMI BUILD_RPMS ANSIBLE_TAGS PACKER_ONLY_EXCEPT
tools/appsre-build-worker-packer.sh tools/appsre-build-worker-packer.sh