New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Specify exactly how and where Ansible runs (bootstrap, production crontask, development) #37
Conversation
@@ -41,3 +41,6 @@ utility_packages: | |||
- bash | |||
- screen | |||
- vim-lite # we probably do not want to bring all the stuff | |||
|
|||
# The upstream repository from which the service host crontask should pull | |||
ansible_git_repository: https://github.com/buildbot/buildbot-infra |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would use git://
I need to revise this to run local.yml, among other comments above. |
Because this won't work well in development (it will always look at prod-hosts), it's easily disabled with no_ansible_pull=true in the inventory. Fixes #3089.
name: ansible | ||
state: present | ||
|
||
- name: create service account |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we need to agree where we create the service account :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think here makes sense - this is where it's used anyway.
c1ab0eb
to
109aca1
Compare
OK, this is ready for more review. The scope has widened a bit, and I've adjusted the summary to correspond. |
ssh $SSH_ARGS $HOSTNAME git clone --depth 1 git://github.com/buildbot/buildbot-infra repo | ||
|
||
# Run local.yml. This will take care of the real setup | ||
ssh $SSH_ARGS $HOSTNAME ansible-playbook --ask-vault-pass -i repo/localhost repo/local.yml |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm curious if sudo
is enabled to root by default...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It appears it is:
root ALL=(ALL) ALL
👍 I'd wait for @seankelly's comments though. |
|
||
ansible-playbook local.yml | ||
|
||
To avoid installing a the Ansible crontask, add ``-e no_ansible_pull=true``. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Extra word in this sentence.
Also looks good to me. |
Deployed on service3 |
This should help illustrate my mailing-list conversation wondering exactly how we should accomplish this.
Because this won't work well in development (it will always look at
prod-hosts), it's easily disabled with no_ansible_pull=true in the
inventory. Fixes #3089.