[MediaWiki-commits] [Gerrit] ci: Add gerrit as a known host for Jenkins slaves - change (operations/puppet)

Tue, 05 Apr 2016 16:51:06 -0700 

Yuvipanda has submitted this change and it was merged.

Change subject: ci: Add gerrit as a known host for Jenkins slaves
......................................................................


ci: Add gerrit as a known host for Jenkins slaves

As part of T130576, trying to make Jenkins push commits to gerrit
as part of the maven release process. This currently fails because
the Jenkins slaves don't trust the gerrit host.

Change-Id: I57a7f79fe6545dcd99f5a20fa52d9e2fbd8b1523
---
M modules/role/manifests/ci/slave/labs.pp
1 file changed, 18 insertions(+), 1 deletion(-)

Approvals:
  Dduvall: Looks good to me, but someone else must approve
  Yuvipanda: Verified; Looks good to me, approved



diff --git a/modules/role/manifests/ci/slave/labs.pp 
b/modules/role/manifests/ci/slave/labs.pp
index eaed59a..3e5eac0 100644
--- a/modules/role/manifests/ci/slave/labs.pp
+++ b/modules/role/manifests/ci/slave/labs.pp
@@ -53,5 +53,22 @@
         ]
     }
 
-}
+    # The sshkey resource seems to modify file permissions and make it
+    # unreadable - this is a known bug 
(https://tickets.puppetlabs.com/browse/PUP-2900)
+    # Trying to define this file resource, and notify the resource to be 
ensured
+    # from the sshkey resource, to see if it fixes the problem
+    file { '/etc/ssh/ssh_known_hosts':
+        ensure => file,
+        mode   => '0644',
+    }
 
+    # Add gerrit as a known host
+    sshkey { 'gerrit':
+        ensure       => 'present',
+        name         => 'gerrit.wikimedia.org',
+        host_aliases => ['208.80.154.81'],
+        key          => 
'AAAAB3NzaC1yc2EAAAADAQABAAAAgQCF8pwFLehzCXhbF1jfHWtd9d1LFq2NirplEBQYs7AOrGwQ/6ZZI0gvZFYiEiaw1o+F1CMfoHdny1VfWOJF3mJ1y9QMKAacc8/Z3tG39jBKRQCuxmYLO1SWymv7/Uvx9WQlkNRoTdTTa9OJFy6UqvLQEXKYaokfMIUHZ+oVFf1CgQ==',
+        type         => 'ssh-rsa',
+        notify       => File['/etc/ssh/ssh_known_hosts'],
+    }
+}

-- 
To view, visit https://gerrit.wikimedia.org/r/281706
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I57a7f79fe6545dcd99f5a20fa52d9e2fbd8b1523
Gerrit-PatchSet: 11
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Madhuvishy <[email protected]>
Gerrit-Reviewer: Dduvall <[email protected]>
Gerrit-Reviewer: Hashar <[email protected]>
Gerrit-Reviewer: Madhuvishy <[email protected]>
Gerrit-Reviewer: Yuvipanda <[email protected]>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to