3
# For JENKINS_HOME, JENKINS_USER
6
AS_JENKINS="sudo -i -u $JENKINS_USER"
8
PACKAGES="rsync cowbuilder eatmydata bzr bzr-builddeb python-jenkins python-jinja2 python-yaml python-requests dput"
9
apt-get install $PACKAGES -yq --force-yes
12
mkdir -p /etc/rsyncd.d
13
cp hooks/install.d/config/rsyncd.conf /etc/rsyncd.d/020-ci-train
14
cat <<EOF >/etc/rsyncd.conf
16
log file = /var/log/rsyncd.log
19
cat /etc/rsyncd.d/* > /etc/rsyncd.conf
20
sed -i 's,RSYNC_ENABLE=false,RSYNC_ENABLE=true,' /etc/default/rsync
23
mkdir -p $JENKINS_HOME/.ssh
24
chown $JENKINS_USER $JENKINS_HOME/.ssh
25
chmod 700 $JENKINS_HOME/.ssh
26
cp -a hooks/install.d/creds/id_rsa* $JENKINS_HOME/.ssh/
27
chmod 600 $JENKINS_HOME/.ssh/id_rsa*
28
chown $JENKINS_USER $JENKINS_HOME/.ssh/id_rsa*
29
if ! grep -qs bazaar.launchpad.net $JENKINS_HOME/.ssh/known_hosts; then
30
$AS_JENKINS ssh-keyscan -t rsa bazaar.launchpad.net > $JENKINS_HOME/.ssh/known_hosts
32
if ! $AS_JENKINS gpg --list-keys | grep -qs ps-jenkins; then
33
cp hooks/install.d/creds/setup_psjenkins_gpg.sh $JENKINS_HOME
34
$AS_JENKINS $JENKINS_HOME/setup_psjenkins_gpg.sh
35
rm $JENKINS_HOME/setup_psjenkins_gpg.sh
39
# We've changed the public key from the generated version. Tell the slaves.
40
for rid in $(relation-ids public_key); do
41
relation-set -r$rid public_key="`su $JENKINS_USER -c "cat $JENKINS_HOME/.ssh/id_rsa.pub"`"
44
$AS_JENKINS bzr whoami 'CI bot <ps-jenkins@lists.canonical.com>'
45
$AS_JENKINS bzr launchpad-login ps-jenkins
46
$AS_JENKINS rm -rf $JENKINS_HOME/citrain-preprod
47
$AS_JENKINS rm -rf $JENKINS_HOME/citrain
48
$AS_JENKINS bzr branch lp:cupstream2distro $JENKINS_HOME/citrain-preprod
49
$AS_JENKINS bzr branch $JENKINS_HOME/citrain-preprod $JENKINS_HOME/citrain
51
# XXX note: DIST=trusty here, will need to create a job later on to create a
52
# new release (would be easier)
53
# || true because you'll get an error about libeatmydata.so not being preloaded
54
if [ ! -e "/var/cache/pbuilder/trusty-$(dpkg --print-architecture)" ]; then
55
DIST=trusty HOME=$JENKINS_HOME/citrain/chroot-tools/ sudo -E cowbuilder --create --debootstrapopts --variant=buildd || true
56
DIST=trusty HOME=$JENKINS_HOME/citrain/chroot-tools/ sudo -E cowbuilder --save --execute -- /usr/bin/apt-get install eatmydata bzr-builddeb software-properties-common -yq --force-yes
59
cat <<EOF > /etc/sudoers.d/citrain
60
jenkins ALL=(ALL) NOPASSWD:SETENV: /usr/sbin/cowbuilder
61
jenkins ALL=(ALL) NOPASSWD:SETENV: /usr/bin/apt-get clean
62
jenkins ALL=(ALL) NOPASSWD:SETENV: /usr/sbin/pbuilder --clean
64
chmod 0440 /etc/sudoers.d/citrain
66
# XXX It seems to want the password set to token here. I'm not sure why, but it
68
TOKEN="$(config-get jenkins-token)"
69
USERNAME="$(config-get jenkins-admin-user)"
70
if [ -n "$TOKEN" ]; then
71
cat <<EOF > $JENKINS_HOME/.cu2d.cred
75
url: http://127.0.0.1:8080
78
chmod 0600 $JENKINS_HOME/.cu2d.cred
79
sleep 10 # FIXME something needs time to settle.
80
$AS_JENKINS $JENKINS_HOME/citrain/citrain/manual/setup-citrain --allsilos --prepare --checkpublicationmigration --deploydeploy