Skip to content

Commit 6faf919

Browse files
wtripp180901wtripp180901
committed
refactored ark role, disabled repos at end of build and modified site to work with disabled repos
1 parent a6e1243 commit 6faf919

File tree

18 files changed

+91
-216
lines changed

18 files changed

+91
-216
lines changed

ansible/.gitignore

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -64,5 +64,5 @@ roles/*
6464
!roles/k9s/**
6565
!roles/lustre/
6666
!roles/lustre/**
67-
!roles/release_train/
68-
!roles/release_train/**
67+
!roles/dnf_repos/
68+
!roles/dnf_repos/**

ansible/fatimage.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,10 @@
6969
tasks_from: install.yml
7070
when: "'openhpc' in group_names"
7171

72+
- name: Install Apache PAM module # Extracted from start of roles/openondemand/tasks/pam_auth.yml to ensure only installed during build
73+
yum:
74+
name: mod_authnz_pam
75+
7276
# - import_playbook: portal.yml
7377
- name: Open Ondemand server (packages)
7478
include_role:

ansible/roles/dnf_repos/defaults/main.yml

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
dnf_repos_rocky_ark_prefix: https://ark.stackhpc.com/pulp/content/{{ ansible_distribution | lower }}/9.4
2+
dnf_repos_rocky_ark_suffix: "{{ ansible_architecture }}/os/{{ dnf_repos_ark_timestamp }}/"
3+
# most stable from https://github.com/stackhpc/stackhpc-kayobe-config/blob/stackhpc/2024.1/etc/kayobe/pulp-repo-versions.yml
4+
# note that some timestamps can't be used because not all repos have snapshots for them
5+
dnf_repos_ark_timestamp: 20240816T002610
6+
dnf_repos_username: slurm-app-ci
7+
dnf_repos_password: "{{ lookup('ansible.builtin.env', 'ARK_PASSWORD') }}"
8+
9+
# epel installed separately
10+
dnf_repos_repolist:
11+
- file: rocky
12+
name: baseos
13+
base_url: "{{ dnf_repos_rocky_ark_prefix }}/BaseOS/{{ dnf_repos_rocky_ark_suffix }}"
14+
- file: rocky
15+
name: appstream
16+
base_url: "{{ dnf_repos_rocky_ark_prefix }}/AppStream/{{ dnf_repos_rocky_ark_suffix }}"
17+
- file: rocky
18+
name: crb
19+
base_url: "{{ dnf_repos_rocky_ark_prefix }}/AppStream/{{ dnf_repos_rocky_ark_suffix }}"
20+
- file: rocky-extras
21+
name: extras
22+
base_url: "{{ dnf_repos_rocky_ark_prefix }}/extras/{{ dnf_repos_rocky_ark_suffix }}"
23+
24+
dnf_repos_epel_baseurl: https://ark.stackhpc.com/pulp/content/epel/9/Everything/x86_64/20240902T080424

ansible/roles/dnf_repos/tasks/disable_repos.yml

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
---
2+
- name: Disable Pulp repos and remove creds
3+
ansible.builtin.yum_repository:
4+
file: "{{ item.file }}"
5+
name: "{{ item.name }}"
6+
baseurl: "{{ item.base_url }}"
7+
description: "{{ item.name }}"
8+
enabled: false
9+
loop: "{{ dnf_repos_repolist }}"
10+
11+
- name: Disable EPEL repo and remove creds
12+
ansible.builtin.yum_repository:
13+
name: epel
14+
file: epel
15+
description: epel
16+
baseurl: "{{ dnf_repos_epel_baseurl }}"
17+
gpgcheck: false
18+
enabled: false

ansible/roles/dnf_repos/tasks/set_repos.yml

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
---
2+
3+
- name: Replace system repos with Pulp repos
4+
ansible.builtin.yum_repository:
5+
file: "{{ item.file }}"
6+
name: "{{ item.name }}"
7+
baseurl: "{{ item.base_url }}"
8+
description: "{{ item.name }}"
9+
username: "{{ dnf_repos_username }}"
10+
password: "{{ dnf_repos_password }}"
11+
loop: "{{ dnf_repos_repolist }}"
12+
13+
- name: Install epel-release
14+
ansible.builtin.dnf:
15+
name: epel-release
16+
17+
- name: Use Pulp EPEL repo
18+
ansible.builtin.yum_repository:
19+
name: epel
20+
file: epel
21+
description: epel
22+
gpgcheck: false
23+
username: "{{ dnf_repos_username }}"
24+
password: "{{ dnf_repos_password }}"
25+
baseurl: "{{ dnf_repos_epel_baseurl }}"

ansible/roles/openondemand/tasks/main.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
tasks_from: install-package.yml
1313
vars_from: "Rocky/{{ ansible_distribution_major_version }}.yml"
1414
public: yes # Expose the vars from this role to the rest of the play
15+
when: appliances_mode != 'configure'
1516
# can't set vars: from a dict hence the workaround above
1617

1718
- include_tasks:

ansible/roles/openondemand/tasks/pam_auth.yml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,5 @@
11
# https://osc.github.io/ood-documentation/latest/authentication/pam.html
22
---
3-
- name: Install Apache PAM module
4-
yum:
5-
name: mod_authnz_pam
63

74
- name: Enable Apache PAM module
85
lineinfile:

ansible/roles/release_train/defaults/main.yml

Lines changed: 0 additions & 8 deletions
This file was deleted.

ansible/roles/release_train/tasks/revert_repos.yml

Lines changed: 0 additions & 19 deletions
This file was deleted.

ansible/roles/release_train/tasks/set_repos.yml

Lines changed: 0 additions & 22 deletions
This file was deleted.

0 commit comments

Comments
 (0)