summaryrefslogtreecommitdiffstats
path: root/roles/repos
diff options
context:
space:
mode:
Diffstat (limited to 'roles/repos')
-rw-r--r--roles/repos/defaults/main.yaml5
-rw-r--r--roles/repos/files/docker.repo5
-rw-r--r--roles/repos/files/online/RPM-GPG-KEY-redhat-beta61
-rw-r--r--roles/repos/files/online/RPM-GPG-KEY-redhat-release (renamed from roles/repos/files/RPM-GPG-KEY-redhat-release)0
-rw-r--r--roles/repos/files/online/epel7-kubernetes.repo (renamed from roles/repos/files/epel7-kubernetes.repo)0
-rw-r--r--roles/repos/files/online/epel7-openshift.repo (renamed from roles/repos/files/epel7-origin.repo)0
-rw-r--r--roles/repos/files/online/oso-rhui-rhel-7-extras.repo23
-rw-r--r--roles/repos/files/online/oso-rhui-rhel-7-server.repo21
-rw-r--r--roles/repos/files/online/rhel-7-libra-candidate.repo11
-rw-r--r--roles/repos/files/oso-rhui-rhel-7-server.repo13
-rw-r--r--roles/repos/files/rhel-7-libra-candidate.repo10
-rw-r--r--roles/repos/tasks/main.yaml46
-rw-r--r--roles/repos/templates/yum_repo.j215
-rw-r--r--roles/repos/vars/main.yml2
14 files changed, 175 insertions, 37 deletions
diff --git a/roles/repos/defaults/main.yaml b/roles/repos/defaults/main.yaml
new file mode 100644
index 000000000..6fe2bf621
--- /dev/null
+++ b/roles/repos/defaults/main.yaml
@@ -0,0 +1,5 @@
+---
+# TODO: once we are able to configure/deploy origin using the openshift roles,
+# then we should default to origin
+openshift_deployment_type: online
+openshift_additional_repos: {}
diff --git a/roles/repos/files/docker.repo b/roles/repos/files/docker.repo
deleted file mode 100644
index 5722284f5..000000000
--- a/roles/repos/files/docker.repo
+++ /dev/null
@@ -1,5 +0,0 @@
-[docker]
-name= Temporary Docker rpm
-baseurl=http://10.240.169.148/mirror/docker
-gpgcheck=0
-enabled=0
diff --git a/roles/repos/files/online/RPM-GPG-KEY-redhat-beta b/roles/repos/files/online/RPM-GPG-KEY-redhat-beta
new file mode 100644
index 000000000..7b40671a4
--- /dev/null
+++ b/roles/repos/files/online/RPM-GPG-KEY-redhat-beta
@@ -0,0 +1,61 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.2.6 (GNU/Linux)
+
+mQINBEmkAzABEAC2/c7bP1lHQ3XScxbIk0LQWe1YOiibQBRLwf8Si5PktgtuPibT
+kKpZjw8p4D+fM7jD1WUzUE0X7tXg2l/eUlMM4dw6XJAQ1AmEOtlwSg7rrMtTvM0A
+BEtI7Km6fC6sU6RtBMdcqD1cH/6dbsfh8muznVA7UlX+PRBHVzdWzj6y8h84dBjo
+gzcbYu9Hezqgj/lLzicqsSZPz9UdXiRTRAIhp8V30BD8uRaaa0KDDnD6IzJv3D9P
+xQWbFM4Z12GN9LyeZqmD7bpKzZmXG/3drvfXVisXaXp3M07t3NlBa3Dt8NFIKZ0D
+FRXBz5bvzxRVmdH6DtkDWXDPOt+Wdm1rZrCOrySFpBZQRpHw12eo1M1lirANIov7
+Z+V1Qh/aBxj5EUu32u9ZpjAPPNtQF6F/KjaoHHHmEQAuj4DLex4LY646Hv1rcv2i
+QFuCdvLKQGSiFBrfZH0j/IX3/0JXQlZzb3MuMFPxLXGAoAV9UP/Sw/WTmAuTzFVm
+G13UYFeMwrToOiqcX2VcK0aC1FCcTP2z4JW3PsWvU8rUDRUYfoXovc7eg4Vn5wHt
+0NBYsNhYiAAf320AUIHzQZYi38JgVwuJfFu43tJZE4Vig++RQq6tsEx9Ftz3EwRR
+fJ9z9mEvEiieZm+vbOvMvIuimFVPSCmLH+bI649K8eZlVRWsx3EXCVb0nQARAQAB
+tDBSZWQgSGF0LCBJbmMuIChiZXRhIGtleSAyKSA8c2VjdXJpdHlAcmVkaGF0LmNv
+bT6JAjYEEwECACAFAkpSM+cCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRCT
+ioDK8hVB6/9tEAC0+KmzeKceXQ/GTUoU6jy9vtkFCFrmv+c7ol4XpdTt0QhqBOwy
+6m2mKWwmm8KfYfy0cADQ4y/EcoXl7FtFBwYmkCuEQGXhTDn9DvVjhooIq59LEMBQ
+OW879RwwzRIZ8ebbjMUjDPF5MfPQqP2LBu9N4KvXlZp4voykwuuaJ+cbsKZR6pZ6
+0RQKPHKP+NgUFC0fff7XY9cuOZZWFAeKRhLN2K7bnRHKxp+kELWb6R9ZfrYwZjWc
+MIPbTd1khE53L4NTfpWfAnJRtkPSDOKEGVlVLtLq4HEAxQt07kbslqISRWyXER3u
+QOJj64D1ZiIMz6t6uZ424VE4ry9rBR0Jz55cMMx5O/ni9x3xzFUgH8Su2yM0r3jE
+Rf24+tbOaPf7tebyx4OKe+JW95hNVstWUDyGbs6K9qGfI/pICuO1nMMFTo6GqzQ6
+DwLZvJ9QdXo7ujEtySZnfu42aycaQ9ZLC2DOCQCUBY350Hx6FLW3O546TAvpTfk0
+B6x+DV7mJQH7MGmRXQsE7TLBJKjq28Cn4tVp04PmybQyTxZdGA/8zY6pPl6xyVMH
+V68hSBKEVT/rlouOHuxfdmZva1DhVvUC6Xj7+iTMTVJUAq/4Uyn31P1OJmA2a0PT
+CAqWkbJSgKFccsjPoTbLyxhuMSNkEZFHvlZrSK9vnPzmfiRH0Orx3wYpMQ==
+=21pb
+-----END PGP PUBLIC KEY BLOCK-----
+The following public key can be used to verify RPM packages built and
+signed by Red Hat, Inc. for this beta using `rpm -K' using the GNU GPG
+package. Questions about this key should be sent to security@redhat.com.
+
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.0.6 (GNU/Linux)
+Comment: For info see http://www.gnupg.org
+
+mQGiBDySTqsRBACzc7xuCIp10oj5B2PAV4XzDeVxprv/WTMreSNSK+iC0bEz0IBp
+Vnn++qtyiXfH+bGIE9jqZgIEnpttWhUOaU5LhcLFzy+m8NWfngIFP9QfGmGAe9Gd
+LFeAdhj4RmSG/vgr7vDd83Hz22dv403Ar/sliWO4vDOrMmZBG57WGYTWtwCgkMsi
+UUQuJ6slbzKn82w+bYxOlL0EAIylWJGaTkKOTL5DqVR3ik9aT0Dt3FNVYiuhcKBe
+II4E3KOIVA9kO8in1IZjx2gs6K2UV+GsoAVANdfKL7l9O+k+J8OxhE74oycvYJxW
+QzCgXMZkNcvW5wyXwEMcr6TVd/5BGztcMw8oT3/l2MtAEG/vn1XaWToRSO1XDMDz
++AjUA/4m0mTkN8S4wjzJG8lqN7+quW3UOaiCe8J3SFrrrhE0XbY9cTJI/9nuXHU1
+VjqOSmXQYH2Db7UOroFTBiWhlAedA4O4yuK52AJnvSsHbnJSEmn9rpo5z1Q8F+qI
+mDlzriJdrIrVLeDiUeTlpH3kpG38D7007GhXBV72k1gpMoMcpbQ3UmVkIEhhdCwg
+SW5jLiAoQmV0YSBUZXN0IFNvZnR3YXJlKSA8cmF3aGlkZUByZWRoYXQuY29tPohX
+BBMRAgAXBQI8l5p/BQsHCgMEAxUDAgMWAgECF4AACgkQ/TcmiYl9oHqdeQCfZjw4
+F9sir3XfRAjVe9kYNcQ8hnIAn0WgyT7H5RriWYTOCfauOmd+cAW4iEYEEBECAAYF
+AjyXmqQACgkQIZGAzdtCpg5nDQCfepuRUyuVJvhuQkPWySETYvRw+WoAnjAWhx6q
+0npMx4OE1JGFi8ymKXktuQENBDySTq4QBADKL/mK7S8E3synxISlu7R6fUvu07Oc
+RoX96n0Di6T+BS99hC44XzHjMDhUX2ZzVvYS88EZXoUDDkB/8g7SwZrOJ/QE1zrI
+JmSVciNhSYWwqeT40Evs88ajZUfDiNbS/cSC6oui98iS4vxd7sE7IPY+FSx9vuAR
+xOa9vBnJY/dx0wADBQQAosm+Iltt2uigC6LJzxNOoIdB5r0GqTC1o5sHCeNqXJhU
+ExAG8m74uzMlYVLOpGZi4y4NwwAWvCWC0MWWnnu+LGFy1wKiJKRjhv5F+WkFutY5
+WHV5L44vp9jSIlBCRG+84jheTh8xqhndM9wOfPwWdYYu1vxrB8Tn6kA17PcYfHSI
+RgQYEQIABgUCPJJergAKCRD9NyaJiX2geiCPAJ4nEM4NtI9Uj8lONDk6FU86PmoL
+yACfb68fBd2pWEzLKsOk9imIobHHpzE=
+=gpIn
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/roles/repos/files/RPM-GPG-KEY-redhat-release b/roles/repos/files/online/RPM-GPG-KEY-redhat-release
index 0f83b622d..0f83b622d 100644
--- a/roles/repos/files/RPM-GPG-KEY-redhat-release
+++ b/roles/repos/files/online/RPM-GPG-KEY-redhat-release
diff --git a/roles/repos/files/epel7-kubernetes.repo b/roles/repos/files/online/epel7-kubernetes.repo
index 1deae2939..1deae2939 100644
--- a/roles/repos/files/epel7-kubernetes.repo
+++ b/roles/repos/files/online/epel7-kubernetes.repo
diff --git a/roles/repos/files/epel7-origin.repo b/roles/repos/files/online/epel7-openshift.repo
index c7629872d..c7629872d 100644
--- a/roles/repos/files/epel7-origin.repo
+++ b/roles/repos/files/online/epel7-openshift.repo
diff --git a/roles/repos/files/online/oso-rhui-rhel-7-extras.repo b/roles/repos/files/online/oso-rhui-rhel-7-extras.repo
new file mode 100644
index 000000000..cfe41f691
--- /dev/null
+++ b/roles/repos/files/online/oso-rhui-rhel-7-extras.repo
@@ -0,0 +1,23 @@
+[oso-rhui-rhel-server-extras]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux - Extras
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-7-extras/
+ https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-7-extras/
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
+failovermethod=priority
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
+
+[oso-rhui-rhel-server-extras-htb]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux - Extras HTB
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-7-extras-htb/
+ https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-7-extras-htb/
+enabled=0
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
+failovermethod=priority
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
diff --git a/roles/repos/files/online/oso-rhui-rhel-7-server.repo b/roles/repos/files/online/oso-rhui-rhel-7-server.repo
new file mode 100644
index 000000000..ddc93193d
--- /dev/null
+++ b/roles/repos/files/online/oso-rhui-rhel-7-server.repo
@@ -0,0 +1,21 @@
+[oso-rhui-rhel-server-releases]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux 7
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-7-releases/
+ https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-7-releases/
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
+
+[oso-rhui-rhel-server-releases-optional]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux 7 - Optional
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-7-releases-optional/
+ https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-7-releases-optional/
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
diff --git a/roles/repos/files/online/rhel-7-libra-candidate.repo b/roles/repos/files/online/rhel-7-libra-candidate.repo
new file mode 100644
index 000000000..b4215679f
--- /dev/null
+++ b/roles/repos/files/online/rhel-7-libra-candidate.repo
@@ -0,0 +1,11 @@
+[rhel-7-libra-candidate]
+name=rhel-7-libra-candidate - \$basearch
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhel-7-libra-candidate/\$basearch/
+ https://mirror.ops.rhcloud.com/libra/rhel-7-libra-candidate/\$basearch/
+gpgkey=https://mirror.ops.rhcloud.com/libra/RPM-GPG-KEY-redhat-openshifthosted
+skip_if_unavailable=True
+gpgcheck=0
+enabled=1
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
+sslverify=False
diff --git a/roles/repos/files/oso-rhui-rhel-7-server.repo b/roles/repos/files/oso-rhui-rhel-7-server.repo
deleted file mode 100644
index d32070634..000000000
--- a/roles/repos/files/oso-rhui-rhel-7-server.repo
+++ /dev/null
@@ -1,13 +0,0 @@
-[oso-rhel-7-server]
-name=Red Hat Enterprise Linux 7 Server from RHUI (RPMs)
-baseurl=http://10.240.169.148/mirror/rhui-rhel-server-7-releases
-enabled=1
-gpgcheck=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
-
-[oso-rhel-7-server-optional]
-name=Red Hat Enterprise Linux 7 Server - Optional from RHUI (RPMs)
-baseurl=http://10.240.169.148/mirror/rhui-rhel-server-7-releases-optional
-enabled=1
-gpgcheck=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
diff --git a/roles/repos/files/rhel-7-libra-candidate.repo b/roles/repos/files/rhel-7-libra-candidate.repo
deleted file mode 100644
index 0901bf707..000000000
--- a/roles/repos/files/rhel-7-libra-candidate.repo
+++ /dev/null
@@ -1,10 +0,0 @@
-[rhel-7-libra-candidate]
-name=rhel-7-libra-candidate - \$basearch
-baseurl=https://mirror1.ops.rhcloud.com/libra/rhel-7-libra-candidate/\$basearch/
-gpgkey=https://mirror1.ops.rhcloud.com/libra/RPM-GPG-KEY-redhat-release https://mirror1.ops.rhcloud.com/libra/RPM-GPG-KEY-redhat-beta https://mirror1.ops.rhcloud.com/libra/RPM-GPG-KEY-redhat-openshifthosted
-skip_if_unavailable=True
-gpgcheck=0
-enabled=1
-sslclientcert=/var/lib/yum/client-cert.pem
-sslclientkey=/var/lib/yum/client-key.pem
-sslverify=False
diff --git a/roles/repos/tasks/main.yaml b/roles/repos/tasks/main.yaml
index 3b66bb392..43786da41 100644
--- a/roles/repos/tasks/main.yaml
+++ b/roles/repos/tasks/main.yaml
@@ -1,13 +1,41 @@
---
-# The following role lays down the correct repository and gpg key for yum
-- name: Ensure rhel 7 libra candidate exists in yum.repos.d
- copy: src=rhel-7-libra-candidate.repo dest=/etc/yum.repos.d/rhel-7-libra-candidate.repo
+# TODO: Add flag for enabling EPEL repo, default to false
-- name: Ensure a docker repo is laid down
- copy: src=docker.repo dest=/etc/yum.repos.d/docker.repo
+- assert:
+ that: openshift_deployment_type in known_openshift_deployment_types
-- name: Ensure the kubernetes repo is available
- copy: src=epel7-kubernetes.repo dest=/etc/yum.repos.d/epel7-kubernetes.repo
+# TODO: remove this when origin support actually works
+- fail: msg="OpenShift Origin support is not currently enabled"
+ when: openshift_deployment_type == 'origin'
-- name: Ensure the origin repo is available
- copy: src=epel7-origin.repo dest=/etc/yum.repos.d/epel7-origin.repo
+- name: Create any additional repos that are defined
+ template:
+ src: yum_repo.j2
+ dest: /etc/yum.repos.d/openshift_additional.repo
+ when: openshift_additional_repos | length > 0
+
+- name: Remove the additional repos if no longer defined
+ file:
+ dest: /etc/yum.repos.d/openshift_additional.repo
+ state: absent
+ when: openshift_additional_repos | length == 0
+
+- name: Remove any yum repo files for other deployment types
+ file:
+ path: "/etc/yum.repos.d/{{ item | basename }}"
+ state: absent
+ with_fileglob:
+ - '*/*'
+ when: not (item | search("/files/" + openshift_deployment_type + "/")) and (item | search(".repo$"))
+
+- name: Configure gpg keys if needed
+ copy: src={{ item }} dest=/etc/pki/rpm-gpg/
+ with_fileglob:
+ - "{{ openshift_deployment_type }}/*"
+ when: item | basename | match("RPM-GPG-KEY-")
+
+- name: Configure yum repositories
+ copy: src={{ item }} dest=/etc/yum.repos.d/
+ with_fileglob:
+ - "{{ openshift_deployment_type }}/*"
+ when: item | basename | search(".*\.repo$")
diff --git a/roles/repos/templates/yum_repo.j2 b/roles/repos/templates/yum_repo.j2
new file mode 100644
index 000000000..7ea2c7460
--- /dev/null
+++ b/roles/repos/templates/yum_repo.j2
@@ -0,0 +1,15 @@
+# {{ ansible_managed }}
+{% for repo in openshift_additional_repos %}
+[{{ repo.id }}]
+name={{ repo.name | default(repo.id) }}
+baseurl={{ repo.baseurl }}
+{% set enable_repo = repo.enabled | default('1') %}
+enabled={{ 1 if ( enable_repo == 1 or enable_repo == True ) else 0 }}
+{% set enable_gpg_check = repo.gpgcheck | default('1') %}
+gpgcheck={{ 1 if ( enable_gpg_check == 1 or enable_gpg_check == True ) else 0 }}
+{% for key, value in repo.iteritems() %}
+{% if key not in ['id', 'name', 'baseurl', 'enabled', 'gpgcheck'] and value is defined %}
+{{ key }}={{ value }}
+{% endif %}
+{% endfor %}
+{% endfor %}
diff --git a/roles/repos/vars/main.yml b/roles/repos/vars/main.yml
new file mode 100644
index 000000000..bbb4c77e7
--- /dev/null
+++ b/roles/repos/vars/main.yml
@@ -0,0 +1,2 @@
+---
+known_openshift_deployment_types: ['origin', 'online', 'enterprise']