Closed Bug 951000 Opened 10 years ago Closed 10 years ago

Deploy release-runner ssh key to release-runner instances

Categories

(Infrastructure & Operations Graveyard :: CIDuty, task)

x86_64
Linux
task
Not set
critical

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: rail, Assigned: rail)

References

Details

Attachments

(1 file, 1 obsolete file)

This is a fallout from 792836 and bm81 having an extra sh key for release-runner.

27.0b2 release runneer failed 
IOError: [Errno 2] No such file or directory: '/home/cltbld/.ssh/release-runner'
Assignee: nobody → rail
Attached patch release-runner-puppet.diff (obsolete) — Splinter Review
I'm going to test it tomorrow
Attachment #8348457 - Flags: feedback?(dustin)
Comment on attachment 8348457 [details] [diff] [review]
release-runner-puppet.diff

if this tests ok, r+=me
Attachment #8348457 - Flags: review+
Comment on attachment 8348457 [details] [diff] [review]
release-runner-puppet.diff

This is depending on an implementation detail of the buildmaster class, which smells wrong to me.  I think this could be managed much more simply: use

ssh_key: <%= scope.lookupvar('users::builder::home') %>/.ssh/release-runner

in the config, and install the key file directly with content => secret('releaserunner_ssh_key') in modules/releaserunner/manifests/init.pp

There's no reason that other orgs would want to have a different name for the key file in ~/.ssh, so that doesn't need to be a config.  And there's no need to handle this using the buildmaster ssh-key handling stuff.  We handle several other private keys directly elsewhere in puppet (puppetsync comes to mind).
Attachment #8348457 - Flags: feedback?(dustin) → feedback-
I will test this tomorrow.
Attachment #8348457 - Attachment is obsolete: true
Comment on attachment 8348501 [details] [diff] [review]
release-runner-puppet-1.diff

tested, worked as expected

remote:   https://hg.mozilla.org/build/puppet/rev/431367d9baaf
remote:   https://hg.mozilla.org/build/puppet/rev/c53a4da77b7a
Attachment #8348501 - Flags: checked-in+
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Component: Platform Support → Buildduty
Product: Release Engineering → Infrastructure & Operations
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in before you can comment on or make changes to this bug.