More E208 mode fixes
Change-Id: I8157ec1f31b8c5a064b63002e8311b91ef9ce9ab See: https://ansible-lint.readthedocs.io/en/latest/default_rules.html#file-permissions-not-mentioned
This commit is contained in:
Sorin Sbarnea
parent
73a2da3b12
commit
856866fdde
@ -28,6 +28,7 @@
|
|||||||
copy:
|
copy:
|
||||||
content: "{{ buildset_registry.cert }}"
|
content: "{{ buildset_registry.cert }}"
|
||||||
dest: "{{ buildkit_cert_tmp.path }}"
|
dest: "{{ buildkit_cert_tmp.path }}"
|
||||||
|
mode: preserve
|
||||||
when: buildset_registry is defined and buildset_registry.cert
|
when: buildset_registry is defined and buildset_registry.cert
|
||||||
|
|
||||||
- name: Copy buildset registry TLS cert into worker container
|
- name: Copy buildset registry TLS cert into worker container
|
||||||
|
|||||||
@ -2,6 +2,7 @@
|
|||||||
file:
|
file:
|
||||||
path: "{{ git_cache_root }}/{{ zj_project.canonical_name | dirname }}"
|
path: "{{ git_cache_root }}/{{ zj_project.canonical_name | dirname }}"
|
||||||
state: directory
|
state: directory
|
||||||
|
mode: 0775
|
||||||
with_items: "{{ zuul.projects.values() | list }}"
|
with_items: "{{ zuul.projects.values() | list }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: zj_project
|
loop_var: zj_project
|
||||||
|
|||||||
@ -34,11 +34,13 @@
|
|||||||
file:
|
file:
|
||||||
state: directory
|
state: directory
|
||||||
path: /etc/docker
|
path: /etc/docker
|
||||||
|
mode: 0755
|
||||||
- name: Write buildset registry TLS certificate
|
- name: Write buildset registry TLS certificate
|
||||||
become: true
|
become: true
|
||||||
copy:
|
copy:
|
||||||
content: "{{ buildset_registry.cert }}"
|
content: "{{ buildset_registry.cert }}"
|
||||||
dest: "{{ ca_dir }}/{{ buildset_registry_alias }}.crt"
|
dest: "{{ ca_dir }}/{{ buildset_registry_alias }}.crt"
|
||||||
|
mode: 0644
|
||||||
register: _tls_ca
|
register: _tls_ca
|
||||||
- name: Update CA certs
|
- name: Update CA certs
|
||||||
command: "{{ ca_command }}"
|
command: "{{ ca_command }}"
|
||||||
@ -74,6 +76,7 @@
|
|||||||
copy:
|
copy:
|
||||||
content: "{{ docker_config | to_nice_json }}"
|
content: "{{ docker_config | to_nice_json }}"
|
||||||
dest: /etc/docker/daemon.json
|
dest: /etc/docker/daemon.json
|
||||||
|
mode: 0644
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
- name: Restart docker daemon
|
- name: Restart docker daemon
|
||||||
@ -89,6 +92,7 @@
|
|||||||
file:
|
file:
|
||||||
state: directory
|
state: directory
|
||||||
path: /etc/containers
|
path: /etc/containers
|
||||||
|
mode: 0755
|
||||||
- name: Modify registries.conf
|
- name: Modify registries.conf
|
||||||
become: yes
|
become: yes
|
||||||
modify_registries_conf:
|
modify_registries_conf:
|
||||||
@ -102,6 +106,7 @@
|
|||||||
file:
|
file:
|
||||||
state: directory
|
state: directory
|
||||||
path: /etc/buildkit/
|
path: /etc/buildkit/
|
||||||
|
mode: 0755
|
||||||
- name: Modify buildkitd.toml
|
- name: Modify buildkitd.toml
|
||||||
become: yes
|
become: yes
|
||||||
modify_buildkitd_toml:
|
modify_buildkitd_toml:
|
||||||
|
|||||||
@ -48,6 +48,7 @@
|
|||||||
copy:
|
copy:
|
||||||
content: "{{ docker_config | to_nice_json }}"
|
content: "{{ docker_config | to_nice_json }}"
|
||||||
dest: "/run/user/{{ ansible_user_uid }}/auth.json"
|
dest: "/run/user/{{ ansible_user_uid }}/auth.json"
|
||||||
|
mode: 0600
|
||||||
# The next two tasks are for supporting k8s
|
# The next two tasks are for supporting k8s
|
||||||
- name: Check if /var/lib/kubelet exists
|
- name: Check if /var/lib/kubelet exists
|
||||||
stat:
|
stat:
|
||||||
|
|||||||
@ -3,6 +3,7 @@
|
|||||||
file:
|
file:
|
||||||
state: directory
|
state: directory
|
||||||
path: /etc/docker
|
path: /etc/docker
|
||||||
|
mode: 0755
|
||||||
|
|
||||||
- name: Set docker_mirror fact
|
- name: Set docker_mirror fact
|
||||||
when:
|
when:
|
||||||
|
|||||||
@ -19,6 +19,7 @@
|
|||||||
file:
|
file:
|
||||||
path: "{{ registry_tempdir.path }}/auth"
|
path: "{{ registry_tempdir.path }}/auth"
|
||||||
state: directory
|
state: directory
|
||||||
|
mode: 0755
|
||||||
|
|
||||||
- name: Install passlib for htpasswd
|
- name: Install passlib for htpasswd
|
||||||
become: true
|
become: true
|
||||||
@ -33,6 +34,7 @@
|
|||||||
create: true
|
create: true
|
||||||
crypt_scheme: bcrypt
|
crypt_scheme: bcrypt
|
||||||
path: "{{ registry_tempdir.path }}/auth/htpasswd"
|
path: "{{ registry_tempdir.path }}/auth/htpasswd"
|
||||||
|
mode: 0644
|
||||||
name: "{{ registry.username }}"
|
name: "{{ registry.username }}"
|
||||||
password: "{{ registry.password }}"
|
password: "{{ registry.password }}"
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user