Skip to content

C
configuration
Commit 66026481 by Feanil Patel
Options

Merge branch 'master' into feanil/merge_cypress_into_master 

Conflicts:
	util/vagrant/migrate.sh - Pointing to cypress instead of birch now.
	vagrant/release/fullstack/Vagrantfile - Arranging birch updates and cypress RCs
parents f0a45bb7 ffd28db5
Showing with 213 additions and 339 deletions
playbooks/edx-east/create_user.yml
# Creates a single user on a server
# By default no super-user privileges
# Example: ansible-playbook -i "jarv.m.sandbox.edx.org," ./create_user.yml -e "user=jarv"
# Example: ansible-playbook -i "jarv.sandbox.edx.org," ./create_user.yml -e "user=jarv"
# Create a user with sudo privileges
# Example: ansible-playbook -i "jarv.m.sandbox.edx.org," ./create_user.yml -e "user=jarv" -e "give_sudo=true"
# Example: ansible-playbook -i "jarv.sandbox.edx.org," ./create_user.yml -e "user=jarv" -e "give_sudo=true"
- name: Create a single user
hosts: all
sudo: True
......
playbooks/edx-east/edx_provision.yml
......@@ -18,7 +18,7 @@
owner: temp
root_ebs_size: 50
dns_name: temp
dns_zone: m.sandbox.edx.org
dns_zone: sandbox.edx.org
name_tag: sandbox-temp
elb: false
vpc_subnet_id: subnet-cd867aba
......
playbooks/edx-east/edx_service.yml
......@@ -6,7 +6,6 @@
gather_facts: False
vars:
state: "present"
auto_scaling_service: True
tasks:
- name: Manage IAM Role and Profile
ec2_iam_role:
......@@ -226,13 +225,23 @@
with_items: metric_alarms
when: auto_scaling_service
- name: Transform tags into dict format for the modules that expect it
util_map:
function: zip_to_dict
input: "{{ asg_instance_tags }}"
args: ['key', 'value']
register: reformatted_asg_instance_tags
- name: See if instances already exist
local_action:
module: "ec2_lookup"
ec2_lookup:
region: "{{ aws_region }}"
tags: "{{ asg_instance_tags }}"
tags: "{{ reformatted_asg_instance_tags.function_output }}"
register: potential_existing_instances
#This task will create the number of instances requested (create_instances parameter).
# By default, it will create instances equaling the number of subnets specified.
#Modulo logic explained: The subnet specified will be the instance number modulo the number of subnets,
# so that instances are balanced across subnets.
- name: Manage instances
ec2:
profile: "{{ profile }}"
......@@ -240,12 +249,104 @@
wait: "yes"
group_id: "{{ service_sec_group.group_id }}"
key_name: "{{ service_config.key_name }}"
vpc_subnet_id: "{{ item.subnet_id }}"
vpc_subnet_id: "{{ created_service_subnets.results[item | int % created_service_subnets.results | length].subnet_id }}"
instance_type: "{{ service_config.instance_type }}"
instance_tags: "{{ asg_instance_tags }}"
instance_tags: "{{ reformatted_asg_instance_tags.function_output }}"
image: "{{ service_config.ami }}"
instance_profile_name: "{{ instance_profile_name }}"
volumes: "{{ service_config.volumes }}"
with_items: created_service_subnets.results
with_sequence: count={{ create_instances | default(created_service_subnets.results | length) }}
when: not auto_scaling_service and potential_existing_instances.instances|length == 0
register: created_instances
- name: Add new instances to host group
add_host:
hostname: "{{ item.1.private_ip }}"
instance_id: "{{ item.1.id }}"
groups: created_instances_group
#might need ansible_ssh_private_key_file and/or ansible_ssh_user
ansible_ssh_user: ubuntu
volumes: "{{ service_config.volumes }}"
with_subelements:
- created_instances.results
- instances
when: not auto_scaling_service and potential_existing_instances.instances|length == 0
- name: Configure launched instances
hosts: created_instances_group
gather_facts: False
become: True
tasks:
#Wait in this play so it can multiplex across all launched hosts
- name: Wait for hosts to be ready
become: False
local_action:
module: wait_for
host: "{{ inventory_hostname }}"
port: 22
#Must wait for the instance to be ready before gathering facts
- name: Gather facts
setup:
- name: Unmount all specified disks that are currently mounted
mount:
name: "{{ item[0].mount }}"
src: "{{ item[0].device }}"
fstype: "{{ item[0].fstype }}"
state: absent
when: item[1].device_name == item[0].device
with_nested:
- ansible_mounts
- volumes
#Must use force=yes because AWS gives some ephemeral disks the wrong fstype and mounts them by default.
#Since we don't do this task if any prior instances were found in the ec2_lookup task, it's safe to force.
- name: Create filesystems
filesystem:
dev: "{{ item.device_name }}"
fstype: ext4
force: yes
with_items: volumes
- name: Mount disks
mount:
fstype: ext4
name: "{{ item.mount }}"
src: "{{ item.device_name }}"
state: mounted
fstype: "{{ item.fstype | default('ext4') }}"
opts: "{{ item.options | default('defaults') }}"
with_items: volumes
#Currently only supported in non-asg mode, when auto_scaling_service==false
#<http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enhanced-networking.html#enable-enhanced-networking>
#Done with local actions to avoid blocking on iteration
- name: Enable enhanced networking
hosts: created_instances_group
gather_facts: False
tasks:
- name: Shut down instances
local_action:
module: ec2
instance_ids: "{{ instance_id }}"
state: stopped
region: "{{ aws_region }}"
wait: yes
when: enhanced_networking == true
- name: Set enhanced networking instance attribute
local_action:
module: shell aws ec2 modify-instance-attribute --instance-id {{ instance_id }} --sriov-net-support simple
when: enhanced_networking == true
- name: Start instances
local_action:
module: ec2
instance_ids: "{{ instance_id }}"
state: running
region: "{{ aws_region }}"
wait: yes
when: enhanced_networking == true
\ No newline at end of file
playbooks/library/ec2_lookup
......@@ -96,14 +96,21 @@ def main():
aws_secret_key=dict(aliases=['ec2_secret_key', 'secret_key'],
no_log=True),
aws_access_key=dict(aliases=['ec2_access_key', 'access_key']),
tags=dict(default=None, type='list'),
tags=dict(default=None),
)
)
tags_param = module.params.get('tags')
tags = {}
for item in module.params.get('tags'):
for k,v in item.iteritems():
tags[k] = v
if isinstance(tags_param, list):
for item in module.params.get('tags'):
for k,v in item.iteritems():
tags[k] = v
elif isinstance(tags_param, dict):
tags = tags_param
else:
module.fail_json(msg="Invalid format for tags")
aws_secret_key = module.params.get('aws_secret_key')
aws_access_key = module.params.get('aws_access_key')
......
playbooks/roles/demo/defaults/main.yml
......@@ -16,7 +16,7 @@ DEMO_CREATE_STAFF_USER: true
demo_app_dir: "{{ COMMON_APP_DIR }}/demo"
demo_code_dir: "{{ demo_app_dir }}/edx-demo-course"
demo_repo: "https://{{ COMMON_GIT_MIRROR }}/edx/edx-demo-course.git"
demo_course_id: 'edX/DemoX/Demo_Course'
demo_course_id: 'course-v1:edX+DemoX+Demo_Course'
demo_version: "master"
demo_test_users:
- email: 'honor@example.com'
......
playbooks/roles/ecommerce/defaults/main.yml
......@@ -39,18 +39,17 @@ ECOMMERCE_SECRET_KEY: 'Your secret key here'
ECOMMERCE_TIME_ZONE: 'UTC'
ECOMMERCE_LANGUAGE_CODE: 'en-us'
ECOMMERCE_EDX_API_KEY: 'put-your-edx-api-auth-token-here'
ECOMMERCE_ECOMMERCE_URL_ROOT: 'https://www.example.com'
ECOMMERCE_LMS_URL_ROOT: 'https://www.example.com'
ECOMMERCE_ECOMMERCE_URL_ROOT: 'http://localhost:8002'
ECOMMERCE_LMS_URL_ROOT: 'http://127.0.0.1:8000'
ECOMMERCE_JWT_SECRET_KEY: 'generated-key-that-matches-ECOMMERCE_API_SIGNING_KEY-in-edxapp'
ECOMMERCE_JWT_VERIFY_EXPIRATION: true
# Generated by the app that you're using as your auth source
# in most cases this will be the edx-platform
# Used to automatically configure OAuth2 Client
ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_KEY : 'some-secret'
ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_SECRET : 'some-secret'
ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY : 'some-secret'
ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_URL_ROOT : 'some-secret'
ECOMMERCE_SOCIAL_AUTH_REDIRECT_IS_HTTPS: false
# Analytics related
ECOMMERCE_SEGMENT_KEY: !!null
# CyberSource related
......@@ -91,6 +90,10 @@ ECOMMERCE_PAYMENT_PROCESSOR_CONFIG:
ECOMMERCE_ORDER_NUMBER_PREFIX: 'OSCR'
# Theming
ECOMMERCE_PLATFORM_NAME: 'Your Platform Name Here'
ECOMMERCE_THEME_SCSS: 'sass/themes/default.scss'
ECOMMERCE_SERVICE_CONFIG:
SECRET_KEY: '{{ ECOMMERCE_SECRET_KEY }}'
TIME_ZONE: '{{ ECOMMERCE_TIME_ZONE }}'
......@@ -109,7 +112,7 @@ ECOMMERCE_SERVICE_CONFIG:
JWT_VERIFY_EXPIRATION: '{{ ECOMMERCE_JWT_VERIFY_EXPIRATION }}'
SOCIAL_AUTH_EDX_OIDC_KEY: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_KEY }}'
SOCIAL_AUTH_EDX_OIDC_SECRET: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_SECRET }}'
SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY }}'
SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_SECRET }}'
SOCIAL_AUTH_EDX_OIDC_URL_ROOT: '{{ ECOMMERCE_LMS_URL_ROOT }}/oauth2'
SOCIAL_AUTH_REDIRECT_IS_HTTPS: '{{ ECOMMERCE_SOCIAL_AUTH_REDIRECT_IS_HTTPS }}'
SEGMENT_KEY: '{{ ECOMMERCE_SEGMENT_KEY }}'
......@@ -124,6 +127,9 @@ ECOMMERCE_SERVICE_CONFIG:
PAYMENT_PROCESSOR_CONFIG: '{{ ECOMMERCE_PAYMENT_PROCESSOR_CONFIG }}'
OAUTH2_PROVIDER_URL: '{{ ECOMMERCE_LMS_URL_ROOT }}/oauth2'
PLATFORM_NAME: '{{ ECOMMERCE_PLATFORM_NAME }}'
THEME_SCSS: '{{ ECOMMERCE_THEME_SCSS }}'
ECOMMERCE_REPOS:
- PROTOCOL: "{{ COMMON_GIT_PROTOCOL }}"
......@@ -145,7 +151,7 @@ ECOMMERCE_GUNICORN_WORKER_CLASS: "gevent"
#
ecommerce_environment:
DJANGO_SETTINGS_MODULE: "ecommerce.settings.production"
ECOMMERCE_CFG: "{{ COMMON_CFG_DIR }}/{{ ecommerce_service_name }}.yml"
ECOMMERCE_CFG: "{{ COMMON_CFG_DIR }}/{{ ecommerce_service_name }}.yml"
ecommerce_service_name: "ecommerce"
ecommerce_user: "{{ ecommerce_service_name }}"
......@@ -168,9 +174,6 @@ ecommerce_requirements:
- production.txt
- optional.txt
ecommerce_dev_requirements:
- local.txt
#
# OS packages
#
......
playbooks/roles/ecommerce/tasks/main.yml
......@@ -34,16 +34,6 @@
state=present
sudo_user: "{{ ecommerce_user }}"
with_items: ecommerce_requirements
when: not devstack
- name: install application requirements
pip: >
requirements="{{ ecommerce_requirements_base }}/{{ item }}"
virtualenv="{{ ecommerce_home }}/venvs/{{ ecommerce_service_name }}"
state=present
sudo_user: "{{ ecommerce_user }}"
with_items: ecommerce_dev_requirements
when: devstack
- name: create nodeenv
shell: >
......
playbooks/roles/edx_service_rds/tasks/main.yml
......@@ -155,13 +155,3 @@
#snapshot: "{{ edx_service_rds_db.name }}-final-{{ ansible_date_time.epoch }}"
snapshot: "red-blue"
when: edx_service_rds_db.state == 'absent'
#
# Output the basis for a db config file that
# includes the yaml connection defintion
#
- name: output a step db config file
local_action:
module: template
src: "db_config.yml.j2"
dest: "~/{{ e_d_c }}-db.yml"
playbooks/roles/edxapp/defaults/main.yml
......@@ -95,6 +95,7 @@ EDXAPP_OEE_USER: 'lms'
EDXAPP_OEE_PASSWORD: 'password'
EDXAPP_ANALYTICS_API_KEY: ""
EDXAPP_LTI_USER_EMAIL_DOMAIN: "lti.example.com"
EDXAPP_PAYMENT_SUPPORT_EMAIL: "billing@example.com"
EDXAPP_YOUTUBE_API_KEY: "PUT_YOUR_API_KEY_HERE"
EDXAPP_ZENDESK_USER: ""
......@@ -120,10 +121,12 @@ EDXAPP_CAS_ATTRIBUTE_PACKAGE: ""
EDXAPP_ENABLE_AUTO_AUTH: false
# Settings for enabling and configuring third party authorization
EDXAPP_ENABLE_THIRD_PARTY_AUTH: false
EDXAPP_THIRD_PARTY_AUTH: {}
EDXAPP_ENABLE_EDXNOTES: false
EDXAPP_ENABLE_CREDIT_ELIGIBILITY: false
EDXAPP_ENABLE_CREDIT_API: false
EDXAPP_MODULESTORE_MAPPINGS:
'preview\.': 'draft-preferred'
......@@ -186,6 +189,8 @@ EDXAPP_FEATURES:
ENABLE_VIDEO_BEACON: false
ENABLE_ONLOAD_BEACON: false
ENABLE_EDXNOTES: "{{ EDXAPP_ENABLE_EDXNOTES }}"
ENABLE_CREDIT_API: "{{ EDXAPP_ENABLE_CREDIT_API }}"
ENABLE_CREDIT_ELIGIBILITY: "{{ EDXAPP_ENABLE_CREDIT_ELIGIBILITY }}"
EDXAPP_BOOK_URL: ""
# This needs to be set to localhost
......@@ -549,6 +554,7 @@ edxapp_aa_command: "{% if EDXAPP_SANDBOX_ENFORCE %}aa-enforce{% else %}aa-compla
# all edxapp requirements files
edxapp_requirements_with_github_urls:
- "{{ pre_requirements_file }}"
- "{{ post_requirements_file }}"
- "{{ base_requirements_file }}"
- "{{ paver_requirements_file }}"
- "{{ github_requirements_file }}"
......@@ -660,7 +666,6 @@ edxapp_generic_auth_config: &edxapp_generic_auth
CELERY_BROKER_USER: "{{ EDXAPP_CELERY_USER }}"
CELERY_BROKER_PASSWORD: "{{ EDXAPP_CELERY_PASSWORD }}"
GOOGLE_ANALYTICS_ACCOUNT: "{{ EDXAPP_GOOGLE_ANALYTICS_ACCOUNT }}"
THIRD_PARTY_AUTH: "{{ EDXAPP_THIRD_PARTY_AUTH }}"
AWS_STORAGE_BUCKET_NAME: "{{ EDXAPP_AWS_STORAGE_BUCKET_NAME }}"
DJFS: "{{ EDXAPP_DJFS }}"
CREDIT_PROVIDER_SECRET_KEYS: "{{ EDXAPP_CREDIT_PROVIDER_SECRET_KEYS }}"
......@@ -862,6 +867,7 @@ lms_env_config:
PROFILE_IMAGE_MAX_BYTES: "{{ EDXAPP_PROFILE_IMAGE_MAX_BYTES }}"
EDXNOTES_PUBLIC_API: "{{ EDXAPP_EDXNOTES_PUBLIC_API }}"
EDXNOTES_INTERNAL_API: "{{ EDXAPP_EDXNOTES_INTERNAL_API }}"
LTI_USER_EMAIL_DOMAIN: "{{ EDXAPP_LTI_USER_EMAIL_DOMAIN }}"
cms_auth_config:
<<: *edxapp_generic_auth
......
playbooks/roles/edxapp/tasks/deploy.yml
......@@ -60,12 +60,19 @@
GIT_SSH: "{{ edxapp_git_ssh }}"
register: edxapp_theme_checkout
- name: Stat each requirements file to ensure it exists
stat: path="{{ item }}"
with_items: "{{ edxapp_requirements_with_github_urls }}"
register: requirement_file_stats
# Substitute github mirror in all requirements files
# This is run on every single deploy
- name: Updating requirement files for git mirror
command: |
/bin/sed -i -e 's/github\.com/{{ COMMON_GIT_MIRROR }}/g' {{ " ".join(edxapp_requirements_with_github_urls) }}
/bin/sed -i -e 's/github\.com/{{ COMMON_GIT_MIRROR }}/g' {{ item.item }}
sudo_user: "{{ edxapp_user }}"
when: item.stat.exists
with_items: "{{ requirement_file_stats.results }}"
# Ruby plays that need to be run after platform updates.
- name: gem install bundler
......
playbooks/roles/edxlocal/tasks/main.yml
......@@ -111,7 +111,7 @@
- name: setup users for ecommerce
mysql_user: >
name="{{ ECOMMERCE_DEFAULT_DB_NAME }}"
name="{{ ECOMMERCE_DATABASES.default.USER }}"
password="{{ ECOMMERCE_DATABASES.default.PASSWORD }}"
priv='{{ ECOMMERCE_DEFAULT_DB_NAME }}.*:SELECT,INSERT,UPDATE,DELETE'
when: ECOMMERCE_DEFAULT_DB_NAME is defined
......
playbooks/roles/jenkins_worker/tasks/python.yml
......@@ -7,11 +7,6 @@
- fail: OAuth token not defined
when: github_oauth_token is not defined
- name: Install Python GitHub PR auth script
template: src="github_pr_auth.py.j2" dest="/usr/local/bin/github_pr_auth.py"
owner=root group=root
mode=755
- name: Install Python GitHub post status script
template: src="github_post_status.py.j2" dest="/usr/local/bin/github_post_status.py"
owner=root group=root
......
playbooks/roles/jenkins_worker/tasks/test.yml
......@@ -30,24 +30,6 @@
dddac0b5dddf00c0950daf324e603e4935994954 success
https://jenkins.testeng.edx.org/ \"Tests Passed\" \"CI Test Results\""
# Run the github_pr_auth script to confirm it reports
# An expected error when there is nothing in the whitelist
- name: ensure github_pr_auth fails as expected
shell:
"github_pr_auth.py edx edx-platform 2498"
ignore_errors: True
register: pr_auth_result
- assert:
that:
- "'You can update the whitelist by' in '{{ pr_auth_result.stdout_lines[1] }}'"
# Run the github_pr_auth script with a value in the whitelist
# to ensure a passing run
- name: ensure github_pr_auth fails as expected
shell:
"export GITHUB_OWNER_WHITELIST=edx &&
github_pr_auth.py edx edx-platform 2498"
# Verify the virtualenv tar is newly-built
- name: Get info on virtualenv tar
stat: path={{ jenkins_home }}/edx-venv_clean.tar.gz
......
playbooks/roles/jenkins_worker/templates/github_pr_auth.py.j2 deleted 100644 → 0
#!/usr/bin/env python
"""
Determine whether we allow a GitHub PR to be
built automatically. Checks a whitelist
of repo owners and compares to the HEAD
repo of the pull request.
Uses an environment variable `GITHUB_OWNER_WHITELIST`
to check whether the owner of the PR repo is whitelisted.
This is a comma-separated list of organizations and
users. For example, a bash script might define:
export GITHUB_OWNER_WHITELIST="edx,a_user,another_user"
to allow PRs from repos owned by "edx", "a_usr", and "another_user"
"""
import sys
import os
import requests
from textwrap import dedent
# The Ansible script will fill in the GitHub OAuth token.
# That way, we can give the jenkins user on the worker
# execute-only access to this script, ensuring that
# the jenkins user cannot retrieve the token.
GITHUB_OAUTH_TOKEN = "{{ github_oauth_token }}"
USAGE = "Usage: {0} ORG REPO PULL_REQUEST_NUM"
def parse_args(arg_list):
"""
Parse the list of arguments, returning a dict of the form
{
'org': GITHUB_ORG,
'repo': GITHUB_REPO,
'pr_num': GITHUB_PR_NUM
}
Prints an error message and exits if the arguments are invalid.
"""
if len(arg_list) != 4:
print USAGE.format(arg_list[0])
exit(1)
# Retrieve the PR number and check that it's an integer
try:
pr_num = int(arg_list[3])
except TypeError:
print "'{0}' is not a number".format(arg_list[3])
return {
'org': arg_list[1],
'repo': arg_list[2],
'pr_num': pr_num
}
def pr_repo_owner(org, repo, pr_num):
"""
Return the name of the owner of the repo from the
HEAD of the PR.
"""
# Query GitHub for information about the pull request
url = "https://api.github.com/repos/{0}/{1}/pulls/{2}?access_token={3}".format(
org, repo, pr_num, GITHUB_OAUTH_TOKEN
)
response = requests.get(url)
if response.status_code != 200:
print dedent("""
Could not retrieve info for pull request #{0}.
HTTP status code: {1}
""".format(pr_num, response.status_code)).strip()
exit(1)
# Parse the response as json
try:
pr_data = response.json()
except TypeError:
print "Could not parse info for pull request #{0}".format(pr_num)
exit(1)
# Retrieve the owner of the repo
try:
return pr_data['head']['repo']['owner']['login']
except KeyError:
print "Could not get repo owner from PR info"
exit(1)
def main():
"""
Exits with code 0 (success) if the PR is from a whitelisted
repo; otherwise, exits with status 1 (failure).
"""
if not GITHUB_OAUTH_TOKEN:
print "No GitHub Oauth token configured."
exit(1)
arg_dict = parse_args(sys.argv)
owner = pr_repo_owner(arg_dict['org'], arg_dict['repo'], arg_dict['pr_num'])
# Check that the owner is whitelisted
whitelist_owners = os.environ.get('GITHUB_OWNER_WHITELIST', '').split(',')
if owner not in whitelist_owners:
print dedent("""
Owner '{0}' is not in the whitelist.
You can update the whitelist by setting the environment variable
`GITHUB_OWNER_WHITELIST` to a comma-separated list of organizations
and users.
""".format(owner)).strip()
exit(1)
else:
print "Owner '{0}' is authorized".format(owner)
exit(0)
if __name__ == "__main__":
main()
playbooks/roles/local_dev/defaults/main.yml
......@@ -18,6 +18,8 @@ localdev_accounts:
- { user: "{{ notifier_user|default('None') }}", home: "{{ notifier_app_dir }}",
env: "notifier_env", repo: "" }
- { user: "{{ ecommerce_user|default('None') }}", home: "{{ ecommerce_home }}",
env: "ecommerce_env", repo: "ecommerce" }
# Helpful system packages for local dev
local_dev_pkgs:
......@@ -27,3 +29,7 @@ local_dev_pkgs:
- openbox
localdev_jscover_version: "1.0.2"
localdev_oauth2_clients:
- { name: "{{ ecommerce_service_name }}", url_root: "{{ ECOMMERCE_ECOMMERCE_URL_ROOT }}",
id: "{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_KEY }}", secret: "{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_SECRET }}" }
playbooks/roles/local_dev/tasks/main.yml
......@@ -76,3 +76,18 @@
- name: add preview.localhost to /etc/hosts
shell: sed -i -r 's/^127.0.0.1\s+.*$/127.0.0.1 localhost preview.localhost/' /etc/hosts
sudo: yes
- name: create OAuth2 Clients
shell: >
{{ COMMON_BIN_DIR }}/python.edxapp {{ COMMON_BIN_DIR }}/manage.edxapp lms --settings=aws
create_oauth2_client
{{ item.url_root }}
"{{ item.url_root }}/complete/edx-oidc/"
confidential
--client_name {{ item.name }}
--client_id {{ item.id }}
--client_secret {{ item.secret }}
--trusted
sudo_user: "{{ edxapp_user }}"
environment: "{{ edxapp_environment }}"
with_items: localdev_oauth2_clients
playbooks/roles/locust/tasks/main.yml
......@@ -22,7 +22,7 @@
#
# Example play:
#
# # To run: ansible-playbook locust.yml -i "locustmaster.m.sandbox.edx.org," -e "LOCUST_LOADTEST_DIR='locust/lms'" -e "LOCUST_TARGET_HOST='https://courses-loadtest.edx.org'" -e "@/Users/derf/workspace/sandbox-secure/ansible/vars/developer-sandbox.yml"
# # To run: ansible-playbook locust.yml -i "locustmaster.sandbox.edx.org," -e "LOCUST_LOADTEST_DIR='locust/lms'" -e "LOCUST_TARGET_HOST='https://courses-loadtest.edx.org'" -e "@/Users/derf/workspace/sandbox-secure/ansible/vars/developer-sandbox.yml"
# - name: Deploy Locust
# hosts: all
# sudo: True
......
playbooks/vagrant-devstack.yml
......@@ -20,6 +20,7 @@
- oraclejdk
- elasticsearch
- forum
- ecommerce
- role: notifier
NOTIFIER_DIGEST_TASK_INTERVAL: "5"
- role: ora
......
playbooks/vagrant-ecomstack.yml deleted 100644 → 0
- name: Configure instance(s)
hosts: all
sudo: True
gather_facts: True
vars:
migrate_db: 'yes'
openid_workaround: true
devstack: true
disable_edx_services: true
EDXAPP_NO_PREREQ_INSTALL: 0
COMMON_MOTD_TEMPLATE: 'devstack_motd.tail.j2'
COMMON_SSH_PASSWORD_AUTH: "yes"
roles:
- edx_ansible
- edxlocal
- mongo
- edxapp
- ecommerce
- browsers
- browsermob-proxy
- local_dev
- demo
util/install/sandbox.sh
......@@ -38,7 +38,7 @@ if [ -n "$OPENEDX_RELEASE" ]; then
"
CONFIG_VER=$OPENEDX_RELEASE
else
CONFIG_VER="release"
CONFIG_VER="master"
fi
##
......
util/jenkins/ansible-provision.sh
......@@ -99,11 +99,11 @@ fi
if [[ -z $ami ]]; then
if [[ $server_type == "full_edx_installation" ]]; then
ami="ami-b1d92ada"
ami="ami-ef862184"
elif [[ $server_type == "ubuntu_12.04" || $server_type == "full_edx_installation_from_scratch" ]]; then
ami="ami-b92bdfd2"
ami="ami-93fb34f8"
elif [[ $server_type == "ubuntu_14.04(experimental)" ]]; then
ami="ami-3b6a8050"
ami="ami-c135f3aa"
fi
fi
......
util/jenkins/connect-sandbox-to-prod-clone.sh
......@@ -34,7 +34,7 @@ if [[ ! -f $BOTO_CONFIG ]]; then
fi
if [[ -z $sandbox_to_update ]]; then
sandbox_to_update="${BUILD_USER_ID}.m.sandbox.edx.org"
sandbox_to_update="${BUILD_USER_ID}.sandbox.edx.org"
fi
cd $WORKSPACE/configuration/playbooks/edx-east
......
util/vpc-tools/abbey.py
......@@ -674,16 +674,16 @@ def send_hipchat_message(message):
print(message)
if args.callback_url:
r=requests.get("{}/{}".format(args.callback_url, message))
#If hipchat is configured send the details to the specified room
if args.hipchat_api_token and args.hipchat_room_id:
import hipchat
try:
hipchat = hipchat.HipChat(token=args.hipchat_api_token)
hipchat.message_room(args.hipchat_room_id, 'AbbeyNormal',
message)
except Exception as e:
print("Hipchat messaging resulted in an error: %s." % e)
else:
#If hipchat is configured send the details to the specified room
if args.hipchat_api_token and args.hipchat_room_id:
import hipchat
try:
hipchat = hipchat.HipChat(token=args.hipchat_api_token)
hipchat.message_room(args.hipchat_room_id, 'AbbeyNormal',
message)
except Exception as e:
print("Hipchat messaging resulted in an error: %s." % e)
if __name__ == '__main__':
......
vagrant/base/devstack/Vagrantfile
......@@ -12,6 +12,7 @@ edx_platform_mount_dir = "edx-platform"
themes_mount_dir = "themes"
forum_mount_dir = "cs_comments_service"
ora_mount_dir = "ora"
ecommerce_mount_dir = "ecommerce"
if ENV['VAGRANT_MOUNT_BASE']
......@@ -19,6 +20,7 @@ if ENV['VAGRANT_MOUNT_BASE']
themes_mount_dir = ENV['VAGRANT_MOUNT_BASE'] + "/" + themes_mount_dir
forum_mount_dir = ENV['VAGRANT_MOUNT_BASE'] + "/" + forum_mount_dir
ora_mount_dir = ENV['VAGRANT_MOUNT_BASE'] + "/" + ora_mount_dir
ecommerce_mount_dir = ENV['VAGRANT_MOUNT_BASE'] + "/" + ecommerce_mount_dir
end
......@@ -31,6 +33,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.network :private_network, ip: "192.168.33.10"
config.vm.network :forwarded_port, guest: 8000, host: 8000 # LMS
config.vm.network :forwarded_port, guest: 8001, host: 8001 # Studio
config.vm.network :forwarded_port, guest: 8002, host: 8002 # Ecommerce
config.vm.network :forwarded_port, guest: 8003, host: 8003 # LMS for Bok Choy
config.vm.network :forwarded_port, guest: 8031, host: 8031 # Studio for Bok Choy
config.vm.network :forwarded_port, guest: 8120, host: 8120 # edX Notes Service
......@@ -53,6 +56,8 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
create: true, owner: "edxapp", group: "www-data"
config.vm.synced_folder "#{forum_mount_dir}", "/edx/app/forum/cs_comments_service",
create: true, owner: "forum", group: "www-data"
config.vm.synced_folder "#{ecommerce_mount_dir}", "/edx/app/ecommerce/ecommerce",
create: true, owner: "ecommerce", group: "www-data"
if ENV['ENABLE_LEGACY_ORA']
config.vm.synced_folder "#{ora_mount_dir}", "/edx/app/ora/ora",
......@@ -65,6 +70,8 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
create: true, nfs: true
config.vm.synced_folder "#{forum_mount_dir}", "/edx/app/forum/cs_comments_service",
create: true, nfs: true
config.vm.synced_folder "#{ecommerce_mount_dir}", "/edx/app/ecommerce/ecommerce",
create: true, nfs: true
if ENV['ENABLE_LEGACY_ORA']
config.vm.synced_folder "#{ora_mount_dir}", "/edx/app/ora/ora",
......
vagrant/base/ecomstack/Vagrantfile deleted 100644 → 0
Vagrant.require_version ">= 1.5.3"
unless Vagrant.has_plugin?("vagrant-vbguest")
raise "Please install the vagrant-vbguest plugin by running `vagrant plugin install vagrant-vbguest`"
end
VAGRANTFILE_API_VERSION = "2"
# Needed to accommodate compilation of SciPy and NumPy
MEMORY = 4096
CPU_COUNT = 2
edx_platform_mount_dir = "edx-platform"
ecommerce_mount_dir = "ecommerce"
if ENV['VAGRANT_MOUNT_BASE']
edx_platform_mount_dir = ENV['VAGRANT_MOUNT_BASE'] + "/" + edx_platform_mount_dir
ecommerce_mount_dir = ENV['VAGRANT_MOUNT_BASE'] + "/" + ecommerce_mount_dir
end
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# Creates a Vagrant machine from a base Ubuntu 12.04 image for virtualbox
config.vm.box = "precise64"
config.vm.box_url = "http://files.vagrantup.com/precise64.box"
config.vm.network :private_network, ip: "192.168.33.10"
config.vm.network :forwarded_port, guest: 8000, host: 8000
config.vm.network :forwarded_port, guest: 8001, host: 8001
config.vm.network :forwarded_port, guest: 8002, host: 8002
config.ssh.insert_key = true
config.vm.synced_folder ".", "/vagrant", disabled: true
# Enable X11 forwarding so we can interact with GUI applications
if ENV['VAGRANT_X11']
config.ssh.forward_x11 = true
end
if ENV['VAGRANT_USE_VBOXFS'] == 'true'
config.vm.synced_folder "#{edx_platform_mount_dir}", "/edx/app/edxapp/edx-platform",
create: true, owner: "edxapp", group: "www-data"
config.vm.synced_folder "#{ecommerce_mount_dir}", "/edx/app/ecommerce/ecommerce",
create: true, owner: "ecommerce", group: "www-data"
else
config.vm.synced_folder "#{edx_platform_mount_dir}", "/edx/app/edxapp/edx-platform",
create: true, nfs: true
config.vm.synced_folder "#{ecommerce_mount_dir}", "/edx/app/ecommerce/ecommerce",
create: true, nfs: true
end
config.vm.provider :virtualbox do |vb|
vb.customize ["modifyvm", :id, "--memory", MEMORY.to_s]
vb.customize ["modifyvm", :id, "--cpus", CPU_COUNT.to_s]
# Allow DNS to work for Ubuntu 12.10 host
# http://askubuntu.com/questions/238040/how-do-i-fix-name-service-for-vagrant-client
vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
end
["vmware_fusion", "vmware_workstation"].each do |vmware_provider|
config.vm.provider vmware_provider do |v, override|
# Override box url to get vmware one
override.vm.box = "precise64_vmware"
override.vm.box_url = "http://files.vagrantup.com/precise64_vmware.box"
v.vmx["memsize"] = MEMORY.to_s
v.vmx["numvcpus"] = CPU_COUNT.to_s
end
end
# Make LC_ALL default to en_US.UTF-8 instead of en_US.
# See: https://github.com/mitchellh/vagrant/issues/1188
config.vm.provision "shell", inline: 'echo \'LC_ALL="en_US.UTF-8"\' > /etc/default/locale'
# Use vagrant-vbguest plugin to make sure Guest Additions are in sync
config.vbguest.auto_reboot = true
config.vbguest.auto_update = true
config.vm.provision :ansible do |ansible|
ansible.playbook = "../../../playbooks/vagrant-ecomstack.yml"
ansible.verbose = "vvvv"
ansible.extra_vars = {}
if ENV['OPENEDX_RELEASE']
ansible.extra_vars = {
edx_platform_version: ENV['OPENEDX_RELEASE'],
}
end
end
end
vagrant/base/ecomstack/ansible.cfg deleted 100644 → 0
# config file for ansible -- http://ansible.github.com
# nearly all parameters can be overridden in ansible-playbook or with command line flags
# ansible will read ~/.ansible.cfg or /etc/ansible/ansible.cfg, whichever it finds first
[defaults]
jinja2_extensions=jinja2.ext.do
host_key_checking = False
roles_path=../../ansible-roles/roles:../../ansible-private/roles:../../ansible-roles/
vagrant/release/devstack/Vagrantfile
......@@ -32,7 +32,7 @@ if [ -n "$OPENEDX_RELEASE" ]; then
# this can cause problems (e.g. looking for templates that no longer exist).
/edx/bin/update configuration $CONFIG_VER
else
CONFIG_VER="release"
CONFIG_VER="master"
fi
ansible-playbook -i localhost, -c local vagrant-devstack.yml -e configuration_version=$CONFIG_VER $EXTRA_VARS
......@@ -78,6 +78,12 @@ openedx_releases = {
"named-release/birch" => {
:name => "birch-devstack", :file => "20150224-birch-devstack.box",
},
"named-release/birch.1" => {
:name => "birch-devstack-1", :file => "birch-1-devstack.box",
},
"named-release/birch.2" => {
:name => "birch-devstack-2", :file => "birch-2-devstack.box",
},
"named-release/cypress.rc1" => {
:name => "cypress-devstack-rc1", :file => "20150714-cypress-devstack-rc1.box",
},
......
vagrant/release/fullstack/Vagrantfile
......@@ -30,6 +30,12 @@ openedx_releases = {
"named-release/birch" => {
:name => "birch-fullstack", :file => "20150224-birch-fullstack.box",
},
"named-release/birch.1" => {
:name => "birch-fullstack-1", :file => "birch-1-fullstack.box",
},
"named-release/birch.2" => {
:name => "birch-fullstack-2", :file => "birch-2-fullstack.box",
},
"named-release/cypress.rc2" => {
:name => "cypress-fullstack-rc2", :file => "20150720-cypress-fullstack-rc2.box",
},
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment