putting xserver key in the var file

92e99eb7 · John Jarvis · 4c792783 · 92e99eb7 · 92e99eb7 · 92e99eb7
Commit 92e99eb7 authored Mar 13, 2014 by John Jarvis
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 62 deletions

playbooks/roles/xserver/defaults/main.yml
+2 -3

playbooks/roles/xserver/tasks/deploy.yml
+1 -11

util/jenkins/ansible-provision.sh
+1 -48

No files found.
--- a/playbooks/roles/xserver/defaults/main.yml
+++ b/playbooks/roles/xserver/defaults/main.yml
@@ -11,8 +11,7 @@ XSERVER_GRADER_DIR: !!null
 # For 6.00x use "git@github.com:/MITx/6.00x.git"
 XSERVER_GRADER_SOURCE: !!null
 # This must be set to run this role
-# Example: "{{ secure_dir }}/files/git-identity"
-XSERVER_LOCAL_GIT_IDENTITY: !!null
+XSERVER_GIT_IDENTITY: !!null

 XSERVER_LANG: "en_US.UTF-8"

@@ -29,7 +28,7 @@ xserver_user: "xserver"
 xserver_sandbox_user: "sandbox"
 xserver_log_dir: "{{ COMMON_LOG_DIR }}/xserver"
 xserver_grader_root: "{{ XSERVER_GRADER_DIR }}/graders"
-xserver_git_identity: "{{ xserver_app_dir }}/{{ XSERVER_LOCAL_GIT_IDENTITY|basename }}"
+xserver_git_identity: "{{ xserver_app_dir }}/xserver-identity"

 xserver_env_config:
  RUN_URL: $XSERVER_RUN_URL

--- a/playbooks/roles/xserver/tasks/deploy.yml
+++ b/playbooks/roles/xserver/tasks/deploy.yml
@@ -23,25 +23,17 @@
  sudo_user: "{{ xserver_user }}"
  notify: restart xserver

-# Check to see if the identity file exists before copying.
-# This extra check is done to prevent failures when
-# ansible-playbook is run locally
- stat: path={{ XSERVER_LOCAL_GIT_IDENTITY }}
-  register: xserver_identity
-
 - name: install read-only ssh key for the content repo that is required for grading
  copy: >
-    src={{ XSERVER_LOCAL_GIT_IDENTITY }} dest={{ xserver_git_identity }}
+    content={{ XSERVER_GIT_IDENTITY }} dest={{ xserver_git_identity }}
    owner={{ xserver_user }} group={{ xserver_user }} mode=0600
  notify: restart xserver
-  when: xserver_identity.stat.exists

 - name: upload ssh script
  template: >
    src=git_ssh.sh.j2 dest=/tmp/git_ssh.sh
    owner={{ xserver_user }} mode=750
  notify: restart xserver
-  when: xserver_identity.stat.exists

 - name: checkout grader code
  git: dest={{ XSERVER_GRADER_DIR }} repo={{ XSERVER_GRADER_SOURCE }} version={{ xserver_grader_version }}
@@ -49,12 +41,10 @@
    GIT_SSH: /tmp/git_ssh.sh
  notify: restart xserver
  sudo_user: "{{ xserver_user }}"
-  when: xserver_identity.stat.exists

 - name: remove read-only ssh key for the content repo
  file: path={{ xserver_git_identity }} state=absent
  notify: restart xserver
-  when: xserver_identity.stat.exists

  # call supervisorctl update. this reloads
  # the supervisorctl config and restarts

--- a/util/jenkins/ansible-provision.sh
+++ b/util/jenkins/ansible-provision.sh
@@ -21,16 +21,6 @@
 export PYTHONUNBUFFERED=1
 export BOTO_CONFIG=/var/lib/jenkins/${aws_account}.boto

-if [[ -n $WORKSPACE ]]; then
-    # setup a virtualenv in jenkins
-    if [[ ! -d ".venv" ]]; then
-        virtualenv .venv
-    fi
-    source .venv/bin/activate
-    pip install -r requirements.txt
-fi
-
-
 if [[ -z $WORKSPACE ]]; then
    dir=$(dirname $0)
    source "$dir/ascii-convert.sh"
@@ -92,31 +82,11 @@ cd playbooks/edx-east

 cat << EOF > $extra_vars
 ---
-enable_datadog: False
-enable_splunkforwarder: False
-enable_newrelic: False
 ansible_ssh_private_key_file: /var/lib/jenkins/${keypair}.pem
-NGINX_ENABLE_SSL: True
-NGINX_SSL_CERTIFICATE: '/var/lib/jenkins/star.sandbox.edx.org.crt'
-NGINX_SSL_KEY: '/var/lib/jenkins/star.sandbox.edx.org.key'
-EDXAPP_LMS_SSL_NGINX_PORT: 443
-EDXAPP_CMS_SSL_NGINX_PORT: 443
 EDXAPP_PREVIEW_LMS_BASE: preview.${deploy_host}
 EDXAPP_LMS_BASE: ${deploy_host}
 EDXAPP_CMS_BASE: studio.${deploy_host}
-EDXAPP_LMS_NGINX_PORT: 80
-EDXAPP_LMS_PREVIEW_NGINX_PORT: 80
-EDXAPP_CMS_NGINX_PORT: 80
 EDXAPP_SITE_NAME: ${deploy_host}
-XSERVER_GRADER_DIR: "/edx/var/xserver/data/content-mit-600x~2012_Fall"
-XSERVER_GRADER_SOURCE: "git@github.com:/MITx/6.00x.git"
-XSERVER_LOCAL_GIT_IDENTITY: /var/lib/jenkins/git-identity-edx-pull
-CERTS_LOCAL_GIT_IDENTITY: /var/lib/jenkins/git-identity-edx-pull
-CERTS_AWS_KEY: $(cat /var/lib/jenkins/certs-aws-key)
-CERTS_AWS_ID: $(cat /var/lib/jenkins/certs-aws-id) 
-CERTS_BUCKET: "verify-test.edx.org"
-migrate_db: "yes"
-openid_workaround: True
 edx_platform_version: $edxapp_version
 forum_version: $forum_version
 xqueue_version: $xqueue_version
@@ -125,24 +95,7 @@ ora_version: $ora_version
 ease_version: $ease_version
 certs_version: $certs_version
 discern_version: $discern_version
-
-rabbitmq_ip: "127.0.0.1"
-rabbitmq_refresh: True
-COMMON_HOSTNAME: edx-server
-COMMON_DEPLOYMENT: edx
-COMMON_ENVIRONMENT: sandbox
 EDXAPP_STATIC_URL_BASE: $static_url_base
-
-# Settings for Grade downloads
-EDXAPP_GRADE_STORAGE_TYPE: 's3'
-EDXAPP_GRADE_BUCKET: 'edx-grades'
-EDXAPP_GRADE_ROOT_PATH: 'sandbox'
-
-# send logs to s3
-AWS_S3_LOGS: true
-AWS_S3_LOGS_NOTIFY_EMAIL: devops+sandbox-log-sync@edx.org
-AWS_S3_LOGS_FROM_EMAIL: devops@edx.org
-AWS_DUMP_VARS: true
 EOF

 if [[ $basic_auth == "true" ]]; then
@@ -218,6 +171,6 @@ if [[ $server_type == "full_edx_installation" ]]; then
 fi

 # deploy the edx_ansible role
-ansible-playbook edx_ansible.yml -i "${deploy_host}," -e "@${extra_vars}" --user ubuntu
+ansible-playbook edx_ansible.yml -i "${deploy_host}," -e@${extra_vars} -e@${WORKSPACE}/configuration-secure/ansible/vars/developer-sandbox.yml --user ubuntu

 rm -f "$extra_vars"