Change build_remote_ssh logic to run as user (instead of root)

ruzickap · Mar 22, 2018 · 29f80e8 · 29f80e8
1 parent 5edd38f
commit 29f80e8
Show file tree

Hide file tree

Showing 3 changed files with 65 additions and 58 deletions.
diff --git a/ansible/build_remote_ssh.yml b/ansible/build_remote_ssh.yml
@@ -1,7 +1,6 @@
 ---
 # This can be used only with latest Fedora
 - hosts: all
-  become: yes
   gather_facts: false
 
   vars:
@@ -47,49 +46,69 @@
     - name: Gather facts
       setup:
 
-    - name: Install libselinux-python needed for Fedora
-      dnf:
-        name: libselinux-python
-
-    - name: Disable SELinux
-      selinux:
-        state: disabled
-
-    - name: Install rpmfusion repositories
-      dnf:
-        name: "{{ item }}"
-      with_items: "{{ rpmfusion_repositories }}"
-
-    - name: Upgrade all packages
-      dnf:
-        name: "*"
-        state: latest
-
-    - name: Check if reboot is necessary
-      shell: LAST_KERNEL=$(rpm -q --last kernel-core | awk 'NR==1 {sub(/kernel-core-/,""); print $1}'); CURRENT_KERNEL=$(uname -r); if [ $LAST_KERNEL != $CURRENT_KERNEL ]; then echo 'reboot'; fi
-      changed_when: false
-      register: reboot_out
-
     - block:
-      - name: As user for permission to reboot machne to boot to latest kernel
-        pause:
-          prompt: 'Please confirm you want to reboot the remote machine: {{ ansible_host }}! Press return to continue. Press Ctrl+c and then "a" to abort'
-
-      - name: Reboot machne to boot to latest kernel
-        shell: sleep 2 && shutdown -r now "Ansible triggered reboot"
-        async: 1
-        poll: 0
-        ignore_errors: true
-
-      - name: Wait for system to boot up
-        local_action: wait_for host={{ ansible_host }} port={{ ansible_port | default('22') }} delay=30
-        become: False
-      when: reboot_out.stdout | search("reboot")
-
-    - name: Install packages
-      dnf:
-        name: "{{ item }}"
-      with_items: "{{ packages }}"
+      - name: Install libselinux-python needed for Fedora
+        dnf:
+          name: libselinux-python
+
+      - name: Disable SELinux
+        selinux:
+          state: disabled
+
+      - name: Install rpmfusion repositories
+        dnf:
+          name: "{{ item }}"
+        with_items: "{{ rpmfusion_repositories }}"
+
+      - name: Upgrade all packages
+        dnf:
+          name: "*"
+          state: latest
+
+      - name: Check if reboot is necessary
+        shell: LAST_KERNEL=$(rpm -q --last kernel-core | awk 'NR==1 {sub(/kernel-core-/,""); print $1}'); CURRENT_KERNEL=$(uname -r); if [ $LAST_KERNEL != $CURRENT_KERNEL ]; then echo 'reboot'; fi
+        changed_when: false
+        register: reboot_out
+
+      - block:
+        - name: As user for permission to reboot machne to boot to latest kernel
+          pause:
+            prompt: 'Please confirm you want to reboot the remote machine: {{ ansible_host }}! Press return to continue. Press Ctrl+c and then "a" to abort'
+
+        - name: Reboot machne to boot to latest kernel
+          shell: sleep 2 && shutdown -r now "Ansible triggered reboot"
+          async: 1
+          poll: 0
+          ignore_errors: true
+
+        - name: Wait for system to boot up
+          wait_for:
+            host: {{ ansible_host }}
+            port: {{ ansible_port | default('22') }} 
+            search_regex: OpenSSH
+            delay: 30
+          connection: local
+          become: False
+        when: reboot_out.stdout | search("reboot")
+
+      - name: Install packages
+        dnf:
+          name: "{{ item }}"
+        with_items: "{{ packages }}"
+
+      - name: Download and unzip packer
+        unarchive:
+          src: "{{ packer_url }}"
+          dest: /usr/local/bin/
+          remote_src: yes
+          creates: /usr/local/bin/packerio
+          validate_certs: false
+
+      - name: Move packer to packerio
+        command: mv /usr/local/bin/packer /usr/local/bin/packerio
+        args:
+          creates: /usr/sbin/packerio
+      become: true
 
     - name: List installed Vagrant Plugins
       command: vagrant plugin list
@@ -101,18 +120,6 @@
       with_items: "{{ vagrant_plugins }}"
       when: not vagrant_plugin_list.stdout | search(item)
 
-    - name: Download and unzip packer
-      unarchive:
-        src: "{{ packer_url }}"
-        dest: /usr/local/bin/
-        remote_src: yes
-        creates: /usr/sbin/packerio
-
-    - name: Move packer to packerio
-      command: mv /usr/local/bin/packer /usr/sbin/packerio
-      args:
-        creates: /usr/sbin/packerio
-
     - name: Create directory for packer ansible connection plugin
       file:
         path: "{{ ansible_env.HOME }}/.ansible/plugins/connection"

diff --git a/build.sh b/build.sh
@@ -150,7 +150,7 @@ packer_build() {
       ;;
     esac
 
-    echo -e "\n\n*** $NAME [$PACKER_FILE] [$PACKER_BUILDER_TYPE]\n"
+    echo -e "\n\n*** ${NAME} [${PACKER_FILE}] [${PACKER_VAGRANT_PROVIDER}/${PACKER_BUILDER_TYPE}]\n"
     $PACKER_BINARY build -only="$PACKER_BUILDER_TYPE" -color=false -var "headless=$HEADLESS" $PACKER_FILE 2>&1 | tee "${LOG_DIR}/${NAME}-${PACKER_BUILDER_TYPE}-packer.log"
   else
     echo -e "\n*** File ${NAME}-${PACKER_VAGRANT_PROVIDER}.box already exists. Skipping....\n";

diff --git a/upload_all_boxes_to_vagrantup.sh b/upload_all_boxes_to_vagrantup.sh
@@ -1,12 +1,12 @@
 #!/bin/bash -eu
 
-USER="peru"
+VAGRANT_CLOUD_USER=${VAGRANT_CLOUD_USER:-peru}
 LOGFILE="vagrant_init_destroy_boxes.log"
 
 
 (
   for BOX in *.box; do
     echo "*** $BOX"
-    ./upload_box_to_vagrantup.sh ${USER}@${BOX}
+    ./upload_box_to_vagrantup.sh ${VAGRANT_CLOUD_USER}@${BOX}
   done
 ) 2>&1 | tee $LOGFILE