roles/koji-client: Configure the koji client

The *koji-client* role is a generic role that can be used to configure the Koji client library/`koji` CLI tool. By default, it manages the default configuration at `/etc/koji`, but by using the `koji_client_dir`, `koji_client_user`, and `koji_client_id` variables, it can be used to configure per-user client configuration as well.
2018-08-12 10:05:56 -05:00
parent aed2776e27
commit 6341d972f6
4 changed files with 75 additions and 0 deletions
--- a/roles/koji-client/tasks/main.yml
+++ b/roles/koji-client/tasks/main.yml
@@ -0,0 +1,47 @@
+- name: ensure koji client is installed
+  package:
+    name=koji
+    state=present
+  tags:
+  - install
+
+- name: ensure koji client configuration directory exists
+  file:
+    path={{ koji_client_dir }}
+    owner={{ koji_client_user }}
+    group={{ koji_client_group }}
+    mode={{ koji_client_dir_mode }}
+    state=directory
+- name: ensure koji client is configured
+  template:
+    src=config.j2
+    dest={{ koji_config_path }}
+    owner={{ koji_client_user }}
+    group={{ koji_client_group }}
+    mode={{ koji_client_config_mode }}
+- name: ensure koji ca certificates are installed
+  copy:
+    src={{ item }}
+    dest={{ koji_client_dir }}/{{ item|basename }}
+    owner={{ koji_client_user }}
+    group={{ koji_client_group }}
+    mode={{ koji_client_config_mode }}
+  with_fileglob:
+  - certs/koji//{{ koji_client_id }}/*.crt
+- name: ensure koji hub server ca certificate is trusted
+  copy:
+    src={{ item }}
+    dest=/etc/pki/ca-trust/source/anchors/koji-hub.crt
+    mode=0644
+  with_fileglob:
+  - certs/koji/{{ koji_client_id }}/serverca.crt
+  notify: update ca trust
+- name: ensure koji client certificate is installed
+  copy:
+    src={{ item }}
+    dest={{ koji_client_dir }}/client.pem
+    owner={{ koji_client_user }}
+    group={{ koji_client_group }}
+    mode={{ koji_client_cert_mode }}
+  with_fileglob:
+  - certs/koji/{{ koji_client_id }}/client.pem