commit 04f288b9181cc97f48ec58fb794e8de66711faf1 Author: Nicolas Vigier boklm@torproject.org Date: Mon Mar 1 17:09:02 2021 +0100
Bug 40243: Remove tools/ansible/roles/tbb-nightly-signing
Revert "Bug 25102: Setup nightly signing"
This reverts commit 17804f5ada032276eabf7e33d41feef46ca511d7. --- tools/ansible/Makefile | 3 -- tools/ansible/README | 7 --- tools/ansible/ansible.cfg | 6 --- tools/ansible/inventory | 1 - .../roles/tbb-nightly-signing/defaults/main.yml | 7 --- .../roles/tbb-nightly-signing/tasks/main.yml | 54 ---------------------- tools/ansible/tbb-nightly-signing.yml | 6 --- 7 files changed, 84 deletions(-)
diff --git a/tools/ansible/Makefile b/tools/ansible/Makefile index 97a63c1..ea63a44 100644 --- a/tools/ansible/Makefile +++ b/tools/ansible/Makefile @@ -6,6 +6,3 @@ fpcentral:
boklm-tbb-nightly-build: ansible-playbook --vault-password-file=~/ansible-vault/boklm-tbb-nightly -i inventory boklm-tbb-nightly-build.yml - -tbb-nightly-signing: - ANSIBLE_CONFIG='$(@D)/ansible.cfg' ansible-playbook -i inventory tbb-nightly-signing.yml diff --git a/tools/ansible/README b/tools/ansible/README index 5407a73..6056372 100644 --- a/tools/ansible/README +++ b/tools/ansible/README @@ -25,13 +25,6 @@ boklm-tbb-nightly-build: For more details, see also this ticket: https://trac.torproject.org/projects/tor/ticket/33948
-tbb-nightly-signing: - This target is used to deploy a nightly signing machine. The - configuration of nightly signing is done in the following files: - tools/ansible/roles/tbb-nightly-signing/defaults/main.yml - tools/signing/nightly/config.yml - tools/signing/nightly/update-responses-base-config.yml -
Adding, removing, updating users on the Tor Browser team build machine ====================================================================== diff --git a/tools/ansible/ansible.cfg b/tools/ansible/ansible.cfg deleted file mode 100644 index 0663746..0000000 --- a/tools/ansible/ansible.cfg +++ /dev/null @@ -1,6 +0,0 @@ -[ssh_connection] -; When connecting to a v3 onion, we get the error: -; "unix_listener: [...] too long for Unix domain socket" -; We solve this by using %n (The original remote hostname, as given on -; the command line) instead of %h (The remote hostname) in the control path. -control_path=%(directory)s/%%r-%%n-%%r diff --git a/tools/ansible/inventory b/tools/ansible/inventory index 47fda66..fc25842 100644 --- a/tools/ansible/inventory +++ b/tools/ansible/inventory @@ -1,7 +1,6 @@ build-sunet-a ansible_ssh_user=root ansible_ssh_host=build-sunet-a.torproject.net fpcentral ansible_become=True ansible_become_method=sudo ansible_become_user=fpcentral ansible_ssh_host=forrestii.torproject.org allow_world_readable_tmpfiles=True boklm-tbb-nightly-build ansible_ssh_user=root ansible_become_method=su -tbb-nightly-signing ansible_ssh_user=root ansible_become_method=su
[tbb-build] build-sunet-a diff --git a/tools/ansible/roles/tbb-nightly-signing/defaults/main.yml b/tools/ansible/roles/tbb-nightly-signing/defaults/main.yml deleted file mode 100644 index cbe3b82..0000000 --- a/tools/ansible/roles/tbb-nightly-signing/defaults/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -nightly_signing_user: nightly-signing -nightly_signing_cron_hour: '*' -nightly_signing_cron_minute: '0,30' -tor_browser_build_dir: "/home/{{ nightly_signing_user }}/tor-browser-build" -tor_browser_build_git_url: https://git.torproject.org/builders/tor-browser-build.git -tor_browser_build_commit: 8d66414b7860751ffec6a83a6bc6dbfbd94f801a diff --git a/tools/ansible/roles/tbb-nightly-signing/tasks/main.yml b/tools/ansible/roles/tbb-nightly-signing/tasks/main.yml deleted file mode 100644 index 3cc96ba..0000000 --- a/tools/ansible/roles/tbb-nightly-signing/tasks/main.yml +++ /dev/null @@ -1,54 +0,0 @@ ---- -- name: Install dependencies - apt: - name: "{{ item }}" - state: present - with_items: - - git - - libdatetime-perl - - libfindbin-libs-perl - - libfile-slurp-perl - - libxml-writer-perl - - libio-captureoutput-perl - - libparallel-forkmanager-perl - - libxml-libxml-perl - - libwww-perl - - libjson-perl - - libyaml-libyaml-perl - - libyaml-perl - - libtemplate-perl - - libio-handle-util-perl - - libio-all-perl - - libio-captureoutput-perl - - libpath-tiny-perl - - libstring-shellquote-perl - - libsort-versions-perl - - libdigest-sha-perl - - libdata-uuid-perl - - libdata-dump-perl - - libfile-copy-recursive-perl - - libnss3-tools - - rsync - -- name: create nightly-signing user - user: - name: "{{ nightly_signing_user }}" - comment: "Tor Browser Nightly Signing" - createhome: yes - home: "/home/{{ nightly_signing_user }}" - -- name: clone tor-browser-build - become: yes - become_user: "{{ nightly_signing_user }}" - git: - repo: "{{ tor_browser_build_git_url }}" - dest: "{{ tor_browser_build_dir }}" - version: "{{ tor_browser_build_commit }}" - -- name: add cron to sign nighly build - cron: - name: tbb-sign-nightly-build - user: "{{ nightly_signing_user }}" - hour: "{{ nightly_signing_cron_hour }}" - minute: "{{ nightly_signing_cron_minute }}" - job: "torsocks /home/{{ nightly_signing_user }}/tor-browser-build/tools/signing/nightly/sign-nightly" diff --git a/tools/ansible/tbb-nightly-signing.yml b/tools/ansible/tbb-nightly-signing.yml deleted file mode 100644 index bc0c681..0000000 --- a/tools/ansible/tbb-nightly-signing.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- hosts: tbb-nightly-signing - roles: - - role: tbb-nightly-signing - - role: unattended-upgrades