Commit a1c9d86d authored by Guido Gunther's avatar Guido Gunther
Browse files

Setup Debian package build chroots

parent cea663d5
......@@ -8,8 +8,6 @@
img_build_pkgs:
- build-essential
- vmdebootstrap
pkg_build_pkgs:
- git-buildpackage
kernel_build_pkgs:
- gcc-arm-linux-gnueabihf
- libssl-dev
......@@ -33,6 +31,15 @@
certbot_create_method: standalone
certbot_create_standalone_stop_services:
- nginx
- role: agx.gbp
gbp_cowbuilder_targets:
- dist: buster
- dist: stretch
- dist: buster
arch: armhf
foreign: true
tags:
- gbp
tasks:
- name: Configure Jenkins master-slave security
copy:
......@@ -74,13 +81,18 @@
- "{{ base_pkgs }}"
- "{{ dev_pkgs }}"
- "{{ img_build_pkgs }}"
- "{{ pkg_build_pkgs }}"
- "{{ kernel_build_pkgs }}"
- name: Allow jenkins to execute certain commands with raised privs
copy:
content: |
%jenkins ALL = (root) SETENV: NOPASSWD: /usr/sbin/debootstrap, /usr/sbin/chroot, /usr/sbin/pbuilder
dest: /etc/sudoers.d/jenkins
- name: Ensure that jenkins can build packages
user:
name: jenkins
groups: pbuilder
append: yes
notify: Restart jenkins
handlers:
- name: Restart nginx
systemd: name=nginx state=restarted
......
......@@ -5,3 +5,6 @@
- src: geerlingguy.certbot
version: 3.0.0
- src: agx.gbp
version: 0.0.1
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment