diff --git a/doc/src/nextlevel-ci/researchAnsible.rst b/doc/src/nextlevel-ci/researchAnsible.rst index c159264..b5ec6a7 100644 --- a/doc/src/nextlevel-ci/researchAnsible.rst +++ b/doc/src/nextlevel-ci/researchAnsible.rst @@ -1360,6 +1360,89 @@ With this conceptional work we should be able to bring up our infrastructure eas we were used to in the past :-D +Integration of SSTATE-CACHE Sync +################################ +In :ref:`nwlYoctoSstateCacheMirror` the sstate-cache mirror was set up for the NWL instance according setup of HAC. To +bring this ansible instance on the same state, we have to adde the nginx credentials and add the server containing the +sstate-cache mirror to known hosts. Here are the steps: + + +#. Log into the build server (*netmodule-02*) unless already done: ``ssh user@10.115.101.101`` +#. Enter the NWL CI repository ``/home/user/nwl-ci`` +#. Stop the current instance: ``docker-compose down`` +#. Adding the sstate-cache mirror server to knwon_host: + + .. code-block:: + + # add the server to known hosts: + ssh-keyscan 10.115.101.100 >> ./secrets/.ssh/known_hosts + +#. Get the ssh keypair for nginx (are on the other NWL build server 10.115.101.98): + + .. code-block:: + + # we copy the pair from 10.115.101.98 (confirm any host fingerprint questions): + scp user@10.115.101.98:/home/user/.ssh/nginx-nwl* ./secrets/.ssh/ + +#. Setting up the docker environment to integrate the new connection: + + .. code-block:: + + # create the pw file: + echo -n "" > secrets/pw/nginxSsh + + # adapt the docker environment according this diff: + diff --git a/docker-compose.yaml b/docker-compose.yaml + index eebf75e..2853c6c 100644 + --- a/docker-compose.yaml + +++ b/docker-compose.yaml + @@ -17,11 +17,13 @@ services: + - jenkinsUserAdmin + - jenkinsUserDeveloper + - gitSsh + + - nginxSsh + - nexusUser + environment: + - COMPOSE_PROJECT_NAME=jk_server_nwl + - CASC_JENKINS_CONFIG=/var/jenkins_conf/nwl-cicd.yaml + - SSH_GIT_FILE_PATH=/var/jenkins_home/.ssh/testvm_ed25519 + + - SSH_NGINX_FILE_PATH=/var/jenkins_home/.ssh/nginx-nwl + secrets: #Be careful with newlines in your secrets, make sure to remove them before running docker-compose up. + jenkinsUserAdmin: + file: $PWD/secrets/pw/jenkinsUserAdmin + @@ -29,6 +31,8 @@ secrets: #Be careful with newlines in your secrets, make sure to remove them bef + file: $PWD/secrets/pw/jenkinsUserDeveloper + gitSsh: + file: $PWD/secrets/pw/gitSsh + + nginxSsh: + + file: $PWD/secrets/pw/nginxSsh + nexusUser: + file: $PWD/secrets/pw/nexusUser + networks: + diff --git a/docker/nwl-cicd.yaml b/docker/nwl-cicd.yaml + index 042a61a..0de5680 100644 + --- a/docker/nwl-cicd.yaml + +++ b/docker/nwl-cicd.yaml + @@ -54,6 +54,15 @@ credentials: + privateKeySource: + directEntry: + privateKey: "${readFile:${SSH_GIT_FILE_PATH}}" + + - basicSSHUserPrivateKey: + + scope: GLOBAL + + id: nginxCredentials + + username: user + + passphrase: "${nginxSsh}" + + description: "nginx access over SSH" + + privateKeySource: + + directEntry: + + privateKey: "${readFile:${SSH_NGINX_FILE_PATH}}" + - usernamePassword: + scope: GLOBAL + id: nexusCredentials + +#. Start and build the adapted instance: ``docker-compose up --build -d`` + + Further Research ################ Running Job on specific Host diff --git a/doc/src/setup/nwl-ci.rst b/doc/src/setup/nwl-ci.rst index 439ea8e..2a6f6cc 100644 --- a/doc/src/setup/nwl-ci.rst +++ b/doc/src/setup/nwl-ci.rst @@ -1016,6 +1016,8 @@ For latter request it makes sense to add a new job and adapt the current setup a only do it once. +.. _nwlYoctoSstateCacheMirror: + SSTATE-CACHE Mirror Information ******************************* The guardians use one sstate-cache mirror for all projects, e.g. BIL and CoreOS. Currently the team wants to progress diff --git a/docker-compose.yaml b/docker-compose.yaml index eebf75e..2853c6c 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -17,11 +17,13 @@ services: - jenkinsUserAdmin - jenkinsUserDeveloper - gitSsh + - nginxSsh - nexusUser environment: - COMPOSE_PROJECT_NAME=jk_server_nwl - CASC_JENKINS_CONFIG=/var/jenkins_conf/nwl-cicd.yaml - SSH_GIT_FILE_PATH=/var/jenkins_home/.ssh/testvm_ed25519 + - SSH_NGINX_FILE_PATH=/var/jenkins_home/.ssh/nginx-nwl secrets: #Be careful with newlines in your secrets, make sure to remove them before running docker-compose up. jenkinsUserAdmin: file: $PWD/secrets/pw/jenkinsUserAdmin @@ -29,6 +31,8 @@ secrets: #Be careful with newlines in your secrets, make sure to remove them bef file: $PWD/secrets/pw/jenkinsUserDeveloper gitSsh: file: $PWD/secrets/pw/gitSsh + nginxSsh: + file: $PWD/secrets/pw/nginxSsh nexusUser: file: $PWD/secrets/pw/nexusUser networks: diff --git a/docker/nwl-cicd.yaml b/docker/nwl-cicd.yaml index 20e6dac..c43e488 100644 --- a/docker/nwl-cicd.yaml +++ b/docker/nwl-cicd.yaml @@ -54,6 +54,15 @@ credentials: privateKeySource: directEntry: privateKey: "${readFile:${SSH_GIT_FILE_PATH}}" + - basicSSHUserPrivateKey: + scope: GLOBAL + id: nginxCredentials + username: user + passphrase: "${nginxSsh}" + description: "nginx access over SSH" + privateKeySource: + directEntry: + privateKey: "${readFile:${SSH_NGINX_FILE_PATH}}" - usernamePassword: scope: GLOBAL id: nexusCredentials