commit | 27110c9477b34785850723ba7fcd064a0b604012 | [log] [tgz] |
---|---|---|
author | Tristan Cacqueray <tdecacqu@redhat.com> | Wed Jan 09 01:13:08 2019 +0000 |
committer | Tristan Cacqueray <tdecacqu@redhat.com> | Wed Jan 09 01:28:45 2019 +0000 |
tree | 2a96436097702adcc355ec9d6f71f6bb82d8fbd2 | |
parent | 3a933895370e5e32a7f63572a1bbac4fd54b7a32 [diff] |
zuul: prefer gerrit rsa key when available The current paramiko library doesn't seems to support key type other than ssh-rsa and it tries to validate with the first key found in the known_host. The gerrit ssh returns available key in random order, resulting in Zuul not able to connect to gerrit if it returns ssh-ed25519 first. This change mitigate this issue by doing a reverse sort order to ensure ssh-rsa is the first key if present. Otherwise, zuul connection to gerrit may fail with: SSHException: Signature verification (ssh-ed25519) failed. TG-2249 Change-Id: I4da4c847746415e6de3e4675436ab565e50ad19f
Each roles can define a meta/sfconfig.py file to create a Component class:
argparse() method can expose command line argument, example: see the --zuul-merger parameter
prepare() method can validate role requirements and define global vars, example: see the zuul-launcher prepare that automatically adds the logserver role when needed
configure() method can be used to generate complex role parameters: ** Call add_mysql_database() to set mysql role vars to create a database ** Call generate_ssh_keys() to create ssh keys ** Convert sfconfig.yaml settings into role variables ** Render convenient variable such as internal_url