This is outdated and will not work.

Taskotron Setup

Welcome to the Taskotron setup tutorial! This guide will walk you through the steps to set up a local instance of Taskotron. The current version is 0.0.3 .

Things you'll need

A host (H) capable of running two Fedora 19 VMs (i386 or x86_64), a Master (M) and a Slave (S).

M - 30-40GB disk, 1-2 procs, 2-4GB RAM

S - >=20GB disk, >=1 proc, 1-2GB RAM

For both VMs, do WebServer installation and accept all defaults for partitioning. We don't need anything fancy for our purposes.

Set up the Host

While your VMs are finishing up their installations, we can set up H. We'll be working out of /srv for most of this tutorial and working with a tool called Ansible. First, install Ansible:

yum install ansible

Second, create the directory tree we'll be working out of.

mkdir -p /srv/{keys,ansible/private/qa/certs/taskotron-local}
cd /srv/ansible/ 

Next, the ansible playbooks we'll be using need to be cloned from bitbucket.

git clone https://bitbucket.org/fedoraqa/ansible-playbooks.git qa

Hopefully by now your VMs are done or almost done installing. Once they are, we need to set up ssh via keys on both machines. For this tutorial, we'll keep all the keys we use in /srv/keys.

cd /srv/keys
ssh-keygen -f vm-user-key
ssh-keygen -f user_name.git
ssh-copy-id -i vm-user-key root@slave-ip
ssh-copy-id -i vm-user-key root@master-ip

Later on we'll also be needing two other non-user keys for gitolite and S authenticating to M - so we'll go ahead and create those now.

cd /srv/ansible/private/qa/certs/taskotron-local
ssh-keygen -f taskgit-admin
ssh-keygen -f id_buildslave

Now that we're done with the ssh keys we'll be needing, it's time to get our SSL certs. Log into M and install mod_ssl and copy the generated cert to H.

yum install mod_ssl

And copy the keys to H.

cd /srv/ansible/private/qa/certs/taskotron-local
scp -i /srv/keys/vm-user-key root@master-ip:/etc/pki/tls/certs/localhost.crt .
scp -i /srv/keys/vm-user-key root@master-ip:/etc/pki/tls/private/localhost.key .

Running the Master Playbook

Now that your host is set up and ready to go, we're going to configure ansible to auto configure M and S. Example settings were included in the 'ansible-playbooks' repo we cloned to /srv/ansible/qa.

cd /srv/ansible/qa
cp doc/taskotron-example-settings.yml /srv/ansible/private/qa/taskotron-local.yml

Now that we have a template to work with, we're going to edit some settings and create an inventory file for ansible. Edit taskotron-local.yml file with new keys and options (assuming you kept the normal file names).

Edit the 'sslcertfile' line to read: sslcertfile: localhost.crt
Edit the 'sslkeyfile' line to read: sslcertfile: localhost.key
Edit user_ssh_pubkey line to include vm-user-key.pub # Keep the "
change the 'username' to 'qaadmin'
change the hostname to be what you want the M hostname to be
change 'buildmaster' to be the ip of M
Optional Things to change:
  buildbot_user and buildbot_pw (these are used for the web interface)
  buildslave_pw (used for S to auth to M)

Once those edits are done, create a file named "local" in the /srv/ansible/qa and make it look like this:

[taskotron-local]
ip-of-M

[taskotron-local-slaves]
ip-of-S buildslave_name=static-slave1

This file is the inventory file for ansible - ansible looks here to know which machines it's allowed to connect to.

Now we're ready to run the first playbook task on M.

ansible-playbook -i local --private-key=/srv/keys/vm-user-key -e 'envtype=taskotron-local target=ip-of-M' -u root playbooks/taskotron-master.yml -t base

This command resets the root password and configures a second user for passwordless sudo. The created user is 'qaadmin' that you set in your /srv/ansible/private/qa/taskotron-local.yml file on H.

Once that's complete, run the full playbook on M.

ansible-playbook -i local --private-key=/srv/keys/vm-user-key -e 'envtype=taskotron-local target=ip-of-master' -u qaadmin playbooks/taskotron-master.yml

The base task (previous step denoted by '-t base' at the end of the command) created your qaadmin user, so now qaadmin will be the user we specify in ansible calls. Note the change from '-u <M username>' to '-u qaadmin' as well as the addition of --private-key arguments. This is the same key you created and moved with ssh-copy-id earlier.

On H, open a browser and navigate to the M IP and you'll see a landing page. Nothing is configured at this point - but the foundation for M is done.

Configuring Repos

On H, open your .ssh/config file and add:

Host M-ip
  IdentityFile /srv/ansible/private/qa/certs/taskotron-local/taskgit-admin

Somewhere outside of /srv (like your home directory), clone the gitolite admin repo from M.

git clone gitolite3@M-ip:gitolite-admin

Once in this directory, you'll find 'conf/' and 'keydir/' directories. Copy your id_buildslave along with your git key.

cd gitolite-admin
cp /srv/ansible/private/qa/certs/taskotron-local/id_buildslave.pub keydir/
cp /srv/keys/user_name.git keydir/

The last step for configuring gitolite is to edit conf/gitolite.conf to look like this:

repo gitolite-admin
  RW+     =   taskgit-admin
  RW+     =   username
repo testing
  RW+     =   @all
repo rpmlint
  RW+     =   @all

Once those changes are made to the repo, add, commit and push back to M.

cd ..
git add .
git commit -m 'Updated keys and the admin user.'
git push origin master

Now we need a task for Taskotron to run. The FedoraQA bitbucket account has a task for rpmlint. We're going to clone this, rename it to rpmlint and push that to M. You already set up the gitolite conf with the final section "repo rpmlint." You should do this in the same area you cloned gitolite-admin (outside of /srv).

git clone https://bitbucket.org/fedoraqa/task-rpmlint.git
git remote add taskotron-local gitolite3@M-ip:rpmlint
git push -u taskotron-local --all

Now the master is configured and ready to have slaves attached to it!

Running the Slave Playbook

Just like with M, you're going to run the '-t base' task first as the slave user in order to run the initial setup.

cd /srv/ansible/qa
ansible-playbook -i local --private-key=/srv/keys/vm-user-key -e 'envtype=taskotron-local target=S-ip' -u root playbooks/taskotron-slave.yml -t base

SSH into S and edit /etc/hosts to see M from S

ip-of-M hostname-from-taskotron-local.yml

Now run the complete playbook for S.

ansible-playbook -i local --private-key=/srv/keys/vm-user-key -e 'envtype=taskotron-local target=S-ip' -u qaadmin playbooks/taskotron-slave.yml

The last step before trying some builds is to do the initial clone from M to add M to the .ssh/known_hosts on S.

sudo su - buildslave
git clone gitolite3@M-ip:rpmlint

Trigger Builds

Now S should be attached to M. Go back to the web interface for M.

Open http://M-ip/taskmaster and login with the username and password you specified in taskotron-local.yml

Navigate to http://M-ip/taskmaster/builders/statictasks

In the rpmcheck field group, fill out the last three inputs.

name of check to run: rpmlint

envr of package to test: simple-xml-2.7.1-2.fc20 #just grab something off koji

arch of rpm to test: noarch

Hopefully the build ran and was reported as a success. [Note: Add section about needing to check the stdio results to see what actually happened.]

Now that you can manually trigger builds, it's time to set up the trigger on M to listen to fedmsg for pushes.

SSH into M, edit /etc/hosts to reflect M's hostname and start the trigger:

127.0.0.1 localhost.localdomain localhost hostname-from-taskotron-local.yml

And finally, start the trigger!

sudo su - qaadmin
cd /home/qaadmin/trigger
fedmsg-hub

Congrats, now you have a working dev instance of Taskotron! Now your master is listening for messages from Koji. When a build is pushed, your M will task S to run the rpmlint test on the recently pushed package.

This template is open source! Get the code or look at development plans.