use lineinfile to get jenkins-build permissions

Signed-off-by: Alfredo Deza <adeza@redhat.com>

diff --git a/ansible/slaves/slave.yml b/ansible/slaves/slave.yml
index 70954a77daf79a0d46ff87b4409fa94ad1243269..773edb79709bc243cc74a1597ae18b8ebc0e9786 100644 (file)
--- a/ansible/slaves/slave.yml
+++ b/ansible/slaves/slave.yml
@@ -32,10 +32,14 @@
     - name: jenkins api key should be present
       copy: src=files/jenkins_jobs.ini dest=/etc/jenkins_jobs/jenkins_jobs.ini
 
-    # FIXME: this needs line_in_file with validation, that has:
-    # jenkins-build   ALL=(ALL:ALL) NOPASSWD:ALL
-    # Copy a new "sudoers" file into place, after passing validation with visudo
-    # - copy: src=files/sudoers dest=/etc/sudoers validate='visudo -cf %s'
+    - name: ensure the build dir exists
+      sudo: yes
+      lineinfile:
+        dest: /etc/sudoers
+        regexp: '^jenkins-build ALL'
+        line: 'jenkins-build   ALL=(ALL:ALL) NOPASSWD:ALL'
+        backrefs: yes
+        validate: 'visudo -cf %s'
 
     - name: ensure the build dir exists
       file: path=/home/{{ jenkins_user }}/build state=directory owner={{ jenkins_user }}