From: Alfredo Deza <adeza@redhat.com>
Date: Fri, 17 Jul 2015 20:01:42 +0000 (-0400)
Subject: use lineinfile to get jenkins-build permissions
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=3cb7e5d513627a4b0626aec9d2c94ede011fb26d;p=ceph-build.git

use lineinfile to get jenkins-build permissions

Signed-off-by: Alfredo Deza <adeza@redhat.com>
---

diff --git a/ansible/slaves/slave.yml b/ansible/slaves/slave.yml
index 70954a77..773edb79 100644
--- a/ansible/slaves/slave.yml
+++ b/ansible/slaves/slave.yml
@@ -32,10 +32,14 @@
     - name: jenkins api key should be present
       copy: src=files/jenkins_jobs.ini dest=/etc/jenkins_jobs/jenkins_jobs.ini
 
-    # FIXME: this needs line_in_file with validation, that has:
-    # jenkins-build   ALL=(ALL:ALL) NOPASSWD:ALL
-    # Copy a new "sudoers" file into place, after passing validation with visudo
-    # - copy: src=files/sudoers dest=/etc/sudoers validate='visudo -cf %s'
+    - name: ensure the build dir exists
+      sudo: yes
+      lineinfile:
+        dest: /etc/sudoers
+        regexp: '^jenkins-build ALL'
+        line: 'jenkins-build   ALL=(ALL:ALL) NOPASSWD:ALL'
+        backrefs: yes
+        validate: 'visudo -cf %s'
 
     - name: ensure the build dir exists
       file: path=/home/{{ jenkins_user }}/build state=directory owner={{ jenkins_user }}