diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 8c0f6e2e61a0f0d2aa29f6db7ffbe386a6ec4cd5..a4e1e4d174465888ec62f41a74825839d605b24b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -35,7 +35,3 @@ include: - local: '/ci_templates/.gitlab-ci-rhel7.yml' - local: '/ci_templates/.gitlab-ci-rhel8.yml' - local: '/ci_templates/.gitlab-ci-rhel9.yml' - - local: '/ci_templates/.gitlab-ci-rhel-refresh_token.yml' - rules: - - if: '$REFRESH_RHSM_OFFLINE_TOKEN == "true"' - diff --git a/ci_templates/.gitlab-ci-rhel-refresh_token.yml b/ci_templates/.gitlab-ci-rhel-refresh_token.yml deleted file mode 100644 index d3d33bd658a798c5e62496df889b0e47bf52b52c..0000000000000000000000000000000000000000 --- a/ci_templates/.gitlab-ci-rhel-refresh_token.yml +++ /dev/null @@ -1,8 +0,0 @@ -# Periodically refresh the RHSM offline_token -# If we don't use it, we lose it (1 auth per 30 days required) - -login_to_rhsm: - extends: .refresh_rhsm_offline_token - only: - variables: - - $REFRESH_RHSM_OFFLINE_TOKEN diff --git a/ci_templates/.gitlab-ci-scripts.yml b/ci_templates/.gitlab-ci-scripts.yml index dea49d79b1ed84d2d2f2646f049c04eaf330a80a..304544d7b4c8bc9a0c8c4f33210688298f3282fd 100644 --- a/ci_templates/.gitlab-ci-scripts.yml +++ b/ci_templates/.gitlab-ci-scripts.yml @@ -1,14 +1,6 @@ # Common scripts used by all distros -# Base job skeleton so we don't create useless jobs we don't need -# during a RHSM token refresh -.distro_job: - only: - variables: - - $REFRESH_RHSM_OFFLINE_TOKEN == "false" - validate: - extends: .distro_job stage: validate image: 'gitlab-registry.cern.ch/linuxsupport/cs9-base' script: @@ -40,7 +32,6 @@ validate: - exit $RET .build_image: - extends: .distro_job stage: build image: 'gitlab-registry.cern.ch/linuxsupport/rpmci/kojicli' script: @@ -84,7 +75,6 @@ validate: # Pre-script for Openstack authorization .openstack: - extends: .distro_job image: 'gitlab-registry.cern.ch/linuxsupport/openstack-client' before_script: - |- @@ -129,7 +119,6 @@ validate: - openstack image set --accept "${id}" .run_tests: - extends: .distro_job stage: tests script: - export id=`jq -r '.id' upload.json` @@ -359,7 +348,6 @@ validate: expire_in: 1 month .build_rhel_image: - extends: .distro_job stage: build image: 'gitlab-registry.cern.ch/linuxsupport/cs9-base' script: @@ -387,14 +375,8 @@ validate: - openstack image set $id --community .notify_rhel_users: - extends: .distro_job stage: email script: - yum -y install python3 - python3 email_rhel_users -.refresh_rhsm_offline_token: - stage: validate - script: - - yum -y install python3 python3-requests - - python3 refresh_rhsm_token diff --git a/refresh_rhsm_token b/refresh_rhsm_token deleted file mode 100644 index 7f6ad7ec356023d6ece85a6d985cca711a56d363..0000000000000000000000000000000000000000 --- a/refresh_rhsm_token +++ /dev/null @@ -1,30 +0,0 @@ -#!/usr/bin/env python - -# offline token expires if we don't use it more than once per 30 days -# This is a simple script to auth and ensure this doesn't happen -# Example: https://access.redhat.com/articles/3626371 -import json -import os -import requests -import sys - -offline_token = os.getenv('RHSM_OFFLINE_TOKEN') -if offline_token is None: - print('offline_token variable needs to be passed, exiting') - sys.exit(1) - -# generate an access token from the 'offline_token' -url='https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token' -data = { 'grant_type': 'refresh_token', 'client_id': 'rhsm-api', 'refresh_token': offline_token } -result = requests.post(url, data=data) -if result.status_code != 200: - print('unable to auth, exiting') - sys.exit(1) -token=json.loads(result.content)['access_token'] - -cset = 'rhel-8-for-x86_64-baseos-isos' -url = ('https://api.access.redhat.com/management/v1/images/cset/%s?limit=100' % cset) -headers = { 'Authorization': 'Bearer %s' % token } -result = requests.get(url, headers=headers) - -sys.exit(0)