Add revoke-sudo role and update tox jobs Change-Id: Ie0df08b6c4e4442e6d769b6ca26e59f919889566 Signed-off-by: Paul Belanger <pabelanger@redhat.com>

commit: 3547b695f301583e6d7088ef80967ec93e1d52a1 [log] [tgz]
author: Paul Belanger <pabelanger@redhat.com> Fri Mar 03 15:45:46 2017 -0500
committer: Paul Belanger <pabelanger@redhat.com> Tue Mar 21 16:45:09 2017 -0400
tree: 2e7257d7d2d3b47868dd6b8d45eeb044acacb65e
parent: 01be2d6a46fd0b28d88dfc1dca76b12c9d95d7f9 [diff]
diff --git a/playbooks/roles/revoke-sudo/tasks/main.yaml b/playbooks/roles/revoke-sudo/tasks/main.yaml
new file mode 100644
index 0000000..1c18187
--- /dev/null
+++ b/playbooks/roles/revoke-sudo/tasks/main.yaml

@@ -0,0 +1,8 @@
+- name: Remove sudo access for zuul user.
+  become: yes
+  file:
+    path: /etc/sudoers.d/zuul-sudo
+    state: absent
+
+- name: Prove that general sudo access is actually revoked.
+  shell: ! sudo -n true
commit	3547b695f301583e6d7088ef80967ec93e1d52a1	[log] [tgz]
author	Paul Belanger <pabelanger@redhat.com>	Fri Mar 03 15:45:46 2017 -0500
committer	Paul Belanger <pabelanger@redhat.com>	Tue Mar 21 16:45:09 2017 -0400
tree	2e7257d7d2d3b47868dd6b8d45eeb044acacb65e
parent	01be2d6a46fd0b28d88dfc1dca76b12c9d95d7f9 [diff]