From 01899d7ab8482c11dc276f2a47e7fade99f10588 Mon Sep 17 00:00:00 2001 From: Paul Belanger Date: Tue, 20 Mar 2018 12:45:23 -0400 Subject: [PATCH] Add gerrit_configure flag to review-dev01.o.o This will allow us to bootstrap a server with gerrit users, then attach the volumes with hold the git repos for gerrit, then we can remove this flag and properly puppet the rest of the server. Change-Id: I9159c941ece4f6928204601b9933d7a953baa2dd Signed-off-by: Paul Belanger --- manifests/site.pp | 1 + .../openstack_project/manifests/review_dev.pp | 327 +++++++++--------- 2 files changed, 168 insertions(+), 160 deletions(-) diff --git a/manifests/site.pp b/manifests/site.pp index e79dc692e8..719f1f1c3f 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -81,6 +81,7 @@ node /^review-dev\d*\.openstack\.org$/ { } class { 'openstack_project::review_dev': + gerrit_configure => false, project_config_repo => 'https://git.openstack.org/openstack-infra/project-config', github_oauth_token => hiera('gerrit_dev_github_token'), github_project_username => hiera('github_dev_project_username', 'username'), diff --git a/modules/openstack_project/manifests/review_dev.pp b/modules/openstack_project/manifests/review_dev.pp index 05d2da3f5c..d6f3c31e17 100644 --- a/modules/openstack_project/manifests/review_dev.pp +++ b/modules/openstack_project/manifests/review_dev.pp @@ -26,6 +26,7 @@ class openstack_project::review_dev ( $storyboard_ssl_cert = '', $project_config_repo = '', $projects_config = 'openstack_project/review-dev.projects.ini.erb', + $gerrit_configure = true, ) { case $::lsbdistcodename { @@ -51,169 +52,175 @@ class openstack_project::review_dev ( base => 'dev/', } - $accountpatchreviewdb_url = "jdbc:mysql://${mysql_host}:3306/accountPatchReviewDb?characterSetResults=utf8&characterEncoding=utf8&connectionCollation=utf8_bin&useUnicode=yes&user=gerrit2&password=${mysql_password}" - class { 'openstack_project::gerrit': - vhost_name => 'review-dev.openstack.org', - canonicalweburl => 'https://review-dev.openstack.org/', - ssl_cert_file => '/etc/ssl/certs/ssl-cert-snakeoil.pem', - ssl_key_file => '/etc/ssl/private/ssl-cert-snakeoil.key', - ssl_chain_file => '', - ssh_dsa_key_contents => $ssh_dsa_key_contents, - ssh_dsa_pubkey_contents => $ssh_dsa_pubkey_contents, - ssh_rsa_key_contents => $ssh_rsa_key_contents, - ssh_rsa_pubkey_contents => $ssh_rsa_pubkey_contents, - ssh_project_rsa_key_contents => $ssh_project_rsa_key_contents, - ssh_project_rsa_pubkey_contents => $ssh_project_rsa_pubkey_contents, - ssh_replication_rsa_key_contents => $ssh_replication_rsa_key_contents, - ssh_replication_rsa_pubkey_contents => $ssh_replication_rsa_pubkey_contents, - email => 'review-dev@openstack.org', - war => - 'http://tarballs.openstack.org/ci/gerrit/gerrit-v2.13.9.4.2a605d5.war', - acls_dir => $::project_config::gerrit_acls_dir, - notify_impact_file => $::project_config::gerrit_notify_impact_file, - projects_file => $::project_config::jeepyb_project_file, - projects_config => $projects_config, - github_username => 'openstack-gerrit-dev', - github_oauth_token => $github_oauth_token, - github_project_username => $github_project_username, - github_project_password => $github_project_password, - mysql_host => $mysql_host, - mysql_password => $mysql_password, - accountpatchreviewdb_url => $accountpatchreviewdb_url, - email_private_key => $email_private_key, - gitweb => false, - cgit => true, - web_repo_url => 'https://git.openstack.org/cgit/', - web_repo_url_encode => false, - swift_username => $swift_username, - swift_password => $swift_password, - replication_force_update => true, - commentlinks => [ - { - name => 'bugheader', - match => '([Cc]loses|[Pp]artial|[Rr]elated)-[Bb]ug:\\s*#?(\\d+)', - link => 'https://launchpad.net/bugs/$2', - }, - { - name => 'bug', - match => '\\b[Bb]ug:? #?(\\d+)', - link => 'https://launchpad.net/bugs/$1', - }, - { - name => 'story', - match => '\\b[Ss]tory:? #?(\\d+)', - link => 'https://storyboard-dev.openstack.org/#!/story/$1', - }, - { - name => 'its-storyboard', - match => '\\b[Tt]ask:? #?(\\d+)', - link => 'task: $1', - }, - { - name => 'blueprint', - match => '(\\b[Bb]lue[Pp]rint\\b|\\b[Bb][Pp]\\b)[ \\t#:]*([A-Za-z0-9\\-]+)', - link => 'https://blueprints.launchpad.net/openstack/?searchtext=$2', - }, - { - name => 'testresult', - match => '
  • ([^ ]+) ([^<]+) : ([^ ]+)([^<]*)
    • ', - html => '
  • $1 $3$4
    • ', - }, - { - name => 'launchpadbug', - match => '[^<]+', - html => '$1' - }, - { - name => 'changeid', - match => '(I[0-9a-f]{8,40})', - link => '/#/q/$1', - }, - { - name => 'gitsha', - match => '(

    |[\\s(])([0-9a-f]{40})(

    |[\\s.,;:)])', - html => '$1$2$3', - }, - ], - its_plugins => [ - { - name => 'its-storyboard', - password => $storyboard_password, - url => 'https://storyboard-dev.openstack.org', - }, - ], - its_rules => [ - { - name => 'LOG', - action => 'log-event error', - }, - { - name => 'change_abandoned', - event_type => 'change-abandoned', - action => 'set-status TODO', - }, - { - name => 'change_in_progress', - event_type => 'patchset-created,change-restored', - action => 'set-status REVIEW', - }, - { - name => 'change_merged', - event_type => 'change-merged', - action => 'set-status MERGED', - }, - ], - replication => [ - { - name => 'github', - url => 'git@github.com:', - authGroup => 'Anonymous Users', - replicationDelay => '1', - replicatePermissions => false, - mirror => true, - }, - { - name => 'local', - url => 'file:///opt/lib/git/', - replicationDelay => '1', - threads => '4', - mirror => true, - }, - { - name => 'afs', - url => 'file:///afs/openstack.org/mirror/git-sandbox/', - replicationDelay => '1', - threads => '4', - mirror => true, - }, - ], - require => $::project_config::config_dir, - } + if ($gerrit_configure) { + $accountpatchreviewdb_url = "jdbc:mysql://${mysql_host}:3306/accountPatchReviewDb?characterSetResults=utf8&characterEncoding=utf8&connectionCollation=utf8_bin&useUnicode=yes&user=gerrit2&password=${mysql_password}" + class { 'openstack_project::gerrit': + vhost_name => 'review-dev.openstack.org', + canonicalweburl => 'https://review-dev.openstack.org/', + ssl_cert_file => '/etc/ssl/certs/ssl-cert-snakeoil.pem', + ssl_key_file => '/etc/ssl/private/ssl-cert-snakeoil.key', + ssl_chain_file => '', + ssh_dsa_key_contents => $ssh_dsa_key_contents, + ssh_dsa_pubkey_contents => $ssh_dsa_pubkey_contents, + ssh_rsa_key_contents => $ssh_rsa_key_contents, + ssh_rsa_pubkey_contents => $ssh_rsa_pubkey_contents, + ssh_project_rsa_key_contents => $ssh_project_rsa_key_contents, + ssh_project_rsa_pubkey_contents => $ssh_project_rsa_pubkey_contents, + ssh_replication_rsa_key_contents => $ssh_replication_rsa_key_contents, + ssh_replication_rsa_pubkey_contents => $ssh_replication_rsa_pubkey_contents, + email => 'review-dev@openstack.org', + war => + 'http://tarballs.openstack.org/ci/gerrit/gerrit-v2.13.9.4.2a605d5.war', + acls_dir => $::project_config::gerrit_acls_dir, + notify_impact_file => $::project_config::gerrit_notify_impact_file, + projects_file => $::project_config::jeepyb_project_file, + projects_config => $projects_config, + github_username => 'openstack-gerrit-dev', + github_oauth_token => $github_oauth_token, + github_project_username => $github_project_username, + github_project_password => $github_project_password, + mysql_host => $mysql_host, + mysql_password => $mysql_password, + accountpatchreviewdb_url => $accountpatchreviewdb_url, + email_private_key => $email_private_key, + gitweb => false, + cgit => true, + web_repo_url => 'https://git.openstack.org/cgit/', + web_repo_url_encode => false, + swift_username => $swift_username, + swift_password => $swift_password, + replication_force_update => true, + commentlinks => [ + { + name => 'bugheader', + match => '([Cc]loses|[Pp]artial|[Rr]elated)-[Bb]ug:\\s*#?(\\d+)', + link => 'https://launchpad.net/bugs/$2', + }, + { + name => 'bug', + match => '\\b[Bb]ug:? #?(\\d+)', + link => 'https://launchpad.net/bugs/$1', + }, + { + name => 'story', + match => '\\b[Ss]tory:? #?(\\d+)', + link => 'https://storyboard-dev.openstack.org/#!/story/$1', + }, + { + name => 'its-storyboard', + match => '\\b[Tt]ask:? #?(\\d+)', + link => 'task: $1', + }, + { + name => 'blueprint', + match => '(\\b[Bb]lue[Pp]rint\\b|\\b[Bb][Pp]\\b)[ \\t#:]*([A-Za-z0-9\\-]+)', + link => 'https://blueprints.launchpad.net/openstack/?searchtext=$2', + }, + { + name => 'testresult', + match => '
  • ([^ ]+) ([^<]+) : ([^ ]+)([^<]*)
    • ', + html => '
  • $1 $3$4
    • ', + }, + { + name => 'launchpadbug', + match => '[^<]+', + html => '$1' + }, + { + name => 'changeid', + match => '(I[0-9a-f]{8,40})', + link => '/#/q/$1', + }, + { + name => 'gitsha', + match => '(

    |[\\s(])([0-9a-f]{40})(

    |[\\s.,;:)])', + html => '$1$2$3', + }, + ], + its_plugins => [ + { + name => 'its-storyboard', + password => $storyboard_password, + url => 'https://storyboard-dev.openstack.org', + }, + ], + its_rules => [ + { + name => 'LOG', + action => 'log-event error', + }, + { + name => 'change_abandoned', + event_type => 'change-abandoned', + action => 'set-status TODO', + }, + { + name => 'change_in_progress', + event_type => 'patchset-created,change-restored', + action => 'set-status REVIEW', + }, + { + name => 'change_merged', + event_type => 'change-merged', + action => 'set-status MERGED', + }, + ], + replication => [ + { + name => 'github', + url => 'git@github.com:', + authGroup => 'Anonymous Users', + replicationDelay => '1', + replicatePermissions => false, + mirror => true, + }, + { + name => 'local', + url => 'file:///opt/lib/git/', + replicationDelay => '1', + threads => '4', + mirror => true, + }, + { + name => 'afs', + url => 'file:///afs/openstack.org/mirror/git-sandbox/', + replicationDelay => '1', + threads => '4', + mirror => true, + }, + ], + require => $::project_config::config_dir, + } - gerrit::plugin { 'javamelody': version => 'v2.13.3.e4233d6' } - gerrit::plugin { 'its-storyboard': version => '805f9ac' } + gerrit::plugin { 'javamelody': version => 'v2.13.3.e4233d6' } + gerrit::plugin { 'its-storyboard': version => '805f9ac' } - # create a file containing the ssl certificate - file { '/home/gerrit2/storyboard-dev.crt': - ensure => present, - owner => 'gerrit2', - group => 'gerrit2', - mode => '0600', - content => $storyboard_ssl_cert, - replace => true, - require => User['gerrit2'], - } - # Import certificate to java to allow gerrit its plugins to POST to storyboard - exec { 'import-java-certs': - user => 'root', - command => "keytool -import -alias storyboard-dev.openstack.org -keystore $java_home/lib/security/cacerts -file /home/gerrit2/storyboard-dev.crt -storepass changeit -noprompt", - unless => "keytool -list -alias storyboard-dev.openstack.org -storepass changeit -keystore $java_home/lib/security/cacerts >/dev/null 2>&1", - path => '/bin:/usr/bin', - require => [ - Package[$jre_package], - File['/home/gerrit2/storyboard-dev.crt'], - ], + # create a file containing the ssl certificate + file { '/home/gerrit2/storyboard-dev.crt': + ensure => present, + owner => 'gerrit2', + group => 'gerrit2', + mode => '0600', + content => $storyboard_ssl_cert, + replace => true, + require => User['gerrit2'], + } + + # Import certificate to java to allow gerrit its plugins to POST to storyboard + exec { 'import-java-certs': + user => 'root', + command => "keytool -import -alias storyboard-dev.openstack.org -keystore $java_home/lib/security/cacerts -file /home/gerrit2/storyboard-dev.crt -storepass changeit -noprompt", + unless => "keytool -list -alias storyboard-dev.openstack.org -storepass changeit -keystore $java_home/lib/security/cacerts >/dev/null 2>&1", + path => '/bin:/usr/bin', + require => [ + Package[$jre_package], + File['/home/gerrit2/storyboard-dev.crt'], + ], + } + } else { + # Only create gerrit user / group so we can bring a server online. + include ::gerrit::user } package { 'python-launchpadlib':