opendev/system-config
Code Issues Proposed changes

Cleanup gerrit init.pp manifest lint errors.

Browse Source 
Change-Id: I68c6cd9b24c93f9f1cc2ba92eceae49b3c38ed36
Reviewed-on: https://review.openstack.org/14176
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
This commit is contained in:
Clark Boylan 2012-10-08 12:25:19 -07:00 committed by Jenkins
parent 50736a41d7
commit 09152c2dfd
1 changed files with 170 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

343
modules/gerrit/manifests/init.pp
View File

@ -66,15 +66,15 @@
# TODO: make more gerrit options configurable here
class gerrit($vhost_name=$fqdn,
$canonicalweburl="https://$fqdn/",
$serveradmin="webmaster@$fqdn",
$canonicalweburl="https://${fqdn}/",
$serveradmin="webmaster@${fqdn}",
$ssl_cert_file='/etc/ssl/certs/ssl-cert-snakeoil.pem',
$ssl_key_file='/etc/ssl/private/ssl-cert-snakeoil.key',
$ssl_chain_file='',
$ssl_cert_file_contents='', # If left empty puppet will not create file.
$ssl_key_file_contents='', # If left empty puppet will not create file.
$ssl_chain_file_contents='', # If left empty puppet will not create file.
$openidssourl="https://login.launchpad.net/+openid",
$openidssourl='https://login.launchpad.net/+openid',
$email='',
$database_poollimit='',
$container_heaplimit='',
@ -105,130 +105,129 @@ class gerrit($vhost_name=$fqdn,
$gitweb=true,
$testmode=false
) {
include apache
$java_home = $lsbdistcodename ? {
"precise" => "/usr/lib/jvm/java-6-openjdk-amd64/jre",
"oneiric" => "/usr/lib/jvm/java-6-openjdk/jre",
"natty" => "/usr/lib/jvm/java-6-openjdk/jre",
}
user { "gerrit2":
ensure => present,
comment => "Gerrit",
home => "/home/gerrit2",
shell => "/bin/bash",
gid => "gerrit2",
managehome => true,
require => Group["gerrit2"]
$java_home = $::lsbdistcodename ? {
'precise' => '/usr/lib/jvm/java-6-openjdk-amd64/jre',
'oneiric' => '/usr/lib/jvm/java-6-openjdk/jre',
'natty' => '/usr/lib/jvm/java-6-openjdk/jre',
}
group { "gerrit2":
ensure => present
user { 'gerrit2':
ensure => present,
comment => 'Gerrit',
home => '/home/gerrit2',
shell => '/bin/bash',
gid => 'gerrit2',
managehome => true,
require => Group['gerrit2'],
}
group { 'gerrit2':
ensure => present,
}
if ($gitweb) {
package { "gitweb":
ensure => present
}
package { 'gitweb':
ensure => present,
}
}
$packages = ["openjdk-6-jre-headless"]
$packages = ['openjdk-6-jre-headless']
package { $packages:
ensure => present,
}
file { "/var/log/gerrit":
ensure => "directory",
owner => 'gerrit2'
file { '/var/log/gerrit':
ensure => directory,
owner => 'gerrit2',
}
# Prepare gerrit directories. Even though some of these would be created
# by the init command, we can go ahead and create them now and populate them.
# That way the config files are already in place before init runs.
file { "/home/gerrit2/review_site":
ensure => "directory",
owner => "gerrit2",
require => User["gerrit2"]
file { '/home/gerrit2/review_site':
ensure => directory,
owner => 'gerrit2',
require => User['gerrit2'],
}
file { "/home/gerrit2/review_site/etc":
ensure => "directory",
owner => "gerrit2",
require => File["/home/gerrit2/review_site"]
file { '/home/gerrit2/review_site/etc':
ensure => directory,
owner => 'gerrit2',
require => File['/home/gerrit2/review_site'],
}
file { "/home/gerrit2/review_site/bin":
ensure => "directory",
owner => "gerrit2",
require => File["/home/gerrit2/review_site"]
file { '/home/gerrit2/review_site/bin':
ensure => directory,
owner => 'gerrit2',
require => File['/home/gerrit2/review_site'],
}
file { "/home/gerrit2/review_site/static":
ensure => "directory",
owner => "gerrit2",
require => File["/home/gerrit2/review_site"]
file { '/home/gerrit2/review_site/static':
ensure => directory,
owner => 'gerrit2',
require => File['/home/gerrit2/review_site'],
}
file { "/home/gerrit2/review_site/hooks":
ensure => "directory",
owner => "gerrit2",
require => File["/home/gerrit2/review_site"]
file { '/home/gerrit2/review_site/hooks':
ensure => directory,
owner => 'gerrit2',
require => File['/home/gerrit2/review_site'],
}
# Skip replication if we're in test mode
if ($testmode == false) {
file { '/home/gerrit2/review_site/etc/replication.config':
owner => 'root',
group => 'root',
mode => 444,
ensure => 'present',
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
content => template('gerrit/replication.config.erb'),
replace => 'true',
require => File["/home/gerrit2/review_site/etc"]
replace => true,
require => File['/home/gerrit2/review_site/etc'],
}
}
if ($projects_file != 'UNDEF') {
if ($replicate_local) {
file { $local_git_dir:
ensure => "directory",
owner => "gerrit2",
}
if ($replicate_local) {
file { $local_git_dir:
ensure => directory,
owner => 'gerrit2',
}
}
file { '/home/gerrit2/projects.yaml':
owner => 'gerrit2',
group => 'gerrit2',
mode => 444,
ensure => 'present',
source => $projects_file,
replace => true,
}
file { '/home/gerrit2/projects.yaml':
ensure => present,
owner => 'gerrit2',
group => 'gerrit2',
mode => '0444',
source => $projects_file,
replace => true,
}
exec { "make_local_repos":
user => 'gerrit2',
command => "/usr/local/gerrit/scripts/make_local_repos.py $local_git_dir",
subscribe => File["/home/gerrit2/projects.yaml"],
refreshonly => true,
require => File["/home/gerrit2/projects.yaml"]
}
exec { 'make_local_repos':
user => 'gerrit2',
command => "/usr/local/gerrit/scripts/make_local_repos.py ${local_git_dir}",
subscribe => File['/home/gerrit2/projects.yaml'],
refreshonly => true,
require => File['/home/gerrit2/projects.yaml'],
}
}
# Gerrit sets these permissions in 'init'; don't fight them.
file { '/home/gerrit2/review_site/etc/gerrit.config':
owner => 'gerrit2',
group => 'gerrit2',
mode => 644,
ensure => 'present',
ensure => present,
owner => 'gerrit2',
group => 'gerrit2',
mode => '0644',
content => template('gerrit/gerrit.config.erb'),
replace => 'true',
require => File["/home/gerrit2/review_site/etc"]
replace => true,
require => File['/home/gerrit2/review_site/etc'],
}
# Secret files.
@ -237,32 +236,32 @@ class gerrit($vhost_name=$fqdn,
# these permissions aren't set correctly, gerrit init will write a
# new secure.config file and lose the mysql password.
file { '/home/gerrit2/review_site/etc/secure.config':
owner => 'gerrit2',
group => 'gerrit2',
mode => 600,
ensure => 'present',
ensure => present,
owner => 'gerrit2',
group => 'gerrit2',
mode => '0600',
content => template('gerrit/secure.config.erb'),
replace => 'true',
require => File["/home/gerrit2/review_site/etc"]
replace => true,
require => File['/home/gerrit2/review_site/etc'],
}
# Set up MySQL.
class {"mysql::server":
class { 'mysql::server':
config_hash => {
'root_password' => "${mysql_root_password}",
'root_password' => $mysql_root_password,
'default_engine' => 'InnoDB',
'bind_address' => '127.0.0.1',
'bind_address' => '127.0.0.1',
}
}
include mysql::server::account_security
mysql::db { "reviewdb":
user => "gerrit2",
password => "${mysql_password}",
host => "localhost",
grant => "all",
charset => "latin1",
mysql::db { 'reviewdb':
user => 'gerrit2',
password => $mysql_password,
host => 'localhost',
grant => 'all',
charset => 'latin1',
}
# Set up apache.
@ -275,13 +274,13 @@ class gerrit($vhost_name=$fqdn,
ssl => true,
}
a2mod { 'rewrite':
ensure => present
ensure => present,
}
a2mod { 'proxy':
ensure => present
ensure => present,
}
a2mod { 'proxy_http':
ensure => present
ensure => present,
}
if $ssl_cert_file_contents != '' {
@ -327,79 +326,79 @@ class gerrit($vhost_name=$fqdn,
# This directory is used to download and cache gerrit war files.
# That way the download and install steps are kept separate.
file { "/home/gerrit2/gerrit-wars":
ensure => "directory",
require => User["gerrit2"]
file { '/home/gerrit2/gerrit-wars':
ensure => directory,
require => User['gerrit2'],
}
# If we don't already have the specified WAR, download it.
exec { "download:$war":
command => "/usr/bin/wget $war -O /home/gerrit2/gerrit-wars/$basewar",
creates => "/home/gerrit2/gerrit-wars/$basewar",
require => File["/home/gerrit2/gerrit-wars"],
exec { "download:${war}":
command => "/usr/bin/wget ${war} -O /home/gerrit2/gerrit-wars/${basewar}",
creates => "/home/gerrit2/gerrit-wars/${basewar}",
require => File['/home/gerrit2/gerrit-wars'],
}
# If gerrit.war isn't the same as $basewar, install it.
file { "/home/gerrit2/review_site/bin/gerrit.war":
source => "file:///home/gerrit2/gerrit-wars/$basewar",
require => Exec["download:$war"],
ensure => present,
replace => 'true',
file { '/home/gerrit2/review_site/bin/gerrit.war':
ensure => present,
source => "file:///home/gerrit2/gerrit-wars/${basewar}",
require => Exec["download:${war}"],
replace => true,
# user, group, and mode have to be set this way to avoid retriggering gerrit-init on every run
# because gerrit init sets them this way
owner => 'gerrit2',
group => 'gerrit2',
mode => 644,
owner => 'gerrit2',
group => 'gerrit2',
mode => '0644',
}
# If gerrit.war was just installed, run the Gerrit "init" command.
exec { "gerrit-initial-init":
user => 'gerrit2',
command => "/usr/bin/java -jar /home/gerrit2/review_site/bin/gerrit.war init -d /home/gerrit2/review_site --batch --no-auto-start",
subscribe => File["/home/gerrit2/review_site/bin/gerrit.war"],
require => [Package["openjdk-6-jre-headless"],
User["gerrit2"],
Mysql::Db["reviewdb"],
File["/home/gerrit2/review_site/etc/gerrit.config"],
File["/home/gerrit2/review_site/etc/secure.config"]],
notify => Exec["gerrit-start"],
unless => "/usr/bin/test -f /etc/init.d/gerrit",
exec { 'gerrit-initial-init':
user => 'gerrit2',
command => '/usr/bin/java -jar /home/gerrit2/review_site/bin/gerrit.war init -d /home/gerrit2/review_site --batch --no-auto-start',
subscribe => File['/home/gerrit2/review_site/bin/gerrit.war'],
require => [Package['openjdk-6-jre-headless'],
User['gerrit2'],
Mysql::Db['reviewdb'],
File['/home/gerrit2/review_site/etc/gerrit.config'],
File['/home/gerrit2/review_site/etc/secure.config']],
notify => Exec['gerrit-start'],
unless => '/usr/bin/test -f /etc/init.d/gerrit',
}
# If a new gerrit.war was just installed, run the Gerrit "init" command.
# Stop is included here because it may not be running or the init
# script may not exist, and in those cases, we don't care if it fails.
# Running the init script as the gerrit2 user _does_ work.
exec { "gerrit-init":
user => 'gerrit2',
command => "/etc/init.d/gerrit stop; /usr/bin/java -jar /home/gerrit2/review_site/bin/gerrit.war init -d /home/gerrit2/review_site --batch --no-auto-start",
subscribe => File["/home/gerrit2/review_site/bin/gerrit.war"],
exec { 'gerrit-init':
user => 'gerrit2',
command => '/etc/init.d/gerrit stop; /usr/bin/java -jar /home/gerrit2/review_site/bin/gerrit.war init -d /home/gerrit2/review_site --batch --no-auto-start',
subscribe => File['/home/gerrit2/review_site/bin/gerrit.war'],
refreshonly => true,
require => [Package["openjdk-6-jre-headless"],
User["gerrit2"],
Mysql::Db["reviewdb"],
File["/home/gerrit2/review_site/etc/gerrit.config"],
File["/home/gerrit2/review_site/etc/secure.config"]],
notify => Exec["gerrit-start"],
onlyif => "/usr/bin/test -f /etc/init.d/gerrit",
require => [Package['openjdk-6-jre-headless'],
User['gerrit2'],
Mysql::Db['reviewdb'],
File['/home/gerrit2/review_site/etc/gerrit.config'],
File['/home/gerrit2/review_site/etc/secure.config']],
notify => Exec['gerrit-start'],
onlyif => '/usr/bin/test -f /etc/init.d/gerrit',
}
# Symlink the init script.
file { "/etc/init.d/gerrit":
ensure => link,
target => '/home/gerrit2/review_site/bin/gerrit.sh',
file { '/etc/init.d/gerrit':
ensure => link,
target => '/home/gerrit2/review_site/bin/gerrit.sh',
require => Exec['gerrit-initial-init'],
}
# The init script requires the path to gerrit to be set.
file { "/etc/default/gerritcodereview":
source => 'puppet:///modules/gerrit/gerritcodereview.default',
ensure => present,
replace => 'true',
owner => 'root',
group => 'root',
mode => 444,
file { '/etc/default/gerritcodereview':
ensure => present,
source => 'puppet:///modules/gerrit/gerritcodereview.default',
replace => true,
owner => 'root',
group => 'root',
mode => '0444',
}
# Make sure the init script starts on boot.
@ -410,55 +409,53 @@ class gerrit($vhost_name=$fqdn,
'/etc/rc4.d/S90gerrit',
'/etc/rc5.d/S90gerrit',
'/etc/rc6.d/K10gerrit']:
ensure => link,
target => '/etc/init.d/gerrit',
ensure => link,
target => '/etc/init.d/gerrit',
require => File['/etc/init.d/gerrit'],
}
exec { "gerrit-start":
command => '/etc/init.d/gerrit start',
require => File['/etc/init.d/gerrit'],
refreshonly => true,
exec { 'gerrit-start':
command => '/etc/init.d/gerrit start',
require => File['/etc/init.d/gerrit'],
refreshonly => true,
}
file { '/usr/local/gerrit':
owner => 'root',
group => 'root',
mode => 755,
ensure => 'directory',
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
}
file { '/usr/local/gerrit/scripts':
owner => 'root',
group => 'root',
mode => 755,
ensure => 'directory',
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
recurse => true,
require => File['/usr/local/gerrit'],
source => [
"puppet:///modules/gerrit/scripts",
],
source => 'puppet:///modules/gerrit/scripts',
}
# Install Bouncy Castle's OpenPGP plugin and populate the contact store
# public key file if we're using that feature.
if ($contactstore == true) {
package { "libbcpg-java":
ensure => installed,
package { 'libbcpg-java':
ensure => present,
}
file { "/home/gerrit2/review_site/lib/bcpg.jar":
ensure => link,
target => "/usr/share/java/bcpg.jar",
require => Package["libbcpg-java"],
file { '/home/gerrit2/review_site/lib/bcpg.jar':
ensure => link,
target => '/usr/share/java/bcpg.jar',
require => Package['libbcpg-java'],
}
file { '/home/gerrit2/review_site/etc/contact_information.pub':
owner => 'root',
group => 'root',
mode => 444,
ensure => 'present',
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
content => template('gerrit/contact_information.pub.erb'),
replace => 'true',
require => File["/home/gerrit2/review_site/etc"],
replace => true,
require => File['/home/gerrit2/review_site/etc'],
}
}
}