opendev/system-config
Code Issues Proposed changes

Cleanup gerrit init.pp manifest lint errors.

Browse Source 
Change-Id: I68c6cd9b24c93f9f1cc2ba92eceae49b3c38ed36
Reviewed-on: https://review.openstack.org/14176
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
This commit is contained in:
Clark Boylan 2012-10-08 12:25:19 -07:00 committed by Jenkins
parent 50736a41d7
commit 09152c2dfd
1 changed files with 170 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

251
modules/gerrit/manifests/init.pp
View File

@ -66,15 +66,15 @@
# TODO: make more gerrit options configurable here # TODO: make more gerrit options configurable here
class gerrit($vhost_name=$fqdn, class gerrit($vhost_name=$fqdn,
$canonicalweburl="https://$fqdn/", $canonicalweburl="https://${fqdn}/",
$serveradmin="webmaster@$fqdn", $serveradmin="webmaster@${fqdn}",
$ssl_cert_file='/etc/ssl/certs/ssl-cert-snakeoil.pem', $ssl_cert_file='/etc/ssl/certs/ssl-cert-snakeoil.pem',
$ssl_key_file='/etc/ssl/private/ssl-cert-snakeoil.key', $ssl_key_file='/etc/ssl/private/ssl-cert-snakeoil.key',
$ssl_chain_file='', $ssl_chain_file='',
$ssl_cert_file_contents='', # If left empty puppet will not create file. $ssl_cert_file_contents='', # If left empty puppet will not create file.
$ssl_key_file_contents='', # If left empty puppet will not create file. $ssl_key_file_contents='', # If left empty puppet will not create file.
$ssl_chain_file_contents='', # If left empty puppet will not create file. $ssl_chain_file_contents='', # If left empty puppet will not create file.
$openidssourl="https://login.launchpad.net/+openid", $openidssourl='https://login.launchpad.net/+openid',
$email='', $email='',
$database_poollimit='', $database_poollimit='',
$container_heaplimit='', $container_heaplimit='',
@ -105,90 +105,89 @@ class gerrit($vhost_name=$fqdn,
$gitweb=true, $gitweb=true,
$testmode=false $testmode=false
) { ) {
include apache include apache
$java_home = $lsbdistcodename ? { $java_home = $::lsbdistcodename ? {
"precise" => "/usr/lib/jvm/java-6-openjdk-amd64/jre", 'precise' => '/usr/lib/jvm/java-6-openjdk-amd64/jre',
"oneiric" => "/usr/lib/jvm/java-6-openjdk/jre", 'oneiric' => '/usr/lib/jvm/java-6-openjdk/jre',
"natty" => "/usr/lib/jvm/java-6-openjdk/jre", 'natty' => '/usr/lib/jvm/java-6-openjdk/jre',
} }
user { "gerrit2": user { 'gerrit2':
ensure => present, ensure => present,
comment => "Gerrit", comment => 'Gerrit',
home => "/home/gerrit2", home => '/home/gerrit2',
shell => "/bin/bash", shell => '/bin/bash',
gid => "gerrit2", gid => 'gerrit2',
managehome => true, managehome => true,
require => Group["gerrit2"] require => Group['gerrit2'],
} }
group { "gerrit2": group { 'gerrit2':
ensure => present ensure => present,
} }
if ($gitweb) { if ($gitweb) {
package { "gitweb": package { 'gitweb':
ensure => present ensure => present,
} }
} }
$packages = ["openjdk-6-jre-headless"] $packages = ['openjdk-6-jre-headless']
package { $packages: package { $packages:
ensure => present, ensure => present,
} }
file { "/var/log/gerrit": file { '/var/log/gerrit':
ensure => "directory", ensure => directory,
owner => 'gerrit2' owner => 'gerrit2',
} }
# Prepare gerrit directories. Even though some of these would be created # Prepare gerrit directories. Even though some of these would be created
# by the init command, we can go ahead and create them now and populate them. # by the init command, we can go ahead and create them now and populate them.
# That way the config files are already in place before init runs. # That way the config files are already in place before init runs.
file { "/home/gerrit2/review_site": file { '/home/gerrit2/review_site':
ensure => "directory", ensure => directory,
owner => "gerrit2", owner => 'gerrit2',
require => User["gerrit2"] require => User['gerrit2'],
} }
file { "/home/gerrit2/review_site/etc": file { '/home/gerrit2/review_site/etc':
ensure => "directory", ensure => directory,
owner => "gerrit2", owner => 'gerrit2',
require => File["/home/gerrit2/review_site"] require => File['/home/gerrit2/review_site'],
} }
file { "/home/gerrit2/review_site/bin": file { '/home/gerrit2/review_site/bin':
ensure => "directory", ensure => directory,
owner => "gerrit2", owner => 'gerrit2',
require => File["/home/gerrit2/review_site"] require => File['/home/gerrit2/review_site'],
} }
file { "/home/gerrit2/review_site/static": file { '/home/gerrit2/review_site/static':
ensure => "directory", ensure => directory,
owner => "gerrit2", owner => 'gerrit2',
require => File["/home/gerrit2/review_site"] require => File['/home/gerrit2/review_site'],
} }
file { "/home/gerrit2/review_site/hooks": file { '/home/gerrit2/review_site/hooks':
ensure => "directory", ensure => directory,
owner => "gerrit2", owner => 'gerrit2',
require => File["/home/gerrit2/review_site"] require => File['/home/gerrit2/review_site'],
} }
# Skip replication if we're in test mode # Skip replication if we're in test mode
if ($testmode == false) { if ($testmode == false) {
file { '/home/gerrit2/review_site/etc/replication.config': file { '/home/gerrit2/review_site/etc/replication.config':
ensure => present,
owner => 'root', owner => 'root',
group => 'root', group => 'root',
mode => 444, mode => '0444',
ensure => 'present',
content => template('gerrit/replication.config.erb'), content => template('gerrit/replication.config.erb'),
replace => 'true', replace => true,
require => File["/home/gerrit2/review_site/etc"] require => File['/home/gerrit2/review_site/etc'],
} }
} }
@ -196,39 +195,39 @@ class gerrit($vhost_name=$fqdn,
if ($replicate_local) { if ($replicate_local) {
file { $local_git_dir: file { $local_git_dir:
ensure => "directory", ensure => directory,
owner => "gerrit2", owner => 'gerrit2',
} }
} }
file { '/home/gerrit2/projects.yaml': file { '/home/gerrit2/projects.yaml':
ensure => present,
owner => 'gerrit2', owner => 'gerrit2',
group => 'gerrit2', group => 'gerrit2',
mode => 444, mode => '0444',
ensure => 'present',
source => $projects_file, source => $projects_file,
replace => true, replace => true,
} }
exec { "make_local_repos": exec { 'make_local_repos':
user => 'gerrit2', user => 'gerrit2',
command => "/usr/local/gerrit/scripts/make_local_repos.py $local_git_dir", command => "/usr/local/gerrit/scripts/make_local_repos.py ${local_git_dir}",
subscribe => File["/home/gerrit2/projects.yaml"], subscribe => File['/home/gerrit2/projects.yaml'],
refreshonly => true, refreshonly => true,
require => File["/home/gerrit2/projects.yaml"] require => File['/home/gerrit2/projects.yaml'],
} }
} }
# Gerrit sets these permissions in 'init'; don't fight them. # Gerrit sets these permissions in 'init'; don't fight them.
file { '/home/gerrit2/review_site/etc/gerrit.config': file { '/home/gerrit2/review_site/etc/gerrit.config':
ensure => present,
owner => 'gerrit2', owner => 'gerrit2',
group => 'gerrit2', group => 'gerrit2',
mode => 644, mode => '0644',
ensure => 'present',
content => template('gerrit/gerrit.config.erb'), content => template('gerrit/gerrit.config.erb'),
replace => 'true', replace => true,
require => File["/home/gerrit2/review_site/etc"] require => File['/home/gerrit2/review_site/etc'],
} }
# Secret files. # Secret files.
@ -237,32 +236,32 @@ class gerrit($vhost_name=$fqdn,
# these permissions aren't set correctly, gerrit init will write a # these permissions aren't set correctly, gerrit init will write a
# new secure.config file and lose the mysql password. # new secure.config file and lose the mysql password.
file { '/home/gerrit2/review_site/etc/secure.config': file { '/home/gerrit2/review_site/etc/secure.config':
ensure => present,
owner => 'gerrit2', owner => 'gerrit2',
group => 'gerrit2', group => 'gerrit2',
mode => 600, mode => '0600',
ensure => 'present',
content => template('gerrit/secure.config.erb'), content => template('gerrit/secure.config.erb'),
replace => 'true', replace => true,
require => File["/home/gerrit2/review_site/etc"] require => File['/home/gerrit2/review_site/etc'],
} }
# Set up MySQL. # Set up MySQL.
class {"mysql::server": class { 'mysql::server':
config_hash => { config_hash => {
'root_password' => "${mysql_root_password}", 'root_password' => $mysql_root_password,
'default_engine' => 'InnoDB', 'default_engine' => 'InnoDB',
'bind_address' => '127.0.0.1', 'bind_address' => '127.0.0.1',
} }
} }
include mysql::server::account_security include mysql::server::account_security
mysql::db { "reviewdb": mysql::db { 'reviewdb':
user => "gerrit2", user => 'gerrit2',
password => "${mysql_password}", password => $mysql_password,
host => "localhost", host => 'localhost',
grant => "all", grant => 'all',
charset => "latin1", charset => 'latin1',
} }
# Set up apache. # Set up apache.
@ -275,13 +274,13 @@ class gerrit($vhost_name=$fqdn,
ssl => true, ssl => true,
} }
a2mod { 'rewrite': a2mod { 'rewrite':
ensure => present ensure => present,
} }
a2mod { 'proxy': a2mod { 'proxy':
ensure => present ensure => present,
} }
a2mod { 'proxy_http': a2mod { 'proxy_http':
ensure => present ensure => present,
} }
if $ssl_cert_file_contents != '' { if $ssl_cert_file_contents != '' {
@ -327,79 +326,79 @@ class gerrit($vhost_name=$fqdn,
# This directory is used to download and cache gerrit war files. # This directory is used to download and cache gerrit war files.
# That way the download and install steps are kept separate. # That way the download and install steps are kept separate.
file { "/home/gerrit2/gerrit-wars": file { '/home/gerrit2/gerrit-wars':
ensure => "directory", ensure => directory,
require => User["gerrit2"] require => User['gerrit2'],
} }
# If we don't already have the specified WAR, download it. # If we don't already have the specified WAR, download it.
exec { "download:$war": exec { "download:${war}":
command => "/usr/bin/wget $war -O /home/gerrit2/gerrit-wars/$basewar", command => "/usr/bin/wget ${war} -O /home/gerrit2/gerrit-wars/${basewar}",
creates => "/home/gerrit2/gerrit-wars/$basewar", creates => "/home/gerrit2/gerrit-wars/${basewar}",
require => File["/home/gerrit2/gerrit-wars"], require => File['/home/gerrit2/gerrit-wars'],
} }
# If gerrit.war isn't the same as $basewar, install it. # If gerrit.war isn't the same as $basewar, install it.
file { "/home/gerrit2/review_site/bin/gerrit.war": file { '/home/gerrit2/review_site/bin/gerrit.war':
source => "file:///home/gerrit2/gerrit-wars/$basewar",
require => Exec["download:$war"],
ensure => present, ensure => present,
replace => 'true', source => "file:///home/gerrit2/gerrit-wars/${basewar}",
require => Exec["download:${war}"],
replace => true,
# user, group, and mode have to be set this way to avoid retriggering gerrit-init on every run # user, group, and mode have to be set this way to avoid retriggering gerrit-init on every run
# because gerrit init sets them this way # because gerrit init sets them this way
owner => 'gerrit2', owner => 'gerrit2',
group => 'gerrit2', group => 'gerrit2',
mode => 644, mode => '0644',
} }
# If gerrit.war was just installed, run the Gerrit "init" command. # If gerrit.war was just installed, run the Gerrit "init" command.
exec { "gerrit-initial-init": exec { 'gerrit-initial-init':
user => 'gerrit2', user => 'gerrit2',
command => "/usr/bin/java -jar /home/gerrit2/review_site/bin/gerrit.war init -d /home/gerrit2/review_site --batch --no-auto-start", command => '/usr/bin/java -jar /home/gerrit2/review_site/bin/gerrit.war init -d /home/gerrit2/review_site --batch --no-auto-start',
subscribe => File["/home/gerrit2/review_site/bin/gerrit.war"], subscribe => File['/home/gerrit2/review_site/bin/gerrit.war'],
require => [Package["openjdk-6-jre-headless"], require => [Package['openjdk-6-jre-headless'],
User["gerrit2"], User['gerrit2'],
Mysql::Db["reviewdb"], Mysql::Db['reviewdb'],
File["/home/gerrit2/review_site/etc/gerrit.config"], File['/home/gerrit2/review_site/etc/gerrit.config'],
File["/home/gerrit2/review_site/etc/secure.config"]], File['/home/gerrit2/review_site/etc/secure.config']],
notify => Exec["gerrit-start"], notify => Exec['gerrit-start'],
unless => "/usr/bin/test -f /etc/init.d/gerrit", unless => '/usr/bin/test -f /etc/init.d/gerrit',
} }
# If a new gerrit.war was just installed, run the Gerrit "init" command. # If a new gerrit.war was just installed, run the Gerrit "init" command.
# Stop is included here because it may not be running or the init # Stop is included here because it may not be running or the init
# script may not exist, and in those cases, we don't care if it fails. # script may not exist, and in those cases, we don't care if it fails.
# Running the init script as the gerrit2 user _does_ work. # Running the init script as the gerrit2 user _does_ work.
exec { "gerrit-init": exec { 'gerrit-init':
user => 'gerrit2', user => 'gerrit2',
command => "/etc/init.d/gerrit stop; /usr/bin/java -jar /home/gerrit2/review_site/bin/gerrit.war init -d /home/gerrit2/review_site --batch --no-auto-start", command => '/etc/init.d/gerrit stop; /usr/bin/java -jar /home/gerrit2/review_site/bin/gerrit.war init -d /home/gerrit2/review_site --batch --no-auto-start',
subscribe => File["/home/gerrit2/review_site/bin/gerrit.war"], subscribe => File['/home/gerrit2/review_site/bin/gerrit.war'],
refreshonly => true, refreshonly => true,
require => [Package["openjdk-6-jre-headless"], require => [Package['openjdk-6-jre-headless'],
User["gerrit2"], User['gerrit2'],
Mysql::Db["reviewdb"], Mysql::Db['reviewdb'],
File["/home/gerrit2/review_site/etc/gerrit.config"], File['/home/gerrit2/review_site/etc/gerrit.config'],
File["/home/gerrit2/review_site/etc/secure.config"]], File['/home/gerrit2/review_site/etc/secure.config']],
notify => Exec["gerrit-start"], notify => Exec['gerrit-start'],
onlyif => "/usr/bin/test -f /etc/init.d/gerrit", onlyif => '/usr/bin/test -f /etc/init.d/gerrit',
} }
# Symlink the init script. # Symlink the init script.
file { "/etc/init.d/gerrit": file { '/etc/init.d/gerrit':
ensure => link, ensure => link,
target => '/home/gerrit2/review_site/bin/gerrit.sh', target => '/home/gerrit2/review_site/bin/gerrit.sh',
require => Exec['gerrit-initial-init'], require => Exec['gerrit-initial-init'],
} }
# The init script requires the path to gerrit to be set. # The init script requires the path to gerrit to be set.
file { "/etc/default/gerritcodereview": file { '/etc/default/gerritcodereview':
source => 'puppet:///modules/gerrit/gerritcodereview.default',
ensure => present, ensure => present,
replace => 'true', source => 'puppet:///modules/gerrit/gerritcodereview.default',
replace => true,
owner => 'root', owner => 'root',
group => 'root', group => 'root',
mode => 444, mode => '0444',
} }
# Make sure the init script starts on boot. # Make sure the init script starts on boot.
@ -415,50 +414,48 @@ class gerrit($vhost_name=$fqdn,
require => File['/etc/init.d/gerrit'], require => File['/etc/init.d/gerrit'],
} }
exec { "gerrit-start": exec { 'gerrit-start':
command => '/etc/init.d/gerrit start', command => '/etc/init.d/gerrit start',
require => File['/etc/init.d/gerrit'], require => File['/etc/init.d/gerrit'],
refreshonly => true, refreshonly => true,
} }
file { '/usr/local/gerrit': file { '/usr/local/gerrit':
ensure => directory,
owner => 'root', owner => 'root',
group => 'root', group => 'root',
mode => 755, mode => '0755',
ensure => 'directory',
} }
file { '/usr/local/gerrit/scripts': file { '/usr/local/gerrit/scripts':
ensure => directory,
owner => 'root', owner => 'root',
group => 'root', group => 'root',
mode => 755, mode => '0755',
ensure => 'directory',
recurse => true, recurse => true,
require => File['/usr/local/gerrit'], require => File['/usr/local/gerrit'],
source => [ source => 'puppet:///modules/gerrit/scripts',
"puppet:///modules/gerrit/scripts",
],
} }
# Install Bouncy Castle's OpenPGP plugin and populate the contact store # Install Bouncy Castle's OpenPGP plugin and populate the contact store
# public key file if we're using that feature. # public key file if we're using that feature.
if ($contactstore == true) { if ($contactstore == true) {
package { "libbcpg-java": package { 'libbcpg-java':
ensure => installed, ensure => present,
} }
file { "/home/gerrit2/review_site/lib/bcpg.jar": file { '/home/gerrit2/review_site/lib/bcpg.jar':
ensure => link, ensure => link,
target => "/usr/share/java/bcpg.jar", target => '/usr/share/java/bcpg.jar',
require => Package["libbcpg-java"], require => Package['libbcpg-java'],
} }
file { '/home/gerrit2/review_site/etc/contact_information.pub': file { '/home/gerrit2/review_site/etc/contact_information.pub':
ensure => present,
owner => 'root', owner => 'root',
group => 'root', group => 'root',
mode => 444, mode => '0444',
ensure => 'present',
content => template('gerrit/contact_information.pub.erb'), content => template('gerrit/contact_information.pub.erb'),
replace => 'true', replace => true,
require => File["/home/gerrit2/review_site/etc"], require => File['/home/gerrit2/review_site/etc'],
} }
} }
} }