diff --git a/murano-apps/CiCdEnvironment/package/Classes/CiCdEnvironment.yaml b/murano-apps/CiCdEnvironment/package/Classes/CiCdEnvironment.yaml index 3dc0016..a7b49d8 100644 --- a/murano-apps/CiCdEnvironment/package/Classes/CiCdEnvironment.yaml +++ b/murano-apps/CiCdEnvironment/package/Classes/CiCdEnvironment.yaml @@ -25,6 +25,8 @@ Properties: assignFloatingIp: Contract: $.bool().notNull() Default: true + gerritUrl: + Contract: $.string().notNull() Methods: .init: @@ -47,7 +49,6 @@ Methods: keyname => $.keyname, availabilityZone => $.availabilityZone, assignFloatingIp => $.assignFloatingIp) - - $this.ldap: new(opaas:OpenLDAP, $._environment, name => 'OpenLDAP', instance => $ldapInstance, @@ -66,7 +67,11 @@ Methods: keyname => $.keyname, availabilityZone => $.availabilityZone, assignFloatingIp => $.assignFloatingIp) - - $this.gerrit: new(opaas:Gerrit, $this, name => 'Gerrit', instance => $gerritInstance) + - $this.gerrit: new(opaas:Gerrit, $this, + name => 'Gerrit', + warUrl => $.gerritUrl, + instance => $gerritInstance, + ldap => $this.ldap) # Jenkins - $._environment.reporter.report($this, diff --git a/murano-apps/CiCdEnvironment/package/UI/ui.yaml b/murano-apps/CiCdEnvironment/package/UI/ui.yaml index 4639e6a..397d26d 100644 --- a/murano-apps/CiCdEnvironment/package/UI/ui.yaml +++ b/murano-apps/CiCdEnvironment/package/UI/ui.yaml @@ -9,9 +9,16 @@ Application: image: $.instanceConfiguration.osImage keyname: $.instanceConfiguration.keyPair availabilityZone: $.instanceConfiguration.availabilityZone + gerritUrl: $.repoConfiguration.gerritUrl assignFloatingIp: true Forms: + - repoConfiguration: + fields: + - name: gerritUrl + type: string + required: true + description: Specify the address to download Gerrit binaries - instanceConfiguration: fields: - name: title diff --git a/murano-apps/Gerrit/package/Classes/Gerrit.yaml b/murano-apps/Gerrit/package/Classes/Gerrit.yaml index 804ffd8..3d3b083 100644 --- a/murano-apps/Gerrit/package/Classes/Gerrit.yaml +++ b/murano-apps/Gerrit/package/Classes/Gerrit.yaml @@ -17,6 +17,9 @@ Properties: Contract: $.string().notNull() warUrl: Contract: $.string().notNull() + ldap: + Contract: $.class(opaas:OpenLDAP) + Methods: initialize: Body: @@ -28,23 +31,28 @@ Methods: - If: $.getAttr(deployed, false) Then: Return: + + - If: $.ldap != null + Then: + - $.ldap.deploy() + - $securityGroupIngress: - - ToPort: 80 - FromPort: 80 - IpProtocol: tcp - External: true - - ToPort: 443 - FromPort: 443 - IpProtocol: tcp - External: true - - ToPort: 8081 - FromPort: 8081 - IpProtocol: tcp - External: true - - ToPort: 29418 - FromPort: 29418 - IpProtocol: tcp - External: true + - ToPort: 80 + FromPort: 80 + IpProtocol: tcp + External: true + - ToPort: 443 + FromPort: 443 + IpProtocol: tcp + External: true + - ToPort: 8081 + FromPort: 8081 + IpProtocol: tcp + External: true + - ToPort: 29418 + FromPort: 29418 + IpProtocol: tcp + External: true - $._environment.securityGroupManager.addGroupIngress($securityGroupIngress) - $._environment.reporter.report($this, 'Creating VM for Gerrit {0}'.format($.instance.openstackId)) @@ -65,8 +73,25 @@ Methods: - $._environment.reporter.report($this, format('Gerrit is available at {0}:80 or {1}:8081', $.instance.floatingIpAddress, $.instance.floatingIpAddress)) + createLdapConfiguration: + Body: + - $ldapInstance: $.ldap.instance + - If: $ldapInstance.assignFloatingIp + Then: + - $ldapHost: $ldapInstance.floatingIpAddress + Else: + - $ldapHost: $ldapInstance.ipAddresses[0] + + - $.instance.setHieraValue('ldap_ip', $ldapHost) + - $.instance.setHieraValue('ldap_domain', $.ldap.domain) + - $.instance.setHieraValue('ldap_root_user', $.ldap.ldapRootUser) + - $.instance.setHieraValue('ldap_root_password', $.ldap.ldapRootPass) + createConfiguration: Body: + - If: $this.ldap != null + Then: + - $.createLdapConfiguration() - $.instance.setHieraValue( 'gerrit_war_url', $this.warUrl) - $.instance.setHieraValue( 'project_config_repo', 'https://review.fuel-infra.org/open-paas/project-config') - $.instance.setHieraValue( 'gerrit_github_token', 'f84013d50c69e60e902f748ea75c611695f35ef2') diff --git a/murano-apps/Gerrit/package/Resources/scripts/site.pp b/murano-apps/Gerrit/package/Resources/scripts/site.pp index 34613a4..e36324a 100644 --- a/murano-apps/Gerrit/package/Resources/scripts/site.pp +++ b/murano-apps/Gerrit/package/Resources/scripts/site.pp @@ -1,4 +1,9 @@ node default { + $ldap_user = hiera('ldap_root_user') + $ldap_password = hiera('ldap_root_password') + $ldap_domain = hiera('ldap_domain') + $ldap_dn = domain2dn(hiera("ldap_domain")) + $ldap_ip = hiera('ldap_ip') class { 'openstack_project::server': iptables_public_tcp_ports => [80, 443, 8081, 29418], @@ -49,6 +54,13 @@ node default { github_oauth_token => hiera('gerrit_github_token'), github_project_username => hiera('github_project_username', 'username'), github_project_password => hiera('github_project_password'), + gerrit_auth_type => 'LDAP', + ldap_server => "ldap://${ldap_ip}", + ldap_account_base => "OU=users,${ldap_dn}", + ldap_username => "CN=${ldap_user},${ldap_dn}", + ldap_password => $ldap_password, + ldap_accountfullname => 'cn', + ldap_account_pattern => '(cn=${username})', mysql_host => hiera('gerrit_mysql_host', 'localhost'), mysql_password => hiera('gerrit_db_password'), email_private_key => hiera('gerrit_email_private_key'), diff --git a/murano-apps/Gerrit/package/UI/ui.yaml b/murano-apps/Gerrit/package/UI/ui.yaml index ee9288e..4143a7e 100644 --- a/murano-apps/Gerrit/package/UI/ui.yaml +++ b/murano-apps/Gerrit/package/UI/ui.yaml @@ -40,6 +40,11 @@ Forms: description: >- Enter the war version from Gerrit's site http://gerrit-releases.storage.googleapis.com/index.html + - name: OpenLDAP + type: io.murano.opaas.OpenLDAP + required: false + description: >- + Specify OpenLDAP domain for authentication - instanceConfiguration: fields: - name: title diff --git a/murano-apps/Gerrit/package/manifest.yaml b/murano-apps/Gerrit/package/manifest.yaml index 3178fec..a7b2b73 100644 --- a/murano-apps/Gerrit/package/manifest.yaml +++ b/murano-apps/Gerrit/package/manifest.yaml @@ -3,13 +3,14 @@ Type: Application FullName: io.murano.opaas.Gerrit Name: Gerrit-Puppet Description: | - Gerrit provides web based code review and repository management for the Git version control system. + Gerrit provides web based code review and repository management for the Git version control system. Author: 'Mirantis, Inc' Tags: [Server, LDAP] Classes: - io.murano.opaas.Gerrit: Gerrit.yaml + io.murano.opaas.Gerrit: Gerrit.yaml UI: ui.yaml Logo: logo.png Require: + io.murano.opaas.OpenLDAP: io.murano.opaas.puppet.ProjectConfig: io.murano.opaas.puppet.Puppet: diff --git a/murano-apps/SystemConfig/package/Resources/scripts/deploy.sh b/murano-apps/SystemConfig/package/Resources/scripts/deploy.sh index de85698..b246405 100644 --- a/murano-apps/SystemConfig/package/Resources/scripts/deploy.sh +++ b/murano-apps/SystemConfig/package/Resources/scripts/deploy.sh @@ -14,3 +14,7 @@ cp -r modules/ /etc/puppet/ git clone https://review.fuel-infra.org/open-paas/project-config cp -r project-config/ /etc/ + +# Should be installed on the each node to use +# domain2dn function +puppet module install datacentred-ldap \ No newline at end of file