opendev/system-config
Code Issues Proposed changes

Load storyboard superusers from yaml file

Browse Source 
There are actions, such as deleting projects, that should only be done
by superusers. For that to work, we need to have superusers.

Change-Id: I827446788ca53018a6d2c76eaf667b6fe4065f80
This commit is contained in:
Monty Taylor 2014-03-24 07:07:33 -07:00
parent c7c179904b
commit 3be22cf5ec
3 changed files with 40 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
modules/openstack_project/files/storyboard/superusers.yaml Normal file
View File

@ -0,0 +1,14 @@
- openid: https://login.launchpad.net/+id/mPsHkf3
email: krotscheck@gmail.com
- openid: https://login.launchpad.net/+id/eMmhAdr
email: slukjanov@mirantis.com
- openid: https://login.launchpad.net/+id/cWwF3rJ
email: corvus@gnu.org
- openid: https://login.launchpad.net/+id/4dfrAmY
email: mordred@inaugust.com
- openid: https://login.launchpad.net/+id/43rCcdx
email: fungi@yuggoth.org
- openid: https://login.launchpad.net/+id/GAyNmDX
email: thierry@openstack.org
- openid: https://login.launchpad.net/+id/DJtBT7D
email: clark.boylan@gmail.com

2
modules/openstack_project/manifests/storyboard.pp
View File

@ -20,6 +20,8 @@ class openstack_project::storyboard(
mysql_user => $mysql_user, mysql_user => $mysql_user,
projects_file => projects_file =>
'puppet:///modules/openstack_project/review.projects.yaml', 'puppet:///modules/openstack_project/review.projects.yaml',
superusers_file =>
'puppet:///modules/openstack_project/storyboard/superusers.yaml',
ssl_cert_file => ssl_cert_file =>
'/etc/ssl/certs/storyboard.openstack.org.pem', '/etc/ssl/certs/storyboard.openstack.org.pem',
ssl_key_file => ssl_key_file =>

24
modules/storyboard/manifests/init.pp
View File

@ -20,6 +20,7 @@ class storyboard (
$mysql_password, $mysql_password,
$mysql_user, $mysql_user,
$projects_file, $projects_file,
$superusers_file,
$ssl_cert_file, $ssl_cert_file,
$ssl_key_file, $ssl_key_file,
$ssl_chain_file, $ssl_chain_file,
@ -100,6 +101,18 @@ class storyboard (
], ],
} }
file { '/etc/storyboard/superusers.yaml':
ensure => present,
owner => 'storyboard',
mode => '0400',
source => $superusers_file,
replace => true,
require => [
File['/etc/storyboard'],
User['storyboard'],
],
}
exec { 'migrate-storyboard-db': exec { 'migrate-storyboard-db':
command => 'storyboard-db-manage --config-file /etc/storyboard/storyboard.conf upgrade head', command => 'storyboard-db-manage --config-file /etc/storyboard/storyboard.conf upgrade head',
path => '/usr/local/bin:/usr/bin:/bin/', path => '/usr/local/bin:/usr/bin:/bin/',
@ -121,6 +134,17 @@ class storyboard (
], ],
} }
exec { 'load-superusers-yaml':
command => 'storyboard-db-manage --config-file /etc/storyboard/storyboard.conf load_superusers /etc/storyboard/superusers.yaml',
path => '/usr/local/bin:/usr/bin:/bin/',
refreshonly => true,
subscribe => File['/etc/storyboard/superusers.yaml'],
require => [
File['/etc/storyboard/superusers.yaml'],
Exec['migrate-storyboard-db'],
],
}
file { '/var/log/storyboard': file { '/var/log/storyboard':
ensure => directory, ensure => directory,
owner => 'storyboard', owner => 'storyboard',