opendev/system-config
Code Issues Proposed changes

Manage gerritbot ssh key with puppet

Browse Source 
I'm not sure this really needs a longer commit message.

Change-Id: If0a7db1b4a988fd181753748d5fc9d26cf1bb906
This commit is contained in:
Monty Taylor 2014-04-28 12:18:42 -07:00
parent 159bb69ce9
commit 47a361d596
3 changed files with 36 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
manifests/site.pp
View File

@ -20,6 +20,8 @@ node 'review.openstack.org' {
mysql_password => hiera('gerrit_mysql_password'), mysql_password => hiera('gerrit_mysql_password'),
email_private_key => hiera('gerrit_email_private_key'), email_private_key => hiera('gerrit_email_private_key'),
gerritbot_password => hiera('gerrit_gerritbot_password'), gerritbot_password => hiera('gerrit_gerritbot_password'),
gerritbot_ssh_rsa_key_contents => hiera('gerritbot_ssh_rsa_key_contents'),
gerritbot_ssh_rsa_pubkey_contents => hiera('gerritbot_ssh_rsa_pubkey_contents'),
ssl_cert_file_contents => hiera('gerrit_ssl_cert_file_contents'), ssl_cert_file_contents => hiera('gerrit_ssl_cert_file_contents'),
ssl_key_file_contents => hiera('gerrit_ssl_key_file_contents'), ssl_key_file_contents => hiera('gerrit_ssl_key_file_contents'),
ssl_chain_file_contents => hiera('gerrit_ssl_chain_file_contents'), ssl_chain_file_contents => hiera('gerrit_ssl_chain_file_contents'),

26
modules/gerritbot/manifests/init.pp
View File

@ -5,7 +5,9 @@ class gerritbot(
$password = '', $password = '',
$server = '', $server = '',
$user = '', $user = '',
$vhost_name = '' $vhost_name = '',
$ssh_rsa_key_contents = '',
$ssh_rsa_pubkey_contents = '',
) { ) {
include pip include pip
@ -76,6 +78,28 @@ class gerritbot(
replace => true, replace => true,
require => User['gerrit2'], require => User['gerrit2'],
} }
if $ssh_rsa_key_contents != '' {
file { '/home/gerrit2/.ssh/gerritbot_rsa':
owner => 'gerrit2',
group => 'gerrit2',
mode => '0600',
content => $ssh_rsa_key_contents,
replace => true,
require => File['/home/gerrit2/.ssh']
}
}
if $ssh_rsa_pubkey_contents != '' {
file { '/home/gerrit2/.ssh/gerritbot_rsa.pub':
owner => 'gerrit2',
group => 'gerrit2',
mode => '0644',
content => $ssh_rsa_pubkey_contents,
replace => true,
require => File['/home/gerrit2/.ssh']
}
}
} }
# vim:sw=2:ts=2:expandtab:textwidth=79 # vim:sw=2:ts=2:expandtab:textwidth=79

14
modules/openstack_project/manifests/review.pp
View File

@ -43,6 +43,8 @@ class openstack_project::review (
$email_private_key = '', $email_private_key = '',
# Register an IRC bot and supply it's password here. # Register an IRC bot and supply it's password here.
$gerritbot_password = '', $gerritbot_password = '',
$gerritbot_ssh_rsa_key_contents = '',
$gerritbot_ssh_rsa_pubkey_contents = '',
# Register SSL keys and pass their contents in. # Register SSL keys and pass their contents in.
$ssl_cert_file_contents = '', $ssl_cert_file_contents = '',
$ssl_key_file_contents = '', $ssl_key_file_contents = '',
@ -182,11 +184,13 @@ class openstack_project::review (
} }
class { 'gerritbot': class { 'gerritbot':
nick => 'openstackgerrit', nick => 'openstackgerrit',
password => $gerritbot_password, password => $gerritbot_password,
server => 'irc.freenode.net', server => 'irc.freenode.net',
user => 'gerritbot', user => 'gerritbot',
vhost_name => $::fqdn, vhost_name => $::fqdn,
ssh_rsa_key_contents => $gerritbot_ssh_rsa_key_contents,
ssh_rsa_pubkey_contents => $gerritbot_ssh_rsa_pubkey_contents,
} }
class { 'gerrit::remotes': class { 'gerrit::remotes':
ensure => absent, ensure => absent,