Manage gerritbot ssh key with puppet

I'm not sure this really needs a longer commit message.

Change-Id: If0a7db1b4a988fd181753748d5fc9d26cf1bb906
This commit is contained in:
Monty Taylor 2014-04-28 12:18:42 -07:00
parent 159bb69ce9
commit 47a361d596
3 changed files with 36 additions and 6 deletions

View File

@ -20,6 +20,8 @@ node 'review.openstack.org' {
mysql_password => hiera('gerrit_mysql_password'),
email_private_key => hiera('gerrit_email_private_key'),
gerritbot_password => hiera('gerrit_gerritbot_password'),
gerritbot_ssh_rsa_key_contents => hiera('gerritbot_ssh_rsa_key_contents'),
gerritbot_ssh_rsa_pubkey_contents => hiera('gerritbot_ssh_rsa_pubkey_contents'),
ssl_cert_file_contents => hiera('gerrit_ssl_cert_file_contents'),
ssl_key_file_contents => hiera('gerrit_ssl_key_file_contents'),
ssl_chain_file_contents => hiera('gerrit_ssl_chain_file_contents'),

View File

@ -5,7 +5,9 @@ class gerritbot(
$password = '',
$server = '',
$user = '',
$vhost_name = ''
$vhost_name = '',
$ssh_rsa_key_contents = '',
$ssh_rsa_pubkey_contents = '',
) {
include pip
@ -76,6 +78,28 @@ class gerritbot(
replace => true,
require => User['gerrit2'],
}
if $ssh_rsa_key_contents != '' {
file { '/home/gerrit2/.ssh/gerritbot_rsa':
owner => 'gerrit2',
group => 'gerrit2',
mode => '0600',
content => $ssh_rsa_key_contents,
replace => true,
require => File['/home/gerrit2/.ssh']
}
}
if $ssh_rsa_pubkey_contents != '' {
file { '/home/gerrit2/.ssh/gerritbot_rsa.pub':
owner => 'gerrit2',
group => 'gerrit2',
mode => '0644',
content => $ssh_rsa_pubkey_contents,
replace => true,
require => File['/home/gerrit2/.ssh']
}
}
}
# vim:sw=2:ts=2:expandtab:textwidth=79

View File

@ -43,6 +43,8 @@ class openstack_project::review (
$email_private_key = '',
# Register an IRC bot and supply it's password here.
$gerritbot_password = '',
$gerritbot_ssh_rsa_key_contents = '',
$gerritbot_ssh_rsa_pubkey_contents = '',
# Register SSL keys and pass their contents in.
$ssl_cert_file_contents = '',
$ssl_key_file_contents = '',
@ -187,6 +189,8 @@ class openstack_project::review (
server => 'irc.freenode.net',
user => 'gerritbot',
vhost_name => $::fqdn,
ssh_rsa_key_contents => $gerritbot_ssh_rsa_key_contents,
ssh_rsa_pubkey_contents => $gerritbot_ssh_rsa_pubkey_contents,
}
class { 'gerrit::remotes':
ensure => absent,