From 771adedbd46745924fb319f59c73a6cab41ad3cc Mon Sep 17 00:00:00 2001
From: Hunter Haugen <hunter@puppetlabs.com>
Date: Wed, 13 Nov 2013 17:15:26 -0800
Subject: [PATCH] Pass $mysql_password through to gerrit class

The `$mysql_password` variable is used by the `secure.config.erb`
template in the gerrit class, but is not passed from
openstack_project::review -> openstack_project::gerrit -> gerrit.
Instead it uses dynamic scopeing to find the variable and won't work in
Puppet 3. This adds the full parameter passing for Puppet 3.

This commit also adds "Template uses" comments immediately preceding
resources declarations which use a `template()` function to describe all
variables used by the gerrit templates. This greatly helps with
debugging issues such as this.

Change-Id: I747e3e4623444c0345a7aed3732b7d316f1a7726
---
 modules/gerrit/manifests/init.pp              | 47 +++++++++++++++++++
 modules/openstack_project/manifests/gerrit.pp |  2 +
 modules/openstack_project/manifests/review.pp |  1 +
 3 files changed, 50 insertions(+)

diff --git a/modules/gerrit/manifests/init.pp b/modules/gerrit/manifests/init.pp
index 6c3b9e15eb..f330b631d8 100644
--- a/modules/gerrit/manifests/init.pp
+++ b/modules/gerrit/manifests/init.pp
@@ -1,5 +1,7 @@
 # Install and maintain Gerrit Code Review.
 # params:
+#   mysql_password:
+#     The password with which gerrit connects to mysql.
 #   vhost_name:
 #     used in the Apache virtual host, eg., review.example.com
 #   canonicalweburl:
@@ -70,6 +72,7 @@
 # TODO: make more gerrit options configurable here
 #
 class gerrit(
+  $mysql_password,
   $war = '',
   $email_private_key = '',
   $vhost_name = $::fqdn,
@@ -222,6 +225,7 @@ class gerrit(
 
   # Skip replication if we're in test mode
   if ($testmode == false) {
+    # Template uses $replication
     file { '/home/gerrit2/review_site/etc/replication.config':
       ensure  => present,
       owner   => 'root',
@@ -234,6 +238,37 @@ class gerrit(
   }
 
   # Gerrit sets these permissions in 'init'; don't fight them.
+  # Template uses:
+  # - $canonicalweburl
+  # - $database_poollimit
+  # - $gerrit_contributor_agreement
+  # - $gerrit_auth_type
+  # - $openidssourl
+  # - $ldap_server
+  # - $ldap_username
+  # - $ldap_password
+  # - $ldap_account_base
+  # - $ldap_account_pattern
+  # - $ldap_account_email_address
+  # - $smtpserver
+  # - $sendmail_from
+  # - $java_home
+  # - $container_heaplimit
+  # - $core_packedgitopenfiles
+  # - $core_packedgitlimit
+  # - $core_packedgitwindowsize
+  # - $sshd_listen_address
+  # - $sshd_threads
+  # - $httpd_maxwait
+  # - $httpd_acceptorthreads
+  # - $httpd_minthreads
+  # - $httpd_maxthreads
+  # - $commentlinks
+  # - $enable_melody
+  # - $melody_session
+  # - $gitweb
+  # - $contactstore_appsec
+  # - $contactstore_url
   file { '/home/gerrit2/review_site/etc/gerrit.config':
     ensure  => present,
     owner   => 'gerrit2',
@@ -249,6 +284,7 @@ class gerrit(
   # Gerrit sets these permissions in 'init'; don't fight them.  If
   # these permissions aren't set correctly, gerrit init will write a
   # new secure.config file and lose the mysql password.
+  # Template uses $mysql_password, $email_private_key
   file { '/home/gerrit2/review_site/etc/secure.config':
     ensure  => present,
     owner   => 'gerrit2',
@@ -261,6 +297,16 @@ class gerrit(
 
   # Set up apache.
 
+  # Template uses:
+  # - $vhost_name
+  # - $serveradmin
+  # - $ssl_cert_file
+  # - $ssl_key_file
+  # - $ssl_chain_file
+  # - $canonicalweburl
+  # - $replicate_local
+  # - $contactstore
+  # - $robots_txt_source
   apache::vhost { $vhost_name:
     port     => 443,
     docroot  => 'MEANINGLESS ARGUMENT',
@@ -518,6 +564,7 @@ class gerrit(
         File['/home/gerrit2/review_site/lib'],
       ],
     }
+    # Template uses $contactstore_pubkey
     file { '/home/gerrit2/review_site/etc/contact_information.pub':
       ensure  => present,
       owner   => 'root',
diff --git a/modules/openstack_project/manifests/gerrit.pp b/modules/openstack_project/manifests/gerrit.pp
index 4dc5a52597..0770487536 100644
--- a/modules/openstack_project/manifests/gerrit.pp
+++ b/modules/openstack_project/manifests/gerrit.pp
@@ -4,6 +4,7 @@
 # up for launchpad single sign on and bug/blueprint links
 
 class openstack_project::gerrit (
+  $mysql_password,
   $vhost_name = $::fqdn,
   $canonicalweburl = "https://${::fqdn}/",
   $serveradmin = 'webmaster@openstack.org',
@@ -153,6 +154,7 @@ class openstack_project::gerrit (
     contactstore_appsec             => $contactstore_appsec,
     contactstore_pubkey             => $contactstore_pubkey,
     contactstore_url                => $contactstore_url,
+    mysql_password                  => $mysql_password,
     email_private_key               => $email_private_key,
     replicate_local                 => $replicate_local,
     replication                     => $replication,
diff --git a/modules/openstack_project/manifests/review.pp b/modules/openstack_project/manifests/review.pp
index 71e22756c0..2f500a5aaf 100644
--- a/modules/openstack_project/manifests/review.pp
+++ b/modules/openstack_project/manifests/review.pp
@@ -118,6 +118,7 @@ class openstack_project::review (
     github_project_username         => $github_project_username,
     github_project_password         => $github_project_password,
     trivial_rebase_role_id          => 'trivial-rebase@review.openstack.org',
+    mysql_password                  => $mysql_password,
     email_private_key               => $email_private_key,
     sysadmins                       => $sysadmins,
     swift_username                  => $swift_username,