opendev/system-config
Code Issues Proposed changes

Split github into its own module.

Browse Source 
TODO: Add another script that sets the project description. Add the project
description to the config hash.

Change-Id: If4584b2a1e55e6eb912e1f557e31de216d49a516
This commit is contained in:
Monty Taylor 2012-07-23 10:21:29 -05:00
parent 6173771627
commit 8f1adc171f
9 changed files with 104 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
modules/gerrit/manifests/init.pp
View File

@ -45,7 +45,6 @@
# http://tarballs.openstack.org/ci/gerrit-2.3.0.war # http://tarballs.openstack.org/ci/gerrit-2.3.0.war
# Gerrit will be upgraded on the next puppet run. # Gerrit will be upgraded on the next puppet run.
# TODO: move closing github pull requests to another module
# TODO: move apache configuration to another module # TODO: move apache configuration to another module
# TODO: move mysql configuration to another module # TODO: move mysql configuration to another module
# TODO: make more gerrit options configurable here # TODO: make more gerrit options configurable here
@ -68,7 +67,6 @@ class gerrit($virtual_hostname='',
$httpd_minthreads='', $httpd_minthreads='',
$httpd_maxthreads='', $httpd_maxthreads='',
$httpd_maxwait='', $httpd_maxwait='',
$github_projects = [],
$commentlinks = [], $commentlinks = [],
$logo, $logo,
$war, $war,
@ -77,8 +75,6 @@ class gerrit($virtual_hostname='',
$script_site, $script_site,
$enable_melody = 'false', $enable_melody = 'false',
$melody_session = 'false', $melody_session = 'false',
$github_user,
$github_token,
$mysql_password, $mysql_password,
$email_private_key $email_private_key
) { ) {
@ -102,7 +98,6 @@ class gerrit($virtual_hostname='',
} }
$packages = ["gitweb", $packages = ["gitweb",
"python-dev",
"openjdk-6-jre-headless", "openjdk-6-jre-headless",
"mysql-server", "mysql-server",
"python-mysqldb", # for launchpad sync script "python-mysqldb", # for launchpad sync script
@ -114,17 +109,6 @@ class gerrit($virtual_hostname='',
ensure => present, ensure => present,
} }
package { "python-pip":
ensure => present,
require => Package[python-dev]
}
package { "PyGithub":
ensure => latest, # okay to use latest for pip
provider => pip,
require => Package[python-pip]
}
# Skip cron jobs if we're in test mode # Skip cron jobs if we're in test mode
if ($testmode == false) { if ($testmode == false) {
@ -135,13 +119,6 @@ class gerrit($virtual_hostname='',
require => File['/usr/local/gerrit/scripts'], require => File['/usr/local/gerrit/scripts'],
} }
cron { "gerritclosepull":
user => gerrit2,
minute => "*/5",
command => 'sleep $((RANDOM\%60+90)) && python /usr/local/gerrit/scripts/close_pull_requests.py',
require => File['/usr/local/gerrit/scripts'],
}
cron { "expireoldreviews": cron { "expireoldreviews":
user => gerrit2, user => gerrit2,
hour => 6, hour => 6,
@ -209,16 +186,6 @@ class gerrit($virtual_hostname='',
require => File["/home/gerrit2/review_site"] require => File["/home/gerrit2/review_site"]
} }
file { '/home/gerrit2/github.config':
owner => 'root',
group => 'root',
mode => 444,
ensure => 'present',
content => template('gerrit/github.config.erb'),
replace => 'true',
require => User["gerrit2"]
}
file { '/home/gerrit2/review_site/static/title.png': file { '/home/gerrit2/review_site/static/title.png':
ensure => 'present', ensure => 'present',
source => "puppet:///modules/gerrit/${logo}", source => "puppet:///modules/gerrit/${logo}",
@ -294,17 +261,6 @@ class gerrit($virtual_hostname='',
} }
# Secret files. # Secret files.
# TODO: move the first two into other modules since they aren't for gerrit.
file { '/home/gerrit2/github.secure.config':
owner => 'root',
group => 'gerrit2',
mode => 440,
ensure => 'present',
content => template('gerrit/github.secure.config.erb'),
replace => 'true',
require => User['gerrit2']
}
# Gerrit sets these permissions in 'init'; don't fight them. If # Gerrit sets these permissions in 'init'; don't fight them. If
# these permissions aren't set correctly, gerrit init will write a # these permissions aren't set correctly, gerrit init will write a

3
modules/gerrit/templates/github.secure.config.erb
View File

@ -1,3 +0,0 @@
[github]
username = <%= github_user %>
oauth_token = <%= github_token %>

0
modules/gerrit/files/scripts/close_pull_requests.py → modules/github/files/scripts/close_pull_requests.py
View File

87
modules/github/manifests/init.pp Normal file
View File

@ -0,0 +1,87 @@
class github (
$username,
$oauth_token,
$projects = []
) {
package { "python-dev":
ensure => present,
}
package { "python-pip":
ensure => present,
require => Package[python-dev]
}
package { "PyGithub":
ensure => latest, # okay to use latest for pip
provider => pip,
require => Package[python-pip]
}
group { "github":
ensure => present
}
user { "github":
ensure => present,
comment => "Github API User",
shell => "/bin/bash",
gid => "github",
require => Group["github"]
}
file { '/etc/github':
owner => 'root',
group => 'root',
mode => 755,
ensure => 'directory',
}
file { '/etc/github/github.config':
owner => 'root',
group => 'root',
mode => 444,
ensure => 'present',
content => template('github/github.config.erb'),
replace => 'true',
require => File['/etc/github'],
}
file { '/etc/github/github.secure.config':
owner => 'root',
group => 'github',
mode => 440,
ensure => 'present',
content => template('gerrit/github.secure.config.erb'),
replace => 'true',
require => [Group['github'], File['/etc/github']],
}
file { '/usr/local/github':
owner => 'root',
group => 'root',
mode => 755,
ensure => 'directory',
}
file { '/usr/local/github/scripts':
owner => 'root',
group => 'root',
mode => 755,
ensure => 'directory',
recurse => true,
require => File['/usr/local/github'],
source => [
"puppet:///modules/github/scripts",
],
}
cron { "githubclosepull":
user => github,
minute => "*/5",
command => 'sleep $((RANDOM\%60+90)) && python /usr/local/github/scripts/close_pull_requests.py',
require => File['/usr/local/github/scripts'],
}
}

2
modules/gerrit/templates/github.config.erb → modules/github/templates/github.config.erb
View File

@ -1,7 +1,7 @@
# This file is managed by puppet. # This file is managed by puppet.
# https://github.com/openstack/openstack-ci-puppet # https://github.com/openstack/openstack-ci-puppet
<% github_projects.each do |project| -%> <% projects.each do |project| -%>
[project "<%= project['name'] %>"] [project "<%= project['name'] %>"]
close_pull = <%= project['close_pull'] %> close_pull = <%= project['close_pull'] %>
<% end -%> <% end -%>

3
modules/github/templates/github.secure.config.erb Normal file
View File

@ -0,0 +1,3 @@
[github]
username = <%= username %>
oauth_token = <%= oauth_token %>

8
modules/openstack_project/manifests/gerrit.pp
View File

@ -49,7 +49,6 @@ class openstack_project::gerrit (
httpd_minthreads => $httpd_minthreads, httpd_minthreads => $httpd_minthreads,
httpd_maxthreads => $httpd_maxthreads, httpd_maxthreads => $httpd_maxthreads,
httpd_maxwait => $httpd_maxwait, httpd_maxwait => $httpd_maxwait,
github_projects => $github_projects,
commentlinks => [ { name => 'changeid', commentlinks => [ { name => 'changeid',
match => '(I[0-9a-f]{8,40})', match => '(I[0-9a-f]{8,40})',
link => '#q,$1,n,z' }, link => '#q,$1,n,z' },
@ -65,9 +64,12 @@ class openstack_project::gerrit (
war => $war, war => $war,
script_user => $script_user, script_user => $script_user,
script_key_file => $script_key_file, script_key_file => $script_key_file,
github_user => $github_user,
github_token => $github_token,
mysql_password => $mysql_password, mysql_password => $mysql_password,
email_private_key => $email_private_key email_private_key => $email_private_key
} }
class { 'github':
github_projects => $github_projects,
github_user => $github_username,
github_token => $github_oauth_token,
}
} }

6
modules/openstack_project/manifests/review.pp
View File

@ -37,12 +37,12 @@ class openstack_project::review {
core_packedgitwindowsize => '16k', core_packedgitwindowsize => '16k',
sshd_threads => '100', sshd_threads => '100',
httpd_maxwait => '5000min', httpd_maxwait => '5000min',
github_projects => $openstack_project::project_list,
war => 'http://tarballs.openstack.org/ci/gerrit-2.4.1-10-g63110fd.war', war => 'http://tarballs.openstack.org/ci/gerrit-2.4.1-10-g63110fd.war',
script_user => 'launchpadsync', script_user => 'launchpadsync',
script_key_file => '/home/gerrit2/.ssh/launchpadsync_rsa', script_key_file => '/home/gerrit2/.ssh/launchpadsync_rsa',
github_user => 'openstack-gerrit', github_projects => $openstack_project::project_list,
github_token => hiera('gerrit_github_token'), github_username => 'openstack-gerrit',
github_oauth_token => hiera('gerrit_github_token'),
mysql_password => hiera('gerrit_mysql_password'), mysql_password => hiera('gerrit_mysql_password'),
email_private_key => hiera('gerrit_email_private_key'), email_private_key => hiera('gerrit_email_private_key'),
} }

10
modules/openstack_project/manifests/review_dev.pp
View File

@ -4,15 +4,15 @@ class openstack_project::review_dev {
ssl_key_file => '/etc/ssl/private/ssl-cert-snakeoil.key', ssl_key_file => '/etc/ssl/private/ssl-cert-snakeoil.key',
ssl_chain_file => '', ssl_chain_file => '',
email => "review-dev@openstack.org", email => "review-dev@openstack.org",
war => 'http://tarballs.openstack.org/ci/gerrit-2.4.2-10-g93ffc27.war',
script_user => 'update',
script_key_file => '/home/gerrit2/.ssh/id_rsa',
github_projects => [ { github_projects => [ {
name => 'gtest-org/test', name => 'gtest-org/test',
close_pull => 'true' close_pull => 'true'
} ], } ],
war => 'http://tarballs.openstack.org/ci/gerrit-2.4.2-10-g93ffc27.war', github_username => 'openstack-gerrit-dev',
script_user => 'update', github_oauth_token => hiera('gerrit_dev_github_token'),
script_key_file => '/home/gerrit2/.ssh/id_rsa',
github_user => 'openstack-gerrit-dev',
github_token => hiera('gerrit_dev_github_token'),
mysql_password => hiera('gerrit_dev_mysql_password'), mysql_password => hiera('gerrit_dev_mysql_password'),
email_private_key => hiera('gerrit_dev_email_private_key') email_private_key => hiera('gerrit_dev_email_private_key')
} }