system-config/modules/openstack_project/manifests/gerrit.pp
James E. Blair 90610ff30b Repack git replicas.
Change-Id: I7c328edac3ac407de0e9c89f841563cb754217f1
Reviewed-on: https://review.openstack.org/16990
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
2012-11-27 18:46:58 +00:00

280 lines
9.4 KiB
Puppet

# == Class: openstack_project::gerrit
#
# A wrapper class around the main gerrit class that sets gerrit
# up for launchpad single sign on, bug/blueprint links and user
# import and sync
# TODO: launchpadlib creds for user sync script
class openstack_project::gerrit (
$vhost_name = $::fqdn,
$canonicalweburl = "https://${::fqdn}/",
$serveradmin = 'webmaster@openstack.org',
$ssh_host_key = '/home/gerrit2/review_site/etc/ssh_host_rsa_key',
$ssh_project_key = '/home/gerrit2/review_site/etc/ssh_project_rsa_key',
$ssl_cert_file = '',
$ssl_key_file = '',
$ssl_chain_file = '',
$ssl_cert_file_contents = '',
$ssl_key_file_contents = '',
$ssl_chain_file_contents = '',
$ssh_dsa_key_contents = '', # If left empty puppet will not create file.
$ssh_dsa_pubkey_contents = '', # If left empty puppet will not create file.
$ssh_rsa_key_contents = '', # If left empty puppet will not create file.
$ssh_rsa_pubkey_contents = '', # If left empty puppet will not create file.
$ssh_project_rsa_key_contents = '', # If left empty will not create file.
$ssh_project_rsa_pubkey_contents = '', # If left empty will not create file.
$email = '',
$database_poollimit = '',
$container_heaplimit = '',
$core_packedgitopenfiles = '',
$core_packedgitlimit = '',
$core_packedgitwindowsize = '',
$sshd_threads = '',
$httpd_acceptorthreads = '',
$httpd_minthreads = '',
$httpd_maxthreads = '',
$httpd_maxwait = '',
$war = '',
$contactstore = false,
$contactstore_appsec = '',
$contactstore_pubkey = '',
$contactstore_url = '',
$script_user = 'update',
$script_key_file = '/home/gerrit2/.ssh/id_rsa',
$script_logging_conf = '/home/gerrit2/.sync_logging.conf',
$projects_file = 'UNDEF',
$github_username = '',
$github_oauth_token = '',
$github_project_username = '',
$github_project_password = '',
$mysql_password = '',
$mysql_root_password = '',
$trivial_rebase_role_id = '',
$email_private_key = '',
$replicate_github = true,
$replicate_local = true,
$local_git_dir = '/var/lib/git',
$testmode = false,
$sysadmins = []
) {
class { 'openstack_project::server':
iptables_public_tcp_ports => [80, 443, 29418],
sysadmins => $sysadmins,
}
class { '::gerrit':
vhost_name => $vhost_name,
canonicalweburl => $canonicalweburl,
# opinions
enable_melody => 'true',
melody_session => 'true',
# passthrough
ssl_cert_file => $ssl_cert_file,
ssl_key_file => $ssl_key_file,
ssl_chain_file => $ssl_chain_file,
ssl_cert_file_contents => $ssl_cert_file_contents,
ssl_key_file_contents => $ssl_key_file_contents,
ssl_chain_file_contents => $ssl_chain_file_contents,
ssh_dsa_key_contents => $ssh_dsa_key_contents,
ssh_dsa_pubkey_contents => $ssh_dsa_pubkey_contents,
ssh_rsa_key_contents => $ssh_rsa_key_contents,
ssh_rsa_pubkey_contents => $ssh_rsa_pubkey_contents,
ssh_project_rsa_key_contents => $ssh_project_rsa_key_contents,
ssh_project_rsa_pubkey_contents => $ssh_project_rsa_pubkey_contents,
email => $email,
openidssourl => 'https://login.launchpad.net/+openid',
database_poollimit => $database_poollimit,
container_heaplimit => $container_heaplimit,
core_packedgitopenfiles => $core_packedgitopenfiles,
core_packedgitlimit => $core_packedgitlimit,
core_packedgitwindowsize => $core_packedgitwindowsize,
sshd_threads => $sshd_threads,
httpd_acceptorthreads => $httpd_acceptorthreads,
httpd_minthreads => $httpd_minthreads,
httpd_maxthreads => $httpd_maxthreads,
httpd_maxwait => $httpd_maxwait,
commentlinks => [
{
name => 'changeid',
match => '(I[0-9a-f]{8,40})',
link => '#q,$1,n,z',
},
{
name => 'launchpad',
match => '([Bb]ug|[Ll][Pp])[\\s#:]*(\\d+)',
link => 'https://code.launchpad.net/bugs/$2',
},
{
name => 'blueprint',
match => '([Bb]lue[Pp]rint|[Bb][Pp])[\\s#:]*([A-Za-z0-9\\-]+)',
link => 'https://blueprints.launchpad.net/openstack/?searchtext=$2',
},
],
war => $war,
contactstore => $contactstore,
contactstore_appsec => $contactstore_appsec,
contactstore_pubkey => $contactstore_pubkey,
contactstore_url => $contactstore_url,
mysql_password => $mysql_password,
mysql_root_password => $mysql_root_password,
email_private_key => $email_private_key,
replicate_github => $replicate_github,
testmode => $testmode,
require => Class[openstack_project::server],
}
if ($testmode == false) {
class { 'gerrit::cron':
script_user => $script_user,
script_key_file => $script_key_file,
}
class { 'github':
username => $github_username,
project_username => $github_project_username,
project_password => $github_project_password,
oauth_token => $github_oauth_token,
require => Class['::gerrit']
}
}
file { '/home/gerrit2/review_site/static/echosign-cla.html':
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
source => 'puppet:///modules/openstack_project/gerrit/echosign-cla.html',
replace => true,
require => Class['::gerrit'],
}
file { '/home/gerrit2/review_site/static/cla.html':
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
source => 'puppet:///modules/openstack_project/gerrit/cla.html',
replace => true,
require => Class['::gerrit'],
}
file { '/home/gerrit2/review_site/static/title.png':
ensure => present,
source => 'puppet:///modules/openstack_project/openstack.png',
require => Class['::gerrit'],
}
file { '/home/gerrit2/review_site/static/openstack-page-bkg.jpg':
ensure => present,
source => 'puppet:///modules/openstack_project/openstack-page-bkg.jpg',
require => Class['::gerrit'],
}
file { '/home/gerrit2/review_site/etc/GerritSite.css':
ensure => present,
source => 'puppet:///modules/openstack_project/gerrit/GerritSite.css',
require => Class['::gerrit'],
}
file { '/home/gerrit2/review_site/etc/GerritSiteHeader.html':
ensure => present,
source =>
'puppet:///modules/openstack_project/gerrit/GerritSiteHeader.html',
require => Class['::gerrit'],
}
cron { 'gerritsyncusers':
ensure => absent,
}
class { 'launchpad_sync':
user => 'gerrit2',
script_user => $script_user,
script_key_file => $script_key_file,
script_logging_conf => $script_logging_conf,
site => 'openstack',
root_team => 'openstack',
}
file { '/home/gerrit2/review_site/hooks/change-merged':
ensure => present,
owner => 'root',
group => 'root',
mode => '0555',
source => 'puppet:///modules/openstack_project/gerrit/change-merged',
replace => true,
require => Class['::gerrit'],
}
file { '/home/gerrit2/review_site/hooks/patchset-created':
ensure => present,
owner => 'root',
group => 'root',
mode => '0555',
content => template('openstack_project/gerrit_patchset-created.erb'),
replace => true,
require => Class['::gerrit'],
}
file { '/usr/local/gerrit/scripts/trivial_rebase.py':
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
source =>
'puppet:///modules/openstack_project/gerrit/scripts/trivial_rebase.py',
replace => true,
require => Class['::gerrit'],
}
if ($projects_file != 'UNDEF') {
if ($replicate_local) {
file { $local_git_dir:
ensure => directory,
owner => 'gerrit2',
require => Class['::gerrit'],
}
cron { 'mirror_repack':
user => 'gerrit2',
weekday => '0',
hour => '4',
minute => '7',
command => 'find /var/lib/git/ -type d -name "*.git" -print -exec git --git-dir="{}" repack -afd \;',
environment => 'PATH=/usr/bin:/bin:/usr/sbin:/sbin',
}
}
file { '/home/gerrit2/projects.yaml':
ensure => present,
owner => 'gerrit2',
group => 'gerrit2',
mode => '0444',
content => template($projects_file),
replace => true,
require => Class['::gerrit'],
}
file { '/home/gerrit2/acls':
ensure => directory,
owner => 'gerrit2',
group => 'gerrit2',
mode => '0444',
recurse => true,
replace => true,
source => 'puppet:///modules/openstack_project/gerrit/acls',
require => Class['::gerrit']
}
exec { 'manage_projects':
command => '/usr/local/gerrit/scripts/manage_projects.py',
subscribe => [
File['/home/gerrit2/projects.yaml'],
File['/home/gerrit2/acls'],
],
refreshonly => true,
require => [
File['/home/gerrit2/projects.yaml'],
File['/home/gerrit2/acls'],
],
}
}
}