whether to manage the puppet user
+the secret for the webhook
-88 89 90 91 @@ -1678,10 +1695,12 @@ 246 247 248 -249+249 +250 +251
# File 'manifests/params.pp', line 88
+ # File 'manifests/params.pp', line 89
class puppet_cd::params (
@@ -1773,6 +1792,7 @@ class puppet_cd::params (
String $pt_r10k_remote = 'git@gitlab.example.net/repo.git',
Boolean $pt_r10k_prefix = false,
String $pt_r10k_basedir = '/etc/puppetlabs/code/environments',
+ String $pt_webhook_secret = '',
) {
# facts
diff --git a/doc/puppet_classes/puppet_cd_3A_3Ar10k_3A_3Awebhook.html b/doc/puppet_classes/puppet_cd_3A_3Ar10k_3A_3Awebhook.html
index 193d574..eef1759 100644
--- a/doc/puppet_classes/puppet_cd_3A_3Ar10k_3A_3Awebhook.html
+++ b/doc/puppet_classes/puppet_cd_3A_3Ar10k_3A_3Awebhook.html
@@ -163,7 +163,8 @@
65
66
67
-68
+68
+69
# File 'manifests/r10k/webhook.pp', line 6
@@ -207,6 +208,7 @@ class puppet_cd::r10k::webhook (
seltype => etc_t,
seluser => system_u,
content => template($pt_r10k_hook_config_erb),
+ notify => Service['webhook'],
}
# create service config
@@ -219,15 +221,15 @@ class puppet_cd::r10k::webhook (
seltype => systemd_unit_file_t,
seluser => system_u,
content => template($pt_r10k_hook_service_erb),
+ notify => Service['webhook'],
}
# manage service
- service { 'r10k-webhook':
+ service { 'webhook':
ensure => 'running',
hasstatus => true,
hasrestart => true,
enable => true,
- subscribe => File[$pt_r10k_hook_service_file],
}
}
}
diff --git a/manifests/params.pp b/manifests/params.pp
index cbca9e0..8e05e88 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -84,6 +84,7 @@
# @param [String] pt_r10k_basedir the base directory for r10k.yaml
# @param [String] pt_r10k_webhook_pkg the packages for the r10k webhook
# @param [Boolean] pt_manage_user whether to manage the puppet user
+# @param [String] pt_webhook_secret the secret for the webhook
###############################################################################
class puppet_cd::params (
@@ -175,6 +176,7 @@ class puppet_cd::params (
String $pt_r10k_remote = 'git@gitlab.example.net/repo.git',
Boolean $pt_r10k_prefix = false,
String $pt_r10k_basedir = '/etc/puppetlabs/code/environments',
+ String $pt_webhook_secret = '',
) {
# facts
diff --git a/manifests/r10k/webhook.pp b/manifests/r10k/webhook.pp
index 96e8731..2a9bca4 100644
--- a/manifests/r10k/webhook.pp
+++ b/manifests/r10k/webhook.pp
@@ -42,6 +42,7 @@ class puppet_cd::r10k::webhook (
seltype => etc_t,
seluser => system_u,
content => template($pt_r10k_hook_config_erb),
+ notify => Service['webhook'],
}
# create service config
@@ -54,15 +55,15 @@ class puppet_cd::r10k::webhook (
seltype => systemd_unit_file_t,
seluser => system_u,
content => template($pt_r10k_hook_service_erb),
+ notify => Service['webhook'],
}
# manage service
- service { 'r10k-webhook':
+ service { 'webhook':
ensure => 'running',
hasstatus => true,
hasrestart => true,
enable => true,
- subscribe => File[$pt_r10k_hook_service_file],
}
}
}
diff --git a/templates/r10k/hook_config.erb b/templates/r10k/hook_config.erb
index 228a093..d1d9d17 100644
--- a/templates/r10k/hook_config.erb
+++ b/templates/r10k/hook_config.erb
@@ -11,7 +11,7 @@
"trigger-rule": {
"match": {
"type": "payload-hash-sha1",
- "secret": "your_webhook_secret"
+ "secret": "<%= @pt_webhook_secret %>"
}
}
}
diff --git a/templates/r10k/r10k_webhook_config.erb b/templates/r10k/r10k_webhook_config.erb
deleted file mode 100644
index c88d41f..0000000
--- a/templates/r10k/r10k_webhook_config.erb
+++ /dev/null
@@ -1,10 +0,0 @@
-{
- "host": "<%= @pt_pm_fqdn %>",
- "port": "8088",
- "flush_env_cache": false,
- "branch_to_env_map": {
- "master": "production",
- "^env_(.*)$": "\g<1>"
- },
- "allowed_branches": "^(env_[\w]+|master)$"
-}
\ No newline at end of file