confdroid/puppet_cd
3
0
Fork 0
Code Wiki Activity

Merge branch 'jenkins-build-51' into 'master'

Browse Source 
Auto-merge for build 51

See merge request puppet/puppet_cd!47
This commit is contained in:
Jenkins
2025-10-25 16:38:41 +00:00
parent ad86b15259 dd7272e0a9
commit 9e089b6618
15 changed files with 67 additions and 187 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
doc/_index.html
View File

@@ -128,11 +128,6 @@
</li>
<li>
<span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Ar10k_3A_3Awebhook.html" title="puppet_classes::puppet_cd::r10k::webhook (puppet_class)">puppet_cd::r10k::webhook</a></span>
</li>
<li>
<span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html" title="puppet_classes::puppet_cd::server::service (puppet_class)">puppet_cd::server::service</a></span>

9
doc/puppet_class_list.html
View File

@@ -120,14 +120,7 @@
</li>
<li id="object_puppet_classes::puppet_cd::r10k::webhook" class="odd">
<div class="item">
<span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Ar10k_3A_3Awebhook.html" title="puppet_classes::puppet_cd::r10k::webhook (puppet_class)">puppet_cd::r10k::webhook</a></span>
</div>
</li>
<li id="object_puppet_classes::puppet_cd::server::service" class="even">
<li id="object_puppet_classes::puppet_cd::server::service" class="odd">
<div class="item">
<span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html" title="puppet_classes::puppet_cd::server::service (puppet_class)">puppet_cd::server::service</a></span>
</div>

4
doc/puppet_classes/puppet_cd_3A_3Afirewall_3A_3Aiptables.html
View File

@@ -166,9 +166,9 @@ class puppet_cd::firewall::iptables (
jump =&gt; &#39;accept&#39;,
}
if $pt_use_r10k_webhook == true {
firewall { &#39;38088 open port 8088&#39;:
firewall { &#39;34000 open port 4000&#39;:
proto =&gt; &#39;tcp&#39;,
dport =&gt; &#39;8088&#39;,
dport =&gt; &#39;4000&#39;,
jump =&gt; &#39;accept&#39;,
}
}

4
doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Aconfig.html
View File

@@ -113,8 +113,7 @@
15
16
17
18
19</pre>
18</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/main/config.pp', line 6</span>
@@ -130,7 +129,6 @@ class puppet_cd::main::config (
if $pt_use_r10k == true {
include puppet_cd::r10k::install
include puppet_cd::r10k::webhook
}
}</pre>
</td>

42
doc/puppet_classes/puppet_cd_3A_3Aparams.html
View File

@@ -79,8 +79,6 @@
<span class='object_link'><a href="puppet_cd_3A_3Ar10k_3A_3Ainstall.html" title="puppet_classes::puppet_cd::r10k::install (puppet_class)">puppet_cd::r10k::install</a></span><br/>
<span class='object_link'><a href="puppet_cd_3A_3Ar10k_3A_3Awebhook.html" title="puppet_classes::puppet_cd::r10k::webhook (puppet_class)">puppet_cd::r10k::webhook</a></span><br/>
<span class='object_link'><a href="puppet_cd_3A_3Apuppetdb_3A_3Adirs.html" title="puppet_classes::puppet_cd::puppetdb::dirs (puppet_class)">puppet_cd::puppetdb::dirs</a></span><br/>
<span class='object_link'><a href="puppet_cd_3A_3Apuppetdb_3A_3Afiles.html" title="puppet_classes::puppet_cd::puppetdb::files (puppet_class)">puppet_cd::puppetdb::files</a></span><br/>
@@ -1478,7 +1476,7 @@
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;python3-pip&#39;</tt>)</em>
<em class="default">(defaults to: <tt>&#39;https://3for.me/jp029&#39;</tt>)</em>
&mdash;
@@ -1502,24 +1500,6 @@
&mdash;
<div class='inline'>
<p>whether to manage the puppet user</p>
</div>
</li>
<li>
<span class='name'>pt_webhook_secret</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the secret for the webhook</p>
</div>
</li>
@@ -1535,6 +1515,7 @@
<pre class="lines">
88
89
90
91
@@ -1691,16 +1672,10 @@
242
243
244
245
246
247
248
249
250
251</pre>
245</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 89</span>
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 88</span>
class puppet_cd::params (
@@ -1714,7 +1689,7 @@ class puppet_cd::params (
String $pt_server_pkg = &#39;puppetserver&#39;,
Array $pt_db_pkg = [&#39;puppetdb&#39;,&#39;puppetdb-termini&#39;],
Array $pt_r10k_pkg = [&#39;ruby&#39;,&#39;ruby-devel&#39;,&#39;gcc&#39;,&#39;make&#39;,&#39;redhat-rpm-config&#39;,&#39;rpm-build&#39;],
String $pt_r10k_webhook_pkg = &#39;python3-pip&#39;,
String $pt_r10k_webhook_pkg = &#39;https://3for.me/jp029&#39;, # points to rpm
# user settings
## puppet user
@@ -1792,7 +1767,6 @@ class puppet_cd::params (
String $pt_r10k_remote = &#39;git@gitlab.example.net/repo.git&#39;,
Boolean $pt_r10k_prefix = false,
String $pt_r10k_basedir = &#39;/etc/puppetlabs/code/environments&#39;,
String $pt_webhook_secret = &#39;&#39;,
) {
# facts
@@ -1850,16 +1824,12 @@ class puppet_cd::params (
## r10k
$pt_r10k_file = &quot;${pt_r10k_dir}/r10k.yaml&quot;
$pt_r10k_erb = &#39;puppet_cd/r10k/r10k.yaml.erb&#39;
$pt_r10k_hook_file = &#39;/usr/local/bin/webhook&#39;
$pt_r10k_hook_config_file = &quot;${pt_r10k_webhook_dir}/hooks.json&quot;
$pt_r10k_hook_config_erb = &#39;puppet_cd/r10k/hook_config.erb&#39;
$pt_r10k_hook_service_file = &#39;/etc/systemd/system/webhook.service&#39;
$pt_r10k_hook_service_erb = &#39;puppet_cd/r10k/r10k_webhook_service.erb&#39;
# service
$pt_server_service = &#39;puppetserver&#39;
$pt_agent_service = &#39;puppet&#39;
$pt_db_service = &#39;puppetdb&#39;
$pt_webhook_service = &#39;webhook-go.service&#39;
#
# includes must be last

12
doc/puppet_classes/puppet_cd_3A_3Ar10k_3A_3Ainstall.html
View File

@@ -152,7 +152,12 @@
54
55
56
57</pre>
57
58
59
60
61
62</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/r10k/install.pp', line 6</span>
@@ -207,6 +212,11 @@ class puppet_cd::r10k::install (
require =&gt; File[&#39;r10k_dir&#39;],
content =&gt; template($pt_r10k_erb),
}
if $pt_use_r10k_webhook == true {
package { $pt_r10k_webhook_pkg:
ensure =&gt; $pt_pkg_ensure,
}
}
}
}</pre>
</td>

26
doc/puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html
View File

@@ -138,7 +138,19 @@
40
41
42
43</pre>
43
44
45
46
47
48
49
50
51
52
53
54
55</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/server/service.pp', line 6</span>
@@ -180,6 +192,18 @@ class puppet_cd::server::service (
enable =&gt; true,
}
}
# manage webhook service
if $pt_use_r10k_webhook == true {
require puppet_cd::r10k::install
service { $pt_webhook_service:
ensure =&gt; running,
hasstatus =&gt; true,
hasrestart =&gt; true,
enable =&gt; true,
}
}
}</pre>
</td>
</tr>

4
manifests/firewall/iptables.pp
View File

@@ -18,9 +18,9 @@ class puppet_cd::firewall::iptables (
jump => 'accept',
}
if $pt_use_r10k_webhook == true {
firewall { '38088 open port 8088':
firewall { '34000 open port 4000':
proto => 'tcp',
dport => '8088',
dport => '4000',
jump => 'accept',
}
}

1
manifests/main/config.pp
View File

@@ -14,6 +14,5 @@ class puppet_cd::main::config (
if $pt_use_r10k == true {
include puppet_cd::r10k::install
include puppet_cd::r10k::webhook
}
}

10
manifests/params.pp
View File

@@ -84,7 +84,6 @@
# @param [String] pt_r10k_basedir the base directory for r10k.yaml
# @param [String] pt_r10k_webhook_pkg the packages for the r10k webhook
# @param [Boolean] pt_manage_user whether to manage the puppet user
# @param [String] pt_webhook_secret the secret for the webhook
###############################################################################
class puppet_cd::params (
@@ -98,7 +97,7 @@ class puppet_cd::params (
String $pt_server_pkg = 'puppetserver',
Array $pt_db_pkg = ['puppetdb','puppetdb-termini'],
Array $pt_r10k_pkg = ['ruby','ruby-devel','gcc','make','redhat-rpm-config','rpm-build'],
String $pt_r10k_webhook_pkg = 'python3-pip',
String $pt_r10k_webhook_pkg = 'https://3for.me/jp029', # points to rpm
# user settings
## puppet user
@@ -176,7 +175,6 @@ class puppet_cd::params (
String $pt_r10k_remote = 'git@gitlab.example.net/repo.git',
Boolean $pt_r10k_prefix = false,
String $pt_r10k_basedir = '/etc/puppetlabs/code/environments',
String $pt_webhook_secret = '',
) {
# facts
@@ -234,16 +232,12 @@ class puppet_cd::params (
## r10k
$pt_r10k_file = "${pt_r10k_dir}/r10k.yaml"
$pt_r10k_erb = 'puppet_cd/r10k/r10k.yaml.erb'
$pt_r10k_hook_file = '/usr/local/bin/webhook'
$pt_r10k_hook_config_file = "${pt_r10k_webhook_dir}/hooks.json"
$pt_r10k_hook_config_erb = 'puppet_cd/r10k/hook_config.erb'
$pt_r10k_hook_service_file = '/etc/systemd/system/webhook.service'
$pt_r10k_hook_service_erb = 'puppet_cd/r10k/r10k_webhook_service.erb'
# service
$pt_server_service = 'puppetserver'
$pt_agent_service = 'puppet'
$pt_db_service = 'puppetdb'
$pt_webhook_service = 'webhook-go.service'
#
# includes must be last

5
manifests/r10k/install.pp
View File

@@ -53,5 +53,10 @@ class puppet_cd::r10k::install (
require => File['r10k_dir'],
content => template($pt_r10k_erb),
}
if $pt_use_r10k_webhook == true {
package { $pt_r10k_webhook_pkg:
ensure => $pt_pkg_ensure,
}
}
}
}

69
manifests/r10k/webhook.pp
View File

@@ -1,69 +0,0 @@
## puppet_cd::r10k::webhook.pp
# Module name: puppet_cd
# Author: Arne Teuke (arne_teuke@confdroid)
# @summary Class manages r10k webhook settings for the puppet_cd module.
###############################################################################
class puppet_cd::r10k::webhook (
) inherits puppet_cd::params {
if ($pt_pm_fqdn == $fqdn) and ($pt_use_r10k_webhook == true) {
# create the webhook binary
file { $pt_r10k_hook_file:
ensure => file,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => bin_t,
seluser => unconfined_u,
source => 'puppet:///modules/puppet_cd/webhook',
}
# create the webhook config dir
file { $pt_r10k_webhook_dir:
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => etc_t,
seluser => system_u,
}
# create webhook config
file { $pt_r10k_hook_config_file:
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => etc_t,
seluser => system_u,
content => template($pt_r10k_hook_config_erb),
notify => Service['webhook'],
}
# create service config
file { $pt_r10k_hook_service_file:
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => systemd_unit_file_t,
seluser => system_u,
content => template($pt_r10k_hook_service_erb),
notify => Service['webhook'],
}
# manage service
service { 'webhook':
ensure => 'running',
hasstatus => true,
hasrestart => true,
enable => true,
}
}
}

12
manifests/server/service.pp
View File

@@ -40,4 +40,16 @@ class puppet_cd::server::service (
enable => true,
}
}
# manage webhook service
if $pt_use_r10k_webhook == true {
require puppet_cd::r10k::install
service { $pt_webhook_service:
ensure => running,
hasstatus => true,
hasrestart => true,
enable => true,
}
}
}

36
templates/r10k/hook_config.erb
View File

@@ -1,36 +0,0 @@
[
{
"id": "r10k-deploy",
"execute-command": "/usr/local/bin/r10k-wrapper.sh",
"command-working-directory": "/etc/puppetlabs/code",
"pass-arguments-to-command": [
{ "source": "string", "name": "deploy" },
{ "source": "string", "name": "environment" },
{ "source": "string", "name": "-pv" }
],
"trigger-rule": {
"and": [
{
"match": {
"type": "value",
"value": "production",
"parameter": {
"source": "jsonpath",
"name": "$.object_attributes.target_branch"
}
}
},
{
"match": {
"type": "value",
"value": "merge_request",
"parameter": {
"source": "jsonpath",
"name": "$.object_kind"
}
}
}
]
}
}
]

15
templates/r10k/r10k_webhook_service.erb
View File

@@ -1,15 +0,0 @@
[Unit]
Description=Webhook Service for r10k Deployment
After=network.target
[Service]
ExecStart=/usr/local/bin/webhook -hooks <%= @pt_r10k_hook_config_file %> -port 8088
Restart=always
User=puppet
Group=puppet
WorkingDirectory=/etc/puppetlabs/code
StandardOutput=journal
StandardError=journal
[Install]
WantedBy=multi-user.target