diff --git a/.vscode/settings.json b/.vscode/settings.json index 2aa5b11..d0e945d 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -21,11 +21,13 @@ "refreshonly", "repolist", "requestlogging", + "rubygems", "springframework", "startswith", "Supress", "trapperkeeper", "utcnow", - "uvicorn" + "uvicorn", + "webrick" ] } \ No newline at end of file diff --git a/files/webhook-go.rpm b/files/webhook-go.rpm deleted file mode 100644 index 6697a58..0000000 Binary files a/files/webhook-go.rpm and /dev/null differ diff --git a/manifests/firewall/iptables.pp b/manifests/firewall/iptables.pp index a109b8c..cb0d1ce 100644 --- a/manifests/firewall/iptables.pp +++ b/manifests/firewall/iptables.pp @@ -18,9 +18,9 @@ class puppet_cd::firewall::iptables ( jump => 'accept', } if $pt_use_r10k_webhook == true { - firewall { '34000 open port 4000': + firewall { "3${pt_r10k_webhook_port} open port ${pt_r10k_webhook_port}": proto => 'tcp', - dport => '4000', + dport => $pt_r10k_webhook_port jump => 'accept', } } diff --git a/manifests/params.pp b/manifests/params.pp index af23adc..a5e41e4 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -82,8 +82,9 @@ # @param [String] pt_r10k_remote the remote url for the r10k control repo # @param [Boolean] pt_r10k_prefix the r10k prefix. defaults to false # @param [String] pt_r10k_basedir the base directory for r10k.yaml -# @param [String] pt_r10k_webhook_pkg the packages for the r10k webhook +# @param [Array] pt_r10k_webhook_pkg the packages for the r10k webhook # @param [Boolean] pt_manage_user whether to manage the puppet user +# @param [String] pt_r10k_webhook_port the port for the webhook listener ############################################################################### class puppet_cd::params ( @@ -96,8 +97,8 @@ class puppet_cd::params ( String $pt_agent_pkg = 'puppet-agent', String $pt_server_pkg = 'puppetserver', Array $pt_db_pkg = ['puppetdb','puppetdb-termini'], - Array $pt_r10k_pkg = ['ruby','ruby-devel','gcc','make','redhat-rpm-config','rpm-build'], - String $pt_r10k_webhook_pkg = '/tmp/webhook-go.rpm', + Array $pt_r10k_pkg = ['ruby','ruby-devel','rubygems','gcc','make'], + Array $pt_r10k_webhook_pkg = ['webrick', 'r10k_gitlab_webhook'], # user settings ## puppet user @@ -175,6 +176,7 @@ class puppet_cd::params ( String $pt_r10k_remote = 'git@gitlab.example.net/repo.git', Boolean $pt_r10k_prefix = false, String $pt_r10k_basedir = '/etc/puppetlabs/code/environments', + String $pt_r10k_webhook_port = '8080'. ) { # facts @@ -232,12 +234,15 @@ class puppet_cd::params ( ## r10k $pt_r10k_file = "${pt_r10k_dir}/r10k.yaml" $pt_r10k_erb = 'puppet_cd/r10k/r10k.yaml.erb' + $pt_webhook_link = 'ln -sf /usr/local/share/gems/gems/r10k_gitlab_webhook-0.1.3/bin/r10k_gitlab_webhook /usr/bin/' + $pt_webhook_service_file = '/etc/systemd/system/r10k_gitlab_webhook.service' + $pt_webhook_service_erb = 'puppet_cd/r10k/r10k_webhook_service.erb' # service $pt_server_service = 'puppetserver' $pt_agent_service = 'puppet' $pt_db_service = 'puppetdb' - $pt_webhook_service = 'webhook-go.service' + $pt_r10k_webhook_service = 'r10k_gitlab_webhook' # # includes must be last diff --git a/manifests/r10k/install.pp b/manifests/r10k/install.pp index 1fa037b..dccd9cb 100644 --- a/manifests/r10k/install.pp +++ b/manifests/r10k/install.pp @@ -25,6 +25,7 @@ class puppet_cd::r10k::install ( package { 'r10k': ensure => $pt_pkg_ensure, provider => gem, + require => Package[$pt_r10k_pkg], } # create r10k dir @@ -53,16 +54,37 @@ class puppet_cd::r10k::install ( require => File['r10k_dir'], content => template($pt_r10k_erb), } + if $pt_use_r10k_webhook == true { - file { $pt_r10k_webhook_pkg: - ensure => file, - source => 'puppet:///modules/puppet_cd/webhook-go.rpm' + package { $pt_r10k_webhook_pkg: + ensure => present, + provider => gem, + require => Package[$pt_r10k_pkg], } - exec { 'install rpm': - command => "yum install -y ${pt_r10k_webhook_pkg}", - unless => 'rpm -qa | grep webhook-go', - require => File[$pt_r10k_webhook_pkg], + exec { 'create symlink': + command => $pt_webhook_link, + creates => '/usr/bin/r10k_gitlab_webhook', + path => ['/bin', '/usr/bin'], + require => Package[$pt_r10k_webhook_pkg], + } + + file { $pt_webhook_service_file: + ensure => file, + owner => 'root', + group => 'root', + mode => '0664', + selrange => s0, + selrole => object_r, + seltype => puppet_etc_t, + seluser => unconfined_u, + content => template($pt_webhook_service_erb), + notify => [Service[$pt_r10k_webhook_service],Exec['systemctl-daemon-reload']], + } + + exec { 'systemctl-daemon-reload': + command => '/bin/systemctl daemon-reload', + refreshonly => true, } } } diff --git a/manifests/server/service.pp b/manifests/server/service.pp index 5b57c22..8a118a8 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -44,8 +44,7 @@ class puppet_cd::server::service ( # manage webhook service if $pt_use_r10k_webhook == true { require puppet_cd::r10k::install - - service { $pt_webhook_service: + service { $pt_r10k_webhook_service: ensure => running, hasstatus => true, hasrestart => true, diff --git a/templates/r10k/r10k_webhook_service.erb b/templates/r10k/r10k_webhook_service.erb new file mode 100644 index 0000000..ad3b468 --- /dev/null +++ b/templates/r10k/r10k_webhook_service.erb @@ -0,0 +1,12 @@ +[Unit] + Description=r10k GitLab Webhook + After=network.target + + [Service] + ExecStart=/usr/bin/r10k_gitlab_webhook -p <%= @pt_r10k_webhook_port %> + Restart=always + User=root + WorkingDirectory=/etc/puppetlabs/code + + [Install] + WantedBy=multi-user.target \ No newline at end of file