diff options
| author | mail_redacted_for_web | 2015-12-21 15:19:38 -0800 |
|---|---|---|
| committer | mail_redacted_for_web | 2015-12-21 15:19:38 -0800 |
| commit | d2db2750284dfeee15f375ce06bbcbc301738b84 (patch) | |
| tree | fa63eec03b985062c9a9f9fc13c7d187c7160a12 /site/profile/manifests/git_webhook/zack_r10k_webhook.pp | |
| parent | 56d0908db2919fc9734a7722ece4adaa9d7b9bdc (diff) | |
| download | control-repo-template-d2db2750284dfeee15f375ce06bbcbc301738b84.tar.bz2 | |
Create profile::git_webhook to abstract away the details
Prior to this commit there were two possible webhooks
- zack/r10k webhook
- code manager
I moved these two profiles under git_webhook and choose the correct
one based on the version of PE being used.
As a safety hatch, I provide the $force_zack_r10k_webhook param
on profile::git_webhook in case someone needs to continue using it
instead of code manager.
Diffstat (limited to 'site/profile/manifests/git_webhook/zack_r10k_webhook.pp')
| -rw-r--r-- | site/profile/manifests/git_webhook/zack_r10k_webhook.pp | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/site/profile/manifests/git_webhook/zack_r10k_webhook.pp b/site/profile/manifests/git_webhook/zack_r10k_webhook.pp new file mode 100644 index 0000000..ed05282 --- /dev/null +++ b/site/profile/manifests/git_webhook/zack_r10k_webhook.pp @@ -0,0 +1,58 @@ +class profile::git_webhook::zack_r10k_webhook ( + $use_mcollective = false, +) { + + $username = hiera('webhook_username', fqdn_rand_string(10, '', 'username')) + $password = hiera('webhook_password', fqdn_rand_string(20, '', 'password')) + + $gms_api_token = hiera('gms_api_token', undef) + $git_management_system = hiera('git_management_system', undef) + + if $use_mcollective { + class { 'r10k::mcollective': + notify => Service['mcollective'], + } + } + + class {'r10k::webhook::config': + enable_ssl => true, + protected => true, + user => $username, + pass => $password, + use_mcollective => $use_mcollective, + } + + class {'r10k::webhook': + user => 'root', + group => '0', + require => Class['r10k::webhook::config'], + } + + $r10k_ssh_key_file = '/root/.ssh/r10k_rsa' + exec { 'create r10k ssh key' : + command => "/usr/bin/ssh-keygen -t rsa -b 2048 -C 'r10k' -f ${r10k_ssh_key_file} -q -N ''", + creates => $r10k_ssh_key_file, + } + + if !empty($gms_api_token) { + git_deploy_key { "add_deploy_key_to_puppet_control-${::fqdn}": + ensure => present, + name => $::fqdn, + path => "${r10k_ssh_key_file}.pub", + token => $gms_api_token, + project_name => 'puppet/control-repo', + server_url => hiera('gms_server_url'), + provider => $git_management_system, + } + + git_webhook { "web_post_receive_webhook-${::fqdn}" : + ensure => present, + webhook_url => "https://${username}:${password}@${::fqdn}:8088/payload", + token => $gms_api_token, + project_name => 'puppet/control-repo', + server_url => hiera('gms_server_url'), + provider => $git_management_system, + disable_ssl_verify => true, + } + } +} |