Giuseppe Lavagetto has submitted this change and it was merged. Change subject: puppet-compiler: module for installation ......................................................................
puppet-compiler: module for installation This module installs the puppet compiler. It should then be runnable using the puppet-compiler command. Note that this module does NOT install the facts collection as this is mainly intended to run in labs, where production facts can be used only after being cleaned of sensitive data. Change-Id: I07f46fe66b994d345a97cfc75345bfa2e5311ff2 Signed-off-by: Giuseppe Lavagetto <glavage...@wikimedia.org> --- A modules/git/manifests/install.pp A modules/puppet_compiler/manifests/bundle.pp A modules/puppet_compiler/manifests/differ.pp A modules/puppet_compiler/manifests/init.pp A modules/puppet_compiler/manifests/packages.pp A modules/puppet_compiler/templates/mysql_queries.erb A modules/puppet_compiler/templates/nginx_site.erb A modules/puppet_compiler/templates/run_wrapper.erb 8 files changed, 230 insertions(+), 0 deletions(-) Approvals: Giuseppe Lavagetto: Looks good to me, approved jenkins-bot: Verified diff --git a/modules/git/manifests/install.pp b/modules/git/manifests/install.pp new file mode 100644 index 0000000..72e0226 --- /dev/null +++ b/modules/git/manifests/install.pp @@ -0,0 +1,80 @@ +# Definition: git::install +# +# Creates a git clone of a specified wikimedia project into a directory, +# and ensures that the correct tag is checked out. +# +# === Required parameters +# +# $+directory+:: Path to clone the repository into. +# $+git_tag+:: The tag to apply to the user. +# +# === Optional parameters +# +# $+ensure+:: _absent_ or _present_. Defaults to _present_. +# - _present_ (default) will keep the repository updated. +# - _absent_ will ensure the directory is deleted. +# $+owner+:: Owner of $directory, default: _root_. git commands will be run +# by this user. +# $+group+:: Group owner of $directory, default: 'root' +# $+post_checkout+:: Post checkout hook script that can be used to perform +# deploy tasks +# +# === Example usage +# +# git::install { 'project/name/on/gerrit': +# directory => '/some/path/here', +# git_tag => 'my-preferred-tag', +# post_checkout => 'puppet://files/some/script/that/should/run/post/checkout' +# } +# +# +# +define git::install( + $directory, + $git_tag, + $ensure='present', + $post_checkout=undef, + $owner='root', + $group='root', + ) +{ + # Git clone runs once, then we perform a "forward-to-tag" operation + git::clone{$title: + ensure => $ensure, + directory => $directory, + owner => $owner, + group => $group, + mode => '0444', + } + + + if $ensure == 'present' { + if $post_checkout != undef { + file {"callback-hook-${title}": + ensure => 'present', + path => "${directory}/.git/hooks/post-checkout", + mode => '0554', + source => $post_checkout, + owner => $owner, + group => $group, + require => Git::Clone[$title] + } + } + + + exec {"git_update_${title}": + command => '/usr/bin/git remote update', + cwd => $directory, + user => $owner, + unless => "/usr/bin/git tag --list | /bin/grep ${git_tag}", + require => Git::Clone[$title], + } + + exec {"git_checkout_${title}": + command => "/usr/bin/git checkout tags/${git_tag}", + cwd => $directory, + user => $owner, + require => Exec["git_update_${title}"] + } + } +} diff --git a/modules/puppet_compiler/manifests/bundle.pp b/modules/puppet_compiler/manifests/bundle.pp new file mode 100644 index 0000000..bd15b0e --- /dev/null +++ b/modules/puppet_compiler/manifests/bundle.pp @@ -0,0 +1,10 @@ +# Installs the deployment bundle needed by puppet +define puppet_compiler::bundle( $program_dir = $puppet_compiler::program_dir ) { + $installer="${program_dir}/shell/installer" + exec {"install_puppet_bundle_${title}": + command => "${installer} ${title}", + user => $puppet_compiler::user, + creates => "${program_dir}/shell/env_puppet_${title}/vendor", + require => Git::Install['operations/software'], + } +} diff --git a/modules/puppet_compiler/manifests/differ.pp b/modules/puppet_compiler/manifests/differ.pp new file mode 100644 index 0000000..17c0745 --- /dev/null +++ b/modules/puppet_compiler/manifests/differ.pp @@ -0,0 +1,13 @@ +class puppet_compiler::differ( + $envdir = "${puppet_compiler::program_dir}/shell/env_puppet_3", + $modulepath = "${puppet_compiler::puppetdir}/modules", + $user = 'www-data' + ) { + + exec {'Install catalog diff module': + command => "/usr/bin/bundle exec puppet module install zack-catalog_diff --modulepath=${modulepath}", + cwd => $envdir, + user => $user, + creates => "${modulepath}/catalog_diff", + } +} diff --git a/modules/puppet_compiler/manifests/init.pp b/modules/puppet_compiler/manifests/init.pp new file mode 100644 index 0000000..5d8facc --- /dev/null +++ b/modules/puppet_compiler/manifests/init.pp @@ -0,0 +1,89 @@ +# Installs the puppet compiler and all the other software we need. +class puppet_compiler( + $version = '0.1.0', + $rootdir = '/opt/wmf', + $ensure = present, + $user = 'www-data' + ) { + + include puppet_compiler::packages + + nginx::site {'puppet-compiler': + ensure => $ensure, + content => template('puppet_compiler/nginx_site.erb'), + } + + $install_dir = "${rootdir}/software" + $program_dir = "${install_dir}/compare_puppet-catalogs" + $puppetdir = "${program_dir}/external/puppet" + + + # This wrapper defines the env variables for running. + file {'run_wrapper': + ensure => $ensure, + path => '/usr/local/bin/puppet-compiler', + content => template('puppet_compiler/run_wrapper.erb') + } + + + if $ensure != 'present' { + file{'root_dir': + ensure => 'absent', + path => $rootdir, + owner => $user, + recurse => true, + force => true, + } + } else { + file{'root_dir': + ensure => 'directory', + path => $rootdir, + owner => $user, + before => Git::Install['operations/software'], + } + + git::install {'operations/software': + ensure => 'present', + directory => $install_dir, + owner => $user, + git_tag => "compare-puppet-catalogs-${version}", + require => Nginx::Site['puppet-compiler'], + } + + exec {'install_puppet_compare_requirements': + command => '/usr/bin/pip install requests simplediff', + user => 'root', + require => Git::Install['operations/software'], + } + + puppet_compiler::bundle {['2.7', '3']: } + + # Now install the puppet repo + + exec {'install_puppet_repositories': + command => "${program_dir}/shell/helper install", + user => $user, + creates => $puppetdir, + require => Git::Install['operations/software'], + notify => Class['puppet_compiler::differ'] + } + + class {'puppet_compiler::differ': + require => Exec['install_puppet_repositories'] + } + + file {["${program_dir}/output", "${program_dir}/output/html","${program_dir}/output/diff", "${program_dir}/output/compiled",]: + ensure => directory, + owner => $user, + mode => '0775', + require => Exec['install_puppet_repositories'] + } + + $mysql_query = template('puppet_compiler/mysql_queries.erb') + exec {'mysql queries': + command => "/usr/bin/mysql -NBe ${mysql_query}", + unless => "/usr/bin/mysql puppet -NBe 'SELECT 1' ", + require => Package['mysql-server'] + } + } +} diff --git a/modules/puppet_compiler/manifests/packages.pp b/modules/puppet_compiler/manifests/packages.pp new file mode 100644 index 0000000..d240a1f --- /dev/null +++ b/modules/puppet_compiler/manifests/packages.pp @@ -0,0 +1,19 @@ +class puppet_compiler::packages($ensure = $puppet_compiler::ensure) { + $list = [ + 'curl', + 'git-core', + 'python-pip', + 'python-dev', + 'rubygems', + 'ruby-bundler', + 'ruby1.8-dev', + 'mysql-server', + 'mysql-client', + 'ruby-mysql', + 'ruby-bcrypt', + 'nginx' + ] + package {$list: + ensure => $ensure + } +} diff --git a/modules/puppet_compiler/templates/mysql_queries.erb b/modules/puppet_compiler/templates/mysql_queries.erb new file mode 100644 index 0000000..c01d63b --- /dev/null +++ b/modules/puppet_compiler/templates/mysql_queries.erb @@ -0,0 +1 @@ +"CREATE DATABASE puppet; GRANT ALL PRIVILEGES ON puppet.* TO 'puppet'@'localhost' IDENTIFIED BY '<%= scope.lookupvar('passwords::puppet_compiler::mysql_password') -%>';" diff --git a/modules/puppet_compiler/templates/nginx_site.erb b/modules/puppet_compiler/templates/nginx_site.erb new file mode 100644 index 0000000..81dca46 --- /dev/null +++ b/modules/puppet_compiler/templates/nginx_site.erb @@ -0,0 +1,12 @@ +server { + listen 80; + server_name localhost puppet-compiler.wmflabs.org <%= @fqdn -%>; + + root <%= scope.lookupvar('puppet_compiler::program_dir') -%>/output; + index index.html index.htm; + + location / { + autoindex on; + try_files $uri $uri/ 404; + } +} diff --git a/modules/puppet_compiler/templates/run_wrapper.erb b/modules/puppet_compiler/templates/run_wrapper.erb new file mode 100755 index 0000000..95cb1a7 --- /dev/null +++ b/modules/puppet_compiler/templates/run_wrapper.erb @@ -0,0 +1,6 @@ +#!/bin/bash +PUPPET_COMPILER_BASEDIR="<%= @program_dir -%>" +PUPPET_COMPILER_MYSQL_PWD="<%= scope.lookupvar('passwords::puppet_compiler::mysql_password') -%>" +export PUPPET_COMPILER_BASEDIR PUPPET_COMPILER_MYSQL_PWD + +${PUPPET_COMPILER_BASEDIR}/comparator $@ -- To view, visit https://gerrit.wikimedia.org/r/133449 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I07f46fe66b994d345a97cfc75345bfa2e5311ff2 Gerrit-PatchSet: 16 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Giuseppe Lavagetto <glavage...@wikimedia.org> Gerrit-Reviewer: Alexandros Kosiaris <akosia...@wikimedia.org> Gerrit-Reviewer: Filippo Giunchedi <fgiunch...@wikimedia.org> Gerrit-Reviewer: Giuseppe Lavagetto <glavage...@wikimedia.org> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits