Giuseppe Lavagetto has submitted this change and it was merged.
Change subject: puppet-compiler: module for installation
......................................................................
puppet-compiler: module for installation
This module installs the puppet compiler. It should then be runnable
using the puppet-compiler command. Note that this module does NOT
install the facts collection as this is mainly intended to run in labs,
where production facts can be used only after being cleaned of sensitive
data.
Change-Id: I07f46fe66b994d345a97cfc75345bfa2e5311ff2
Signed-off-by: Giuseppe Lavagetto <glavage...@wikimedia.org>
---
A modules/git/manifests/install.pp
A modules/puppet_compiler/manifests/bundle.pp
A modules/puppet_compiler/manifests/differ.pp
A modules/puppet_compiler/manifests/init.pp
A modules/puppet_compiler/manifests/packages.pp
A modules/puppet_compiler/templates/mysql_queries.erb
A modules/puppet_compiler/templates/nginx_site.erb
A modules/puppet_compiler/templates/run_wrapper.erb
8 files changed, 230 insertions(+), 0 deletions(-)
Approvals:
Giuseppe Lavagetto: Looks good to me, approved
jenkins-bot: Verified
diff --git a/modules/git/manifests/install.pp b/modules/git/manifests/install.pp
new file mode 100644
index 0000000..72e0226
--- /dev/null
+++ b/modules/git/manifests/install.pp
@@ -0,0 +1,80 @@
+# Definition: git::install
+#
+# Creates a git clone of a specified wikimedia project into a directory,
+# and ensures that the correct tag is checked out.
+#
+# === Required parameters
+#
+# $+directory+:: Path to clone the repository into.
+# $+git_tag+:: The tag to apply to the user.
+#
+# === Optional parameters
+#
+# $+ensure+:: _absent_ or _present_. Defaults to _present_.
+# - _present_ (default) will keep the repository updated.
+# - _absent_ will ensure the directory is deleted.
+# $+owner+:: Owner of $directory, default: _root_. git commands will be run
+# by this user.
+# $+group+:: Group owner of $directory, default: 'root'
+# $+post_checkout+:: Post checkout hook script that can be used to perform
+# deploy tasks
+#
+# === Example usage
+#
+# git::install { 'project/name/on/gerrit':
+# directory => '/some/path/here',
+# git_tag => 'my-preferred-tag',
+# post_checkout =>
'puppet://files/some/script/that/should/run/post/checkout'
+# }
+#
+#
+#
+define git::install(
+ $directory,
+ $git_tag,
+ $ensure='present',
+ $post_checkout=undef,
+ $owner='root',
+ $group='root',
+ )
+{
+ # Git clone runs once, then we perform a "forward-to-tag" operation
+ git::clone{$title:
+ ensure => $ensure,
+ directory => $directory,
+ owner => $owner,
+ group => $group,
+ mode => '0444',
+ }
+
+
+ if $ensure == 'present' {
+ if $post_checkout != undef {
+ file {"callback-hook-${title}":
+ ensure => 'present',
+ path => "${directory}/.git/hooks/post-checkout",
+ mode => '0554',
+ source => $post_checkout,
+ owner => $owner,
+ group => $group,
+ require => Git::Clone[$title]
+ }
+ }
+
+
+ exec {"git_update_${title}":
+ command => '/usr/bin/git remote update',
+ cwd => $directory,
+ user => $owner,
+ unless => "/usr/bin/git tag --list | /bin/grep ${git_tag}",
+ require => Git::Clone[$title],
+ }
+
+ exec {"git_checkout_${title}":
+ command => "/usr/bin/git checkout tags/${git_tag}",
+ cwd => $directory,
+ user => $owner,
+ require => Exec["git_update_${title}"]
+ }
+ }
+}
diff --git a/modules/puppet_compiler/manifests/bundle.pp
b/modules/puppet_compiler/manifests/bundle.pp
new file mode 100644
index 0000000..bd15b0e
--- /dev/null
+++ b/modules/puppet_compiler/manifests/bundle.pp
@@ -0,0 +1,10 @@
+# Installs the deployment bundle needed by puppet
+define puppet_compiler::bundle( $program_dir = $puppet_compiler::program_dir )
{
+ $installer="${program_dir}/shell/installer"
+ exec {"install_puppet_bundle_${title}":
+ command => "${installer} ${title}",
+ user => $puppet_compiler::user,
+ creates => "${program_dir}/shell/env_puppet_${title}/vendor",
+ require => Git::Install['operations/software'],
+ }
+}
diff --git a/modules/puppet_compiler/manifests/differ.pp
b/modules/puppet_compiler/manifests/differ.pp
new file mode 100644
index 0000000..17c0745
--- /dev/null
+++ b/modules/puppet_compiler/manifests/differ.pp
@@ -0,0 +1,13 @@
+class puppet_compiler::differ(
+ $envdir = "${puppet_compiler::program_dir}/shell/env_puppet_3",
+ $modulepath = "${puppet_compiler::puppetdir}/modules",
+ $user = 'www-data'
+ ) {
+
+ exec {'Install catalog diff module':
+ command => "/usr/bin/bundle exec puppet module install
zack-catalog_diff --modulepath=${modulepath}",
+ cwd => $envdir,
+ user => $user,
+ creates => "${modulepath}/catalog_diff",
+ }
+}
diff --git a/modules/puppet_compiler/manifests/init.pp
b/modules/puppet_compiler/manifests/init.pp
new file mode 100644
index 0000000..5d8facc
--- /dev/null
+++ b/modules/puppet_compiler/manifests/init.pp
@@ -0,0 +1,89 @@
+# Installs the puppet compiler and all the other software we need.
+class puppet_compiler(
+ $version = '0.1.0',
+ $rootdir = '/opt/wmf',
+ $ensure = present,
+ $user = 'www-data'
+ ) {
+
+ include puppet_compiler::packages
+
+ nginx::site {'puppet-compiler':
+ ensure => $ensure,
+ content => template('puppet_compiler/nginx_site.erb'),
+ }
+
+ $install_dir = "${rootdir}/software"
+ $program_dir = "${install_dir}/compare_puppet-catalogs"
+ $puppetdir = "${program_dir}/external/puppet"
+
+
+ # This wrapper defines the env variables for running.
+ file {'run_wrapper':
+ ensure => $ensure,
+ path => '/usr/local/bin/puppet-compiler',
+ content => template('puppet_compiler/run_wrapper.erb')
+ }
+
+
+ if $ensure != 'present' {
+ file{'root_dir':
+ ensure => 'absent',
+ path => $rootdir,
+ owner => $user,
+ recurse => true,
+ force => true,
+ }
+ } else {
+ file{'root_dir':
+ ensure => 'directory',
+ path => $rootdir,
+ owner => $user,
+ before => Git::Install['operations/software'],
+ }
+
+ git::install {'operations/software':
+ ensure => 'present',
+ directory => $install_dir,
+ owner => $user,
+ git_tag => "compare-puppet-catalogs-${version}",
+ require => Nginx::Site['puppet-compiler'],
+ }
+
+ exec {'install_puppet_compare_requirements':
+ command => '/usr/bin/pip install requests simplediff',
+ user => 'root',
+ require => Git::Install['operations/software'],
+ }
+
+ puppet_compiler::bundle {['2.7', '3']: }
+
+ # Now install the puppet repo
+
+ exec {'install_puppet_repositories':
+ command => "${program_dir}/shell/helper install",
+ user => $user,
+ creates => $puppetdir,
+ require => Git::Install['operations/software'],
+ notify => Class['puppet_compiler::differ']
+ }
+
+ class {'puppet_compiler::differ':
+ require => Exec['install_puppet_repositories']
+ }
+
+ file {["${program_dir}/output",
"${program_dir}/output/html","${program_dir}/output/diff",
"${program_dir}/output/compiled",]:
+ ensure => directory,
+ owner => $user,
+ mode => '0775',
+ require => Exec['install_puppet_repositories']
+ }
+
+ $mysql_query = template('puppet_compiler/mysql_queries.erb')
+ exec {'mysql queries':
+ command => "/usr/bin/mysql -NBe ${mysql_query}",
+ unless => "/usr/bin/mysql puppet -NBe 'SELECT 1' ",
+ require => Package['mysql-server']
+ }
+ }
+}
diff --git a/modules/puppet_compiler/manifests/packages.pp
b/modules/puppet_compiler/manifests/packages.pp
new file mode 100644
index 0000000..d240a1f
--- /dev/null
+++ b/modules/puppet_compiler/manifests/packages.pp
@@ -0,0 +1,19 @@
+class puppet_compiler::packages($ensure = $puppet_compiler::ensure) {
+ $list = [
+ 'curl',
+ 'git-core',
+ 'python-pip',
+ 'python-dev',
+ 'rubygems',
+ 'ruby-bundler',
+ 'ruby1.8-dev',
+ 'mysql-server',
+ 'mysql-client',
+ 'ruby-mysql',
+ 'ruby-bcrypt',
+ 'nginx'
+ ]
+ package {$list:
+ ensure => $ensure
+ }
+}
diff --git a/modules/puppet_compiler/templates/mysql_queries.erb
b/modules/puppet_compiler/templates/mysql_queries.erb
new file mode 100644
index 0000000..c01d63b
--- /dev/null
+++ b/modules/puppet_compiler/templates/mysql_queries.erb
@@ -0,0 +1 @@
+"CREATE DATABASE puppet; GRANT ALL PRIVILEGES ON puppet.* TO
'puppet'@'localhost' IDENTIFIED BY '<%=
scope.lookupvar('passwords::puppet_compiler::mysql_password') -%>';"
diff --git a/modules/puppet_compiler/templates/nginx_site.erb
b/modules/puppet_compiler/templates/nginx_site.erb
new file mode 100644
index 0000000..81dca46
--- /dev/null
+++ b/modules/puppet_compiler/templates/nginx_site.erb
@@ -0,0 +1,12 @@
+server {
+ listen 80;
+ server_name localhost puppet-compiler.wmflabs.org <%= @fqdn -%>;
+
+ root <%= scope.lookupvar('puppet_compiler::program_dir') -%>/output;
+ index index.html index.htm;
+
+ location / {
+ autoindex on;
+ try_files $uri $uri/ 404;
+ }
+}
diff --git a/modules/puppet_compiler/templates/run_wrapper.erb
b/modules/puppet_compiler/templates/run_wrapper.erb
new file mode 100755
index 0000000..95cb1a7
--- /dev/null
+++ b/modules/puppet_compiler/templates/run_wrapper.erb
@@ -0,0 +1,6 @@
+#!/bin/bash
+PUPPET_COMPILER_BASEDIR="<%= @program_dir -%>"
+PUPPET_COMPILER_MYSQL_PWD="<%=
scope.lookupvar('passwords::puppet_compiler::mysql_password') -%>"
+export PUPPET_COMPILER_BASEDIR PUPPET_COMPILER_MYSQL_PWD
+
+${PUPPET_COMPILER_BASEDIR}/comparator $@
--
To view, visit https://gerrit.wikimedia.org/r/133449
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I07f46fe66b994d345a97cfc75345bfa2e5311ff2
Gerrit-PatchSet: 16
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Giuseppe Lavagetto <glavage...@wikimedia.org>
Gerrit-Reviewer: Alexandros Kosiaris <akosia...@wikimedia.org>
Gerrit-Reviewer: Filippo Giunchedi <fgiunch...@wikimedia.org>
Gerrit-Reviewer: Giuseppe Lavagetto <glavage...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
