[MediaWiki-commits] [Gerrit] deployment: make the keyholder key path configurable - change (operations/puppet)

Giuseppe Lavagetto (Code Review) Mon, 15 Dec 2014 23:55:55 -0800

Giuseppe Lavagetto has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/180126


Change subject: deployment: make the keyholder key path configurable
......................................................................

deployment: make the keyholder key path configurable

This is the correct fix for bug T75520 - contrary to what was done in
I08c24578596506a1a8baedb7f4a42c2c78be295a we do not change the logic of
the class, we just allow to change the key location via hiera, and leave
the default value to be the one we use in production.

Change-Id: Iba742c94aa3df7497fbff52a856d7ba16cf22cc7
Signed-off-by: Giuseppe Lavagetto <[email protected]>
---
M manifests/role/deployment.pp
1 file changed, 5 insertions(+), 2 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/26/180126/1

diff --git a/manifests/role/deployment.pp b/manifests/role/deployment.pp
index 0a5f36a..75f898b 100644
--- a/manifests/role/deployment.pp
+++ b/manifests/role/deployment.pp
@@ -130,7 +130,10 @@
     }
 }
 
-class role::deployment::deployment_servers::common {
+class role::deployment::deployment_servers::common(
+    # Source of the key, change this if not in production, with hiera.
+    $key_source = 'puppet:///private/ssh/tin/mwdeploy_rsa',
+) {
     # Can't include this while scap is present on tin:
     # include misc::deployment::scripts
 
@@ -154,7 +157,7 @@
     class { '::keyholder': trusted_group => 'wikidev', } ->
     class { '::keyholder::monitoring': } ->
     keyholder::private_key { 'mwdeploy_rsa':
-        source  => 'puppet:///private/ssh/tin/mwdeploy_rsa',
+        source  => $key_source,
     }
 }
 

-- 
To view, visit https://gerrit.wikimedia.org/r/180126
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Iba742c94aa3df7497fbff52a856d7ba16cf22cc7
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Giuseppe Lavagetto <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] deployment: make the keyholder key path configurable - change (operations/puppet)

Reply via email to