[MediaWiki-commits] [Gerrit] operations/puppet[production]: Gerrit: make auth_type configurable for labs

Tue, 23 Aug 2016 16:22:58 -0700 

Dzahn has submitted this change and it was merged.

Change subject: Gerrit: make auth_type configurable for labs
......................................................................


Gerrit: make auth_type configurable for labs

In labs we can't just use the same LDAP auth we use in production.
Make the auth type configurable.

Change-Id: I3bd532685c59063d06479b17801f5075b0f7cd97
---
M modules/gerrit/manifests/jetty.pp
M modules/gerrit/templates/gerrit.config.erb
M modules/gerrit/templates/secure.config.erb
3 files changed, 7 insertions(+), 1 deletion(-)

Approvals:
  Dzahn: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/modules/gerrit/manifests/jetty.pp 
b/modules/gerrit/manifests/jetty.pp
index 0c79fdc..e0658c5 100644
--- a/modules/gerrit/manifests/jetty.pp
+++ b/modules/gerrit/manifests/jetty.pp
@@ -7,6 +7,7 @@
     $git_dir = 'git',
     $ssh_host_key = undef,
     $heap_limit = '28g',
+    $auth_type = 'LDAP',
     ) {
 
     include nrpe
diff --git a/modules/gerrit/templates/gerrit.config.erb 
b/modules/gerrit/templates/gerrit.config.erb
index bf865b4..0341212 100644
--- a/modules/gerrit/templates/gerrit.config.erb
+++ b/modules/gerrit/templates/gerrit.config.erb
@@ -15,9 +15,11 @@
     username = <%= @db_user %>
     url = jdbc:mysql://<%= @db_host %>/<%= @db_name 
%>?characterSetResults=utf8&characterEncoding=utf8&connectionCollation=utf8_unicode_ci
 [auth]
-    type = LDAP
+    type = <%= @auth_type %>
     cookieSecure = true
+<%- if @auth_type == 'LDAP' -%>
     registerUrl = 
https://wikitech.wikimedia.org/w/index.php?title=Special:UserLogin&returnto=Help%3AGetting+Started&type=signup
+
 [ldap]
     server = <% @ldap_hosts.each do |ldap_host| %>ldaps://<%= ldap_host %> <% 
end %>
     accountBase = ou=people,<%= @ldap_base_dn %>
@@ -26,6 +28,7 @@
     groupBase = ou=groups,<%= @ldap_base_dn %>
     groupMemberPattern = (&(objectClass=groupOfNames)(member=${dn}))
     groupScope = one
+<%- end -%>
 [sendemail]
     includeDiff = true
     smtpServerPort = 25
diff --git a/modules/gerrit/templates/secure.config.erb 
b/modules/gerrit/templates/secure.config.erb
index c28632b..d46cc50 100644
--- a/modules/gerrit/templates/secure.config.erb
+++ b/modules/gerrit/templates/secure.config.erb
@@ -1,8 +1,10 @@
 [database]
        password = <%= @db_pass %>
+<%- if @auth_type == 'LDAP' -%>
 [ldap]
        username = <%= @ldap_proxyagent %>
        password = <%= @ldap_proxyagent_pass %>
+<%- end -%>
 [auth]
        registerEmailPrivateKey = <%= @email_key %>
 [its-phabricator]

-- 
To view, visit https://gerrit.wikimedia.org/r/303355
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I3bd532685c59063d06479b17801f5075b0f7cd97
Gerrit-PatchSet: 10
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Paladox <thomasmulhall...@yahoo.com>
Gerrit-Reviewer: Chad <ch...@wikimedia.org>
Gerrit-Reviewer: Dzahn <dz...@wikimedia.org>
Gerrit-Reviewer: Paladox <thomasmulhall...@yahoo.com>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to