Rush has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/394200 )
Change subject: wip: toolforge: follow attended upgrade process
......................................................................
wip: toolforge: follow attended upgrade process
relies on changeset 392421
Bug: T181647
Change-Id: Id9e95a58860a0ef786324d62020347bf01a36111
---
M hieradata/labs.yaml
M hieradata/labs/tools/common.yaml
M modules/apt/manifests/unattendedupgrades.pp
M modules/profile/manifests/base/labs.pp
4 files changed, 25 insertions(+), 6 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/00/394200/1
diff --git a/hieradata/labs.yaml b/hieradata/labs.yaml
index 9cbccbf..f5582bf 100644
--- a/hieradata/labs.yaml
+++ b/hieradata/labs.yaml
@@ -17,6 +17,8 @@
recursor: 'labs-recursor0.wikimedia.org'
recursor_secondary: 'labs-recursor1.wikimedia.org'
+profile::base::labs::unattended_distro: true
+profile::base::labs::unattended_wmf: true
profile::openstack::main::version: 'liberty'
profile::openstack::base::region: "%{::site}"
profile::openstack::main::nova_controller: 'labcontrol1001.wikimedia.org'
diff --git a/hieradata/labs/tools/common.yaml b/hieradata/labs/tools/common.yaml
index c62e87a..6e5eb3f 100644
--- a/hieradata/labs/tools/common.yaml
+++ b/hieradata/labs/tools/common.yaml
@@ -1,3 +1,6 @@
+profile::base::labs::unattended_distro: false
+profile::base::labs::unattended_wmf: false
+
"profile::base::core_dump_pattern": core
classes:
- role::aptly::client
diff --git a/modules/apt/manifests/unattendedupgrades.pp
b/modules/apt/manifests/unattendedupgrades.pp
index c02745c..41fafe4 100644
--- a/modules/apt/manifests/unattendedupgrades.pp
+++ b/modules/apt/manifests/unattendedupgrades.pp
@@ -1,13 +1,17 @@
-class apt::unattendedupgrades($ensure=present) {
+class apt::unattendedupgrades(
+ $unattended_distro=true,
+ $unattended_wmf=true,
+ ) {
+
# package installation should enable security upgrades by default
package { 'unattended-upgrades':
- ensure => $ensure,
+ ensure => 'present',
}
# dpkg tries to determine the most conservative default action in case of
# conffile conflict. This tells dpkg to use that action without asking
apt::conf { 'dpkg-force-confdef':
- ensure => present,
+ ensure => 'present',
priority => '00',
key => 'Dpkg::Options::',
value => '--force-confdef',
@@ -16,20 +20,21 @@
# In case of conffile conflicts, tell dpkg to keep the old conffile without
# asking
apt::conf { 'dpkg-force-confold':
- ensure => present,
+ ensure => 'present',
priority => '00',
key => 'Dpkg::Options::',
value => '--force-confold',
}
apt::conf { 'auto-upgrades':
- ensure => $ensure,
+ ensure => $unattended_distro,
priority => '20',
key => 'APT::Periodic::Unattended-Upgrade',
value => '1',
}
apt::conf { 'unattended-upgrades-wikimedia':
+ ensure => $unattended_wmf,
priority => '51',
# Key with trailing '::' to append to potentially existing entry
key => 'Unattended-Upgrade::Origins-Pattern::',
diff --git a/modules/profile/manifests/base/labs.pp
b/modules/profile/manifests/base/labs.pp
index 23816b3..c028c3f 100644
--- a/modules/profile/manifests/base/labs.pp
+++ b/modules/profile/manifests/base/labs.pp
@@ -1,4 +1,13 @@
-class profile::base::labs {
+class profile::base::labs(
+ $unattended_distro = hiera('profile::base::labs::unattended_distro'),
+ $unattended_wmf = hiera('profile::base::labs::unattended_wmf),
+ ) {
+
+ class {'::apt::unattendedupgrades':
+ unattended_distro => $unattended_distro,
+ unattended_wmf => $unattended_wmf,
+ }
+
include ::apt::unattendedupgrades
include ::apt::noupgrade
--
To view, visit https://gerrit.wikimedia.org/r/394200
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Id9e95a58860a0ef786324d62020347bf01a36111
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Rush <r...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
