Hashar has uploaded a new change for review. https://gerrit.wikimedia.org/r/70621
Change subject: zuul: craft a publicly readeable configuration file ...................................................................... zuul: craft a publicly readeable configuration file To test out Zuul configuration, we are running it as user jenkins-slave which does not have access to /etc/zuul/zuul.conf. This patch creates a publicly redeable version that has the Jenkins API key stripped out. bug: 50223 Change-Id: I763994475e80a09449bf7f16b78adc7d18e79e20 --- M modules/zuul/manifests/init.pp 1 file changed, 9 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/21/70621/1 diff --git a/modules/zuul/manifests/init.pp b/modules/zuul/manifests/init.pp index de4cf54..97cc9b1 100644 --- a/modules/zuul/manifests/init.pp +++ b/modules/zuul/manifests/init.pp @@ -101,12 +101,21 @@ owner => 'jenkins', mode => '0400', content => template('zuul/zuul.conf.erb'), + notify => Exec['craft public zuul conf'], require => [ File['/etc/zuul'], Package['jenkins'], ], } + # Additionally provide a publicly readeable configuration file + exec { 'craft public zuul conf': + cwd => '/etc/zuul/', + command => 'sed "s/apikey=.*/apikey=<obfuscacated>/" /etc/zuul/zuul.conf', + refreshonly => true, + creates => '/etc/zuul/public.conf', + } + file { '/var/log/zuul': ensure => directory, owner => 'jenkins', -- To view, visit https://gerrit.wikimedia.org/r/70621 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I763994475e80a09449bf7f16b78adc7d18e79e20 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Hashar <has...@free.fr> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits