Commit Graph

277 Commits

Author SHA1 Message Date
Nick Walker
ff6f140529 Move gitlab profile out to its own 'profile' module
Prior to this commit, there was a gitlab profile in the site dir
of this control-repo.

After this commit, the profile has been moved to it's own repo
where it can be used more generally and not tightly coupled to this
repository.

As a result, the gitlab role has been removed from this repository
as well.
2016-03-24 08:27:17 -07:00
Nick Walker
9503f54349 Move puppetmaster profile to rampup_profile_puppetmaster module
Prior to this commit, the puppetmaster profile was embedded in this
control-repo.

After this commit, the puppetmaster profile is moved out into its
own module.
2016-03-23 15:55:58 -07:00
Nick Walker
55f983ffc9 Update npwalker/pe_code_manager_webhook to 1.0.3 2016-03-23 14:44:26 -07:00
Nick Walker
5185a4cb26 Clean up some stale files
Prior to this commit, these two files were laying around but not used.
The code manager template was missed when the code was moved into
a module and the function was added a while ago but then never
put to use.

After this commit, the codebase is a little lighter without these
stale files.
2016-03-23 10:22:02 -07:00
Gary Larizza
667c77892a Merge pull request #22 from npwalker/breakout_git_webhook_into_a_module
Move profile::git_webhook into seperate module pe_code_manager_webhook
2016-03-17 14:38:12 -07:00
Nick Walker
4978905d9b Update to pe_code_manager_webhook v1.0.2 2016-03-17 14:34:40 -07:00
Nick Walker
182f947418 Update to pe_code_manager_wehbook v1.0.1 2016-03-17 14:34:40 -07:00
Nick Walker
bd13252916 Update to pe_code_manager_webhook v1.0.0
Prior to this commit, we were using a pre-release version of the
pe_code_manager_webhook module in order to test that simply
re-namespacing the module form a profile to a module worked as
expected.

After this commit, we use the official 1.0.0 relase of the module
that includes a few changes that make it more versatile.
2016-03-17 14:34:40 -07:00
Nick Walker
00d3aa1f4f Move profile::git_webhook into seperate module pe_code_manager_webhook
Prior to this commit the functionality to setup the either code
manager or zack/r10k was tightly coupled to this control-repo. In
an effort to make that functionality useful to more people we're
splitting it into a dedicated module.

After this commit, the pe_code_manager_webhook module will contain all logic
around setting up the webhook while this control-repo will still
gloss over the details needed to get everything in PE setup correctly
to use that module.

This commit removes the files associated with the profile including
some custom functions that were only there to make it work.

This commit removes the all_in_one_pe_2015_2 role as it was exactly
the same as the all_in_one_pe role.

This commit modifies all_in_one_pe to use the pe_code_manager_webhook module
instead of the profile.
2016-03-17 14:33:01 -07:00
Nate McCurdy
d250d971b9 Merge pull request #18 from stjeanp/production
Fixed code so hunner/hiera can be pulled from forge
2016-03-15 09:36:46 -07:00
Gary Larizza
4de1ccc7c1 Merge pull request #20 from npwalker/disable_max_requests_per_instance_setting
Disable max-requests-per-instance to mitigate hiera-eyaml mem leak
2016-02-25 09:39:07 -06:00
Nick Walker
35be376131 Merge pull request #21 from cvquesty/production
Corrected documentation grammar.
2016-02-24 14:12:40 -08:00
Jerald Sheets
7b5f052442 Corrected documentation grammar. 2016-02-24 16:42:00 -05:00
Nick Walker
270bf0a53a Disable max-requests-per-instance to mitigate hiera-eyaml mem leak
Hiera-eyaml currently causes a memory leak in puppetsever when
max-requests-per-instnace is enabled. So, defaulting to disabling
max-requests-per-instance.

https://tickets.puppetlabs.com/browse/SERVER-1154
https://github.com/TomPoulton/hiera-eyaml/issues/163
2016-02-24 11:47:27 -08:00
Nate McCurdy
e79b5277ce Merge pull request #19 from pjmorr/patch-1
Update all_in_one_pe_2015_2.pp
2016-02-22 13:48:53 -08:00
Philip Morrison
d5032cbb67 Update all_in_one_pe_2015_2.pp
Shouldn't this be profile::git_webhook as in all_in_one_pe.pp since the abstraction logic is located there?
Either that or the profile::zack_r10k_webook is missing from the location specified?
2016-02-14 00:58:19 -05:00
Patrick St. Jean
7f967d1f8b Changed :latest to 2.0.1 for hunner/hiera 2016-02-04 14:22:40 -06:00
Patrick St. Jean
b415200eb0 Fixed code so hunner/hiera can be pulled from forge 2016-02-04 11:34:52 -06:00
Nate McCurdy
36737bb5fc Merge pull request #15 from npwalker/fix_hostname_in_role_curl
Fix hostname on role creation curl command
2016-01-27 15:08:18 -08:00
Nick Walker
3f22ce0ae7 Fix hostname on role creation curl command
Prior to the this commit, if you were using the code_manager
profile on a split install it would incorrectly try to curl the
NC api on the master node.

After this commit, it should correctly curl the hostname of the NC

This has no impact on the functionality of the code on a monolithic
PE installation.
2016-01-12 09:32:06 -08:00
Gary Larizza
323b4b9386 Merge pull request #12 from npwalker/move_hiera_config_setting
Move hiera_config to main section of puppet.conf
2016-01-11 09:23:19 -08:00
Nick Walker
508b9cc600 Move hiera_config to main section of puppet.conf
If it is in master instead of main then puppet apply will give a
warning.
2016-01-06 15:26:08 -08:00
Gary Larizza
9a876a61e7 Merge pull request #9 from npwalker/2015_3_prep
Changes for PE2015.3.0
2016-01-05 13:27:26 -08:00
Nick Walker
752f2ef87b Update README with info on how to upgrade from 2015.2
Mostly reorganized the README to be 2015.3 first and then have some
extra info at the bottom about upgrading from 2015.2.

Added a blurb about what the control-repo provides.
2016-01-04 20:22:06 -08:00
Nick Walker
ad00dd7a9a Add an exec to create the Deploy Environments RBAC Role
Prior to this commit there was a requirement for the user of this
repo to create a RBAC role in order for code manager to work.

After this commit an exec statement will curl the RBAC API to
create the role one time and hopefully it works otherwise the exec
will not run again.
2015-12-28 16:42:40 -08:00
Nick Walker
ec7a8d81a6 Add functionality to disable the zack/r10k webhook
Prior to this commit, if you upgraded from a previous version of
the control-repo both code manager and zack/r10k webhook would
be running and ready to receive data.  This can present problems
if the webhook isn't disbled in the git management system is
sending data to both receivers.

This commit adds rudimentary ability to break the zack/r10k
webhook so it can't receive data.
2015-12-21 15:52:15 -08:00
Nick Walker
d2db275028 Create profile::git_webhook to abstract away the details
Prior to this commit there were two possible webhooks
 - zack/r10k webhook
 - code manager

I moved these two profiles under git_webhook and choose the correct
one based on the version of PE being used.

As a safety hatch, I provide the $force_zack_r10k_webhook param
on profile::git_webhook in case someone needs to continue using it
instead of code manager.
2015-12-21 15:19:38 -08:00
Nick Walker
56d0908db2 Update config_version to read r10k_deploy.json file
Update config_version.sh to read the r10k_deploy.json file if it
exists.  If it does not exist it will fall back to the existing
logic
2015-12-18 09:24:27 -08:00
Nick Walker
b8d4980f86 Move hiera.yaml to avoid file-sync overwriting it
File sync appears to sync everything in the $codedir which
inlcudes hiera.yaml.  When managing hiera.yaml with puppet code
you don't want file sync to overwrite its contents.  So, I'm
moving it out of $codedir and removing the original hiera.yaml
to avoid confusion for users investigating later.
2015-12-18 09:24:27 -08:00
Nick Walker
5dcdf01963 Add instructions for testing code manager
Also, add a table of contents to the README. I generated the
table of contents using

https://github.com/ekalinin/github-markdown-toc.go
2015-12-18 09:24:27 -08:00
Nick Walker
2ed03892d9 Disable file bucket to match default PE2015.3 behavior 2015-12-18 09:24:27 -08:00
Nick Walker
cc34e25fd5 Final steps to make Code Manager work
- Moved ssh key generation and git deploy key out of the puppetmaster
profile and into zack_r10k and code_manager
- Swapped code manager into the all_in_one role
- Made a 2015.2 all_in_one role if users prefer to use it
- Conditionally move all existing code out of environmentpath
to allow file sync to sync files
- Update the README to compliment the new puppet code
2015-12-18 09:22:44 -08:00
Nick Walker
1b0f63be83 Chown files in codedir to pe-puppet 2015-12-09 09:46:56 -08:00
Nick Walker
6ac2b30b38 Allow disabling authentication on code manager webhook 2015-12-09 09:46:45 -08:00
Nick Walker
947a5529a3 Disable code manager webhook authentication 2015-12-09 09:44:51 -08:00
Nick Walker
b71ab8d42e Allow code_manager profile to not error out on first run
Prior to this commit, the code manger profile could not complete
on the first run because the file function would error out

I implemented a new version of the file function that returns
nothing when the file does not exist instead of erroring out which
allows me to gate creating the webhook on whether there is content
in the file.

As a result this means that it takes 2 runs to get everything setup
but this is preferable over having to manually intervene in some
other way if the token file doesn't exist.
2015-12-09 09:44:50 -08:00
Nick Walker
2d7a9a72e1 Refactor puppetmaster and zack_r10k_webhook
Moved the webhook resource out of puppetmaster and into zack_r10k
to support exchaning code_manager in place of zack_r10k

As a result I cleaned up some unnecessary parameters.

Installing both the r10k webhook and the code_manager at this time
for testing
2015-12-09 09:44:50 -08:00
Nick Walker
4c2be74083 Add support for code manager which will replace zack r10k
Add pltraing-rbac module
Added a new profile for code_manager that:
 - creates a service users for code manager
 - creates a token for that service user
 - creates a hook on a git server using the token

Turns out that the file function in puppet cannot read files in
/root.  The pe-puppet user needs read permissions on the file
and traversal on the directory which giving to /root would
probably be a bad idea.  So, I just put the file containing
the token in /etc/puppetlabs/puppetserver since I'm not sure
where would be better.
2015-12-09 09:44:35 -08:00
Nick Walker
8c71bd0b13 Enable code manager via param in common.yaml 2015-11-25 16:06:29 -08:00
Nick Walker
63429fe9ec Add custom functions for determining some PE settings
Added a function to find the hostname and port of the classifier

Added a fucntion to return all puppetdb hostnames
2015-11-25 16:06:28 -08:00
Gary Larizza
a9d3be58aa Merge pull request #3 from WhatsARanjit/production
Chicken-and-egg issue
2015-11-25 14:26:24 -06:00
Ranjit Viswakumar
2859cffba9 Merged from upstream 2015-11-25 16:51:43 +00:00
Gary Larizza
10732cf370 Merge pull request #4 from npwalker/merge_npwalker_control_repo
Merge npwalker/control-repo in puppetlabs/control-repo
2015-11-25 10:29:54 -06:00
Nick Walker
1fd5334441 Cleanup README to generalize urls and add notes about testing
Remove a specific reference to the npwalker namespace in a
git clone command.

Add some notes that this has only been tested against 2015.2.z.
2015-11-24 13:13:08 -08:00
Nick Walker
afc9a358f3 Merge branch 'production' of https://github.com/npwalker/control-repo into merge_npwalker_control_repo 2015-11-24 11:16:51 -08:00
Ranjit Viswakumar
c2bd0d3ca1 Check for rugged or output UNIX epoch 2015-11-20 14:13:17 +00:00
Ranjit Viswakumar
f765903e25 Checking for git first 2015-11-20 14:13:17 +00:00
Nick Walker
7e40513c53 Change owner/group to pe-puppet for hiera module
When the owner / group was root this meant that enabling
hiera-eyaml wouldn't work properly as the keys couldn't
be read by puppetserver.

Changing to pe-puppet should resolve the issue.
2015-11-17 14:10:45 -08:00
Nick Walker
e5be3e2ddd fixing a bunch of puppet lint warnings 2015-10-30 13:50:10 -07:00
Nick Walker
3149d9707f Refactor webhook profiles into one profile with a parameter
Previously there was a mcollective and no_mcollective version of
the webhook profile.  They were almost identical so I merged them
and manage the difference with a "use_mcollective" parameter.

I renamed the webhook profile to zack_r10k_webhook.
2015-10-30 13:42:33 -07:00