diff options
| author | Jan Dittberner <jandd@cacert.org> | 2020-06-21 16:08:12 +0200 |
|---|---|---|
| committer | Jan Dittberner <jandd@cacert.org> | 2020-06-21 16:18:01 +0200 |
| commit | 91cbd1922c4661cfb8a1badad2ffe28849d0ffea (patch) | |
| tree | f48ae9e0b8942d8f42da10ca87af3f7747b75ca0 /sitemodules/profiles/templates | |
| parent | 787cf90126543988554191c43391f2ac496c6124 (diff) | |
| download | cacert-puppet-91cbd1922c4661cfb8a1badad2ffe28849d0ffea.tar.gz cacert-puppet-91cbd1922c4661cfb8a1badad2ffe28849d0ffea.tar.xz cacert-puppet-91cbd1922c4661cfb8a1badad2ffe28849d0ffea.zip | |
Replace custom Python webhook with packaged webhook
This commit replaces the custom Python webhook for puppet environment
deployment with the go based webhook from the Debian package with the
same name.
The puppet-deploy script only takes care of pulling from git and running
r10k now. The web requests are now handled by webhook.
Diffstat (limited to 'sitemodules/profiles/templates')
3 files changed, 54 insertions, 9 deletions
diff --git a/sitemodules/profiles/templates/puppet_server/git-pull-hook.ini.epp b/sitemodules/profiles/templates/puppet_server/git-pull-hook.ini.epp deleted file mode 100644 index 2876c16..0000000 --- a/sitemodules/profiles/templates/puppet_server/git-pull-hook.ini.epp +++ /dev/null @@ -1,9 +0,0 @@ -<%- | String $ssh_passphrase = undef, String $git_directory = undef, Array[String] $tokens = undef | -%> -# THIS FILE IS MANAGED BY PUPPET, MANUAL CHANGES WILL BE OVERWRITTEN AT THE -# NEXT PUPPET RUN. - -[git-pull-hook] -ssh_passphrase=<%= $ssh_passphrase %> -tokens=<%= $tokens.join(',') %> -git_directory=<%= $git_directory %> -logfile=/var/log/git-pull-hook.log diff --git a/sitemodules/profiles/templates/puppet_server/puppet-deploy.ini.epp b/sitemodules/profiles/templates/puppet_server/puppet-deploy.ini.epp new file mode 100644 index 0000000..fb23fea --- /dev/null +++ b/sitemodules/profiles/templates/puppet_server/puppet-deploy.ini.epp @@ -0,0 +1,14 @@ +<%- | +String $ssh_passphrase = undef, Array[String] $git_branches = undef, Hash[String, String] $git_directories = undef +| -%> +# THIS FILE IS MANAGED BY PUPPET, MANUAL CHANGES WILL BE OVERWRITTEN AT THE +# NEXT PUPPET RUN. + +[puppet-deploy] +ssh_passphrase=<%= $ssh_passphrase %> +branches=<%= $git_branches.join(",") %> + +[branch-directories] +<% $git_directories.each |String $branch, String $directory| { -%> +<%= $branch %>=<%= $directory %> +<% } -%>
\ No newline at end of file diff --git a/sitemodules/profiles/templates/puppet_server/webhook.conf.epp b/sitemodules/profiles/templates/puppet_server/webhook.conf.epp new file mode 100644 index 0000000..6db1062 --- /dev/null +++ b/sitemodules/profiles/templates/puppet_server/webhook.conf.epp @@ -0,0 +1,40 @@ +<%- | String $token = undef, Array[String] $branches = undef | -%> +[ + { + "id": "puppet-deploy", + "execute-command": "/usr/local/sbin/puppet-deploy", + "command-working-directory": "/etc/puppetlabs/code/environments", + "include-command-output-in-response": true, + "include-command-output-in-response-on-error": true, + "pass-arguments-to-command": [ + { + "source": "payload", + "name": "ref" + } + ], + "trigger-rule": { + "and": [ + { + "match": { + "type": "value", + "value": "<%= $token %>", + "parameter": { + "source": "header", + "name": "Authentication" + } + } + }, + { + "match": { + "type": "regex", + "regex": "^refs/heads/(<%= $branches.join("|") %>)$", + "parameter": { + "source": "payload", + "name": "ref" + } + } + } + ] + } + } +]
\ No newline at end of file |