Restructure to use r10k
authorJan Dittberner <jandd@cacert.org>
Sat, 5 Nov 2016 10:41:46 +0000 (11:41 +0100)
committerroot <root@puppet.intra.cacert.org>
Sat, 5 Nov 2016 10:43:06 +0000 (11:43 +0100)
This commit adds metadata to the profiles module, introduces a Puppetfile for
r10k and moves site specific modules to its own sitemodules directory.

25 files changed:
.gitignore
Puppetfile [new file with mode: 0644]
environment.conf
hieradata/common.yaml
hieradata/nodes/puppet.infra.cacert.org.yaml
hieradata/nodes/svn.infra.cacert.org.yaml
modules/profiles/manifests/base.pp [deleted file]
modules/profiles/manifests/init.pp [deleted file]
modules/roles/manifests/init.pp [deleted file]
modules/roles/manifests/puppetmaster.pp [deleted file]
modules/roles/manifests/svnserver.pp [deleted file]
sitemodules/profiles/Gemfile [new file with mode: 0644]
sitemodules/profiles/README.md [new file with mode: 0644]
sitemodules/profiles/Rakefile [new file with mode: 0644]
sitemodules/profiles/examples/init.pp [new file with mode: 0644]
sitemodules/profiles/files/puppet.init [new file with mode: 0644]
sitemodules/profiles/manifests/base.pp [new file with mode: 0644]
sitemodules/profiles/manifests/init.pp [new file with mode: 0644]
sitemodules/profiles/metadata.json [new file with mode: 0644]
sitemodules/profiles/profiles_/README.md [new file with mode: 0644]
sitemodules/profiles/spec/classes/init_spec.rb [new file with mode: 0644]
sitemodules/profiles/spec/spec_helper.rb [new file with mode: 0644]
sitemodules/roles/manifests/init.pp [new file with mode: 0644]
sitemodules/roles/manifests/puppetmaster.pp [new file with mode: 0644]
sitemodules/roles/manifests/svnserver.pp [new file with mode: 0644]

index 0c37026..0eae9e7 100644 (file)
@@ -1 +1,2 @@
 keys/private_key.pkcs7.pem
+modules/
diff --git a/Puppetfile b/Puppetfile
new file mode 100644 (file)
index 0000000..8b954f1
--- /dev/null
@@ -0,0 +1 @@
+mod 'puppetlabs/stdlib'
index c39193f..0fb493e 100644 (file)
@@ -10,7 +10,7 @@
 
 # Allowed settings and default values:
 
-# modulepath = ./modules:$basemodulepath
+modulepath = ./sitemodules:./modules:$basemodulepath
 # manifest = (default_manifest from puppet.conf, which defaults to ./manifests)
 # config_version = (no script; Puppet will use the time the catalog was compiled)
 # environment_timeout = (environment_timeout from puppet.conf, which defaults to 0)
index b2e666c..1b33a33 100644 (file)
@@ -1,5 +1,5 @@
 ---
-users:
+profiles::base::users:
   jandd:
     username: jandd
     fullname: Jan Dittberner
index f7bc115..02eee27 100644 (file)
@@ -1,5 +1,5 @@
 ---
 classes:
   - roles::puppetmaster
-admins:
+profiles::base::admins:
   - jandd
index 760c36b..7a66efe 100644 (file)
@@ -1,6 +1,6 @@
 ---
 classes:
   - roles::svnserver
-admins:
+profiles::base::admins:
   - jandd
   - law
diff --git a/modules/profiles/manifests/base.pp b/modules/profiles/manifests/base.pp
deleted file mode 100644 (file)
index 044fbdd..0000000
+++ /dev/null
@@ -1,21 +0,0 @@
-class profiles::base (
-) {
-  # ensure admin users for this container
-  $admins = hiera('admins')
-
-  $admins.each |String $username| {
-    notice("Admin user ${username}")
-    $user = hiera('users')[$username]
-    group { $user['username']:
-      ensure => present,
-    } ->
-    user { $user['username']:
-      ensure   => present,
-      comment  => $user['fullname'],
-      gid      => $user['username'],
-      groups   => ['sudo', 'adm'],
-      password => $user['password'],
-      uid      => $user['uid'],
-    }
-  }
-}
diff --git a/modules/profiles/manifests/init.pp b/modules/profiles/manifests/init.pp
deleted file mode 100644 (file)
index 49f1f51..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-class profiles (
-) {
-}
diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp
deleted file mode 100644 (file)
index 0b8b1a7..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-class roles (
-) {
-}
diff --git a/modules/roles/manifests/puppetmaster.pp b/modules/roles/manifests/puppetmaster.pp
deleted file mode 100644 (file)
index 9cdc95d..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-class roles::puppetmaster (
-) {
-  include profiles::base
-}
diff --git a/modules/roles/manifests/svnserver.pp b/modules/roles/manifests/svnserver.pp
deleted file mode 100644 (file)
index f744651..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-class roles::svnserver (
-) {
-  include profiles::base
-}
diff --git a/sitemodules/profiles/Gemfile b/sitemodules/profiles/Gemfile
new file mode 100644 (file)
index 0000000..4f662dc
--- /dev/null
@@ -0,0 +1,18 @@
+source ENV['GEM_SOURCE'] || 'https://rubygems.org'
+
+puppetversion = ENV.key?('PUPPET_VERSION') ? ENV['PUPPET_VERSION'] : ['>= 3.3']
+gem 'metadata-json-lint'
+gem 'puppet', puppetversion
+gem 'puppetlabs_spec_helper', '>= 1.0.0'
+gem 'puppet-lint', '>= 1.0.0'
+gem 'facter', '>= 1.7.0'
+gem 'rspec-puppet'
+
+# rspec must be v2 for ruby 1.8.7
+if RUBY_VERSION >= '1.8.7' && RUBY_VERSION < '1.9'
+  gem 'rspec', '~> 2.0'
+  gem 'rake', '~> 10.0'
+else
+  # rubocop requires ruby >= 1.9
+  gem 'rubocop'
+end
diff --git a/sitemodules/profiles/README.md b/sitemodules/profiles/README.md
new file mode 100644 (file)
index 0000000..25ac564
--- /dev/null
@@ -0,0 +1,83 @@
+# profiles
+
+#### Table of Contents
+
+1. [Description](#description)
+1. [Setup - The basics of getting started with profiles](#setup)
+    * [What profiles affects](#what-profiles-affects)
+    * [Setup requirements](#setup-requirements)
+    * [Beginning with profiles](#beginning-with-profiles)
+1. [Usage - Configuration options and additional functionality](#usage)
+1. [Reference - An under-the-hood peek at what the module is doing and how](#reference)
+1. [Limitations - OS compatibility, etc.](#limitations)
+1. [Development - Guide for contributing to the module](#development)
+
+## Description
+
+Start with a one- or two-sentence summary of what the module does and/or what
+problem it solves. This is your 30-second elevator pitch for your module.
+Consider including OS/Puppet version it works with.
+
+You can give more descriptive information in a second paragraph. This paragraph
+should answer the questions: "What does this module *do*?" and "Why would I use
+it?" If your module has a range of functionality (installation, configuration,
+management, etc.), this is the time to mention it.
+
+## Setup
+
+### What profiles affects **OPTIONAL**
+
+If it's obvious what your module touches, you can skip this section. For
+example, folks can probably figure out that your mysql_instance module affects
+their MySQL instances.
+
+If there's more that they should know about, though, this is the place to mention:
+
+* A list of files, packages, services, or operations that the module will alter,
+  impact, or execute.
+* Dependencies that your module automatically installs.
+* Warnings or other important notices.
+
+### Setup Requirements **OPTIONAL**
+
+If your module requires anything extra before setting up (pluginsync enabled,
+etc.), mention it here.
+
+If your most recent release breaks compatibility or requires particular steps
+for upgrading, you might want to include an additional "Upgrading" section
+here.
+
+### Beginning with profiles
+
+The very basic steps needed for a user to get the module up and running. This
+can include setup steps, if necessary, or it can be an example of the most
+basic use of the module.
+
+## Usage
+
+This section is where you describe how to customize, configure, and do the
+fancy stuff with your module here. It's especially helpful if you include usage
+examples and code samples for doing things with your module.
+
+## Reference
+
+Here, include a complete list of your module's classes, types, providers,
+facts, along with the parameters for each. Users refer to this section (thus
+the name "Reference") to find specific details; most users don't read it per
+se.
+
+## Limitations
+
+This is where you list OS compatibility, version compatibility, etc. If there
+are Known Issues, you might want to include them under their own heading here.
+
+## Development
+
+Since your module is awesome, other users will want to play with it. Let them
+know what the ground rules for contributing are.
+
+## Release Notes/Contributors/Etc. **Optional**
+
+If you aren't using changelog, put your release notes here (though you should
+consider using changelog). You can also add any additional sections you feel
+are necessary or important to include here. Please use the `## ` header.
diff --git a/sitemodules/profiles/Rakefile b/sitemodules/profiles/Rakefile
new file mode 100644 (file)
index 0000000..02609e3
--- /dev/null
@@ -0,0 +1,32 @@
+require 'puppetlabs_spec_helper/rake_tasks'
+require 'puppet-lint/tasks/puppet-lint'
+require 'metadata-json-lint/rake_task'
+
+if RUBY_VERSION >= '1.9'
+  require 'rubocop/rake_task'
+  RuboCop::RakeTask.new
+end
+
+PuppetLint.configuration.send('disable_80chars')
+PuppetLint.configuration.relative = true
+PuppetLint.configuration.ignore_paths = ['spec/**/*.pp', 'pkg/**/*.pp']
+
+desc 'Validate manifests, templates, and ruby files'
+task :validate do
+  Dir['manifests/**/*.pp'].each do |manifest|
+    sh "puppet parser validate --noop #{manifest}"
+  end
+  Dir['spec/**/*.rb', 'lib/**/*.rb'].each do |ruby_file|
+    sh "ruby -c #{ruby_file}" unless ruby_file =~ %r{spec/fixtures}
+  end
+  Dir['templates/**/*.erb'].each do |template|
+    sh "erb -P -x -T '-' #{template} | ruby -c"
+  end
+end
+
+desc 'Run metadata_lint, lint, validate, and spec tests.'
+task :test do
+  [:metadata_lint, :lint, :validate, :spec].each do |test|
+    Rake::Task[test].invoke
+  end
+end
diff --git a/sitemodules/profiles/examples/init.pp b/sitemodules/profiles/examples/init.pp
new file mode 100644 (file)
index 0000000..e08ceb7
--- /dev/null
@@ -0,0 +1,12 @@
+# The baseline for module testing used by Puppet Labs is that each manifest
+# should have a corresponding test manifest that declares that class or defined
+# type.
+#
+# Tests are then run by using puppet apply --noop (to check for compilation
+# errors and view a log of events) or by fully applying the test in a virtual
+# environment (to compare the resulting system state to the desired state).
+#
+# Learn more about module testing here:
+# https://docs.puppet.com/guides/tests_smoke.html
+#
+include ::profiles
diff --git a/sitemodules/profiles/files/puppet.init b/sitemodules/profiles/files/puppet.init
new file mode 100644 (file)
index 0000000..8d909bc
--- /dev/null
@@ -0,0 +1,113 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides:          puppet
+# Required-Start:    $network $named $remote_fs $syslog
+# Required-Stop:     $network $named $remote_fs $syslog
+# Should-Start:      puppet
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+### END INIT INFO
+
+DAEMON=/opt/puppetlabs/puppet/bin/puppet
+DAEMON_OPTS=""
+NAME="agent"
+PROCNAME="puppet"
+DESC="puppet agent"
+PIDFILE="/var/run/puppetlabs/${NAME}.pid"
+
+test -x $DAEMON || exit 0
+
+[ -r /etc/default/puppet ] && . /etc/default/puppet
+
+. /lib/lsb/init-functions
+
+reload_puppet_agent() {
+    start-stop-daemon --stop --quiet --signal HUP --pidfile $PIDFILE --name $PROCNAME
+}
+
+start_puppet_agent() {
+    start-stop-daemon --start --quiet --pidfile $PIDFILE --startas $DAEMON -- $NAME $DAEMON_OPTS
+}
+
+stop_puppet_agent() {
+    start-stop-daemon --stop --retry TERM/10/KILL/5 --quiet --oknodo --pidfile $PIDFILE --name $PROCNAME
+    rm -f "$PIDFILE"
+}
+
+restart_puppet_agent() {
+    log_begin_msg "Restarting $DESC"
+    stop_puppet_agent
+    start_puppet_agent
+    log_end_msg $?
+}
+
+status_puppet_agent() {
+    if (type status_of_proc > /dev/null 2>&1) ; then
+        status_of_proc -p "${PIDFILE}" "${DAEMON}" "${NAME}"
+    else
+        status_of_proc() {
+            local pidfile daemon name status
+
+            pidfile=
+            OPTIND=1
+            while getopts p: opt ; do
+                case "$opt" in
+                    p)  pidfile="$OPTARG";;
+                esac
+            done
+            shift $(($OPTIND - 1))
+
+            if [ -n "$pidfile" ]; then
+                pidfile="-p $pidfile"
+            fi
+            daemon="$1"
+            name="$2"
+            status="0"
+            pidofproc $pidfile $daemon >/dev/null || status="$?"
+            if [ "$status" = 0 ]; then
+                log_success_msg "$name is running"
+                return 0
+            elif [ "$status" = 4 ]; then
+                log_failure_msg "could not access PID file for $name"
+                return $status
+            else
+                log_failure_msg "$name is not running"
+                return $status
+            fi
+        }
+        status_of_proc -p "${PIDFILE}" "${DAEMON}" "${NAME}"
+    fi
+}
+
+case "$1" in
+    start)
+        log_begin_msg "Starting $DESC"
+        start_puppet_agent
+        log_end_msg $?
+    ;;
+    stop)
+        log_begin_msg "Stopping $DESC"
+        stop_puppet_agent
+        log_end_msg $?
+    ;;
+    reload)
+        log_begin_msg "Reloading $DESC"
+        reload_puppet_agent
+        log_end_msg $?
+    ;;
+    status)
+        status_puppet_agent
+    ;;
+    restart|force-reload)
+        restart_puppet_agent
+    ;;
+    condrestart)
+        if status_puppet_agent >/dev/null 2>&1; then
+            restart_puppet_agent
+        fi
+    ;;
+    *)
+        echo "Usage: $0 {start|stop|status|restart|condrestart|force-reload|reload}" >&2
+        exit 1
+    ;;
+esac
diff --git a/sitemodules/profiles/manifests/base.pp b/sitemodules/profiles/manifests/base.pp
new file mode 100644 (file)
index 0000000..bd0a428
--- /dev/null
@@ -0,0 +1,28 @@
+class profiles::base (
+  $admins = [],
+  $users = {},
+) {
+  # ensure admin users for this container
+  $admins.each |String $username| {
+    $user = $users[$username]
+    group { $user['username']:
+      ensure => present,
+    } ->
+    user { $user['username']:
+      ensure   => present,
+      comment  => $user['fullname'],
+      gid      => $user['username'],
+      groups   => ['sudo', 'adm'],
+      password => $user['password'],
+      uid      => $user['uid'],
+    }
+  }
+
+  file { '/etc/init.d/puppet':
+    ensure => file,
+    owner  => 'root',
+    group  => 'root',
+    mode   => '0755',
+    source => 'puppet:///modules/profiles/puppet.init',
+  }
+}
diff --git a/sitemodules/profiles/manifests/init.pp b/sitemodules/profiles/manifests/init.pp
new file mode 100644 (file)
index 0000000..49f1f51
--- /dev/null
@@ -0,0 +1,3 @@
+class profiles (
+) {
+}
diff --git a/sitemodules/profiles/metadata.json b/sitemodules/profiles/metadata.json
new file mode 100644 (file)
index 0000000..711747b
--- /dev/null
@@ -0,0 +1,14 @@
+{
+  "name": "cacert/profiles",
+  "version": "0.1.0",
+  "author": "Jan Dittberner",
+  "summary": "This module provides the CAcert specific profiles.",
+  "license": "GPL-3.0+",
+  "source": "git://git.cacert.org/cacert-puppet.git",
+  "project_page": "https://infradocs.cacert.org/",
+  "issues_url": null,
+  "dependencies": [
+    {"name":"puppetlabs-stdlib","version_requirement":">= 1.0.0 < 5.0.0"}
+  ],
+  "data_provider": "hiera"
+}
diff --git a/sitemodules/profiles/profiles_/README.md b/sitemodules/profiles/profiles_/README.md
new file mode 100644 (file)
index 0000000..514b3cc
--- /dev/null
@@ -0,0 +1,3 @@
+# CAcert profiles
+
+This module defines CAcert infrastructure specific profiles.
diff --git a/sitemodules/profiles/spec/classes/init_spec.rb b/sitemodules/profiles/spec/classes/init_spec.rb
new file mode 100644 (file)
index 0000000..6bdf019
--- /dev/null
@@ -0,0 +1,6 @@
+require 'spec_helper'
+describe 'profiles' do
+  context 'with default values for all parameters' do
+    it { should contain_class('profiles') }
+  end
+end
diff --git a/sitemodules/profiles/spec/spec_helper.rb b/sitemodules/profiles/spec/spec_helper.rb
new file mode 100644 (file)
index 0000000..2c6f566
--- /dev/null
@@ -0,0 +1 @@
+require 'puppetlabs_spec_helper/module_spec_helper'
diff --git a/sitemodules/roles/manifests/init.pp b/sitemodules/roles/manifests/init.pp
new file mode 100644 (file)
index 0000000..0b8b1a7
--- /dev/null
@@ -0,0 +1,3 @@
+class roles (
+) {
+}
diff --git a/sitemodules/roles/manifests/puppetmaster.pp b/sitemodules/roles/manifests/puppetmaster.pp
new file mode 100644 (file)
index 0000000..9cdc95d
--- /dev/null
@@ -0,0 +1,4 @@
+class roles::puppetmaster (
+) {
+  include profiles::base
+}
diff --git a/sitemodules/roles/manifests/svnserver.pp b/sitemodules/roles/manifests/svnserver.pp
new file mode 100644 (file)
index 0000000..f744651
--- /dev/null
@@ -0,0 +1,4 @@
+class roles::svnserver (
+) {
+  include profiles::base
+}