Add creation of secure.conf file
This will be a new file that will store all the secrets needed by nodepool at this stage: mysql password, and jenkins masters credentials. Following there will be a patch in nodepool, to use that file to retrieve mysql and jenkins settings. By this way, nodepool.yaml can be a plain file, and not a template, and can be created into project-config. Change-Id: Ie9381740e3644feaee1f1b201499e3a253677f39
This commit is contained in:
Yolanda Robla
parent
0e6b1a2585
commit
9d943b6882
21
README.md
21
README.md
@ -3,3 +3,24 @@
|
|||||||
## Overview
|
## Overview
|
||||||
|
|
||||||
Configures Nodepool node.
|
Configures Nodepool node.
|
||||||
|
|
||||||
|
```puppet
|
||||||
|
class { '::nodepool':
|
||||||
|
mysql_root_password => 'xxx',
|
||||||
|
mysql_password => 'xxx',
|
||||||
|
nodepool_ssh_private_key => 'optional_key_content',
|
||||||
|
environment => {
|
||||||
|
optional_setting_1 => 'optional_value_1',
|
||||||
|
optional_setting_2 => 'optional_value_2',
|
||||||
|
},
|
||||||
|
jenkins_masters => [
|
||||||
|
{
|
||||||
|
name => 'jenkins_name'
|
||||||
|
user => 'jenkins_user',
|
||||||
|
apikey => 'jenkins_pass',
|
||||||
|
credentials => 'jenkins_credentials_id',
|
||||||
|
url => 'jenkins_url',
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|||||||
@ -33,6 +33,7 @@ class nodepool (
|
|||||||
$scripts_dir = '',
|
$scripts_dir = '',
|
||||||
$elements_dir = '',
|
$elements_dir = '',
|
||||||
$logging_conf_template = 'nodepool/nodepool.logging.conf.erb',
|
$logging_conf_template = 'nodepool/nodepool.logging.conf.erb',
|
||||||
|
$jenkins_masters = [],
|
||||||
) {
|
) {
|
||||||
|
|
||||||
|
|
||||||
@ -237,6 +238,19 @@ class nodepool (
|
|||||||
content => template($logging_conf_template),
|
content => template($logging_conf_template),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
validate_array($jenkins_masters)
|
||||||
|
file { '/etc/nodepool/secure.conf':
|
||||||
|
ensure => present,
|
||||||
|
owner => 'nodepool',
|
||||||
|
group => 'root',
|
||||||
|
mode => '0400',
|
||||||
|
content => template('nodepool/secure.conf.erb'),
|
||||||
|
require => [
|
||||||
|
File['/etc/nodepool'],
|
||||||
|
User['nodepool'],
|
||||||
|
],
|
||||||
|
}
|
||||||
|
|
||||||
file { '/etc/init.d/nodepool':
|
file { '/etc/init.d/nodepool':
|
||||||
ensure => present,
|
ensure => present,
|
||||||
mode => '0555',
|
mode => '0555',
|
||||||
@ -290,4 +304,5 @@ class nodepool (
|
|||||||
group => 'root',
|
group => 'root',
|
||||||
mode => '0440',
|
mode => '0440',
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
12
templates/secure.conf.erb
Normal file
12
templates/secure.conf.erb
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
[database]
|
||||||
|
dburi=mysql+pymysql://nodepool:<%= @mysql_password %>@localhost/nodepool
|
||||||
|
|
||||||
|
<% @jenkins_masters.each do |master| -%>
|
||||||
|
[jenkins "<%= master['name'] -%>"]
|
||||||
|
user=<%= master['user'] %>
|
||||||
|
apikey=<%= master['apikey'] %>
|
||||||
|
<% if master.has_key?('credentials') -%>
|
||||||
|
credentials=<%= master['credentials'] %>
|
||||||
|
<% end -%>
|
||||||
|
url=<%= master['url'] %>
|
||||||
|
<% end %>
|
||||||
Loading…
x
Reference in New Issue
Block a user