Add creation of secure.conf file

This will be a new file that will store all the secrets needed by nodepool at this stage: mysql password, and jenkins masters credentials. Following there will be a patch in nodepool, to use that file to retrieve mysql and jenkins settings. By this way, nodepool.yaml can be a plain file, and not a template, and can be created into project-config. Change-Id: Ie9381740e3644feaee1f1b201499e3a253677f39
2015-06-04 11:46:40 +02:00 · 2015-06-04 11:46:40 +02:00 · 9d943b6882
parent 0e6b1a2585
commit 9d943b6882
3 changed files with 48 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -3,3 +3,24 @@
 ## Overview

 Configures Nodepool node.
+
+```puppet
+class { '::nodepool':
+  mysql_root_password      => 'xxx',
+  mysql_password           => 'xxx',
+  nodepool_ssh_private_key => 'optional_key_content',
+  environment => {
+    optional_setting_1 => 'optional_value_1',
+    optional_setting_2 => 'optional_value_2',
+  },
+  jenkins_masters     => [
+    {
+      name        => 'jenkins_name'
+      user        => 'jenkins_user',
+      apikey      => 'jenkins_pass',
+      credentials => 'jenkins_credentials_id',
+      url         => 'jenkins_url',
+    }
+  ]
+}
+```
--- a/manifests/init.pp
+++ b/manifests/init.pp
@ -33,6 +33,7 @@ class nodepool (
  $scripts_dir = '',
  $elements_dir = '',
  $logging_conf_template = 'nodepool/nodepool.logging.conf.erb',
+  $jenkins_masters = [],
 ) {


@ -237,6 +238,19 @@ class nodepool (
    content => template($logging_conf_template),
  }

+  validate_array($jenkins_masters)
+  file { '/etc/nodepool/secure.conf':
+    ensure  => present,
+    owner   => 'nodepool',
+    group   => 'root',
+    mode    => '0400',
+    content => template('nodepool/secure.conf.erb'),
+    require => [
+      File['/etc/nodepool'],
+      User['nodepool'],
+    ],
+  }
+
  file { '/etc/init.d/nodepool':
    ensure => present,
    mode   => '0555',
@ -290,4 +304,5 @@ class nodepool (
    group  => 'root',
    mode   => '0440',
  }
+
 }
--- a/templates/secure.conf.erb
+++ b/templates/secure.conf.erb
@ -0,0 +1,12 @@
+[database]
+dburi=mysql+pymysql://nodepool:<%= @mysql_password %>@localhost/nodepool
+
+<% @jenkins_masters.each do |master| -%>
+[jenkins "<%= master['name'] -%>"]
+user=<%= master['user'] %>
+apikey=<%= master['apikey'] %>
+<% if master.has_key?('credentials') -%>
+credentials=<%= master['credentials'] %>
+<% end -%>
+url=<%= master['url'] %>
+<% end %>