207 lines
8.5 KiB
YAML
207 lines
8.5 KiB
YAML
Namespaces:
|
|
=: org.openstack.ci_cd_pipeline_murano_app
|
|
std: io.murano
|
|
res: io.murano.resources
|
|
sys: io.murano.system
|
|
ci_cd_pipeline_murano_app: org.openstack.ci_cd_pipeline_murano_app
|
|
puppet: org.openstack.ci_cd_pipeline_murano_app.puppet
|
|
conf: io.murano.configuration
|
|
|
|
Name: Gerrit
|
|
|
|
Extends: std:Application
|
|
|
|
Properties:
|
|
instance:
|
|
Contract: $.class(puppet:PuppetInstance).notNull()
|
|
name:
|
|
Contract: $.string().notNull()
|
|
warUrl:
|
|
Contract: $.string()
|
|
Default: 'http://tarballs.openstack.org/ci/test/gerrit-v2.11.9.3.eb6e48d.war'
|
|
ldap:
|
|
Contract: $.class(ci_cd_pipeline_murano_app:OpenLDAP)
|
|
userSSH:
|
|
Contract: $.string()
|
|
|
|
Methods:
|
|
initialize:
|
|
Body:
|
|
- $._environment: $.find(std:Environment).require()
|
|
|
|
deploy:
|
|
Body:
|
|
- $.super($.deploy())
|
|
- If: $.getAttr(deployed, false)
|
|
Then:
|
|
Return:
|
|
|
|
- $securityGroupIngress:
|
|
- ToPort: 80
|
|
FromPort: 80
|
|
IpProtocol: tcp
|
|
External: true
|
|
- ToPort: 443
|
|
FromPort: 443
|
|
IpProtocol: tcp
|
|
External: true
|
|
- ToPort: 8081
|
|
FromPort: 8081
|
|
IpProtocol: tcp
|
|
External: true
|
|
- ToPort: 29418
|
|
FromPort: 29418
|
|
IpProtocol: tcp
|
|
External: true
|
|
|
|
- $._environment.securityGroupManager.addGroupIngress($securityGroupIngress)
|
|
- $._environment.reporter.report($this, 'Creating VM for Gerrit "{0}"'.format($.instance.name))
|
|
- $.instance.deploy()
|
|
- $._environment.reporter.report($this, 'Gerrit VM "{0}" with id {1} created'.format($.instance.name, $.instance.openstackId))
|
|
|
|
- $._environment.reporter.report($this, 'Installing puppet modules...')
|
|
|
|
- $this.systemConfig: new(puppet:SystemConfig)
|
|
- $this.systemConfig.installOnTheNode($this.instance)
|
|
|
|
- If: $.ldap != null
|
|
Then:
|
|
- $._environment.reporter.report($this, 'Waiting while LDAP is being deployed...')
|
|
- $.ldap.deploy()
|
|
|
|
- $.createConfiguration()
|
|
|
|
- $._deployGerrit()
|
|
- $._environment.reporter.report($this, 'Switching Gerrit to a local project-config')
|
|
- $._switchProjectConfig()
|
|
- If: $.ldap != null and not $.userSSH in [null, ''] and not $.ldap.ldapUser in [null, '']
|
|
Then:
|
|
- $._environment.reporter.report($this, "Adding user's SSH public key to Gerrit.")
|
|
|
|
- $.createAccount('', $.ldap.ldapUser, $.ldap.ldapEmail, $.userSSH, $.ldap.ldapUser)
|
|
|
|
- $._environment.reporter.report($this, 'Gerrit is deployed.')
|
|
- $.setAttr(deployed, true)
|
|
- $._environment.reporter.report($this, format('Gerrit is available at http://{0}:80 or http://{1}:8081',
|
|
$.instance.floatingIpAddress, $.instance.floatingIpAddress))
|
|
|
|
_deployGerrit:
|
|
Body:
|
|
- $._environment.reporter.report($this, 'Deploying Gerrit...')
|
|
- $resources: new(sys:Resources)
|
|
- $template: $resources.yaml('DeployGerrit.template')
|
|
- $.instance.agent.call($template, $resources)
|
|
|
|
#
|
|
# Project-config local repo
|
|
#
|
|
getProjectConfigRepo:
|
|
Body:
|
|
- Return: !yaql "format('https://{0}/open-paas/project-config', $this.instance.ipAddresses[0])"
|
|
|
|
#
|
|
# Switch to newly created project-config repo
|
|
#
|
|
_switchProjectConfig:
|
|
Body:
|
|
- $.instance.setHieraValue( 'project_config_repo', $.getProjectConfigRepo())
|
|
|
|
createLdapConfiguration:
|
|
Body:
|
|
- $ldapInstance: $.ldap.instance
|
|
- If: $ldapInstance.assignFloatingIp
|
|
Then:
|
|
- $ldapHost: $ldapInstance.floatingIpAddress
|
|
Else:
|
|
- $ldapHost: $ldapInstance.ipAddresses[0]
|
|
|
|
- $.instance.setHieraValue('ldap_ip', $ldapHost)
|
|
- $.instance.setHieraValue('ldap_domain', $.ldap.domain)
|
|
- $.instance.setHieraValue('ldap_root_user', $.ldap.ldapRootUser)
|
|
- $.instance.setHieraValue('ldap_root_password', $.ldap.ldapRootPass)
|
|
- $.instance.setHieraValue('ldap_user', $.ldap.ldapUser)
|
|
- $.instance.setHieraValue('ldap_password', $.ldap.ldapPass)
|
|
|
|
createConfiguration:
|
|
Body:
|
|
- If: $this.ldap != null
|
|
Then:
|
|
- $.createLdapConfiguration()
|
|
- $.instance.setHieraValue( 'gerrit_war_url', $this.warUrl)
|
|
- $.instance.setHieraValue( 'gerrit_github_token', '')
|
|
- $.instance.setHieraValue( 'github_project_username', 'mirademo')
|
|
- $.instance.setHieraValue( 'github_project_password', 'github_project_password')
|
|
- $.instance.setHieraValue( 'gerrit_mysql_host', 'localhost')
|
|
- $.instance.setHieraValue( 'gerrit_email_private_key', 'gerrit_email_private_key')
|
|
- $.instance.setHieraValue( 'gerrit_rest_token_private_key', 'gerrit_rest_token_private_key45620')
|
|
- $.instance.setHieraValue( 'gerritbot_password', 'P@ssw0rd')
|
|
- $.instance.setHieraValue( 'gerritbot_ssh_rsa_key_contents', 'gerritbot_ssh_rsa_key_contents')
|
|
- $.instance.setHieraValue( 'gerritbot_ssh_rsa_pubkey_contents', 'gerritbot_ssh_rsa_pubkey_contents')
|
|
# - $.instance.setHieraValue( 'gerrit_ssl_cert_file_contents', 'gerrit_ssl_cert_file_contents')
|
|
# - $.instance.setHieraValue( 'gerrit_ssl_key_file_contents', 'gerrit_ssl_key_file_contents')
|
|
# - $.instance.setHieraValue( 'gerrit_ssl_chain_file_contents', 'gerrit_ssl_chain_file_contents')
|
|
- $.instance.setHieraValue( 'gerrit_ssh_dsa_key_contents', 'gerrit_ssh_dsa_key_contents')
|
|
- $.instance.setHieraValue( 'gerrit_ssh_dsa_pubkey_contents', 'gerrit_ssh_dsa_pubkey_contents')
|
|
- $.instance.setHieraValue( 'gerrit_ssh_rsa_key_contents', 'gerrit_ssh_rsa_key_contents')
|
|
- $.instance.setHieraValue( 'gerrit_ssh_rsa_pubkey_contents', 'gerrit_ssh_rsa_pubkey_contents')
|
|
- $.instance.setHieraValue( 'gerrit_ssh_project_rsa_key_contents', 'gerrit_ssh_project_rsa_key_contents')
|
|
- $.instance.setHieraValue( 'gerrit_ssh_project_rsa_pubkey_contents', 'gerrit_project_ssh_rsa_pubkey_contents')
|
|
- $.instance.setHieraValue( 'welcome_message_gerrit_ssh_private_key', 'welcome_message_gerrit_ssh_private_key')
|
|
- $.instance.setHieraValue( 'welcome_message_gerrit_ssh_public_key', 'welcome_message_gerrit_ssh_public_key')
|
|
- $.instance.setHieraValue( 'ssh_replication_rsa_key_contents', '')
|
|
- $.instance.setHieraValue( 'gerrit_replication_ssh_rsa_pubkey_contents', '')
|
|
- $.instance.setHieraValue( 'gerrit_lp_consumer_key', 'gerrit_lp_consumer_key')
|
|
- $.instance.setHieraValue( 'gerrit_lp_access_token', 'gerrit_lp_access_token')
|
|
- $.instance.setHieraValue( 'gerrit_lp_access_secret', 'gerrit_lp_access_secret')
|
|
- $.instance.setHieraValue( 'gerrit_notify_impact_file', '/etc/project-config/gerrit/notify_impact.yaml')
|
|
- $.instance.setHieraValue( 'gerrit_contactstore_appsec', 'gerrit_contactstore_appsec')
|
|
- $.instance.setHieraValue( 'gerrit_contactstore_pubkey', 'gerrit_contactstore_pubkey')
|
|
- $.instance.setHieraValue( 'gerrit_acls_dir', '/etc/project-config/gerrit/acls')
|
|
- $.instance.setHieraValue( 'gerrit_db_user', 'gerrit2')
|
|
- $.instance.setHieraValue( 'gerrit_db_password', '12345')
|
|
- $.instance.setHieraValue( 'gerrit_db_root_password', 'P@ssw0rd')
|
|
|
|
- $.instance.setHieraValue( 'swift_store_user', 'swift_store_user')
|
|
- $.instance.setHieraValue( 'swift_store_key', 'swift_store_key')
|
|
- $.instance.setHieraValue( 'jeepyb_project_file', '/etc/project-config/gerrit/projects.yaml')
|
|
- $.instance.setHieraValue( 'project_config_config_dir', '/etc/project-config/')
|
|
|
|
#NOTE: this method doesn't work without ldap
|
|
createAccount:
|
|
Arguments:
|
|
- group:
|
|
Contract: $.string()
|
|
- fullName:
|
|
Contract: $.string().notNull()
|
|
- email:
|
|
Contract: $.string().notNull()
|
|
- sshKey:
|
|
Contract: $.string().notNull()
|
|
- name:
|
|
Contract: $.string().notNull()
|
|
Body:
|
|
- $resources: new(sys:Resources)
|
|
- $template: $resources.yaml('CreateAccount.template').bind(dict(
|
|
gerritUser => $.ldap.ldapRootUser,
|
|
group => $group,
|
|
fullName => $fullName,
|
|
email => $email,
|
|
sshKey => $sshKey,
|
|
name => $name))
|
|
- $.instance.agent.call($template, $resources)
|
|
|
|
createLabelVerified:
|
|
Body:
|
|
- $._environment.reporter.report($this, 'Creating label "Verified" in Gerrit...')
|
|
- $linux: new(conf:Linux)
|
|
- $resource: new(sys:Resources)
|
|
|
|
- $script: $resource.string('create_verified.sh')
|
|
- $linux.runCommand($.instance.agent, $script)
|
|
- $._environment.reporter.report($this, 'Label "Verified" is successfully created.')
|
|
|
|
destroy:
|
|
Body:
|
|
- $.reportDestroyed()
|
|
- $.setAttr(deployed, false)
|