Puppet Class: profile::ci::firewall

Defined in:
modules/profile/manifests/ci/firewall.pp

Overview

SPDX-License-Identifier: Apache-2.0

class contint::firewall

Parameters

Several bricks communicate with the Zuul Gearman server:

$zuul_merger_hosts

List of zuul-mergers

Parameters:

  • zuul_merger_hosts (Array[Stdlib::Fqdn]) (defaults to: lookup('profile::ci::firewall::zuul_merger_hosts')) 


10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'modules/profile/manifests/ci/firewall.pp', line 10

class profile::ci::firewall (
    Array[Stdlib::Fqdn] $zuul_merger_hosts = lookup('profile::ci::firewall::zuul_merger_hosts'),
){
    include profile::firewall
    include network::constants

    # Each master is an agent of the other
    include profile::ci::firewall::jenkinsagent

    # Gearman is used between Zuul and the Jenkin master, both on the same
    # server and communicating over localhost.
    # It is also used by Zuul merger daemons.
    firewall::service { 'gearman_from_zuul_mergers':
        proto  => 'tcp',
        port   => 4730,
        srange => $zuul_merger_hosts,
    }

    firewall::service { 'ci_http':
        proto    => 'tcp',
        port     => 80,
        src_sets => ['CACHES'],
    }
}