Puppet Class: profile::opensearch::dashboards::phatality

Defined in:
modules/profile/manifests/opensearch/dashboards/phatality.pp

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • enabled (Any) (defaults to: lookup('profile::opensearch::dashboards::phatality::enabled', { 'default_value' => true }))
  • provision_scap (Any) (defaults to: lookup('profile::opensearch::dashboards::phatality::provision_scap', { 'default_value' => true })) 


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
 
# File 'modules/profile/manifests/opensearch/dashboards/phatality.pp', line 2

class profile::opensearch::dashboards::phatality (
  $enabled          = lookup('profile::opensearch::dashboards::phatality::enabled',        { 'default_value' => true }),
  $provision_scap   = lookup('profile::opensearch::dashboards::phatality::provision_scap', { 'default_value' => true }),
) {
  if $enabled {
    # All files in /usr/share/opensearch-dashboards are owned by root, but `opensearch-dashboards-plugin install`
    # recommends it not be run as root.
    # Here we will change ownership of the plugins directory to opensearch-dashboards so that plugin installation
    # can be run as the opensearch-dashboards user.
    file { '/usr/share/opensearch-dashboards/plugins':
      owner   => 'opensearch-dashboards',
      group   => 'opensearch-dashboards',
      require => Package['opensearch-dashboards']
    }

    file { '/usr/share/opensearch-dashboards/bin/upgrade-phatality.sh':
      ensure => 'file',
      mode   => '0555',
      source => 'puppet:///modules/profile/opensearch/dashboards/phatality/upgrade-phatality.sh',
    }

    if $provision_scap {
      scap::target { 'releng/phatality':
        deploy_user => 'deploy-service',
        manage_user => true,
        require     => [
          Package['opensearch-dashboards'],
        ],
      }

      $plugincmd = '/usr/share/opensearch-dashboards/bin/opensearch-dashboards-plugin'
      $deploydir = '/srv/deployment/releng/phatality/deploy'

      sudo::user { 'opensearch-dashboards-deploy-phatality':
        user       => 'deploy-service',
        privileges => [
          "ALL = (opensearch-dashboards) NOPASSWD: ${plugincmd} install file\\://${deploydir}/*",
          "ALL = (opensearch-dashboards) NOPASSWD: ${plugincmd} remove *",
          'ALL = (root) NOPASSWD: /usr/bin/systemctl restart opensearch-dashboards',
        ]
      }
    }
  } else {
    scap::target { 'releng/phatality':
      ensure => 'absent'
    }

    sudo::user { 'opensearch-dashboards-deploy-phatality':
      ensure => 'absent'
    }

    file { '/usr/share/opensearch-dashboards/bin/upgrade-phatality.sh':
      ensure => 'absent'
    }
  }
}