Puppet Class: profile::zuul::merger

Defined in:
modules/profile/manifests/zuul/merger.pp

Overview

Parameters:

  • conf_common (Hash) (defaults to: lookup('zuul::common'))
  • conf_merger (Hash) (defaults to: lookup('profile::zuul::merger::conf'))
  • ferm_srange (String) (defaults to: lookup('profile::zuul::merger::ferm_srange'))
  • ensure_service (Enum['stopped', 'running', 'masked']) (defaults to: lookup('profile::zuul::merger::ensure_service'))


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# File 'modules/profile/manifests/zuul/merger.pp', line 1

class profile::zuul::merger(
    Hash $conf_common = lookup('zuul::common'),
    Hash $conf_merger = lookup('profile::zuul::merger::conf'),
    String $ferm_srange = lookup('profile::zuul::merger::ferm_srange'),
    Enum['stopped', 'running', 'masked'] $ensure_service = lookup('profile::zuul::merger::ensure_service'),
) {

    include ::zuul::monitoring::merger

    $sshkey = 'AAAAB3NzaC1yc2EAAAADAQABAAAAgQCF8pwFLehzCXhbF1jfHWtd9d1LFq2NirplEBQYs7AOrGwQ/6ZZI0gvZFYiEiaw1o+F1CMfoHdny1VfWOJF3mJ1y9QMKAacc8/Z3tG39jBKRQCuxmYLO1SWymv7/Uvx9WQlkNRoTdTTa9OJFy6UqvLQEXKYaokfMIUHZ+oVFf1CgQ=='

    # zuul-merger does git operations with Gerrit over ssh on port 29418
    sshkey { 'gerrit':
        ensure => 'present',
        name   => 'gerrit.wikimedia.org',
        key    => $sshkey,
        type   => 'ssh-rsa',
        target => '/var/lib/zuul/.ssh/known_hosts',
    }

    class { '::zuul::merger':
        # Shared settings
        gerrit_server       => $conf_common['gerrit_server'],
        gerrit_user         => $conf_common['gerrit_user'],

        # Merger related
        gearman_server      => $conf_merger['gearman_server'],
        gerrit_ssh_key_file => $conf_merger['gerrit_ssh_key_file'],
        git_dir             => $conf_merger['git_dir'],
        git_email           => $conf_merger['git_email'],
        git_name            => $conf_merger['git_name'],
        zuul_url            => $conf_merger['zuul_url'],
        ensure_service      => $ensure_service,
    }

    # Serves Zuul git repositories
    user { 'gitdaemon':
        system => true,
        gid    => 'nogroup',
        home   => '/nonexistent',  # like "nobody"
    }

    class { '::git::daemon':
        description     => 'Git daemon for Zuul merger',
        base_path       => $conf_merger['git_dir'],
        directories     => [$conf_merger['git_dir']],
        user            => 'gitdaemon',
        group           => 'nogroup',
        max_connections => 96,
        environment     => {
            'HOME' => '/var/lib/gitdaemon',
        },
        require         => User['gitdaemon'],
    }

    # We run a git-daemon process to expose the zuul-merger git repositories.
    # The slaves fetch changes from it over the git:// protocol.
    # It is only meant to be used from slaves, so only accept internal
    # connections.
    ferm::service { 'git-daemon_internal':
        proto  => 'tcp',
        port   => '9418',
        srange => $ferm_srange,
    }
}