Defined Type: profile::docker::reporter::report

Defined in:
modules/profile/manifests/docker/reporter/report.pp

Summary

create systemtd timer to generate docker reports

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • ensure (Wmflib::Ensure) (defaults to: 'present')

    ensurable parameter

  • frequency (Enum['daily', 'weekly']) (defaults to: 'weekly')

    either daily or weekly to indicate how often the timer should run

  • proxy (Optional[Stdlib::HTTPUrl]) (defaults to: undef)

    the http proxy to use, if any

  • team (Optional[Wmflib::Team]) (defaults to: undef)

    the team to whom alerts should be routed

  • min_debian_version (Integer) (defaults to: 11)

    the minimum Debian OS version supported for reports.

  • target (Enum['registry', 'kubernetes']) (defaults to: 'registry')

    the system where to fetch a Docker image list from.

  • registry_endpoint (Optional[String]) (defaults to: 'docker-registry.discovery.wmnet')

    if target is 'registry', it indicates its endpoint.

  • k8s_kubeconfig

    if target is 'kubernetes', it indicates the kubeconfig's path to use.

  • rule_filename (Optional[String]) (defaults to: undef)

    the filename of the rule config file to use.

  • hour (String) (defaults to: '00:00:00')

    Depending on whether the report runs daily or weekly, this designates the time of day for each day or the time of the day on Monday.

  • k8s_kubeconfig_path (Optional[String]) (defaults to: undef) 


14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
 
# File 'modules/profile/manifests/docker/reporter/report.pp', line 14

define profile::docker::reporter::report(
    Wmflib::Ensure                 $ensure              = 'present',
    Enum['daily', 'weekly']        $frequency           = 'weekly',
    String                         $hour                = '00:00:00',
    Optional[Stdlib::HTTPUrl]      $proxy               = undef,
    Optional[Wmflib::Team]         $team                = undef,
    Integer                        $min_debian_version  = 11,
    Enum['registry', 'kubernetes'] $target              = 'registry',
    Optional[String]               $registry_endpoint   = 'docker-registry.discovery.wmnet',
    Optional[String]               $k8s_kubeconfig_path = undef,
    Optional[String]               $rule_filename       = undef,
) {
    if $rule_filename == undef {
        $filter_param = ''
    } else {
        $rule_filepath = "/etc/docker-report/${rule_filename}"
        if !defined(File[$rule_filepath]) {
            file { $rule_filepath:
                ensure => $ensure,
                owner  => 'root',
                group  => 'root',
                source => "puppet:///modules/profile/docker/reporter/${rule_filename}",
            }
        }
        $filter_param = "--filter-file /etc/docker-report/${rule_filename}"
    }

    $environment = $proxy.then |$p| {{'http_proxy' => $p}}

    $interval = $frequency ? {
        'daily' => "*-*-* ${hour}",
        'weekly' => "Mon *-*-* ${hour}"
    }

    if $target == 'kubernetes' {
        $cluster_name = inline_template('<%= @title.gsub("_", "-") %>')
        $target_param = "--k8s-cluster ${cluster_name} --k8s-kubeconfig-path ${k8s_kubeconfig_path}"
    } else {
        $target_param = "--registry ${registry_endpoint}"
    }
    systemd::timer::job { "docker-reporter-${target}-${title}-images":
        ensure            => $ensure,
        description       => "Report on upgrades to ${title} images (${target}).",
        command           => "/usr/bin/docker-report --minimum-debian-version ${min_debian_version} ${filter_param} ${target_param}",
        interval          => {'start' => 'OnCalendar', 'interval' => $interval},
        user              => 'root',
        environment       => $environment,
        syslog_identifier => "docker-report-${target}-${title}",
        team              => $team,
    }
}