diff --git a/.fixtures.yml b/.fixtures.yml new file mode 100644 index 0000000..9845500 --- /dev/null +++ b/.fixtures.yml @@ -0,0 +1,13 @@ +--- +fixtures: + forge_modules: + stdlib: "puppetlabs/stdlib" + yumrepo_core: "puppetlabs/yumrepo_core" + apt: "puppetlabs-apt" + inifile: "puppetlabs-inifile" + registry: "puppetlabs-registry" + concat: "puppetlabs/concat" + repositories: + provision: 'https://github.com/puppetlabs/provision.git' + facts: 'https://github.com/puppetlabs/puppetlabs-facts.git' + puppet_agent: 'https://github.com/puppetlabs/puppetlabs-puppet_agent.git' diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 48c4e02..f671117 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -5,6 +5,8 @@ on: - cron: '0 0 * * *' env: + HONEYCOMB_WRITEKEY: ${{ secrets.HONEYCOMB_TOKEN }} + HONEYCOMB_DATASET: litmus tests jobs: setup_matrix: @@ -184,19 +186,3 @@ jobs: run: | buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment' - slack-workflow-status: - if: always() - name: Post Workflow Status To Slack - needs: - - Acceptance - runs-on: ubuntu-20.04 - steps: - - name: Slack Workflow Notification - uses: puppetlabs/Gamesight-slack-workflow-status@pdk-templates-v1 - with: - # Required Input - repo_token: ${{ secrets.GITHUB_TOKEN }} - slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} - # Optional Input - channel: '#team-ia-bots' - name: 'GABot' diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml index fde0377..b666103 100644 --- a/.github/workflows/pr_test.yml +++ b/.github/workflows/pr_test.yml @@ -3,6 +3,8 @@ name: "PR Testing" on: [pull_request] env: + HONEYCOMB_WRITEKEY: ${{ secrets.HONEYCOMB_TOKEN }} + HONEYCOMB_DATASET: litmus tests jobs: setup_matrix: diff --git a/.github/workflows/spec.yml b/.github/workflows/spec.yml index 90b8f34..836e5b5 100644 --- a/.github/workflows/spec.yml +++ b/.github/workflows/spec.yml @@ -7,6 +7,8 @@ on: pull_request: env: + HONEYCOMB_WRITEKEY: ${{ secrets.HONEYCOMB_TOKEN }} + HONEYCOMB_DATASET: litmus tests jobs: setup_matrix: diff --git a/.sync.yml b/.sync.yml index b919751..1bd03c7 100644 --- a/.sync.yml +++ b/.sync.yml @@ -2,7 +2,8 @@ common: disable_legacy_facts: true owner: 'ractf' - honeycomb: false + honeycomb: + writekey: "${{ secrets.HONEYCOMB_TOKEN }}" .travis.yml: delete: true @@ -17,5 +18,6 @@ appveyor.yml: unmanaged: false .github/workflows/nightly.yml: unmanaged: false + slack-notifications: false .github/workflows/release.yml: unmanaged: false diff --git a/Rakefile b/Rakefile index 2906c15..0f8754e 100644 --- a/Rakefile +++ b/Rakefile @@ -43,6 +43,7 @@ end PuppetLint.configuration.send('disable_relative') + if Bundler.rubygems.find_name('github_changelog_generator').any? GitHubChangelogGenerator::RakeTask.new :changelog do |config| raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? diff --git a/manifests/controller.pp b/manifests/controller.pp new file mode 100644 index 0000000..195a71b --- /dev/null +++ b/manifests/controller.pp @@ -0,0 +1,11 @@ +# @summary A short summary of the purpose of this class +# +# A description of what this class does +# +# @example +# include polaris::controller +class polaris::controller ( + Boolean $manage_service = true, + Stdlib::Ensure::Service $service_ensure = 'running', +) { +} diff --git a/manifests/controller/config.pp b/manifests/controller/config.pp new file mode 100644 index 0000000..dc010a0 --- /dev/null +++ b/manifests/controller/config.pp @@ -0,0 +1,8 @@ +# @summary A short summary of the purpose of this class +# +# A description of what this class does +# +# @example +# include polaris::controller::config +class polaris::controller::config { +} diff --git a/manifests/controller/service.pp b/manifests/controller/service.pp new file mode 100644 index 0000000..e630b02 --- /dev/null +++ b/manifests/controller/service.pp @@ -0,0 +1,8 @@ +# @summary A short summary of the purpose of this class +# +# A description of what this class does +# +# @example +# include polaris::controller::service +class polaris::controller::service { +} diff --git a/manifests/init.pp b/manifests/init.pp new file mode 100644 index 0000000..4d39150 --- /dev/null +++ b/manifests/init.pp @@ -0,0 +1,11 @@ +# @summary A short summary of the purpose of this class +# +# A description of what this class does +# +# @example +# include polaris +class polaris ( + Boolean $manage_package = true, + String $package_name = 'polaris', + String $package_ensure = 'latest', +) {} diff --git a/manifests/install.pp b/manifests/install.pp new file mode 100644 index 0000000..d6de8eb --- /dev/null +++ b/manifests/install.pp @@ -0,0 +1,13 @@ +# @summary A short summary of the purpose of this class +# +# A description of what this class does +# +# @example +# include polaris::install +class polaris::install { + if $polaris::manage_package { + ensure_packages($polaris::package_name, { + ensure => $polaris::package_ensure, + }) + } +} diff --git a/manifests/node.pp b/manifests/node.pp new file mode 100644 index 0000000..deccd58 --- /dev/null +++ b/manifests/node.pp @@ -0,0 +1,42 @@ +# @summary A short summary of the purpose of this class +# +# A description of what this class does +# +# @example +# include polaris::node +class polaris::node ( + Sensitive[String] $sensitive_consul_token, + Sensitive[String] $sensitive_single_user_username, + Sensitive[String] $sensitive_single_user_password, + Optional[String] $sentry_dsn, + + Boolean $manage_service = true, + Stdlib::Ensure::Service $service_ensure = 'running', + + Integer $thread_pool_size = 5, + Integer $task_threat_pool_size = 5, + Integer $reconciliation_tick_frequency = 20000, + Integer $host_info_sync_frequency = 20000, + String $scheduling_algorithm = 'roundRobin', + Integer $threadpool_timeout_seconds = 30, + Stdlib::Port $min_port = 20000, + Stdlib::Port $max_port = 65535, + String $client_refresh_interval = '10 seconds', + String $consul_host = 'localhost', + Stdlib::Port $consul_port = '8500', + String $consul_service_id = 'polaris-controller', + String $consul_retry_interval = '5 seconds', + Stdlib::Port $application_connector_port = 9090, + Stdlib::Port $admin_connector_port = 9090, + Boolean $kill_orphans = true, +) { + contain polaris::repo + contain polaris::install + contain polaris::node::config + contain polaris::node::service + + Class['polaris::repo'] + -> Class['polaris::install'] + -> Class['polaris::node::config'] + -> Class['polaris::node::service'] +} diff --git a/manifests/node/config.pp b/manifests/node/config.pp new file mode 100644 index 0000000..d46cd6a --- /dev/null +++ b/manifests/node/config.pp @@ -0,0 +1,8 @@ +# @summary A short summary of the purpose of this class +# +# A description of what this class does +# +# @example +# include polaris::node::config +class polaris::node::config { +} diff --git a/manifests/node/service.pp b/manifests/node/service.pp new file mode 100644 index 0000000..f88ada3 --- /dev/null +++ b/manifests/node/service.pp @@ -0,0 +1,19 @@ +# @summary Manage the Polaris Node service +# +# This class manages this Polaris Node service, which is packaged with the Polaris RPM. +# +# @api private +# +class polaris::node::service { + if $polaris::node::manage_service { + $service_enable = $polaris::node::service_ensure ? { + 'running' => true, + 'stopped' => false, + } + + service {'polaris-node': + ensure => $polaris::node::service_ensure, + enable => $service_enable, + } + } +} diff --git a/manifests/repo.pp b/manifests/repo.pp new file mode 100644 index 0000000..05a65f0 --- /dev/null +++ b/manifests/repo.pp @@ -0,0 +1,20 @@ +# @summary Install the Polaris RPM repo +# +# This class manages the installation of the RACTF RPM repo. +# In future this may support DEBs, and may become its own module. +# +# @api private +# +class polaris::repo { + if $polaris::manage_repo { + if $facts['os']['family'] == 'RedHat' { + yumrepo { 'ractf': + name => 'RACTF', + descr => 'RACTF Package Repo', + baseurl => 'TODO' + } + } else { + fail('Non-RedHat based operating systems are not supported yet') + } + } +} diff --git a/metadata.json b/metadata.json index cb362d8..aaccb9e 100644 --- a/metadata.json +++ b/metadata.json @@ -6,7 +6,14 @@ "license": "AGPL-3.0-or-later", "source": "https://github.com/ractf/puppet-polaris", "dependencies": [ - + { + "name": "puppetlabs/stdlib", + "version_requirement": ">= 7.0.0" + }, + { + "name": "puppetlabs/yumrepo_core", + "version_requirement": ">= 1.0.7" + } ], "operatingsystem_support": [ { @@ -14,12 +21,6 @@ "operatingsystemrelease": [ "7" ] - }, - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "7" - ] } ], "requirements": [ @@ -30,5 +31,5 @@ ], "pdk-version": "2.2.0", "template-url": "https://github.com/puppetlabs/pdk-templates#main", - "template-ref": "heads/main-0-g51828b4" + "template-ref": "heads/main-0-gb4d80a6" } diff --git a/pdk.yaml b/pdk.yaml new file mode 100644 index 0000000..4bef4bd --- /dev/null +++ b/pdk.yaml @@ -0,0 +1,2 @@ +--- +ignore: [] diff --git a/spec/classes/controller/config_spec.rb b/spec/classes/controller/config_spec.rb new file mode 100644 index 0000000..1ab02bd --- /dev/null +++ b/spec/classes/controller/config_spec.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'polaris::controller::config' do + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let(:facts) { os_facts } + + it { is_expected.to compile } + end + end +end diff --git a/spec/classes/controller/service_spec.rb b/spec/classes/controller/service_spec.rb new file mode 100644 index 0000000..017290e --- /dev/null +++ b/spec/classes/controller/service_spec.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'polaris::controller::service' do + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let(:facts) { os_facts } + + it { is_expected.to compile } + end + end +end diff --git a/spec/classes/controller_spec.rb b/spec/classes/controller_spec.rb new file mode 100644 index 0000000..a070427 --- /dev/null +++ b/spec/classes/controller_spec.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'polaris::controller' do + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let(:facts) { os_facts } + + it { is_expected.to compile } + end + end +end diff --git a/spec/classes/install_spec.rb b/spec/classes/install_spec.rb new file mode 100644 index 0000000..3ed022a --- /dev/null +++ b/spec/classes/install_spec.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'polaris::install' do + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let(:facts) { os_facts } + + it { is_expected.to compile } + end + end +end diff --git a/spec/classes/node/config_spec.rb b/spec/classes/node/config_spec.rb new file mode 100644 index 0000000..edf88e2 --- /dev/null +++ b/spec/classes/node/config_spec.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'polaris::node::config' do + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let(:facts) { os_facts } + + it { is_expected.to compile } + end + end +end diff --git a/spec/classes/node/service_spec.rb b/spec/classes/node/service_spec.rb new file mode 100644 index 0000000..a1d7337 --- /dev/null +++ b/spec/classes/node/service_spec.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'polaris::node::service' do + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let(:facts) { os_facts } + + it { is_expected.to compile } + end + end +end diff --git a/spec/classes/node_spec.rb b/spec/classes/node_spec.rb new file mode 100644 index 0000000..da6ffb9 --- /dev/null +++ b/spec/classes/node_spec.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'polaris::node' do + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let(:facts) { os_facts } + + it { is_expected.to compile } + end + end +end diff --git a/spec/classes/polaris_spec.rb b/spec/classes/polaris_spec.rb new file mode 100644 index 0000000..c0977dd --- /dev/null +++ b/spec/classes/polaris_spec.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'polaris' do + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let(:facts) { os_facts } + + it { is_expected.to compile } + end + end +end diff --git a/spec/classes/repo_spec.rb b/spec/classes/repo_spec.rb new file mode 100644 index 0000000..32e2b4b --- /dev/null +++ b/spec/classes/repo_spec.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'polaris::repo' do + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let(:facts) { os_facts } + + it { is_expected.to compile } + end + end +end