From 05f0afc60318a9c450f2d9af706da28f1be07c6e Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 19 Aug 2021 10:21:36 +0200 Subject: [PATCH 1/2] Manage unit file via systemd::unit_file --- .fixtures.yml | 1 + manifests/params.pp | 2 -- manifests/webhook.pp | 28 +++++++---------- manifests/webhook/config.pp | 2 +- manifests/webhook/package.pp | 6 ++-- metadata.json | 4 +++ spec/acceptance/basic_webhook_spec.rb | 2 +- spec/acceptance/prefix_webhook_spec.rb | 2 +- spec/classes/webhook/config_spec.rb | 24 +++++++------- spec/classes/webhook/package_spec.rb | 31 ++++++++++++------- spec/classes/webhook_spec.rb | 30 +++--------------- spec/default_module_facts.yml | 1 + templates/webhook.init.gentoo.erb | 29 ----------------- ...ebhook.service.erb => webhook.service.epp} | 4 ++- 14 files changed, 63 insertions(+), 103 deletions(-) delete mode 100644 templates/webhook.init.gentoo.erb rename templates/{webhook.service.erb => webhook.service.epp} (78%) diff --git a/.fixtures.yml b/.fixtures.yml index 1851b1b0..301981e5 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -9,6 +9,7 @@ fixtures: mcollective: https://github.com/choria-io/puppet-mcollective.git choria: https://github.com/choria-io/puppet-choria.git apt: https://github.com/puppetlabs/puppetlabs-apt.git + systemd: https://github.com/voxpupuli/puppet-systemd.git cron_core: https://github.com/puppetlabs/puppetlabs-cron_core.git yumrepo_core: https://github.com/puppetlabs/puppetlabs-yumrepo_core.git forge_modules: diff --git a/manifests/params.pp b/manifests/params.pp index fca1503f..952e3d54 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -162,12 +162,10 @@ if $facts['os']['family'] == 'Gentoo' { $webhook_service_file = '/etc/init.d/webhook' - $webhook_service_template = 'webhook.init.gentoo.erb' $webhook_service_file_mode = '0755' $webhook_background = true } else { $webhook_service_file = '/etc/systemd/system/webhook.service' - $webhook_service_template = 'webhook.service.erb' $webhook_service_file_mode = '0644' $webhook_background = false } diff --git a/manifests/webhook.pp b/manifests/webhook.pp index 9ef9718b..30f964fc 100644 --- a/manifests/webhook.pp +++ b/manifests/webhook.pp @@ -5,7 +5,7 @@ $group = $r10k::params::webhook_group, $background = $r10k::params::webhook_background, $bin_template = $r10k::params::webhook_bin_template, - $service_template = $r10k::params::webhook_service_template, + $service_template = 'webhook.service.epp', $service_file = $r10k::params::webhook_service_file, $service_file_mode = $r10k::params::webhook_service_file_mode, $use_mcollective = $r10k::params::webhook_use_mcollective, @@ -48,7 +48,7 @@ ensure => $ensure_file, owner => $user, group => $group, - before => Service['webhook'], + before => Service['webhook.service'], } file { '/var/log/webhook': @@ -56,22 +56,14 @@ owner => $user, group => $group, force => $ensure, - before => Service['webhook'], + before => Service['webhook.service'], } file { '/var/run/webhook': ensure => $ensure_directory, owner => $user, group => $group, - before => Service['webhook'], - } - - file { 'webhook_init_script': - ensure => $ensure_file, - content => template("r10k/${service_template}"), - path => $service_file, - mode => $service_file_mode, - notify => Service['webhook'], + before => Service['webhook.service'], } file { 'webhook_bin': @@ -79,12 +71,14 @@ content => template($bin_template), path => '/usr/local/bin/webhook', mode => '0755', - notify => Service['webhook'], + notify => Service['webhook.service'], } - service { 'webhook': - ensure => $ensure_service, - enable => $ensure, + systemd::unit_file { 'webhook.service': + ensure => $ensure_file, + content => epp("${module_name}/${service_template}", { 'user' => $user }), + enable => $ensure, + active => $ensure, } # We don't remove the packages/ gem as @@ -106,7 +100,7 @@ group => 'peadmin', mode => '0644', content => file("${r10k::params::puppetconf_path}/ssl/certs/pe-internal-peadmin-mcollective-client.pem",'/dev/null'), - notify => Service['webhook'], + notify => Service['webhook.service'], } } } diff --git a/manifests/webhook/config.pp b/manifests/webhook/config.pp index e7a5b600..be216864 100644 --- a/manifests/webhook/config.pp +++ b/manifests/webhook/config.pp @@ -117,7 +117,7 @@ mode => $configfile_mode, path => $configfile, content => template($yaml_template), - notify => Service['webhook'], + notify => Service['webhook.service'], } if $manage_symlink { diff --git a/manifests/webhook/package.pp b/manifests/webhook/package.pp index efd38637..aacb135a 100644 --- a/manifests/webhook/package.pp +++ b/manifests/webhook/package.pp @@ -10,7 +10,7 @@ package { 'sinatra': ensure => $sinatra_version, provider => $provider, - notify => Service['webhook'], + notify => Service['webhook.service'], } } @@ -19,7 +19,7 @@ package { 'webrick': ensure => $webrick_version, provider => $provider, - notify => Service['webhook'], + notify => Service['webhook.service'], } } @@ -27,7 +27,7 @@ package { 'json': ensure => installed, provider => $provider, - notify => Service['webhook'], + notify => Service['webhook.service'], } } } diff --git a/metadata.json b/metadata.json index 7c884365..2dcad678 100644 --- a/metadata.json +++ b/metadata.json @@ -66,6 +66,10 @@ { "name": "choria/mcollective", "version_requirement": ">= 0.10.0 <1.0.0" + }, + { + "name": "puppet/systemd", + "version_requirement": ">= 3.2.0 < 4.0.0" } ], "requirements": [ diff --git a/spec/acceptance/basic_webhook_spec.rb b/spec/acceptance/basic_webhook_spec.rb index c214fa48..4c1c4e90 100644 --- a/spec/acceptance/basic_webhook_spec.rb +++ b/spec/acceptance/basic_webhook_spec.rb @@ -12,7 +12,7 @@ class {'r10k::webhook::config': enable_ssl => false, protected => false, use_mcollective => false, - notify => Service['webhook'], + notify => Service['webhook.config'], } class {'r10k::webhook': diff --git a/spec/acceptance/prefix_webhook_spec.rb b/spec/acceptance/prefix_webhook_spec.rb index fc5aeb3c..2967b84a 100644 --- a/spec/acceptance/prefix_webhook_spec.rb +++ b/spec/acceptance/prefix_webhook_spec.rb @@ -40,7 +40,7 @@ class {'r10k::webhook::config': prefix => true, prefix_command => '/usr/local/bin/prefix_command.rb', require => File['/usr/local/bin/prefix_command.rb'], - notify => Service['webhook'], + notify => Service['webhook.service'], } class {'r10k::webhook': require => Class['r10k::webhook::config'], diff --git a/spec/classes/webhook/config_spec.rb b/spec/classes/webhook/config_spec.rb index 1f15bd27..f8f7abd2 100644 --- a/spec/classes/webhook/config_spec.rb +++ b/spec/classes/webhook/config_spec.rb @@ -24,7 +24,7 @@ owner: 'root', group: 'root', mode: '0644', - notify: 'Service[webhook]' + notify: 'Service[webhook.service]' ) end content = '--- @@ -77,7 +77,7 @@ owner: 'root', group: 'root', mode: '0644', - notify: 'Service[webhook]' + notify: 'Service[webhook.service]' ) end content = '--- @@ -140,7 +140,7 @@ owner: 'root', group: 'root', mode: '0644', - notify: 'Service[webhook]' + notify: 'Service[webhook.service]' ) end @@ -185,7 +185,7 @@ owner: 'root', group: 'root', mode: '0644', - notify: 'Service[webhook]' + notify: 'Service[webhook.service]' ) end @@ -230,7 +230,7 @@ owner: 'root', group: 'root', mode: '0644', - notify: 'Service[webhook]' + notify: 'Service[webhook.service]' ) end content = '--- @@ -275,7 +275,7 @@ owner: 'root', group: 'root', mode: '0644', - notify: 'Service[webhook]' + notify: 'Service[webhook.service]' ) end content = '--- @@ -320,7 +320,7 @@ owner: 'root', group: 'root', mode: '0644', - notify: 'Service[webhook]' + notify: 'Service[webhook.service]' ) end content = '--- @@ -363,7 +363,7 @@ owner: 'root', group: 'root', mode: '0644', - notify: 'Service[webhook]' + notify: 'Service[webhook.service]' ) end content = '--- @@ -408,7 +408,7 @@ owner: 'root', group: 'root', mode: '0644', - notify: 'Service[webhook]' + notify: 'Service[webhook.service]' ) end content = '--- @@ -453,7 +453,7 @@ owner: 'root', group: 'root', mode: '0644', - notify: 'Service[webhook]' + notify: 'Service[webhook.service]' ) end content = '--- @@ -521,7 +521,7 @@ owner: 'r10k', group: 'r10k', mode: '0600', - notify: 'Service[webhook]' + notify: 'Service[webhook.service]' ) end end @@ -540,7 +540,7 @@ owner: 'root', group: 'root', mode: '0644', - notify: 'Service[webhook]' + notify: 'Service[webhook.service]' ) end content = '--- diff --git a/spec/classes/webhook/package_spec.rb b/spec/classes/webhook/package_spec.rb index 7dbed538..77f71848 100644 --- a/spec/classes/webhook/package_spec.rb +++ b/spec/classes/webhook/package_spec.rb @@ -7,10 +7,10 @@ end let :pre_condition do - "service { 'webhook': ensure => present,}" + "service { 'webhook.service': ensure => 'running'}" end - context 'Puppet Enterprise 2016.4.2' do + context 'Puppet Enterprise 2019.8.7' do let :params do { is_pe_server: true @@ -18,7 +18,7 @@ end let :facts do facts.merge( - pe_server_version: '2016.4.2' + pe_server_version: '2019.8.7' ) end @@ -28,24 +28,33 @@ else 'puppet_gem' end - it do - is_expected.to contain_package('sinatra').with( - ensure: '~> 1.0', - provider: provider - ) - end + it { is_expected.to contain_package('sinatra').with(provider: provider) } + it { is_expected.to compile.with_all_deps } it { is_expected.not_to contain_package('webrick') } it { is_expected.not_to contain_package('json') } end + context 'Puppet FOSS 6' do + let :facts do + facts.merge( + is_pe: false, + puppetversion: '6.24.0' + ) + end - context 'Puppet FOSS 4.x' do + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_package('sinatra').with(ensure: 'installed') } + it { is_expected.to contain_package('webrick').with(ensure: 'installed') } + it { is_expected.to contain_package('json').with(ensure: 'installed') } + end + context 'Puppet FOSS 7' do let :facts do facts.merge( is_pe: false, - puppetversion: '4.8.0' + puppetversion: '7.10.0' ) end + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_package('sinatra').with(ensure: 'installed') } it { is_expected.to contain_package('webrick').with(ensure: 'installed') } it { is_expected.to contain_package('json').with(ensure: 'installed') } diff --git a/spec/classes/webhook_spec.rb b/spec/classes/webhook_spec.rb index 005b65bc..1a9d5d83 100644 --- a/spec/classes/webhook_spec.rb +++ b/spec/classes/webhook_spec.rb @@ -13,33 +13,13 @@ } end + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('r10k::webhook::package') } it { is_expected.not_to contain_file('peadmin-cert.pem').with(path: '/var/lib/peadmin/.mcollective.d/peadmin-cert.pem') } - end - - context 'On PE', if: facts[:osfamily] == 'RedHat' do - let :facts do - super().merge( - is_pe: 'true', - pe_version: '2016.4.2' - ) - end - - if facts[:operatingsystemmajrelease].to_i >= 7 - it do - is_expected.to contain_file('webhook_init_script').with( - path: '/etc/systemd/system/webhook.service', - content: %r{\[Unit\]} - ) - end - else - it do - is_expected.to contain_file('webhook_init_script').with( - path: '/etc/init.d/webhook', - content: %r{#!\/bin\/bash} - ) - end - end + it { is_expected.to contain_package('sinatra') } + it { is_expected.to contain_package('json') } + it { is_expected.to contain_package('webrick') } + it { is_expected.to contain_systemd__unit_file('webhook.service') } end end end diff --git a/spec/default_module_facts.yml b/spec/default_module_facts.yml index 3dac8bc7..654d2660 100644 --- a/spec/default_module_facts.yml +++ b/spec/default_module_facts.yml @@ -2,3 +2,4 @@ pe_version: '2016.4.1' puppet_environmentpath: '/etc/puppetlabs/code/environments' puppet_vardir: '/opt/puppetlabs/puppet/cache' +service_provider: systemd diff --git a/templates/webhook.init.gentoo.erb b/templates/webhook.init.gentoo.erb deleted file mode 100644 index 40680daf..00000000 --- a/templates/webhook.init.gentoo.erb +++ /dev/null @@ -1,29 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: $ -# Author: Robin Johnson -# Description: Enables web based runs of r10k - -WEBHOOK_PIDDIR=${WEBHOOK_PIDDIR:=/var/run/webhook/} -WEBHOOK_PIDFILE=${WEBHOOK_PIDFILE:=${WEBHOOK_PIDDIR}/webhook.pid} -WEBHOOK_USER=${WEBHOOK_USER:=<%= @user %>} -WEBHOOK_BIN=${WEBHOOK_BIN:=/usr/local/bin/webhook} - -command=${WEBHOOK_BIN} -pidfile=${WEBHOOK_PIDFILE} -start_stop_daemon_args="--pidfile ${pidfile} \ - --chuid ${WEBHOOK_USER} \ - --user ${WEBHOOK_USER} \ - --name ${command}" - -depend() { - need localmount - use net logger -} - -start_pre() { - checkpath -d -o "${WEBHOOK_USER}" "${WEBHOOK_PIDDIR}" -} - -# vim: syntax=syntax=gentoo-init-d ts=2 sts et ai: diff --git a/templates/webhook.service.erb b/templates/webhook.service.epp similarity index 78% rename from templates/webhook.service.erb rename to templates/webhook.service.epp index d8f69917..37359554 100644 --- a/templates/webhook.service.erb +++ b/templates/webhook.service.epp @@ -1,3 +1,5 @@ +<%- | String[1] $user | -%> +# THIS FILE IS MANAGED BY PUPPET [Unit] Description=R10K Webhook Service After=syslog.target network.target @@ -6,7 +8,7 @@ After=syslog.target network.target Type=simple EnvironmentFile=-/etc/sysconfig/webhook RuntimeDirectory=webhook -User=<%= @user %> +User=<%= $user %> TimeoutStartSec=90 TimeoutStopSec=30 RestartSec=10000 From 7e38f46e9d3fbef015b47d2f4a6a3aabee41fe9d Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Thu, 19 Aug 2021 13:17:57 +0200 Subject: [PATCH 2/2] delete legacy nodesets --- spec/acceptance/basic_webhook_spec.rb | 2 +- spec/acceptance/nodesets/default.yml | 42 --------------------------- 2 files changed, 1 insertion(+), 43 deletions(-) delete mode 100644 spec/acceptance/nodesets/default.yml diff --git a/spec/acceptance/basic_webhook_spec.rb b/spec/acceptance/basic_webhook_spec.rb index 4c1c4e90..7f6d1199 100644 --- a/spec/acceptance/basic_webhook_spec.rb +++ b/spec/acceptance/basic_webhook_spec.rb @@ -12,7 +12,7 @@ class {'r10k::webhook::config': enable_ssl => false, protected => false, use_mcollective => false, - notify => Service['webhook.config'], + notify => Service['webhook.service'], } class {'r10k::webhook': diff --git a/spec/acceptance/nodesets/default.yml b/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 3499b039..00000000 --- a/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,42 +0,0 @@ -HOSTS: - ubuntu-server-1204-x64: - roles: - - master - platform: ubuntu-1204-amd64 - box: puppetlabs/ubuntu-12.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/boxes/ubuntu-12.04-64-nocm - hypervisor: vagrant - centos-70-x64: - roles: - - agent - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/boxes/centos-7.0-64-nocm - hypervisor : vagrant - centos-66-x64: - roles: - - agent - platform: el-6-x86_64 - box: puppetlabs/centos-6.6-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/boxes/centos-6.6-64-nocm - hypervisor: vagrant -# ubuntu-server-1404-x64: -# roles: -# - agent -# platform: ubuntu-server-14.04-amd64 -# box: puppetlabs/ubuntu-14.04-64-nocm -# box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm -# hypervisor: vagrant - debian-78-x64: - roles: - - agent - platform: debian-7-amd64 - box: puppetlabs/debian-7.8-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/boxes/debian-7.8-64-nocm - hypervisor: vagrant - - -CONFIG: - log_level: verbose - type: foss - color: false