opendev
/
system-config
Code Issues Proposed changes

Optionally give mysql user all global privs. 

One our single use unittest slaves we want to allow unittests to create
and destroy arbitrary mysql database schemas. The simplest way to do
this is to grant all priveleges to the test user on the mysql server
globally. This is safe because the nodes are thrown away post test.

Change-Id: Ic92ff2f9c752d955e6f82eb4b88330b5448cfa75
This commit is contained in:
Clark Boylan 2014-02-26 11:44:45 -08:00
parent ec21ba78f6
commit 54ad9496cd
5 changed files with 24 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
modules/jenkins/manifests/slave.pp
View File

@ -6,7 +6,8 @@ class jenkins::slave(
$bare = false,
$user = true,
$python3 = false,
$include_pypy = false
$include_pypy = false,
$all_mysql_privs = false,
) {
include pip
@ -285,10 +286,12 @@ class jenkins::slave(
require => Database_user['openstack_citest@localhost'],
}
database_grant { 'openstack_citest@localhost':
privileges => ['CREATE_PRIV', 'DROP_PRIV'],
provider => 'mysql',
require => Database_user['openstack_citest@localhost'],
if ($all_mysql_privs == true) {
database_grant { 'openstack_citest@localhost':
privileges => ['all'],
provider => 'mysql',
require => Database_user['openstack_citest@localhost'],
}
}
# The puppetlabs postgres module does not manage the postgres user

5
modules/openstack_project/files/nodepool/scripts/prepare_node.sh
View File

@ -21,6 +21,7 @@ SUDO=$2
BARE=$3
PYTHON3=${4:-false}
PYPY=${5:-false}
ALL_MYSQL_PRIVS=${6:-false}
sudo hostname $HOSTNAME
wget https://git.openstack.org/cgit/openstack-infra/config/plain/install_puppet.sh
@ -30,10 +31,10 @@ sudo git clone --depth=1 git://git.openstack.org/openstack-infra/config.git \
sudo /bin/bash /root/config/install_modules.sh
if [ -z "$NODEPOOL_SSH_KEY" ] ; then
sudo puppet apply --modulepath=/root/config/modules:/etc/puppet/modules \
-e "class {'openstack_project::single_use_slave': sudo => $SUDO, bare => $BARE, python3 => $PYTHON3, include_pypy => $PYPY, }"
-e "class {'openstack_project::single_use_slave': sudo => $SUDO, bare => $BARE, python3 => $PYTHON3, include_pypy => $PYPY, all_mysql_privs => $ALL_MYSQL_PRIVS, }"
else
sudo puppet apply --modulepath=/root/config/modules:/etc/puppet/modules \
-e "class {'openstack_project::single_use_slave': install_users => false, sudo => $SUDO, bare => $BARE, python3 => $PYTHON3, include_pypy => $PYPY, ssh_key => '$NODEPOOL_SSH_KEY', }"
-e "class {'openstack_project::single_use_slave': install_users => false, sudo => $SUDO, bare => $BARE, python3 => $PYTHON3, include_pypy => $PYPY, all_mysql_privs => $ALL_MYSQL_PRIVS, ssh_key => '$NODEPOOL_SSH_KEY', }"
fi
sudo mkdir -p /opt/git

5
modules/openstack_project/files/nodepool/scripts/prepare_node_bare.sh
View File

@ -19,8 +19,11 @@
HOSTNAME=$1
SUDO='false'
BARE='false'
PYTHON3='false'
PYPY='false'
ALL_MYSQL_PRIVS='true'
./prepare_node.sh "$HOSTNAME" "$SUDO" "$BARE"
./prepare_node.sh "$HOSTNAME" "$SUDO" "$BARE" "$PYTHON3" "$PYPY" "$ALL_MYSQL_PRIVS"
sync
sleep 5

3
modules/openstack_project/files/nodepool/scripts/prepare_node_py3k.sh
View File

@ -21,5 +21,6 @@ SUDO='false'
BARE='false'
PYTHON3='true'
PYPY='true'
ALL_MYSQL_PRIVS='true'
./prepare_node.sh "$HOSTNAME" "$SUDO" "$BARE" "$PYTHON3" "$PYPY"
./prepare_node.sh "$HOSTNAME" "$SUDO" "$BARE" "$PYTHON3" "$PYPY" "$ALL_MYSQL_PRIVS"

12
modules/openstack_project/manifests/single_use_slave.pp
View File

@ -14,6 +14,7 @@ class openstack_project::single_use_slave (
$python3 = false,
$include_pypy = false,
$automatic_upgrades = false,
$all_mysql_privs = false,
$ssh_key = $openstack_project::jenkins_ssh_key
) inherits openstack_project {
class { 'openstack_project::template':
@ -26,10 +27,11 @@ class openstack_project::single_use_slave (
['-p tcp --dport 8000 -s 172.24.4.0/24 -j ACCEPT'],
}
class { 'jenkins::slave':
ssh_key => $ssh_key,
sudo => $sudo,
bare => $bare,
python3 => $python3,
include_pypy => $include_pypy,
ssh_key => $ssh_key,
sudo => $sudo,
bare => $bare,
python3 => $python3,
include_pypy => $include_pypy,
all_mysql_privs => $all_mysql_privs,
}
}