Give Jenkins the ability to trigger puppet runs
* modules/openstack_project/files/salt-trigger.sudoers: Allow the jenkins user to send messages to the salt master. * modules/openstack_project/manifests/salt_trigger_slave.pp: Add the sudoers inclusion above to the salt-trigger slave. * modules/salt/manifests/master.pp: Change ownership on the existing salt configuration directory on the master to belong to the salt user, and add the file structure for the new reactor components. * modules/salt/templates/master.erb: Add reactor configuration to run tests.sls when receiving a trigger named jenkins. * modules/salt/templates/tests.reactor.erb: Define a puppet command which will be run on all minions. Change-Id: I346bb28e5b4d53618855a28f616f7c5ed0e60dc7
This commit is contained in:
parent
5945fb747b
commit
b085abb41b
|
@ -0,0 +1,2 @@
|
||||||
|
# Allow jenkins user to send Salt messages to the Salt Master
|
||||||
|
jenkins ALL=(ALL) NOPASSWD: /usr/bin/salt-call event.fire_master*
|
|
@ -10,4 +10,13 @@ class openstack_project::salt_trigger_slave (
|
||||||
jenkins_ssh_public_key => $jenkins_ssh_public_key,
|
jenkins_ssh_public_key => $jenkins_ssh_public_key,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
file { '/etc/sudoers.d/salt-trigger':
|
||||||
|
ensure => present,
|
||||||
|
owner => 'root',
|
||||||
|
group => 'root',
|
||||||
|
mode => '0440',
|
||||||
|
source => 'puppet:///modules/openstack_project/salt-trigger.sudoers',
|
||||||
|
replace => true,
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -49,14 +49,38 @@ class salt::master {
|
||||||
|
|
||||||
file { '/etc/salt/master':
|
file { '/etc/salt/master':
|
||||||
ensure => present,
|
ensure => present,
|
||||||
owner => 'root',
|
owner => 'salt',
|
||||||
group => 'root',
|
group => 'salt',
|
||||||
mode => '0644',
|
mode => '0644',
|
||||||
content => template('salt/master.erb'),
|
content => template('salt/master.erb'),
|
||||||
replace => true,
|
replace => true,
|
||||||
require => Package['salt-master'],
|
require => Package['salt-master'],
|
||||||
}
|
}
|
||||||
|
|
||||||
|
file { '/srv/reactor':
|
||||||
|
ensure => directory,
|
||||||
|
owner => 'salt',
|
||||||
|
group => 'salt',
|
||||||
|
mode => '0755',
|
||||||
|
require => [
|
||||||
|
Package['salt-master'],
|
||||||
|
User['salt'],
|
||||||
|
],
|
||||||
|
}
|
||||||
|
|
||||||
|
file { '/srv/reactor/tests.sls':
|
||||||
|
ensure => present,
|
||||||
|
owner => 'salt',
|
||||||
|
group => 'salt',
|
||||||
|
mode => '0644',
|
||||||
|
content => template('salt/tests.reactor.erb'),
|
||||||
|
replace => true,
|
||||||
|
require => [
|
||||||
|
Package['salt-master'],
|
||||||
|
File['/srv/reactor'],
|
||||||
|
],
|
||||||
|
}
|
||||||
|
|
||||||
file { '/etc/salt/pki':
|
file { '/etc/salt/pki':
|
||||||
ensure => directory,
|
ensure => directory,
|
||||||
owner => 'salt',
|
owner => 'salt',
|
||||||
|
|
|
@ -344,3 +344,10 @@ user: salt
|
||||||
# The range server (and optional port) that
|
# The range server (and optional port) that
|
||||||
# serves your cluster information
|
# serves your cluster information
|
||||||
#range_server: range:80
|
#range_server: range:80
|
||||||
|
|
||||||
|
##### Salt Reactor settings #####
|
||||||
|
#########################################
|
||||||
|
# Execute tests.sls when 'jenkins' tag found
|
||||||
|
reactor:
|
||||||
|
- 'jenkins':
|
||||||
|
- /srv/reactor/tests.sls
|
||||||
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
puppet_run:
|
||||||
|
cmd.puppet.run:
|
||||||
|
- tgt: '*'
|
Loading…
Reference in New Issue