* modules/gerrit/manifests/init.pp: The gerrit installer adds
jarfiles for bcprov and mysql-connector into its lib directory, but
puppet needs to know how to add them itself.
Change-Id: Id61260d0d28f1aadf85dc8604688b0131cddf682
Puppetlabs-mysql 0.6.1 correctly removes the local ::1 root user in the
account_security manifest. Upgrade to this version to take advantage of
that. Do not upgrade to latest version (0.9.0) to minimize delta that
needs testing.
Change-Id: Ic8265733f1159f34ae0afcccdea4c7d8cd44e3cb
The version of puppetlabs-mysql that we use does not remove the local
::1 root user from the mysqld. Explicitly remove this user.
Change-Id: I626fcc77c75a29d3f3cab57217b714e68a30b468
Make it possible to configure with LDAP or OPENID_SSO.
Also, it's possible to not want to need CLAs.
Change-Id: Ie6660c819f4078dd4dd5be052e74aaa98c54cab4
This commit moves the MySQL configuration from the gerrit puppet
module into a seperate mysql puppet module. The purpose of
this change is to allow us to more easily customise gerrit's
mysql configuration for each instance of gerrit that we deploy..
Partial-Bug: 1083101
Change-Id: Ibcc31b3fce8af54229fd4de69a49842ac1c428ae
We have a cgit server now, which means we should replace
all references to github with references to git.openstack.org.
Change-Id: I68ad1ce514fb4326c7d9940b5a84999af5b58562
Will take effect when Zuul is running this change:
I74702fd7d37358e6f4caa7e7ac0a3ede73184077
This change also adds that feature to the Zuul config and enables
it for OpenStack. It also adds the ability to specify HTML in a
commentlink (and uses it).
Change-Id: Idb4ad8e6079165d681271987a92cab5d8b7c81be
Modify gerrit's git replication configuration so that it
pulls in from a list of replication targets defined in
puppet rather than individually added stanzas.
Pull the replicate_github variable from files, since it
is no longer required.
The replicate_local variable remains because it's used
in the apache configuration and for setup of the local
replication space for git.
Also add the cgit server to the list of servers.
Change-Id: I68de89bb216565f1754eb9b192bd437adcbf768b
Oracle has EOLed Java 6. While OpenJDK 6 is still supported, development
on it has slowed. Upgrade to OpenJDK 7 and run Gerrit on this newer
platform.
Change-Id: Id5867a0269bc6af3e7f6214112e91c8848ffbbe4
Actually, it's support for parameterized listen_address, but the
real thing you want it for is setting the port.
Change-Id: If75fedce32f35a8f72c92fc709d5c9e8b2d35235
Reviewed-on: https://review.openstack.org/33925
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
And slow down bing (msnbot).
Change-Id: Id8361047abc2cfb52260b3d0ef01275ec3a923f5
Reviewed-on: https://review.openstack.org/32435
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Elizabeth Krumbach Joseph <lyz@princessleia.com>
Reviewed-by: Anita Kuno <anita.kuno@enovance.com>
Approved: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Change-Id: If87b0242c9203175335842832d13ebc6dfec2950
Reviewed-on: https://review.openstack.org/25119
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
* modules/gerrit/templates/gerrit.vhost.erb: If the contactstore
feature is enabled, don't shadow the URL to the fakestore CGI with
the Gerrit loopback proxy.
Change-Id: Ic6d01d671b762370b91f732c1a980051cdb5f6c2
Reviewed-on: https://review.openstack.org/20053
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
This is useful for testing Gerrit's contactstore features if you
don't have a real contact store server set up already.
* modules/gerrit/files/fakestore.cgi: An extremely trivial shell
script which returns the content Gerrit expects from a successful
submission to a contactstore server. Note this does not check the
application security key or store any of the post variables--it is
simply a black hole for contact updates.
* modules/gerrit/manifests/init.pp: If the contactstore feature is
enabled in Gerrit, install the fakestore.cgi script so it can be
available for testing.
* modules/gerrit/templates/gerrit.vhost.erb: If the contactstore
feature is enabled, ScriptAlias the /fakestore URL to the
fakestore.cgi script.
Change-Id: Ifa0f80bab9e8b8e207f0ffd83f01c8a3d904618e
Reviewed-on: https://review.openstack.org/19939
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
Change-Id: I409bd50ae374e0288531f07cfeea34856c5f8067
Reviewed-on: https://review.openstack.org/17319
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: James E. Blair <corvus@inaugust.com>
Change-Id: I6d6addc2bc0e28b289726cddd6626669dbec1e17
Reviewed-on: https://review.openstack.org/17292
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Change-Id: I6e5fa77a301eec30cff8e16bad33a91bfd95b13f
Signed-off-by: Paul Belanger <paul.belanger@polybeacon.com>
Reviewed-on: https://review.openstack.org/17176
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
Instead of keeping many of these files directly in the tree, use them
from the out-of-tree jeepyb project, which makes them easier to consume
for other people who are not us.
Change-Id: Id704f2e17dd80709ef63cbbf2c5475a08a835f91
Reviewed-on: https://review.openstack.org/16777
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
The blueprint script used openstack-ci instead of the actual project
for any non-openstack/ project. This is counter-productive now that
we have more than one org in gerrit.
Change-Id: Id06fdd89751a62c6da400adefcc84791a030d1b8
Reviewed-on: https://review.openstack.org/16994
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
Mostly documentation and parameterised class parameter complaints.
Change-Id: Idbfd348a5befb041ce6eb36f9c6b195fc0c6799f
Reviewed-on: https://review.openstack.org/16685
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
manage_projects.py was running `git diff-index --quiet HEAD --`
previously to check if project.config had changed. This apparently
returns an exit code of 1 in some cases where a diff was not expected.
Switch to using `git diff --quiet HEAD` to check if any differences are
found. This appears to be more reliable in some manual testing.
Change-Id: I253423e41f80d71a5f2389bfc421e799f00f6fd9
Reviewed-on: https://review.openstack.org/16236
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
Fixes bug #1070577
Make the notify_impact script generic so that it can handle different
types of notifications. Then add a SecurityImpact notification.
Change-Id: Id4bbf7db29e36dde783328e31685079e79d0b1e9
Reviewed-on: https://review.openstack.org/14856
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
Do not let update_bug.py reopen a FixCommitted or FixReleased bug just
because the bug number was mentioned in a commit message. In most cases
that mention is just a simple reference to a closed bug. In the rare
cases the committer actually wanted to reopen a closed bug, he should
rather have open a specific bug about it anyway.
Fixes bug 1078745
Change-Id: I513e6fc73d6bab02de21628e55a5d28189834632
Reviewed-on: https://review.openstack.org/16080
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Change-Id: If10bd25e71f321a7b3ea1cbbe42ab5ec764d62b0
Reviewed-on: https://review.openstack.org/16215
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
The format of the projects.yaml file has been updated and
fetch_remotes.py could not parse it. Correct this by making
fetch_remotes.py aware of the format changes.
Change-Id: Ic0680d02c0e9ce31aae805ac2495957f106acb0a
Reviewed-on: https://review.openstack.org/16098
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
manage_projects.py was unable to find groups in the ACL files because it
was looking for lines that began with tabs but we normalized to lines
beginning with 8 spaces. Also the git clone command string formatting
was not correct.
Change-Id: Ib65d7ad0ca3861d61d7557be72a7c6d6d6e21265
Reviewed-on: https://review.openstack.org/16144
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
In the manage_projects.py script print the captured git output when git
push fails.
Change-Id: I77d8b7e926b6b23b4727a1856a79146daa9d6381
Reviewed-on: https://review.openstack.org/16137
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
In the manage_projects.py script ignore any project whose Github org we
do not control. Do not create a Github project, gerrit project, or
manage any ACLs.
Change-Id: I0d4595c49ffa7762976a433bf9b16fc6fcaf73e5
Reviewed-on: https://review.openstack.org/16102
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
Set Openstack Project Creator as the commit author for all commits in
the manage_projects.py script.
Change-Id: I994ee0a43e783415d0976143509497a71187b9ab
Reviewed-on: https://review.openstack.org/16094
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
Manage project creation via yaml files. Also,
Modify the manage_projects scripts to configure Gerrit project ACLs.
This change expects the project yaml to exist. The change will clone the
project for the localhost Gerrit install. It will then checkout the
meta/config ref, copy the ACL config file into the repo, commit, and
push to the origin. The ACL config location should be specified in the
projects.yaml file with the acl_config key.
For this to work the ACLs will need to be copied by Puppet from Puppet
to the Gerrit host. Add the file resource to do this as well.
Change-Id: I15a1ec13b381dce3c115c01c21f404ab79e72cc4
Reviewed-on: https://review.openstack.org/15352
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
* Rakefile: Override line length warnings from puppet-lint with its
disable_80chars option.
* modules/gerrit/manifests/cron.pp, modules/gerrit/manifests/init.pp,
modules/gerrit/manifests/remotes.pp, modules/lodgeit/manifests/site.pp,
modules/openstack_project/manifests/cacti.pp: Undo line continuations on
long strings. These were causing particular problems when attempting to
apply crontab entries.
Change-Id: I417788d7953ee0d2b717349564ee9cc78c0c49c2
Reviewed-on: https://review.openstack.org/15822
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
We have a huge list of projects with all of them listing "close-pull" as an
option. Turns out we want to close pull requests for all of them - so instead,
let's only indicate 'has-pull-requests' if there is ever a project for whom
we do not want to close pull requests.
Change-Id: I4db31d324b7f260ea24f538ac5f5fc8e1feca75d
Reviewed-on: https://review.openstack.org/15626
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
It is hard to filter the DocImpact emails using the subject as there is
little change specific information added to the subject. Correct this by
adding the change number to the subject line.
Change-Id: I8f852184090a517852d57a2f0db34421f8a7ddb5
Reviewed-on: https://review.openstack.org/15246
Reviewed-by: Anne Gentle <anne@openstack.org>
Reviewed-by: Tom Fifield
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
Change-Id: I5a52c0fd0f5a35c32aa71c0f93500aa59e495066
Reviewed-on: https://review.openstack.org/14910
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Have hiera and puppet manage gerrits ssh:29418 keys (RSA and DSA). These
keys go in /home/gerrit2/review_site/etc.
Change-Id: If8cb3ec5a2e2c582b7fa6d87c520fc0cb7c2f205
Reviewed-on: https://review.openstack.org/14365
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
I hope. The grant parameter appears to want an array so give it one.
Also enforce order by requiring the mysql server and account security
settings in the DB resource.
Change-Id: I2c99c25cb09cb5b68240a5fbd146f47ba8aee410
Reviewed-on: https://review.openstack.org/14320
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
The destination dir for the bcpg link needs to be present before the
link can be made. Add that dir to the gerrit init manifest and require
it in the link file resource.
Change-Id: I462cc96dcd0eafa814e3e3599a96eacc64665bcf
Reviewed-on: https://review.openstack.org/14319
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Change-Id: I68c6cd9b24c93f9f1cc2ba92eceae49b3c38ed36
Reviewed-on: https://review.openstack.org/14176
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
Recent ssl cert management changed the group on the ssl keys to root
from ssl-cert. Change it back.
Change-Id: I6dcbeca364fa9c435aee520248a59f0917cd02a8
Reviewed-on: https://review.openstack.org/14116
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Use Hiera to store the review.o.o SSL certs and pass them down to the
gerrit module.
While modifying these files fix indentation and rocket ship alignment
according to puppet lint in the sections touched.
Change-Id: I914b0dea72c77dedb44a4e6f51417985e673b315
Reviewed-on: https://review.openstack.org/13975
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Add openstack/tempest to the list of projects where commits directly
trigger a Launchpad FixReleased status change.
Fixes bug 1058007
Change-Id: Id5f5033e37d92efc5e790722cde88c040541f72d
Reviewed-on: https://review.openstack.org/13818
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
* modules/gerrit/manifests/init.pp: The file block for the bcpg.jar
symlink should require the libbcpg-java package rather than the jarfile
it installs.
Change-Id: Icf4356c51425a816aea523f835e8bc7c62055b28
Reviewed-on: https://review.openstack.org/13392
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
This replaces the previous Echosign+Launchpad+Wiki+approver-based
asynchronous contributor license agreement signing process with a
fully-automated one contained entirely within Gerrit itself.
Note that the CLA features in Gerrit's WebUI depend on a modified
gerrit.war with an earlier patch reverted:
https://review.openstack.org/12716
* manifests/site.pp(review-dev.openstack.org): Fill contactstore_appsec
and contactstore_pubkey private material from hiera, for use by Gerrit's
contact store feature. Similar entries should be added for
review.openstack.org before going into production.
* modules/gerrit/manifests/init.pp(gerrit): Add contactstore,
contactstore_appsec and contactstore_url variables needed by the
gerrit.config.erb template, and contactstore_pubkey needed by the
contact_information.pub.erb template. Add a conditional block so that if
contactstore is enabled it installs the libbcpg-java package which
Bouncy Castle needs for OpenPGP operations, links the bcpg.jar into
Gerrit's lib directory, and builds contact_information.pub from the
contact_information.pub.erb template.
* modules/gerrit/templates/contact_information.pub.erb: New template
which is effectively an empty file waiting to be filled with the
contents of the contactstore_pubkey variable. The
gerrit_contact_information.pub file built from it gets used to encrypt
contact information filed by users in such a way that it can only be
decrypted by the private key held by the Foundation.
* modules/gerrit/templates/gerrit.config.erb(contactstore): New section,
implemented conditionally for safety. Once enabled, if the
contactstore_appsec and contactstore_url are unset then Gerrit will
refuse to start. If the system referred to by contactstore_url is
unresponsive or contactstore_appsec does not contain the shared secret
it's expecting, contributors will be unable to file initial or updated
contact information through Gerrit's WebUI.
* modules/openstack_project/files/gerrit/cla.html: A stripped-down HTML
copy of http://wiki.openstack.org/CLA retaining all the original
wording. This will probably need updating by OpenStack Foundation staff.
* modules/openstack_project/manifests/gerrit.pp
(openstack_project::gerrit): Add contactstore, contactstore_appsec,
contactstore_pubkey and contactstore_url variables to pass back into the
gerrit module. Also define the cla_description, cla_file, cla_id and
cla_name variables which get used in the gerrit_set_agreements.sh.erb
template. Add an entry to install the cla.html file.
* modules/openstack_project/manifests/review_dev.pp
(openstack_project::review_dev): Add the contactstore_appsec and
contactstore_pubkey variables so they can be filled in by hiera.
Override the war to pull in the g69c8fa6 test build which has the
aforementioned CLA bits restored. Turn on contactstore and set
contactstore_url to point to an existing test CGI on the Internet until
the Foundation has theirs ready. Pass contactstore_appsec and
contactstore_pubkey through up into gerrit.pp. Add an entry for the
set_agreements.sh script built from the gerrit_set_agreements.sh.erb
template and then execute it to add the new CLA to Gerrit's DB and mark
the old one expired. Similar changes should be made in review.pp before
going into production.
* modules/openstack_project/templates/gerrit_set_agreements.sh.erb: New
template used to build a set_agreements.sh script which checks Gerrit's
database and, if necessary, expires the old Echosign CLA and adds the
new local CLA. These conditions are checked and associated operations
performed independently, so subsequent runs become a no-op.
Post-migration, this can probably be neutered further and kept around
for pushing future CLA modifications into the database when needed.
Change-Id: Ib7136fef23dbd5602955649b33a57bc8d7106026
Reviewed-on: https://review.openstack.org/13058
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
For consistency use development version of the LP API in the scripts
that query the Launchpad API.
Change-Id: I39b145684563738dd5615d863720ec364c4987c3
Reviewed-on: https://review.openstack.org/11508
Reviewed-by: linuxjedi <andrew@linuxjedi.co.uk>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
Change-Id: I20aa549cf87f24d13d302fc219df84727c9fba10
Reviewed-on: https://review.openstack.org/11041
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
With these applied, initial install actually works 100% through.
Change-Id: I6587a537beb5703bf11783f3df79278ea1c7aca5
Reviewed-on: https://review.openstack.org/10718
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
Change-Id: Iff55f35c0d9888f1029115c17d4644a68d4e8b4c
Reviewed-on: https://review.openstack.org/10727
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Approved: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
If replicate_local is set, this will ensure that /var/lib/git is created,
and that projects listed in the projects.config have repos there.
Additionally, it creates a new config file, projects.config which is a
yaml file listing all of the projects and various operational semantics about
them, such as whether or not they should have pull requests closed and whether
or not they track any remotes. This replaces remotes.config and github.config.
Moving forward, there is no reason to not have this script be able to
do github api calls to create the github repo if it's not there, set the
github project description, gerrit api calls to create the project in gerrit,
and initial project permissions templates.
Change-Id: I1ad803b0aa5f7386206d0c3f4cd858017242fe64
Also, moved depends for launchpad sync script to the launchpad sync
module, and put the ntp stuff into an ntp module.
Change-Id: I2568752493fefa305f9108a23da101d80a311552
Additionally, the file installation of the scripts wasn't working,
so the sync script wasn't actually getting installed. This moves
the underlying scripts to be installed by the gerrit module,
because it owns /usr/local/gerrit/scripts, and then manages the
gerrit hooks which call those scripts in the openstack_project
class, since that's where the config choice to enable those
functions really should live.
Change-Id: I54fb9edd9fb0c634d8d9de4e57f9ddad6af63a99
Variable interpolation needs <%= not just <%. :)
Also, while I was in there, I replaced default with "oneiric",
because I don't actually know that the value is a good default value,
and I removed a couple of comments about moving to MySQL and Apache
modules from upstream.
Change-Id: Iec5b10cee2cbd0e0a2573fefa707d34d2a363cb4
Set the replication authGroup for github to Anonymous Users.
Enable the "mirror" option which "will remove remote branches that absent
locally or invisible to the replication (i.e. read access denied via
authGroup option)."
Disable replicatePermissions which will cause permissions-only projects and
the refs/meta/config branch not to be replicated. I'm ambivalent about
refs/meta/config, but disabling permissions-only projects will remove
the periodic errors we get when trying to replicate All-Projects to github.
Change-Id: I9c302b68e0a213d35683d7105341788923c5770a
Launchpad integration and the OpenStack branding files are really
more about the OpenStack specific install of Gerrit than they are
about any installation of gerrit. Both of these are moved to the
openstack_project module.
Change-Id: I8b281aa5cb751a8023c2101c45146a3aca5f90f3
TODO: Add another script that sets the project description. Add the project
description to the config hash.
Change-Id: If4584b2a1e55e6eb912e1f557e31de216d49a516
The openstack documentation team has a new mailing list in part to
accomodate the DocImpact notifier. Update the destination address in
the notify_doc_impact script to send mail to
openstack-docs@lists.openstack.org.
Change-Id: I041194298a18e5f710c6e3bd7221dee2099733e8
Assumes that every project in gerrit has a corresponding repo in
/var/lib/git that can be replicated to. That's probably a one-time offline
creation, followed by an additional step in the adding a project docs.
Change-Id: If9b987717550d5b251366c1408d949c55e64828a
heat is in heat-api/heat
Verify trigger is for -2 in the code, not -1
Heat's repo is in heat-api instead of stackforge, so Gerritbot needs
to monitor that
Change-Id: I0526a32489c9af67198fcebeebdf3271c5751c49
Fixes bug #1020987
Update GerritBot with the ability to talk on multiple channels. This
way a single GerritBot instance can operate in multiple channels for
multiple projects. To make this work this change introduces a new
channel configuration file (yaml) for GerritBot that specifies each
channel that GerritBot should join and the changes that channel is
interested in.
The config should look something like:
channel-foo:
events:
- patchset-created
- change-merged
projects:
- test/bar
- test/foo
branches:
- master
Change-Id: I8e278f9be5182611981a3d912cc323bd3d386fc5
Stop marking python-PROJECT client bug fixes as fixed in PROJECT, by
removing the exception mapping. This is due to client projects now
having their own Launchpad project.
Change-Id: I56471c9efff143f79421729880626c5e78c6200b
Set the timeout to 5000 minutes, which, due to a bug in gerrit
really means 5 minutes, which is the documented default value.
Change-Id: I85127cc44ed6f182a0e06083641d2d872f11d8b3
Add a doc impact notifier to Gerrit that will email the documentation
team whenever changes with "DocImpact" in their commit messages are
pushed to Gerrit.
Change-Id: Ibbb4ac740efa60ef44fd4753ad8459437d98e592
Fixes bug #1012310
Seems github won't let you request an issue if issues are disabled
on a repo. So attempt to get around this by creating an Issue object
derived from a pull requests URL. Then comment on this issue object.
Change-Id: If64640ebc1d86d86360e5657f4245541620fcebb
Fixes bug #1012310
Old version of script didn't appear able to find repos as part of
organizations. Update script to search for the repos under orgs.
Change-Id: I04696152bc3b7ecb63a5704768c27ff796d3ffc9
Fixes bug #1012310
Github disabled v1 and v2 of their API permanently, forcing us to
update the script that closes Github pull requests to v3 of the API.
Update the script using the PyGithub lib.
Change-Id: I90c9faacdb7a72a470b8ad6aaea674edd9b8329e
Stop using latest for packages installed by puppet. This way,
all system packages get updated, not just some random ones.
The unattended-upgrades config will email root. It is configured
for openstack servers and jenkins slaves, but not template hosts
so that it doesn't interfere with spin-up.
Also, fix some bits in the gerrit module that were causing
continuous restarts on gerrit-dev.
Install emacs.
Change-Id: I51c9083ccd3669f284fce4b50c36a37a0cac92d8
Increase the heap size and dramatically increase the ssh threads.
Add some more recommended parameters (see site manifest for details).
Parameterize tunables in gerrit config file.
Change-Id: Ia6446b29426f56a77425eed93a7f0e448c3cd7b1