opendev/system-config
Code Issues Proposed changes
Files
40b98bc8bb03d347fe0d6579a1bdd1d4557f3187
system-config/modules/openstack_project/manifests/proposal_slave.pp
Clark Boylan 7d1a297e4b Make jenkins proposal jobs use dedicated user. 
Switch all jenkins proposal jobs to a dedicated user with dedicated
credentials. This is being done to be more flexible and secure when it
comes to managing the scripts that make proposals to gerrit.

Change-Id: I2dbdd530bf5b64c14207f645512a1eb319681166
2014-04-14 15:38:31 -07:00

49 lines
1.2 KiB
Puppet
Raw Blame History

# Slave used for automatically proposing changes to Gerrit,
# Transifex and other tools.
#
# == Class: openstack_project::translation_slave
#
class openstack_project::proposal_slave (
$jenkins_ssh_public_key,
$proposal_ssh_public_key,
$proposal_ssh_private_key,
$transifex_password = '',
$transifex_username = 'openstackci',
) {
class { 'openstack_project::slave':
ssh_key => $jenkins_ssh_public_key,
}
package { ['transifex-client', 'Babel']:
ensure => latest,
provider => pip,
require => Class['pip'],
}
file { '/home/jenkins/.transifexrc':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0600',
content => template('openstack_project/transifexrc.erb'),
require => User['jenkins'],
}
file { '/home/jenkins/.ssh/id_rsa':
owner => 'jenkins',
group => 'jenkins',
mode => '0400',
require => File['/home/jenkins/.ssh'],
content => $proposal_ssh_private_key,
}
file { '/home/jenkins/.ssh/id_rsa.pub':
owner => 'jenkins',
group => 'jenkins',
mode => '0400',
require => File['/home/jenkins/.ssh'],
content => $proposal_ssh_public_key,
}
}
View Git Blame Copy Permalink