openstack/puppet-openstack-integration
Code Issues Proposed changes
Files
22c29c79ace347ea6b77f5658ece5e565c3ad27a
puppet-openstack-integration/functions
David Moreau-Simard 22c29c79ac Ensure $GEM_BIN_DIR is in $PATH 
This makes gem binary usage consistent (i.e, r10k) and prevents
encoutering a command not found error.

Change-Id: I3ef01274417cd88403d71af0e6216850d77cc81c
Closes-Bug: #1592113
2016-06-13 14:11:46 -04:00

169 lines
5.5 KiB
Bash
Raw Blame History

#!/bin/bash
#
# functions - puppet-openstack-integration specific functions
#
# Install external Puppet modules with r10k
# Uses the following variables:
#
# - ``SCRIPT_DIR`` must be set to script path
# - ``GEM_BIN_DIR`` must be set to Gem bin directory
install_external() {
PUPPETFILE=${SCRIPT_DIR}/Puppetfile1 r10k puppetfile install -v
}
# Install Puppet OpenStack modules with zuul-cloner
# Uses the following variables:
#
# - ``PUPPETFILE_DIR`` must be set to Puppet modules directory
# - ``SCRIPT_DIR`` must be set to script path
# - ``ZUUL_REF`` must be set to Zuul ref. Fallback to 'None'.
# - ``ZUUL_BRANCH`` must be set to Zuul branch. Fallback to 'master'.
# - ``ZUUL_URL`` must be set to Zuul URL
install_openstack() {
cat > clonemap.yaml <<EOF
clonemap:
- name: '(.*?)/puppet-(.*)'
dest: '$PUPPETFILE_DIR/\2'
EOF
# Periodic jobs run without ref on master
ZUUL_REF=${ZUUL_REF:-None}
ZUUL_BRANCH=${ZUUL_BRANCH:-master}
local project_names=$(awk '{ if ($1 == ":git") print $3 }' \
${SCRIPT_DIR}/Puppetfile0 | tr -d "'," | cut -d '/' -f 4- | xargs
)
/usr/zuul-env/bin/zuul-cloner -m clonemap.yaml \
--cache-dir /opt/git \
--zuul-ref $ZUUL_REF \
--zuul-branch $ZUUL_BRANCH \
--zuul-url $ZUUL_URL \
git://git.openstack.org $project_names
# Because openstack-integration can't be a class name.
# https://projects.puppetlabs.com/issues/5268
mv $PUPPETFILE_DIR/openstack-integration $PUPPETFILE_DIR/openstack_integration
}
# Install all Puppet modules with r10k
# Uses the following variables:
#
# - ``SCRIPT_DIR`` must be set to script path
install_all() {
PUPPETFILE=${SCRIPT_DIR}/Puppetfile r10k puppetfile install -v
}
# Install Puppet OpenStack modules and dependencies by using
# zuul-cloner or r10k.
# Uses the following variables:
#
# - ``PUPPETFILE_DIR`` must be set to Puppet modules directory
# - ``SCRIPT_DIR`` must be set to script path
# - ``ZUUL_REF`` must be set to Zuul ref
# - ``ZUUL_BRANCH`` must be set to Zuul branch
# - ``ZUUL_URL`` must be set to Zuul URL
install_modules() {
# If zuul-cloner is there, have it install modules using zuul refs
if [ -e /usr/zuul-env/bin/zuul-cloner ] ; then
csplit ${SCRIPT_DIR}/Puppetfile /'External modules'/ \
--prefix ${SCRIPT_DIR}/Puppetfile \
--suffix '%d'
install_external
install_openstack
else
install_all
fi
}
is_fedora() {
if [ -f /etc/os-release ]; then
source /etc/os-release
test "$ID" = "fedora" -o "$ID" = "centos"
else
return 1
fi
}
uses_debs() {
# check if apt-get is installed, valid for debian based
type "apt-get" 2>/dev/null
}
print_header() {
if [ -n "$(set | grep xtrace)" ]; then
set +x
local enable_xtrace='yes'
fi
local msg=$1
printf '%.0s-' {1..80}; echo
printf '| %-76s |\n' "${msg}"
printf '%.0s-' {1..80}; echo
if [ -n "${enable_xtrace}" ]; then
set -x
fi
}
install_puppet() {
if uses_debs; then
print_header 'Setup (Debian based)'
# Puppetlabs packaging:
# - trusty: puppet3 and puppet4
# - xenial: puppet4 only
if [[ ${DISTRO} == "trusty" ]] || [[ ${DISTRO} == "xenial" && ${PUPPET_MAJ_VERSION} == 4 ]]; then
if dpkg -l $PUPPET_RELEASE_FILE >/dev/null 2>&1; then
$SUDO apt-get purge -y $PUPPET_RELEASE_FILE
fi
$SUDO rm -f /tmp/puppet.deb
wget http://apt.puppetlabs.com/${PUPPET_RELEASE_FILE}-${DISTRO}.deb -O /tmp/puppet.deb
$SUDO dpkg -i /tmp/puppet.deb
# TODO(emilien): figure what installed /etc/default/puppet on the xenial nodepool image
# We have no problem on Trusty but on Xenial we need to remove /etc/default/puppet before
# trying to deploy puppet-agent from puppetlabs.com.
$SUDO rm -rf /etc/default/puppet
fi
$SUDO apt-get update
$SUDO apt-get install -y ${PUPPET_PKG}
elif is_fedora; then
print_header 'Setup (RedHat based)'
if rpm --quiet -q $PUPPET_RELEASE_FILE; then
$SUDO rpm -e $PUPPET_RELEASE_FILE
fi
# EPEL does not work fine with RDO, we need to make sure EPEL is really disabled
if rpm --quiet -q epel-release; then
$SUDO rpm -e epel-release
fi
$SUDO rm -f /tmp/puppet.rpm
wget http://yum.puppetlabs.com/${PUPPET_RELEASE_FILE}-el-7.noarch.rpm -O /tmp/puppet.rpm
$SUDO rpm -ivh /tmp/puppet.rpm
$SUDO yum install -y ${PUPPET_PKG}
fi
}
function run_puppet() {
local manifest=$1
$SUDO $PUPPET_FULL_PATH apply $PUPPET_ARGS fixtures/${manifest}.pp
local res=$?
return $res
}
function catch_selinux_alerts() {
if is_fedora; then
$SUDO sealert -a /var/log/audit/audit.log
if $SUDO grep -iq 'type=AVC' /var/log/audit/audit.log; then
echo "AVC detected in /var/log/audit/audit.log"
# TODO: figure why latest rabbitmq deployed with SSL tries to write in SSL pem file.
# https://bugzilla.redhat.com/show_bug.cgi?id=1341738
if $SUDO grep -iqE 'denied.*system_r:rabbitmq_t' /var/log/audit/audit.log; then
echo "non-critical RabbitMQ AVC, ignoring it now."
else
echo "Please file a bug on https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20OpenStack&component=openstack-selinux showing sealert output."
exit 1
fi
else
echo 'No AVC detected in /var/log/audit/audit.log'
fi
fi
}
View Git Blame Copy Permalink