openstack/puppet-openstack-integration
Code Issues Proposed changes
abd6b91e05
puppet-openstack-integration/functions
Alex Schultz 581e13e6b8 Add hiera support 
This change adds hiera support into the scenarios so we can override
items via the common.yaml heira file if need be. This change adds
support for two environment variables with run_tests.sh.

HIERA_CONFIG - full path to the hiera yaml configuration file
MANAGE_HIERA - used to enable/disable writing out a hiera.yaml config
file

Change-Id: Iad0050e09e0cc610e0eadc00e328151e88eee10e
2016-07-15 20:49:10 +00:00

189 lines
5.9 KiB
Bash
Raw Blame History

#!/bin/bash
#
# functions - puppet-openstack-integration specific functions
#
# Install external Puppet modules with r10k
# Uses the following variables:
#
# - ``SCRIPT_DIR`` must be set to script path
# - ``GEM_BIN_DIR`` must be set to Gem bin directory
install_external() {
PUPPETFILE=${SCRIPT_DIR}/Puppetfile1 r10k puppetfile install -v
}
# Install Puppet OpenStack modules with zuul-cloner
# Uses the following variables:
#
# - ``PUPPETFILE_DIR`` must be set to Puppet modules directory
# - ``SCRIPT_DIR`` must be set to script path
# - ``ZUUL_REF`` must be set to Zuul ref. Fallback to 'None'.
# - ``ZUUL_BRANCH`` must be set to Zuul branch. Fallback to 'master'.
# - ``ZUUL_URL`` must be set to Zuul URL
install_openstack() {
cat > clonemap.yaml <<EOF
clonemap:
- name: '(.*?)/puppet-(.*)'
dest: '$PUPPETFILE_DIR/\2'
EOF
# Periodic jobs run without ref on master
ZUUL_REF=${ZUUL_REF:-None}
ZUUL_BRANCH=${ZUUL_BRANCH:-master}
local project_names=$(awk '{ if ($1 == ":git") print $3 }' \
${SCRIPT_DIR}/Puppetfile0 | tr -d "'," | cut -d '/' -f 4- | xargs
)
/usr/zuul-env/bin/zuul-cloner -m clonemap.yaml \
--cache-dir /opt/git \
--zuul-ref $ZUUL_REF \
--zuul-branch $ZUUL_BRANCH \
--zuul-url $ZUUL_URL \
git://git.openstack.org $project_names
# Because openstack-integration can't be a class name.
# https://projects.puppetlabs.com/issues/5268
mv $PUPPETFILE_DIR/openstack-integration $PUPPETFILE_DIR/openstack_integration
}
# Install all Puppet modules with r10k
# Uses the following variables:
#
# - ``SCRIPT_DIR`` must be set to script path
install_all() {
PUPPETFILE=${SCRIPT_DIR}/Puppetfile r10k puppetfile install -v
}
# Install Puppet OpenStack modules and dependencies by using
# zuul-cloner or r10k.
# Uses the following variables:
#
# - ``PUPPETFILE_DIR`` must be set to Puppet modules directory
# - ``SCRIPT_DIR`` must be set to script path
# - ``ZUUL_REF`` must be set to Zuul ref
# - ``ZUUL_BRANCH`` must be set to Zuul branch
# - ``ZUUL_URL`` must be set to Zuul URL
install_modules() {
# If zuul-cloner is there, have it install modules using zuul refs
if [ -e /usr/zuul-env/bin/zuul-cloner ] ; then
csplit ${SCRIPT_DIR}/Puppetfile /'External modules'/ \
--prefix ${SCRIPT_DIR}/Puppetfile \
--suffix '%d'
install_external
install_openstack
else
install_all
fi
}
# Write out basic hiera configuration
#
# Uses the following variables:
# - ``SCRIPT_DIR`` must be set to the dir that contains a /hiera folder to use
# - ``HIERA_CONFIG`` must be set to the hiera config file location
#
configure_hiera() {
cat <<EOF >$HIERA_CONFIG
---
:backends:
- yaml
:yaml:
:datadir: "${SCRIPT_DIR}/hiera"
:hierarchy:
- "%{::operatingsystem}"
- "%{::osfamily}"
- common
EOF
}
is_fedora() {
if [ -f /etc/os-release ]; then
source /etc/os-release
test "$ID" = "fedora" -o "$ID" = "centos"
else
return 1
fi
}
uses_debs() {
# check if apt-get is installed, valid for debian based
type "apt-get" 2>/dev/null
}
print_header() {
if [ -n "$(set | grep xtrace)" ]; then
set +x
local enable_xtrace='yes'
fi
local msg=$1
printf '%.0s-' {1..80}; echo
printf '| %-76s |\n' "${msg}"
printf '%.0s-' {1..80}; echo
if [ -n "${enable_xtrace}" ]; then
set -x
fi
}
install_puppet() {
if uses_debs; then
print_header 'Setup (Debian based)'
# Puppetlabs packaging:
# - trusty: puppet3 and puppet4
# - xenial: puppet4 only
if [[ ${DISTRO} == "trusty" ]] || [[ ${DISTRO} == "xenial" && ${PUPPET_MAJ_VERSION} == 4 ]]; then
if dpkg -l $PUPPET_RELEASE_FILE >/dev/null 2>&1; then
$SUDO apt-get purge -y $PUPPET_RELEASE_FILE
fi
$SUDO rm -f /tmp/puppet.deb
wget http://apt.puppetlabs.com/${PUPPET_RELEASE_FILE}-${DISTRO}.deb -O /tmp/puppet.deb
$SUDO dpkg -i /tmp/puppet.deb
# TODO(emilien): figure what installed /etc/default/puppet on the xenial nodepool image
# We have no problem on Trusty but on Xenial we need to remove /etc/default/puppet before
# trying to deploy puppet-agent from puppetlabs.com.
$SUDO rm -rf /etc/default/puppet
fi
$SUDO apt-get update
$SUDO apt-get install -y ${PUPPET_PKG}
elif is_fedora; then
print_header 'Setup (RedHat based)'
if rpm --quiet -q $PUPPET_RELEASE_FILE; then
$SUDO rpm -e $PUPPET_RELEASE_FILE
fi
# EPEL does not work fine with RDO, we need to make sure EPEL is really disabled
if rpm --quiet -q epel-release; then
$SUDO rpm -e epel-release
fi
$SUDO rm -f /tmp/puppet.rpm
wget http://yum.puppetlabs.com/${PUPPET_RELEASE_FILE}-el-7.noarch.rpm -O /tmp/puppet.rpm
$SUDO rpm -ivh /tmp/puppet.rpm
$SUDO yum install -y ${PUPPET_PKG}
fi
}
function run_puppet() {
local manifest=$1
$SUDO $PUPPET_FULL_PATH apply $PUPPET_ARGS fixtures/${manifest}.pp
local res=$?
return $res
}
function catch_selinux_alerts() {
if is_fedora; then
$SUDO sealert -a /var/log/audit/audit.log
if $SUDO grep -iq 'type=AVC' /var/log/audit/audit.log; then
echo "AVC detected in /var/log/audit/audit.log"
# TODO: figure why latest rabbitmq deployed with SSL tries to write in SSL pem file.
# https://bugzilla.redhat.com/show_bug.cgi?id=1341738
if $SUDO grep -iqE 'denied.*system_r:rabbitmq_t' /var/log/audit/audit.log; then
echo "non-critical RabbitMQ AVC, ignoring it now."
else
echo "Please file a bug on https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20OpenStack&component=openstack-selinux showing sealert output."
exit 1
fi
else
echo 'No AVC detected in /var/log/audit/audit.log'
fi
fi
}
View Git Blame Copy Permalink