Browse Source

[CiCd2] Puppet-based cicd-environment

Change-Id: I6d477c44c8cb1727e2af249f3a1b4128f47c6912
changes/56/349556/30
Alexey Khivin 3 years ago
parent
commit
7ebfcacac7

+ 181
- 0
murano-apps/CiCd2/package/Classes/CiCd2.yaml View File

@@ -0,0 +1,181 @@
1
+Namespaces:
2
+  =: org.openstack.ci_cd_pipeline_murano_app.v2
3
+  std: io.murano
4
+  res: io.murano.resources
5
+  sys: io.murano.system
6
+  cicd: org.openstack.ci_cd_pipeline_murano_app
7
+  puppet: org.openstack.ci_cd_pipeline_murano_app.puppet
8
+  net: org.openstack.ci_cd_pipeline_murano_app.utils.net
9
+  conf: io.murano.configuration
10
+
11
+Name: CiCd2
12
+
13
+Extends: std:Application
14
+
15
+Properties:
16
+  nodes:
17
+    Default: ['review', 'jenkins', 'openldap']
18
+    Contract: [$.string().notNull()]
19
+    Usage: Const
20
+
21
+  server:
22
+    Contract: $.class(puppet:PuppetInstance)
23
+    Usage: InOut
24
+
25
+  clients:
26
+    Contract:
27
+      - $.class(puppet:PuppetClient)
28
+    Usage: InOut
29
+
30
+  name:
31
+    Contract: $.string().notNull()
32
+    Default: 'CiCd2'
33
+
34
+  puppetfileLink:
35
+    Contract: $.string().notNull()
36
+    Default: 'https://raw.githubusercontent.com/akhivin/cicd-dependencies/master/Puppetfile'
37
+
38
+  master:
39
+    Contract: $.class(puppet:PuppetServer)
40
+    Usage: InOut
41
+
42
+  clientsByName:
43
+    Contract: {}
44
+    Usage: InOut
45
+
46
+  mainManifestPath:
47
+    Default: '/etc/puppet/environments/production/manifests/site.pp'
48
+    Usage: Const
49
+    Contract: $.string().notNull()
50
+
51
+  flavor:
52
+    Contract: $.string().notNull()
53
+
54
+  osImage:
55
+    Contract: $.string().notNull()
56
+
57
+  keyPair:
58
+    Contract: $.string().notNull()
59
+
60
+  availabilityZone:
61
+    Contract: $.string().notNull()
62
+
63
+Methods:
64
+  .init:
65
+    Body:
66
+      - $._environment: $.find(std:Environment).require()
67
+
68
+  deploy:
69
+    Body:
70
+      - $._environment.reporter.report($this,
71
+          'Using Puppetfile to install dependencies={0}'.format(
72
+            $this.puppetfileLink))
73
+
74
+      - $._environment.reporter.report($this, 'Nodes list={0}'.format($this.nodes))
75
+
76
+      - $rules:
77
+          - FromPort: 1
78
+            ToPort: 65535
79
+            IpProtocol: tcp
80
+            External: false
81
+          - FromPort: 1
82
+            ToPort: 65535
83
+            IpProtocol: tcp
84
+            External: true
85
+
86
+      - $this._environment.securityGroupManager.addGroupIngress(
87
+          rules => $rules)
88
+
89
+      # Deploy node for master and slave nodes in pararallel
90
+      - Parallel:
91
+        - If: $.server = null
92
+          Then:
93
+            - $this.server: new(puppet:PuppetInstance, $this._environment,
94
+                name => 'master',
95
+                flavor => $this.flavor,
96
+                image => $this.osImage,
97
+                keyname => $this.keyPair,
98
+                availabilityZone => $this.availabilityZone,
99
+                assignFloatingIp => true)
100
+            - $this.server.deploy()
101
+
102
+        - If: len($this.clients) = 0
103
+          Then:
104
+            - $this.clients: $this.nodes.select(
105
+                new(puppet:PuppetClient,
106
+                  $this._environment,
107
+                  instance => new(
108
+                    puppet:PuppetInstance,
109
+                    $this._environment,
110
+                    name => concat('puppet_', $),
111
+                    flavor => $this.flavor,
112
+                    image => $this.osImage,
113
+                    keyname => $this.keyPair,
114
+                    availabilityZone => $this.availabilityZone,
115
+                    assignFloatingIp => true),
116
+                  role => $))
117
+
118
+            - $this.clients.pselect($.instance.deploy())
119
+
120
+        - $this.clientsByName: dict($this.clients.select([$.role, $]))
121
+
122
+      - $this.master: new(puppet:PuppetServer,
123
+          masterInstance => $this.server,
124
+          environment => $this._environment,
125
+          manifest => $this.mainManifestPath)
126
+
127
+      # add every node with the role assigned to it
128
+      - $this.clients.select(
129
+          $this.master.addClient($))
130
+
131
+      - $this.master.configure()
132
+
133
+      - $._environment.reporter.report($this, 'Preparing data for Gerrit')
134
+
135
+      - $gerritConfigurator: new(GerritConfigurator)
136
+      - $gerritConfigurator.configure($this.master.masterInstance)
137
+
138
+      - $._environment.reporter.report($this, 'Preparing data for Jenkins')
139
+
140
+      - $jenkinsConfigurator: new(JenkinsConfigurator)
141
+      - $jenkinsConfigurator.configure($this.master.masterInstance)
142
+
143
+      - $._environment.reporter.report($this, 'Preparing data for LDAP')
144
+
145
+      - $ldapConfigurator: new(LdapConfigurator)
146
+      - $ldapConfigurator.configure($this.master.masterInstance)
147
+
148
+      - $this._environment.reporter.report($this, 'Installing dependencies')
149
+
150
+      - $this.master.installDependencies(
151
+          environment => 'production',
152
+          puppetfileLink => $this.puppetfileLink)
153
+
154
+      - $resources: new(sys:Resources)
155
+      - $mainManifestContent: $resources.string('scripts/site.pp')
156
+      - new(conf:Linux).putFile(
157
+          $this.server.agent,
158
+          $mainManifestContent,
159
+          $this.mainManifestPath)
160
+
161
+      - $this._environment.reporter.report($this, 'Running manifests')
162
+      - $this.applyManifests()
163
+
164
+  applyManifests:
165
+    Usage: Action
166
+    Body:
167
+      - $this.master.runPuppetAgents()
168
+      - $this.printInfo()
169
+
170
+  printInfo:
171
+    Usage: Action
172
+    Body:
173
+      # Murano does not guarantee an order the lines to be printed
174
+      # at the same time it's impossible to print multiline messages.
175
+      # See LP#1611019
176
+      - $this._environment.reporter.report($this,
177
+          "Dependencies={0}".format($this.puppetfileLink))
178
+      - $this.clients.select($this._environment.reporter.report($this,
179
+            '{0} can be accessed on {1}'.format(
180
+              $.role,
181
+              $.instance.floatingIpAddress)))

+ 22
- 0
murano-apps/CiCd2/package/Classes/Configurator.yaml View File

@@ -0,0 +1,22 @@
1
+Namespaces:
2
+  =: org.openstack.ci_cd_pipeline_murano_app.v2
3
+  std: io.murano
4
+  sys: io.murano.system
5
+  ci_cd_pipeline_murano_app: org.openstack.ci_cd_pipeline_murano_app
6
+  puppet: org.openstack.ci_cd_pipeline_murano_app.puppet
7
+  conf: io.murano.configuration
8
+
9
+Name: Configurator
10
+
11
+Properties:
12
+  config:
13
+    Contract: {}
14
+    Usage: InOut
15
+
16
+Methods:
17
+  configure:
18
+    Arguments:
19
+      instance:
20
+        Contract: $.class(puppet:PuppetInstance).notNull()
21
+    Body:
22
+      - $instance.putHieraData($this.config)

+ 252
- 0
murano-apps/CiCd2/package/Classes/GerritConfigurator.yaml View File

@@ -0,0 +1,252 @@
1
+Namespaces:
2
+  =: org.openstack.ci_cd_pipeline_murano_app.v2
3
+  std: io.murano
4
+  sys: io.murano.system
5
+  ci_cd_pipeline_murano_app: org.openstack.ci_cd_pipeline_murano_app
6
+  puppet: org.openstack.ci_cd_pipeline_murano_app.puppet
7
+  conf: io.murano.configuration
8
+
9
+Name: GerritConfigurator
10
+
11
+Extends: Configurator
12
+
13
+Methods:
14
+  .init:
15
+    Body:
16
+      - $this.config:
17
+          gerrit_acls_dir: /etc/project-config/gerrit/acls
18
+          gerrit_db_password: P@ssw0rd
19
+          gerrit_db_root_password: P@ssw0rd
20
+          gerrit_db_user: gerrit2
21
+          gerrit_mysql_host: localhost
22
+          gerrit_contactstore_appsec: dummy content. to be done
23
+          gerrit_contactstore_pubkey: dummy content. to be done
24
+          gerrit_email_private_key: dummy content. to be done
25
+          gerrit_github_token: ''
26
+          gerrit_lp_access_secret: dummy content. to be done
27
+          gerrit_lp_access_token: dummy content. to be done
28
+          gerrit_lp_consumer_key: dummy content. to be done
29
+          gerrit_notify_impact_file: /etc/project-config/gerrit/notify_impact.yaml
30
+          gerrit_replication_ssh_rsa_pubkey_contents: dummy content. to be done
31
+          gerrit_rest_token_private_key: dummy content. to be done
32
+          gerrit_ssh_dsa_key_contents: |
33
+            -----BEGIN RSA PRIVATE KEY-----
34
+            MIIEowIBAAKCAQEA1llEntYbWCti+IxYKV7SyPhrkRwhubl0to70knBrZgzVSnUu
35
+            ofupwd7wlTXzVOlvd7/2mEIEqKHBXTN4tdMbH8Sjx1SxefjNQRHAaBwtCOG0jFB4
36
+            K1uMnT9u46xy9mKGqoPt96XqNjPsJ+Tq9q2wbUYAfAOZlPeoB1D7tH3S3LzYbSNi
37
+            SH3cDp2ALO9iAdILzD9a0qm8PyE7PErqeesIwctQUHyXlM9f9pOlOecjMPB6iUhb
38
+            /IIUKca+Nrn0lVmPSo+kk/vQE9lLq7VX3aqitH6HIhD+ndcRMyngkV+sOsgMCOkK
39
+            ct9PTOVjVtNqsh69NIAnP66eiYTS3F1EAIfeqQIDAQABAoIBAQDON8Xf9mcKVXt7
40
+            WjJ7YsHyHaYHToRX1UenVzOPK174KEKPxttddexlG6JkOypmt8rI78NDysgGoNCS
41
+            ZTGt5HMFBj73R9ETYr2962EsCGd/Uv5LvCNQu1w18NAzdDaKOlIK/LBWAKarDRsX
42
+            apJvTr0c9CsFJMV+XyGmIFB43lCekcHokvnVZBWUa6LmqBHN+ACIuSK0GSBGulzl
43
+            3vZnRQfusi+R0OMXY4Fg1Dyyk5Ji0mOrWWAOyD7yhRc7LsOvw59cwE0ii4ryn4Yp
44
+            JQ/r8LqpjvFWO2r5HnfCs7vqIWqDcRNoSY4v6iQeLyYyRypkO0HBV4TFPcaOQeMU
45
+            cE6BZuqBAoGBAO7QXVqhiALm7gJ53J1RYdfL2X8d0MkRYuWHftT7IgmiTpHA0SoI
46
+            vQNe8oneHb53oBK6hpZWtSw1E0a6+m6qu+zSpvA9fhVtsnrdRPoNjHhRBaOdrLjl
47
+            EVzxsEw3IjvMHjl8JWk6ILIpxGQlGHeMA0ZP9Kd6KbMNmTnf9hieFg1ZAoGBAOXG
48
+            Lx5X2w8kOrnwiGLzqOsIXH1WlAv1bg7UkaHTwmj8X8gnzLOhFb2gM7ThNT+3svPr
49
+            E6DSKkBUzD48yVuCcRsZgaxS2bYHILGY0acblyD62sGgO8dye/mwSsqPk9uoqC2+
50
+            obu2bD+UpaeGSmsiafbomZZqko0AwZjzv8eU8qHRAoGAH2V1YHzsDLWfhOPQhT41
51
+            xtEd/wBEeqq2fcaafhWmG+4itjbLSONtNgw9hrKU5n2DpfKvzwQHPZCcwCfE1NfN
52
+            bQ0ktWDgOqD5Xf3JG7a8SPUd8KzCEGzNI5MCwoJdFc94CcawhG0H72ReVWwrE0xt
53
+            AclxOLNu2ANpqZowGHxwGcECgYAdfwR7c7HGTtNPHUaU1Uyg51DgMiYNJvN66eTM
54
+            DmANlCBDlIBdqtccoZ0hoitww4cwcsPxSCluWrRhZPJAUg1s+ihAU95o1J9ozQJU
55
+            3mDXNfyxEH28C8FIe04OlMHZV9xHCwq+Cxv4SX++cqnI+QD7Vj6pJYMsoKU5mkjL
56
+            OR6wkQKBgBDb3tFexviFbOgc/zrauvbBid2tPBT6rZSNIeiHYA5F6POZqyxhkOBB
57
+            0HA8ALlhb3WphJjSmz39m/5xXRG+JItHnRQ2Pwguq7TkC6O+Dxz2McX+bTkqf/hw
58
+            avC69UgihdlJmz+r8ztklEn9fR+I56gWwt6R8YIKOCvKSvDwsJ7g
59
+            -----END RSA PRIVATE KEY-----
60
+          gerrit_ssh_dsa_pubkey_contents: |
61
+            ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDWWUSe1htYK2L4jFgpXtLI+GuRH
62
+            CG5uXS2jvSScGtmDNVKdS6h+6nB3vCVNfNU6W93v/aYQgSoocFdM3i10xsfxKPHVL
63
+            F5+M1BEcBoHC0I4bSMUHgrW4ydP27jrHL2Yoaqg+33peo2M+wn5Or2rbBtRgB8A5m
64
+            U96gHUPu0fdLcvNhtI2JIfdwOnYAs72IB0gvMP1rSqbw/ITs8Sup56wjBy1BQfJeU
65
+            z1/2k6U55yMw8HqJSFv8ghQpxr42ufSVWY9Kj6ST+9AT2UurtVfdqqK0fociEP6d1
66
+            xEzKeCRX6w6yAwI6Qpy309M5WNW02qyHr00gCc/rp6JhNLcXUQAh96p
67
+            root@murano-mfgoqiqtst28ql-ggg-gerrit-wtowtwnqoz76
68
+          gerrit_ssh_rsa_key_contents: |
69
+            -----BEGIN RSA PRIVATE KEY-----
70
+            MIIEpQIBAAKCAQEAw3S1FFrPx6IWCtJBpxxXx0/LPGOOcqBMEf6AhAhcgV8Pbon0
71
+            xeT2che4Xe7l651KHgM2KbjwlmpQcXB98q5edyk8i/Q6o2u7cLM0rgq3XvNil4ao
72
+            V3yz2zKyPhx4YqBRxl7g+qA+EXo9RJxXuZSlyeiw2GJgmWYST/nD7MeBOOh+htmj
73
+            FgTSnkvVJgElNh+LgDMLmRI5IGmqG/Y+BNpW6yawXHJJepOtz52Fee8xEQTKyJhZ
74
+            TPoRRRyR9bcIXTOsYVaqQ/D2HutTOtgh/txFyAzYKfoa2DKFPXF1P2Y0bHnAfDsv
75
+            v3AOSKZ40ZfXujjFDi+GEqywZR1B80EEaPxnpQIDAQABAoIBAHgr+2Gma/XL/E1u
76
+            9JqwXG/Y6ZYZh+2GDP9LQOzszyNjtPM7stkxayy+1MY8KfTxYi6NvvFsGdABUbBN
77
+            f8KD3uTY37cU1DDB/h7Or+cKA7BHaCjNzBbuPw7YXqq9im7pLx4OG7k8aK0KQT07
78
+            +tvJPx2jCYghBE+MaFnvsLyV9SdtBTuvUsaL/zTQPwua3DDsbIiTztyOtiJuHJXX
79
+            iRiJ70r9q0HwB5FKvCi1t0u2QuevSt6vzp1TQ1TE0y9hGcf1O38KtsF5kUBWBZcZ
80
+            FO59fATTuBCMihDCGEbxd3NAbUBYGG3hT5NrMzZ0LKwRw0ADWxJfa+np5oBvtnVp
81
+            gHA1ugECgYEA//+0/Eh28JpKN4w+Xmnqr3A3hMYELUI5HD86GMNTJP2qmZrkE0Fr
82
+            21Juo4QXShzQ2sdn5Bo6LkxYfyRfGtdgdynn1k5RGR1kP0fE76N3kVBbLcEnHsAB
83
+            PpFnlWgfjI1ifB6O2jlXMmpb9iFOuUTdyxd50KD7Wsu1kI89ZnH6KcECgYEAw3Tu
84
+            WnMkTiTK9yUgpDyxtJogZ6CcwzeNvOpERzUh8ynzCKq9LbbSbLMsnu/FvZGfr57S
85
+            ucGCUaVlmaVwuUd3n0OeAkYbJqDvx+SzFXCCVWHNXEMba9QCADuS82ROsiIsV6ea
86
+            FAEA0F78yiynthZ4pvQDSyHVNxaqWJo7xLwMjuUCgYEA+dy865hW7tPJKJprrX83
87
+            nvCqX59eKEaAs39K1yyeFHa6cp5pihnKihDVCCg/CwlBGKiUUGEA9HtzzPTVFr+s
88
+            2eI+9D8QjLDRTaphH3yvkVebBveFlU/WZxlIvt0YHflJbNfumjRpVT3WcE9mJRKA
89
+            YF+Td/wIGUDHAEeuqDUK9IECgYEAqedWXqfick9HY6kRg9MCwrSL4KjcPFJpUkPu
90
+            UFvehCr+CZWp1zgqGLVz30EcihoxTo9oLHMLHoABHpuSrmxyjq5Phzh714tkhEXI
91
+            aqWflirrQf1Ps97aUmt25T5Xrj9IfnXB2Qu6MmevpOtGamGERdStnDzvw/Be6aBA
92
+            vladMAUCgYEAqBuQnwblpRU0Z9PKy7ZvbX0fVUQEcRMb3kfFnRcgDDe+w+2tRg+w
93
+            55sX+SDEV0awiZO/aAecMyrrCjq0LPeu+zqb/09RkCN8MvbABCCeu0RgvWxRBJ0K
94
+            KqjD5fkzBytJ3VrBtlaJnYAP+g+96dSCYnfhujCeU2/lrt3tsyUOeC4=
95
+            -----END RSA PRIVATE KEY-----
96
+          gerrit_ssh_project_rsa_pubkey_contents: "\
97
+            ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDdLUUWs/HohYK0kGnHFfHT8s8Y\
98
+            45yoEwR/oCECFyBXw9uifTF5PZyF7hd7uXrnUoeAzYpuPCWalBxcH3yrl53KTyL9D\
99
+            qja7twszSuCrde82KXhqhXfLPbMrI+HHhioFHGXuD6oD4Rej1EnFe5lKXJ6LDYYmC\
100
+            ZZhJP+cPsx4E46H6G2aMWBNKeS9UmASU2H4uAMwuZEjkgaaob9j4E2lbrJrBcckl6\
101
+            k63PnYV57zERBMrImFlM+hFFHJH1twhdM6xhVqpD8PYe61M62CH+3EXIDNgp+hrYM\
102
+            oU9cXU/ZjRsecB8Oy+/cA5IpnjRl9e6OMUOL4YSrLBlHUHzQQRo/Gel \
103
+            root@murano-mfgoqiqtst28ql-ggg-gerrit-wtowtwnqoz76"
104
+          gerrit_project_ssh_rsa_key_contents: |
105
+            -----BEGIN RSA PRIVATE KEY-----
106
+            MIIEogIBAAKCAQEAvfqOmY3HI9tX43ihF0C0l7acXirbOEE+THX/IUV0XT/ArPPM
107
+            5l0G71f6mzUxAIhHBw1X0yQqJgrM8cGSe8bTg8J6ciakQHt2SG4wghxr7nZFEqAS
108
+            NNoaFtE0hPguA1ZU36kkPuoxXWFKuhxnrkvo6Spj488JZ7mmUyVSUQ2tnYBAqQNH
109
+            3D7bqJ8hBTDRhk+RKEt6GXiT+O1f65eSqmS/eDFh9k7Pkd2DfhrSefGTMEwYTapQ
110
+            9CX+GZImkERXbUaeTwSqbEVrw6QMknnhKVAj5qk7+ao35ICCeKbFnuKpUfSkO2+4
111
+            fgPyMtjoiwCQ7/T87tQjxMszNQJxHlvT7dAkiwIDAQABAoIBADnwNxsnfQs3ctdh
112
+            y6c+yZTXUVr6sP64DxrchaGNAA8MSWO1utCqoFnQOBKrpzUlWpwQ+q7fAae2dYhp
113
+            Y5YyLgGqBxPXKxKrVIiEanDT4CrKkQg8HzFVLs20odLHqajE5H+Nows4+zMiX9rg
114
+            nNIwPmkVz38DfjfPC6Wh5Tfo9wDoPMWSTgljn9Ugl/5kW3fgT/2/hENupP/xyPyh
115
+            qKuxU4d8LlMvp7Q9ySGSriRouDTq8LYYsrQ+KeruUyRHYR/z44m45gHfB4id+Qtl
116
+            iDJ6MDrGFds/+07CkIxUMMDmzq1heXYb+Ct+DZWbRk+ztQVwEGzQdu+CSYUo9YeY
117
+            QJ9mF0kCgYEA4Owy5I2EwbR/+Pbcm4+u7UJIRB1Repp+pZPVTbQwIto3xJD9dC7O
118
+            +lVIHnPQSE3hQiAYxqNGwv60Qk9A0b0rx0B+L7U1mGliqiUNfVZB+gDYVTGodxJI
119
+            pZkPjO/WxTD4fSJ3/BU62ZSpXWKvYFu8BC+l+OJ626l86M3hNoDbMr8CgYEA2DpY
120
+            8UdnqgZa9P1GzWFjQGpavinrBcO8gD0pFztEno22UoN7Tj82euzBIkOZVknbAP7q
121
+            VIWN6KTL6GVoiUussermVx+qvLL8KOnPevgNu2AKtc+NkxYAYs+5e44Lhmu08MHT
122
+            wPnZioOPG4iB50MlDnVeDFltrDPKj34kuDMRHTUCgYBqJQ2fbmnIQDZkd5uEjjov
123
+            Haic/HkHMwGxgiKXmQFecT0ANqxlt/FVkgmG1YDlnls/qYYHt+Yc/7Zx1JTyZiPS
124
+            1Ey4lvvEAXfec735+EsKgHuXOOgXyTkfbSw5hrYEOSgLZcjZ3er344BJ4diB0MjZ
125
+            8OKSoc74+vNHqmEuJ4FKYQKBgEN4oXxYja5uYT+FMOyxcOkOxtYD+oRH+bACZaoM
126
+            InNfQP8qa/WUoAlnizSH53cXgLEk2jYZnphzo/UWf7In3PF/nPSeuwY6y5hwrP9w
127
+            G8jWRUFKTKETAnfS3cwCHPKK9WES+mKDFDC2sJck13Q0bYG/eeNcnG5ZkuGHuSmJ
128
+            NdPpAoGAL4pU3AuxtiV/25jiOHiTar/s16q9k/lL2qMYesG2Ur7AyCK6NoZm6yx+
129
+            9222HL//J1xrdA9EZKdFJ7Z0slI3pAHkqH2y4hjF35OgilHkEuQoFHcKxtxAnIHj
130
+            mEjbeTfSZBv1K40wz7h/0lBrTOONC6xqzR75f5W5W/SBAs7nJ8w=
131
+            -----END RSA PRIVATE KEY-----
132
+          gerrit_project_ssh_rsa_pubkey_contents: "\
133
+            ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9+o6Zjccj21fjeKEXQLSXtpxeK\
134
+            ts4QT5Mdf8hRXRdP8Cs88zmXQbvV/qbNTEAiEcHDVfTJComCszxwZJ7xtODwnpyJq\
135
+            RAe3ZIbjCCHGvudkUSoBI02hoW0TSE+C4DVlTfqSQ+6jFdYUq6HGeuS+jpKmPjzwl\
136
+            nuaZTJVJRDa2dgECpA0fcPtuonyEFMNGGT5EoS3oZeJP47V/rl5KqZL94MWH2Ts+R\
137
+            3YN+GtJ58ZMwTBhNqlD0Jf4ZkiaQRFdtRp5PBKpsRWvDpAySeeEpUCPmqTv5qjfkg\
138
+            IJ4psWe4qlR9KQ7b7h+A/Iy2OiLAJDv9Pzu1CPEyzM1AnEeW9Pt0CSL \
139
+            root@murano-mfgoqiqtst28ql-ggg-gerrit-wtowtwnqoz76"
140
+          gerrit_ssh_rsa_pubkey_contents: "\
141
+            ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9+o6Zjccj21fjeKEXQLSXtpxeK\
142
+            ts4QT5Mdf8hRXRdP8Cs88zmXQbvV/qbNTEAiEcHDVfTJComCszxwZJ7xtODwnpyJq\
143
+            RAe3ZIbjCCHGvudkUSoBI02hoW0TSE+C4DVlTfqSQ+6jFdYUq6HGeuS+jpKmPjzwl\
144
+            nuaZTJVJRDa2dgECpA0fcPtuonyEFMNGGT5EoS3oZeJP47V/rl5KqZL94MWH2Ts+R\
145
+            3YN+GtJ58ZMwTBhNqlD0Jf4ZkiaQRFdtRp5PBKpsRWvDpAySeeEpUCPmqTv5qjfkg\
146
+            IJ4psWe4qlR9KQ7b7h+A/Iy2OiLAJDv9Pzu1CPEyzM1AnEeW9Pt0CSL \
147
+            root@murano-mfgoqiqtst28ql-ggg-gerrit-wtowtwnqoz76"
148
+          gerrit_ssl_chain_file_contents: ''
149
+          gerrit_ssl_cert_file_contents: |
150
+            -----BEGIN CERTIFICATE-----
151
+            MIIF2TCCA8GgAwIBAgIJAKT56AcRAOjoMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
152
+            VQQGEwJVUzEPMA0GA1UECAwGRGVuaWFsMRQwEgYDVQQHDAtTcHJpbmdmaWVsZDEM
153
+            MAoGA1UECgwDRGlzMT4wPAYDVQQDDDVtdS10bHRvamlyZGMzNDgyMmMtdW5qYXdp
154
+            cmRjMzA2NTItZ2Vycml0LXpmbGg0ZWVnc2JjcTAeFw0xNjA4MDIxMTEwMDBaFw0x
155
+            NzA4MDIxMTEwMDBaMIGCMQswCQYDVQQGEwJVUzEPMA0GA1UECAwGRGVuaWFsMRQw
156
+            EgYDVQQHDAtTcHJpbmdmaWVsZDEMMAoGA1UECgwDRGlzMT4wPAYDVQQDDDVtdS10
157
+            bHRvamlyZGMzNDgyMmMtdW5qYXdpcmRjMzA2NTItZ2Vycml0LXpmbGg0ZWVnc2Jj
158
+            cTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMeqpOPOTALPmXK8FdrR
159
+            JAUDu/q5q8oPSfuCh5XTApLjchf+z1+UNFm6beYALJAyKYEWmjKwfQGc3Inga3CF
160
+            03/JIVes87DxR6ajy2eGRQbhfniocAs9h5Mkuh9/yVrBiSRK2V1CBUD7mf6xuMU0
161
+            FujOUlMFvqmP3yyow7n3HbulQoVXajVd1dHej41t9Da1kUfEqDLEbKaJmvDZ/ghZ
162
+            I59fU48WftEtV3KtzwGXuLRpnyge0/SFEp6BizQVruFmRdm44wV0vyus5HW1/aVO
163
+            rFZalUNSB52CM8iJLdS5PxDK0yPMtGYXaf2lfwFiqA49WfJqdnOOeEeLl5YC6J43
164
+            1G2gaiVCvwKDUpwGH1iPLE2H2Ge3czNMUOBMEgxY8FVdduw2xH7Tu+c4rRH5e6iY
165
+            1OqthdYLrW7dg3rCMqMWFxsNkT28iFCKGbkOCQht7I2Ye9479yOVyWhanLB1q1ln
166
+            9wRqq2UvQNSD2vFAlcfVZDQLoEQNorAGUeB9JHEUezK53+b/vuBOfGr9zYsV5sAM
167
+            zth9x58bRoUbqD5KDyeSFS7kgYUnFRxvwMgxXK8PFU09HwTD/mT5sLPLRLCVdmei
168
+            g6pthjWyMMicM/lKt4iTfVOUomrzWpbtFClj03wNRfRCcgEROllbK6YLeJYv4X+U
169
+            mASWuNWmq934NtIuUq8K7WOpAgMBAAGjUDBOMB0GA1UdDgQWBBTE82EgNWmfetQ3
170
+            elvD1VuojPjP0DAfBgNVHSMEGDAWgBTE82EgNWmfetQ3elvD1VuojPjP0DAMBgNV
171
+            HRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCEMHpKdKOafk0w6stw8gKjGzOE
172
+            BzvFcM9dIL5cfC7az7xeAoFnUVyrk/KR1m+Xx0BPoLgqc/Z53H6eVtFh8DP9mVeI
173
+            BYBj5lfCwxr+lkkU/la5ZrkS1izv/TJIP/Jx1rPwv0ttapWpDoeLATJeCs2iYFr0
174
+            JUjXf/SahYn6p4zxs3KUoECYKd/WeCJd77rn4JMKkjPidCxlHicvGwrzJCc8KyxX
175
+            P1n1mbqBH0TBcBGd8p7iwY8c+sZWKnSJwvcAGL1aG7++GxAkmjUkkANWUZsAQ1fo
176
+            n5BOzRj5qRax0Vfcj46vcHzhGobtWXwMqpHhqNa55pqAEF1/cOLkvOxBW/QDOhxK
177
+            u2QNUj30kq4uh/HfPLPchO1Y5JN/5D/YTcDaSHNOlsALYnJz/79IQLeghfkbNVLm
178
+            gwiZaNfmmIl7vCpxPzmaJD+IKX8CYen2I3uA8O/EqRYKZL4+YQ6/Sk5GKsygK296
179
+            uJ7CG6DvrQirRyPFLOIJSfkCdWGGkGubLHyd8WByACx8BB4pzmjANldcCeC1GuZo
180
+            xDymezysHusnPcHwAMKw5Hnl/FTQNe14CxGxN6QF8GcxBIX0fc7L52GLu5nWgXJi
181
+            1fZY52bgTKvKvFYsuoKiRw6az1fL77aoQgYFZ53d5i0qtNLuFnbIPeOpPq3BmjlD
182
+            PeTnL3b75F2lCXpl3g==
183
+            -----END CERTIFICATE-----
184
+          gerrit_ssl_key_file_contents: |
185
+            -----BEGIN RSA PRIVATE KEY-----
186
+            MIIJKAIBAAKCAgEAx6qk485MAs+ZcrwV2tEkBQO7+rmryg9J+4KHldMCkuNyF/7P
187
+            X5Q0Wbpt5gAskDIpgRaaMrB9AZzcieBrcIXTf8khV6zzsPFHpqPLZ4ZFBuF+eKhw
188
+            Cz2HkyS6H3/JWsGJJErZXUIFQPuZ/rG4xTQW6M5SUwW+qY/fLKjDufcdu6VChVdq
189
+            NV3V0d6PjW30NrWRR8SoMsRspoma8Nn+CFkjn19TjxZ+0S1Xcq3PAZe4tGmfKB7T
190
+            9IUSnoGLNBWu4WZF2bjjBXS/K6zkdbX9pU6sVlqVQ1IHnYIzyIkt1Lk/EMrTI8y0
191
+            Zhdp/aV/AWKoDj1Z8mp2c454R4uXlgLonjfUbaBqJUK/AoNSnAYfWI8sTYfYZ7dz
192
+            M0xQ4EwSDFjwVV127DbEftO75zitEfl7qJjU6q2F1gutbt2DesIyoxYXGw2RPbyI
193
+            UIoZuQ4JCG3sjZh73jv3I5XJaFqcsHWrWWf3BGqrZS9A1IPa8UCVx9VkNAugRA2i
194
+            sAZR4H0kcRR7Mrnf5v++4E58av3NixXmwAzO2H3HnxtGhRuoPkoPJ5IVLuSBhScV
195
+            HG/AyDFcrw8VTT0fBMP+ZPmws8tEsJV2Z6KDqm2GNbIwyJwz+Uq3iJN9U5SiavNa
196
+            lu0UKWPTfA1F9EJyARE6WVsrpgt4li/hf5SYBJa41aar3fg20i5SrwrtY6kCAwEA
197
+            AQKCAgEAj9lxUm6edKf8dZzsYemrebFnDQwXqEu7kWhJJrgPcqRK3t7FqKat0Ldv
198
+            1fTqJjj9jfMqxLpCVZcdjHgS7856weW2D+Sa7S/n3zbCpKMnt/1dkLBJiM+bjXc4
199
+            YNk/yBMHKw6B655VCqw6FjUUWX9dwfxjc00AQElXEGXGHYTb9wTpGAgSjMA9/CXM
200
+            ZqiA+al2Ma6NP4YkgRdCeaOUUY9nCrszCDO8yhdQmV5/dTZJ7DDsaYtMSS5Wa7wI
201
+            /k1g4SM9z85UQOoLkPvO3L9xLlev8cbxIr9GnUPg6ulqC4gq135I/9HLZoIX6pYB
202
+            Go5pZVjuJKhvDnHmViVL4NfXn6W5dLqkmcpH+JIX7OZ/RXcobN6CjMR36jsalj05
203
+            NMVwefnd319cMnMV51K0RJQKKkl+r+5qus+SB/NtzWbPaemo37WoSGIxsHeKhUne
204
+            hYn7VwvbqQjq+DjLrqlIREFbdSCl9x7a+Rmpl0ujISSDUD6aD6+6PPE7sMUNS4Uy
205
+            rZOUgY5kdFJFttUxMEx025slzroddkU0MakCts164ZsM8tNu87vDHMffk1EETrQ0
206
+            QYKGFRz5XJ7aFB4D2WnaO250lA7HqwBvzc1z6hLnoeqoljHGCWgZryiVJTYYhkVZ
207
+            ktexEq746thMW2ONHO/69RZGz1qRuFmgmYGIhU3hjvXrAx30TwECggEBAPf1VoTc
208
+            e4eFiOXq3lYMolYO9ITy1O+C+4XwjTEUvaYvIjZ61uqGKOOwjPNoEKqbJw0n1Noz
209
+            Yn3CrlZSkTV4Uj7OaS1pMg0dDh9F8SLLGAPbJZbfdRWphzot9MfW2kpzsCLWQDpN
210
+            BTb7XEidtiJjzLYf/RY/lvfgqyodXp7Yl+SIccdq6fdsabFbhcdkBoyfKcpczVF1
211
+            lXAZf/53lc8O5WswAXfwQANjcfNRz19FWFlRCbOF+pJHTs7tdrVq85kaQaq+kEC7
212
+            s+EwQuBQVr3bvBEVjqEnKD+fM2AInRsFU6cgGkJJREMMU6/jPsvEfMeKy/1UYFno
213
+            X+YSJJemztogL30CggEBAM4kXbZT+yyjhtv0CzwVq61ov8J7QeReaYvWcmkm+1X9
214
+            p31RoIqFJnjsx0GB3LQkHLwRybQ5/GHkA7438aTVj0zaQ3Sx4tc8Azh6qGFrtkHa
215
+            eGzFFtczW5dUX9hW2NYOsdukyAWuOxo9z2WY4Nkz2xeuXBI7nZtVysgQQKnY+Cky
216
+            UGbFjkR0WGicfBFYE6J5KGWh3mHdmk6NXDw+v6aPkuStmMqp4BBH/3Ip0AjzTy4o
217
+            aMJFppCTKvZVzzZGQZ3dV13q4FyKjeI3Y7rv6I+k6hw2w9hhVc5Y9dpTobGaLyMb
218
+            oSQtnTS0LrgaY4eHmLKseo36x4cMf8VrOSESGvVslJ0CggEAWcwZtyf5/IxZlZpH
219
+            RrZwm+Xym6stfkfbOxhwqZOvUt3C8CPwbSKE8GBhy0ymrIJf1B3WsebmBlFYvZ5N
220
+            RCX88w3hfTaZj7I0CRNVTppqagsVQ9xNFLk+Zc161lxy1X+sDBG3VOXLu6uwMgQb
221
+            j7zAyDwxdbs1uzM8CZZ1S+V4rKTVP7jyXk5+wGI6wojw7kA97DFLkfKZWe2CMu+v
222
+            6zqjzvulrH/vTsrW252HEiOU6VO1xbQBmLQGUF4jHXRMH+goW+ODbk4LyMOnlIDD
223
+            ySIoq6845he+Nbw76M11x/FX6DByEgtikz2FmS8c8MKJxeH4GhhShHzpLfLoGZup
224
+            UclSKQKCAQBD7o4HUMOcIUOG5nRxV37cxYEz+ORs+oPztja72kHHQ7DXRngOTfSw
225
+            su6y8rWlk6T4gTAkOVuncrmdDNiQBmST4fWK1jg3z6oMCbfFavaD2xgGWCi/wEf1
226
+            pbN0GqKYX/1SsYnM/W6yph3bkDbAvSr9MdNbmtPEZdBOf7SfhEW7Zb5DL+VDP8gG
227
+            qVLlcE4AI8chPueG/r0kF8eGfvMvU28H9wE8ACE7nE5c89R/rpawUla7drJ+QFFP
228
+            HlYLv7lN6awp4gYP2QUKwFAYQYk1FRalN5LwkprxRjW2vgqx+WqBOlCvGG0O+jXP
229
+            K7sS5ad3cgltEnCAW6kbiMspz8qciCytAoIBAEl8pwafzHKuTdIfAMkYN1WkTMbF
230
+            zAcnwCginEMoww91CjxUFzRaq0ILjlE3QaWswioOCZxXv71ab+oTVc5eL0m7x1GW
231
+            fUtmtTRiJ3H5c+BBvfqhqmqokcgZlwbH8zfxJ37TGXSz2KE6yeaEpixeANAZvzHY
232
+            AJ5e3BziSjB+mhgytwytuaT1ghFHywOOMy5sjtD/nQrN2ivuIuJm77dHWVQL2zhg
233
+            RCpeFmqsgn6HFntS0muAsX53H9ZdXdTwuFsncrWyUry+OUXyNyl0kJ7n4hAyWBx3
234
+            AtLuF1QaFciCcDiIPmkmPxXzfzYVFKdzBcpXbj9O66ExEnbfCLU8JCqHwS8=
235
+            -----END RSA PRIVATE KEY-----'
236
+          gerrit_war_url: https://gerrit-releases.storage.googleapis.com/gerrit-2.12.3.war
237
+          gerrit_gerritbot_password: P@ssw0rd
238
+          gerritbot_ssh_rsa_pubkey_contents: dummy content. to be done
239
+          gerritbot_ssh_rsa_key_contents: dummy content. to be done
240
+          gerrit_mysql_password: P@ssw0rd
241
+          github_project_password: dummy content. to be done
242
+          github_project_username: mirademo
243
+          jeepyb_project_file: /etc/project-config/gerrit/projects.yaml
244
+          project_config_config_dir: /etc/project-config/
245
+          project_config_repo: https://review.fuel-infra.org/open-paas/project-config
246
+          ssh_replication_rsa_key_contents: dummy content. to be done
247
+          gerrit_replication_ssh_rsa_key_contents: dummy content. to be done
248
+          swift_store_key: dummy content. to be done
249
+          swift_store_user: dummy content. to be done
250
+          welcome_message_gerrit_ssh_private_key: dummy content. to be done
251
+          welcome_message_gerrit_ssh_public_key: dummy content. to be done
252
+          gerrit_host: gerrit

+ 97
- 0
murano-apps/CiCd2/package/Classes/JenkinsConfigurator.yaml View File

@@ -0,0 +1,97 @@
1
+Namespaces:
2
+  =: org.openstack.ci_cd_pipeline_murano_app.v2
3
+  std: io.murano
4
+  sys: io.murano.system
5
+  ci_cd_pipeline_murano_app: org.openstack.ci_cd_pipeline_murano_app
6
+  puppet: org.openstack.ci_cd_pipeline_murano_app.puppet
7
+  conf: io.murano.configuration
8
+
9
+Name: JenkinsConfigurator
10
+
11
+Extends: Configurator
12
+
13
+Methods:
14
+  .init:
15
+    Body:
16
+      - $this.config:
17
+          git_user: user
18
+          git_user_email: email@example.com
19
+          jenkins_ssh_private_key_contents: '-----BEGIN RSA PRIVATE KEY-----
20
+
21
+            MIIEowIBAAKCAQEAxqtDb4g3BAzWe+NyF5NdHagTa/H3s3beMl8x6vZNv1FcXpnX
22
+
23
+            Ub+WfohdOc+josFmzuFZ+M+tNAw6YW7i2BKaVb/WC4brFZER5CAao365XfQWbfPK
24
+
25
+            YHmKqhiOuBDBs2N3TGz717th3r1uzpXd8IoIgogTEwi0QFLWls1MlqIakT7NTEJ3
26
+
27
+            lOw6GfKVli4PjUxHx/+P/ippMnHrU/HWln3tUM6BXoUoqttiEEPmNzp+q/lKJmFB
28
+
29
+            ddBENzBvFcGHqQ10oSxyrNLwnwjgV3vf2kflW8I2wE0vcBHUYI5OGHkdL17O4adj
30
+
31
+            bzSvDh3pqQfLRNYfB/PBxAPtauZyQ3Q0LtK63QIDAQABAoIBAGoRmil8AlOJPyJZ
32
+
33
+            5tordXWV/PiO8X7BohQmuxIFerEAkV54qHse3QylZZCuCWGl/GvL6StsRb8aIDlQ
34
+
35
+            6JAQLpJFn9P7rpuPHow7j71mtTUyUp9Vn+EuQxhZkCk52REbs9/79+HQS4qOfRCS
36
+
37
+            9zGroKuAVx68cPA+yg8tgQyTc7fDbCTJ5mnOgwUxcyHTpsyIz+Z/0eitWa4OsFNj
38
+
39
+            iYwvRw0vdnlPkQPO1ti4hjOh8LvJZseSVXWR/VfPKBQRes8V7hpLsHK9EzDDNUhz
40
+
41
+            tc103fXWLY3z+LG8wK+kbjbbhISOKhPg0DbcTUe92s708cRPI5c/fDCYOb8CAbJo
42
+
43
+            PiPrg8kCgYEA9189kS+Hk7ayocakzfQ2voFjpb2FjQ5SXNP940/tbWec5MFkX7zW
44
+
45
+            t8EB+CEc8lz6HgRrxsK6neeShx02SvbVIkwoXYDjcEzqgCv7ltbJT8gb0hTqnDgN
46
+
47
+            ja28Flm29TxdFxcHQU5ZZhBNSnEl9PdB3+a3NFwSge7Lm/fuoQG9s78CgYEAzZko
48
+
49
+            lJnjgoZk7U3tmmNewV5B8yzDdFN430WkdVVlYezN6Bz1oWlJHMyqMj6eKtPCPMrQ
50
+
51
+            DklDuLSyO1qdpz9rsEIRbB3GSAPf2X4YggOqSC3R0+ReU6vATc6hPjQSN2ahNdZ0
52
+
53
+            90z4djiSXsUL0C1o4DgORejpv/NdEwwTGVA3yGMCgYA78n6vEn+ekmXTwpnpt0cU
54
+
55
+            /7IwVi9pMZFQIaejUJlPLA7feOZkNRUrzsA1a4DiUxnh8FxV/JbQ8W+XAsNHg22/
56
+
57
+            NAmML1HuwxUJHp+HvGFoziu/y4XXedX/AZ1VJUSrRYehstj1QJF1pHm2kpkKNmlm
58
+
59
+            Yzj+nVl213HMSFcx+YQJbQKBgQCU6qOfBtvoVcnSrIg2NFWUv94K8dhccH1zUvEs
60
+
61
+            337AcBIwVpF/qVAAoSmBnSNZJ+pfuBL81gpMRe122kqosmIg16ng4qwUy2GfGhtM
62
+
63
+            SLVU9IMv9BBykEuIz+qwsGylXhvUcBJmcYThtFYoeJb24X0+Mrv73Rk6JF69Bhjr
64
+
65
+            U9QjuwKBgArBLvnkM2SoryzW1aGDqltFEV6vaRIm7Q396QuEBAGR/+XYqtuwMhvv
66
+
67
+            pjw6gGkQc+qSlt/ruGY9LQXuLCw4NH/L0RFcHjsaM8a7lQegf77bzmIapHHfcxmC
68
+
69
+            gschAFtpRuctLGt+2QlZi7Fc9ZTM59XComT8Moi3rFzGNOfKWksR
70
+
71
+            -----END RSA PRIVATE KEY-----'
72
+          jenkins_ssh_pubkey_contents: list(
73
+            "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGq0NviDcEDNZ743IXk10dqBNr",
74
+            "8fezdt4yXzHq9k2/UVxemddRv5Z+iF05z6OiwWbO4Vn4z600DDphbuLYEppVv9YL",
75
+            "husVkRHkIBqjfrld9BZt88pgeYqqGI64EMGzY3dMbPvXu2HevW7Old3wigiCiBMT",
76
+            "CLRAUtaWzUyWohqRPs1MQneU7DoZ8pWWLg+NTEfH/4/+KmkycetT8daWfe1QzoFe",
77
+            "hSiq22IQQ+Y3On6r+UomYUF10EQ3MG8VwYepDXShLHKs0vCfCOBXe9/aR+VbwjbA",
78
+            "TS9wEdRgjk4YeR0vXs7hp2NvNK8OHempB8tE1h8H88HEA+1q5nJDdDQu0rrd ",
79
+            "root@murano-mfgoqiqtst28ql-ggg-jenkins-mjkge7nxw5f3").join('')
80
+          jenkins_jobs_password: ''
81
+
82
+  #
83
+  # Project-config local repo
84
+  #
85
+  getProjectConfigRepo:
86
+    Body:
87
+      - Return: format(
88
+          'https://{0}/open-paas/project-config',
89
+          $this.instance.ipAddresses[0])
90
+
91
+  #
92
+  # Switch to newly created project-config repo
93
+  #
94
+  _switchProjectConfig:
95
+    Body:
96
+      - $.instance.setHieraValue(
97
+          'project_config_repo', $.getProjectConfigRepo())

+ 26
- 0
murano-apps/CiCd2/package/Classes/LdapConfigurator.yaml View File

@@ -0,0 +1,26 @@
1
+Namespaces:
2
+  =: org.openstack.ci_cd_pipeline_murano_app.v2
3
+  std: io.murano
4
+  sys: io.murano.system
5
+  ci_cd_pipeline_murano_app: org.openstack.ci_cd_pipeline_murano_app
6
+  puppet: org.openstack.ci_cd_pipeline_murano_app.puppet
7
+  conf: io.murano.configuration
8
+
9
+Name: LdapConfigurator
10
+
11
+Extends: Configurator
12
+
13
+Methods:
14
+  .init:
15
+    Body:
16
+      - $this.config:
17
+          ldap::client::ssl_cert: ''
18
+          ldap::client::uri: localhost
19
+          ldap::server::rootpw: Openst@ck0
20
+          ldap_dc: infra
21
+          ldap_domain: infra.local
22
+          ldap_password: P@ssw0rd
23
+          ldap_root_password: Openst@ck0
24
+          ldap_root_user: root
25
+          ldap_user: user
26
+          ldap_ip: openldap

+ 202
- 0
murano-apps/CiCd2/package/Resources/scripts/site.pp View File

@@ -0,0 +1,202 @@
1
+#
2
+# Top-level variables
3
+#
4
+# There must not be any whitespace between this comment and the variables or
5
+# in between any two variables in order for them to be correctly parsed and
6
+# passed around in test.sh
7
+#
8
+
9
+#
10
+# Default: should at least behave like an openstack server
11
+#
12
+node default {
13
+  # class { 'openstack_project::server':
14
+  #   # TODO: 8140 should be only open on the puppet master
15
+  #   iptables_public_tcp_ports => [8140],
16
+  #   sysadmins => hiera('sysadmins', []),
17
+  # }
18
+}
19
+
20
+#
21
+# Long lived servers:
22
+#
23
+# Node-OS: trusty
24
+node 'review' {
25
+  $project_config_repo = hiera('project_config_repo')
26
+
27
+
28
+
29
+  class { 'openstack_project::server':
30
+    iptables_public_tcp_ports => [80, 443, 8081, 29418],
31
+    sysadmins                 => hiera('sysadmins', []),
32
+    certname                  => 'review',
33
+    ca_server                 => 'puppet',
34
+    puppetmaster_server       => 'puppet',
35
+    enable_unbound            => false,
36
+    manage_exim               => false,
37
+  }
38
+
39
+  class { '::mysql::server':
40
+     root_password           => hiera('gerrit_db_root_password'),
41
+     remove_default_accounts => true,
42
+  }
43
+  mysql::db { 'reviewdb':
44
+    user     => hiera('gerrit_db_user'),
45
+    password => hiera('gerrit_db_password'),
46
+    host     => 'localhost',
47
+    grant    => ['all'],
48
+  }
49
+
50
+  class { 'openstack_project::review':
51
+    project_config_repo                 => $project_config_repo,
52
+    projects_config                     => 'openstack_project/review.projects.ini.erb',
53
+    # projects_file                       => hiera('jeepyb_project_file'),
54
+    github_oauth_token                  => hiera('gerrit_github_token'),
55
+    github_project_username             => hiera('github_project_username', 'username'),
56
+    github_project_password             => hiera('github_project_password'),
57
+    mysql_host                          => hiera('gerrit_mysql_host', 'localhost'),
58
+    mysql_password                      => hiera('gerrit_mysql_password'),
59
+    email_private_key                   => hiera('gerrit_email_private_key'),
60
+    token_private_key                   => hiera('gerrit_rest_token_private_key'),
61
+    # gerritbot_password                  => hiera('gerrit_gerritbot_password'),
62
+    # gerritbot_ssh_rsa_key_contents      => hiera('gerritbot_ssh_rsa_key_contents'),
63
+    # gerritbot_ssh_rsa_pubkey_contents   => hiera('gerritbot_ssh_rsa_pubkey_contents'),
64
+    ssl_cert_file_contents              => hiera('gerrit_ssl_cert_file_contents'),
65
+    ssl_key_file_contents               => hiera('gerrit_ssl_key_file_contents'),
66
+    # ssl_chain_file_contents             => hiera('gerrit_ssl_chain_file_contents'),
67
+    ssl_chain_file                      => '',
68
+    ssl_chain_file_contents             => '',
69
+    ssh_dsa_key_contents                => hiera('gerrit_ssh_dsa_key_contents'),
70
+    ssh_dsa_pubkey_contents             => hiera('gerrit_ssh_dsa_pubkey_contents'),
71
+    ssh_rsa_key_contents                => hiera('gerrit_ssh_rsa_key_contents'),
72
+    ssh_rsa_pubkey_contents             => hiera('gerrit_ssh_rsa_pubkey_contents'),
73
+    ssh_project_rsa_key_contents        => hiera('gerrit_project_ssh_rsa_key_contents'),
74
+    ssh_project_rsa_pubkey_contents     => hiera('gerrit_project_ssh_rsa_pubkey_contents'),
75
+    ssh_welcome_rsa_key_contents        => hiera('welcome_message_gerrit_ssh_private_key'),
76
+    ssh_welcome_rsa_pubkey_contents     => hiera('welcome_message_gerrit_ssh_public_key'),
77
+    ssh_replication_rsa_key_contents    => hiera('gerrit_replication_ssh_rsa_key_contents'),
78
+    ssh_replication_rsa_pubkey_contents => hiera('gerrit_replication_ssh_rsa_pubkey_contents'),
79
+    lp_sync_consumer_key                => hiera('gerrit_lp_consumer_key'),
80
+    lp_sync_token                       => hiera('gerrit_lp_access_token'),
81
+    lp_sync_secret                      => hiera('gerrit_lp_access_secret'),
82
+    contactstore_appsec                 => hiera('gerrit_contactstore_appsec'),
83
+    contactstore_pubkey                 => hiera('gerrit_contactstore_pubkey'),
84
+    swift_username                      => hiera('swift_store_user', 'username'),
85
+    swift_password                      => hiera('swift_store_key'),
86
+
87
+    require => [
88
+      # Package['build-essential'],
89
+      # Package['libssl-dev'],
90
+      # Package['libffi-dev'],
91
+      # Package['python-dev'],
92
+      Class['::mysql::server'],
93
+    ]
94
+  }
95
+
96
+  exec { 'openstack_project::gerrit':
97
+    command     => "/usr/bin/git remote set-url origin $project_config_repo",
98
+    cwd         => "/etc/project-config/",
99
+    require     => [
100
+	      Class['project_config'],
101
+    ],
102
+  }
103
+}
104
+
105
+# Node-OS: precise
106
+node jenkins {
107
+  package { 'unzip':
108
+    ensure => present
109
+  }
110
+
111
+  class { 'openstack_project::server':
112
+    iptables_public_tcp_ports => [80, 443, 8080],
113
+    sysadmins               => hiera('sysadmins', []),
114
+    certname                => 'jenkins',
115
+    ca_server               => 'puppet',
116
+    puppetmaster_server     => 'puppet',
117
+  }
118
+  class { 'openstack_project::jenkins':
119
+    vhost_name              => 'jenkins',
120
+    jenkins_password        => hiera('jenkins_jobs_password'),
121
+    jenkins_ssh_private_key => hiera('jenkins_ssh_private_key_contents'),
122
+    ssl_cert_file           => '/etc/ssl/certs/ssl-cert-snakeoil.pem',
123
+    ssl_key_file            => '/etc/ssl/private/ssl-cert-snakeoil.key',
124
+    ssl_chain_file          => '',
125
+    jenkins_username        => 'gerrit',
126
+    serveradmin             => 'jenkins@example.com',
127
+    project_config_repo     => hiera('project_config_repo'),
128
+    project_config_base     => '',
129
+  }
130
+}
131
+
132
+
133
+node openldap {
134
+
135
+  $dc = hiera("ldap_dc")
136
+  $dn = domain2dn(hiera("ldap_domain"))
137
+  $user = hiera('ldap_root_user')
138
+
139
+  class { 'ldap::server':
140
+    suffix  => $dn,
141
+    rootdn  => "cn=$user,$dn",
142
+    rootpw  => hiera('ldap_root_password'),
143
+    log_level => 1,
144
+  }
145
+
146
+  class { 'ldap::client':
147
+    uri      => 'ldap://openldap',
148
+    base     => "$dn",
149
+  }
150
+
151
+  $ldap_defaults = {
152
+    ensure   => present,
153
+    host     => 'openldap',
154
+    base     => "$dn",
155
+    port     => 389,
156
+    ssl      => false,
157
+    username => "cn=root,${dn}",
158
+    password => hiera('ldap_root_password')
159
+  }
160
+
161
+  $ldap_entries = {
162
+    "$dn"                   =>{
163
+      attributes => {
164
+        dc          => "$dc",
165
+        objectClass => ['top','domain'],
166
+        description => 'Tree root'
167
+      },
168
+    },
169
+    "ou=users,$dn"          =>{
170
+      attributes => {
171
+        ou         => "users",
172
+        objectClass=>['top', 'organizationalUnit'],
173
+        description=> "Users for ${dn}",
174
+      }
175
+    },
176
+    "uid=user,ou=users,$dn"          =>{
177
+      attributes => {
178
+        cn         => "user",
179
+        uid        => "user",
180
+        sn         => "user",
181
+        uidNumber  => 1001,
182
+        gidNumber  => 1001,
183
+        objectClass=> [
184
+          'top',
185
+          'posixAccount',
186
+          'shadowAccount',
187
+          'iNetOrgPerson',
188
+          'organizationalPerson'],
189
+        description=> "User",
190
+        gecos      => "user@$dn",
191
+        homeDirectory => "/home/user",
192
+        userPassword=> sha1digest(hiera('ldap_password')),
193
+        shadowLastChange=> "0",
194
+        shadowMax   => "0",
195
+        shadowWarning=> "0",
196
+        mail        => "mail@example.com"
197
+      }
198
+    },
199
+  }
200
+
201
+  create_resources('ldap_entry', $ldap_entries,$ldap_defaults)
202
+}

+ 56
- 0
murano-apps/CiCd2/package/UI/ui.yaml View File

@@ -0,0 +1,56 @@
1
+Version: 2
2
+
3
+Application:
4
+  ?:
5
+    type: org.openstack.ci_cd_pipeline_murano_app.v2.CiCdEnvironment
6
+  systemConfigUrl: $.appConfiguration.systemConfigUrl
7
+
8
+  flavor: $.instanceConfiguration.flavor
9
+  osImage: $.instanceConfiguration.osImage
10
+  keyPair: $.instanceConfiguration.keyPair
11
+  availabilityZone: $.instanceConfiguration.availabilityZone
12
+
13
+Forms:
14
+  - appConfiguration:
15
+      fields:
16
+        - name: name
17
+          type: string
18
+          initial: CICD2
19
+          label: Application name
20
+          descriptionTitle:
21
+          description:
22
+
23
+  - instanceConfiguration:
24
+      fields:
25
+        - name: title
26
+          type: string
27
+          required: false
28
+          hidden: true
29
+          description: Specify some instance parameters on which the application would be created
30
+        - name: flavor
31
+          type: flavor
32
+          label: Instance flavor
33
+          description: >-
34
+            Select registered in Openstack flavor. Consider that application performance
35
+            depends on this parameter.
36
+          initial: m1.medium
37
+          required: false
38
+        - name: osImage
39
+          type: image
40
+          imageType: linux
41
+          label: Instance image
42
+          description: >-
43
+            Select a valid image for the application. Image should already be prepared and
44
+            registered in glance.
45
+        - name: keyPair
46
+          type: keypair
47
+          label: Key Pair
48
+          description: >-
49
+            Select a Key Pair to control access to instances. You can login to
50
+            instances using this KeyPair after the deployment of application.
51
+          required: false
52
+        - name: availabilityZone
53
+          type: azone
54
+          label: Availability zone
55
+          description: Select availability zone where the application would be installed.
56
+          required: false

BIN
murano-apps/CiCd2/package/logo.png View File


+ 23
- 0
murano-apps/CiCd2/package/manifest.yaml View File

@@ -0,0 +1,23 @@
1
+Format: 1.2
2
+Type: Application
3
+FullName: org.openstack.ci_cd_pipeline_murano_app.v2.CiCd2
4
+Name: CiCd2
5
+Description: |
6
+  The One-click CI/CD installer. This application uses Puppet master to deploy
7
+  applications set
8
+
9
+Author: 'Mirantis, Inc'
10
+Tags: [Server, Puppet, CI]
11
+UI: ui.yaml
12
+Logo: logo.png
13
+Classes:
14
+  org.openstack.ci_cd_pipeline_murano_app.v2.CiCdEnvironment: CiCd2.yaml
15
+  org.openstack.ci_cd_pipeline_murano_app.v2.Configurator: Configurator.yaml
16
+  org.openstack.ci_cd_pipeline_murano_app.v2.GerritConfigurator: GerritConfigurator.yaml
17
+  org.openstack.ci_cd_pipeline_murano_app.v2.JenkinsConfigurator: JenkinsConfigurator.yaml
18
+  org.openstack.ci_cd_pipeline_murano_app.v2.NodepoolConfigurator: NodepoolConfigurator.yaml
19
+  org.openstack.ci_cd_pipeline_murano_app.v2.LdapConfigurator: LdapConfigurator.yaml
20
+Require:
21
+  org.openstack.ci_cd_pipeline_murano_app.utils.CiCdUtils:
22
+  org.openstack.ci_cd_pipeline_murano_app.puppet.Puppet:
23
+  org.openstack.ci_cd_pipeline_murano_app.puppet.SystemConfig:

+ 23
- 2
murano-apps/Puppet/package/Classes/PuppetClient.yaml View File

@@ -19,7 +19,7 @@ Name: PuppetClient
19 19
 
20 20
 Properties:
21 21
   instance:
22
-    Contract: $.class('org.openstack.ci_cd_pipeline_murano_app.puppet.PuppetInstance').notNull()
22
+    Contract: $.class(PuppetInstance).notNull()
23 23
 
24 24
   role:
25 25
     Contract: $.string().notNull()
@@ -42,6 +42,27 @@ Methods:
42 42
       - $res: new(conf:Linux).runCommand(
43 43
           agent => $this.instance.agent,
44 44
           command => 'puppet agent --test',
45
-          ignoreErrors => true).stdout
45
+          ignoreErrors => true,
46
+          captureStdout => false,
47
+          captureStderr => false).stdout
48
+
49
+      - Return: $res
50
+
51
+  #
52
+  # Run puppet agent.
53
+  # Get manifest from the server and apply it
54
+  #
55
+  runPuppetAgent:
56
+    Body:
57
+      - $command: >
58
+          puppet agent --config /etc/puppet/puppet.conf
59
+          --onetime --no-daemonize --verbose --no-splay
60
+
61
+      - $res: new(conf:Linux).runCommand(
62
+          agent => $this.instance.agent,
63
+          command => $command,
64
+          ignoreErrors => false,
65
+          captureStdout => false,
66
+          captureStderr => true).stdout
46 67
 
47 68
       - Return: $res

+ 6
- 1
murano-apps/Puppet/package/Classes/PuppetInstance.yaml View File

@@ -47,7 +47,8 @@ Methods:
47 47
   installPuppet:
48 48
     Body:
49 49
       - $._environment.reporter.report($this,
50
-        'Install puppet on instance "{0}" with id {1}'.format($.name, $.openstackId))
50
+        'Install puppet on instance "{0}" with id {1}'.format(
51
+          $.name, $.openstackId))
51 52
       - $resources: new(sys:Resources)
52 53
       - $template: $resources.yaml('InstallPuppet.template')
53 54
       - $.agent.call($template, $resources)
@@ -180,3 +181,7 @@ Methods:
180 181
       - $template: $resources.yaml('ApplyManifest.template').bind($parameters)
181 182
 
182 183
       - Return: $this.agent.call($template, $resources, $timeout)
184
+
185
+  runPuppetAgents:
186
+    Body:
187
+      - $this.clients.pselect( $.agentRun())

+ 6
- 1
murano-apps/Puppet/package/Classes/PuppetServer.yaml View File

@@ -63,7 +63,8 @@ Methods:
63 63
     Body:
64 64
       - $this._hosts: new(net:Hosts)
65 65
       - $this._hosts.addHostByInstance($this.masterInstance, 'puppet')
66
-      - $this.clients.pselect($this._hosts.addHostByInstance($.instance, $.role))
66
+      - $this.clients.pselect(
67
+          $this._hosts.addHostByInstance($.instance, $.role))
67 68
       - $this._hosts.applyTo($this.masterInstance)
68 69
       - $this.clients.pselect($this._hosts.applyTo($.instance))
69 70
 
@@ -118,3 +119,7 @@ Methods:
118 119
           environment => $environment,
119 120
           puppetfile => $puppetfileLink))
120 121
       - Return: $this.masterInstance.agent.call($template, $resources)
122
+
123
+  runPuppetAgents:
124
+    Body:
125
+      - $this.clients.select($.runPuppetAgent())

+ 6
- 2
murano-apps/Puppet/package/Resources/InstallDependencies.template View File

@@ -16,6 +16,10 @@ Scripts:
16 16
     EntryPoint: 'server/install_dependencies.sh'
17 17
     Files: []
18 18
     Options:
19
-      captureStdout: true
20
-      captureStderr: true
19
+      # The amout of information printed by script can be huge.
20
+      # More than Murano allows to collect.
21
+      # Thus we are forced to set "captureStdout" to false
22
+      captureStdout: false
23
+      # the same
24
+      captureStderr: false
21 25
       verifyExitcode: true

Loading…
Cancel
Save