diff options
| author | mail_redacted_for_web | 2015-10-30 13:04:42 -0700 |
|---|---|---|
| committer | mail_redacted_for_web | 2015-10-30 13:19:33 -0700 |
| commit | 8e271e3043fd55ce7c39f520360214e6844085af (patch) | |
| tree | e40c775c3df30f96b5980fb8544860cf776d9928 | |
| parent | 3fcf6e3d5e631491272a39177448c97b431ea477 (diff) | |
| download | control-repo-template-8e271e3043fd55ce7c39f520360214e6844085af.tar.bz2 | |
Change the zack/r10k webhook to utilize username and password
To accomodate generating random usernames and passwords, I had
to parameterize the profiles which I didn't feel great about
but I also didn't want to have to put the username and pass in
hiera.
| -rw-r--r-- | site/profile/manifests/puppetmaster.pp | 7 | ||||
| -rw-r--r-- | site/profile/manifests/webhook_no_mcollective.pp | 9 | ||||
| -rw-r--r-- | site/role/manifests/all_in_one_pe.pp | 14 |
3 files changed, 24 insertions, 6 deletions
diff --git a/site/profile/manifests/puppetmaster.pp b/site/profile/manifests/puppetmaster.pp index d306ad5..d3f1a87 100644 --- a/site/profile/manifests/puppetmaster.pp +++ b/site/profile/manifests/puppetmaster.pp @@ -1,4 +1,7 @@ -class profile::puppetmaster { +class profile::puppetmaster ( + $webhook_username, + $webhook_password +) { class { 'hiera': hierarchy => [ @@ -38,7 +41,7 @@ class profile::puppetmaster { git_webhook { "web_post_receive_webhook-${::fqdn}" : ensure => present, - webhook_url => "https://${::fqdn}:8088/payload", + webhook_url => "https://${webhook_username}:${webhook_password}@${::fqdn}:8088/payload", token => hiera('gms_api_token'), project_name => 'puppet/control-repo', server_url => hiera('gms_server_url'), diff --git a/site/profile/manifests/webhook_no_mcollective.pp b/site/profile/manifests/webhook_no_mcollective.pp index f4f50d7..dc7b1aa 100644 --- a/site/profile/manifests/webhook_no_mcollective.pp +++ b/site/profile/manifests/webhook_no_mcollective.pp @@ -1,8 +1,13 @@ -class profile::webhook_no_mcollective { +class profile::webhook_no_mcollective ( + $username, + $password +) { class {'r10k::webhook::config': enable_ssl => true, - protected => false, + protected => true, + user => $username, + pass => $password, use_mcollective => false, } diff --git a/site/role/manifests/all_in_one_pe.pp b/site/role/manifests/all_in_one_pe.pp index f34a261..3762325 100644 --- a/site/role/manifests/all_in_one_pe.pp +++ b/site/role/manifests/all_in_one_pe.pp @@ -1,6 +1,16 @@ class role::all_in_one_pe { - include profile::webhook_no_mcollective - include profile::puppetmaster + $webhook_username = hiera('webhook_username', fqdn_rand_string(10, '', 'username')) + $webhook_password = hiera('webhook_password', fqdn_rand_string(20, '', 'password')) + + class { 'profile::puppetmaster' : + webhook_username => $webhook_username, + webhook_password => $webhook_password, + } + + class { 'profile::webhook_no_mcollective' : + username => $webhook_username, + password => $webhook_password, + } } |