From 4c2be74083287516b72ab4f3ccaaf317ea7a2eb0 Mon Sep 17 00:00:00 2001 From: Nick Walker Date: Wed, 11 Nov 2015 13:41:34 -0800 Subject: Add support for code manager which will replace zack r10k Add pltraing-rbac module Added a new profile for code_manager that: - creates a service users for code manager - creates a token for that service user - creates a hook on a git server using the token Turns out that the file function in puppet cannot read files in /root. The pe-puppet user needs read permissions on the file and traversal on the directory which giving to /root would probably be a bad idea. So, I just put the file containing the token in /etc/puppetlabs/puppetserver since I'm not sure where would be better. --- site/profile/manifests/zack_r10k_webhook.pp | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'site/profile/manifests/zack_r10k_webhook.pp') diff --git a/site/profile/manifests/zack_r10k_webhook.pp b/site/profile/manifests/zack_r10k_webhook.pp index 7e0bd40..3dae9d7 100644 --- a/site/profile/manifests/zack_r10k_webhook.pp +++ b/site/profile/manifests/zack_r10k_webhook.pp @@ -26,4 +26,15 @@ class profile::zack_r10k_webhook ( require => Class['r10k::webhook::config'], } + if !empty($gms_api_token) { + git_webhook { "web_post_receive_webhook-${::fqdn}" : + ensure => present, + webhook_url => "https://${username}:${password}@${::fqdn}:8088/payload", + token => $gms_api_token, + project_name => 'puppet/control-repo', + server_url => hiera('gms_server_url'), + provider => $git_management_system, + disable_ssl_verify => true, + } + } } -- cgit v1.2.3