diff options
Diffstat (limited to 'modules/subversion/manifests')
| -rw-r--r-- | modules/subversion/manifests/client.pp | 13 | ||||
| -rw-r--r-- | modules/subversion/manifests/hook.pp | 9 | ||||
| -rw-r--r-- | modules/subversion/manifests/hook/post_commit.pp | 6 | ||||
| -rw-r--r-- | modules/subversion/manifests/hook/pre_commit.pp | 6 | ||||
| -rw-r--r-- | modules/subversion/manifests/init.pp | 247 | ||||
| -rw-r--r-- | modules/subversion/manifests/mirror.pp | 6 | ||||
| -rw-r--r-- | modules/subversion/manifests/mirror_repository.pp | 15 | ||||
| -rw-r--r-- | modules/subversion/manifests/pre_commit_link.pp | 8 | ||||
| -rw-r--r-- | modules/subversion/manifests/repository.pp | 132 | ||||
| -rw-r--r-- | modules/subversion/manifests/snapshot.pp | 21 | ||||
| -rw-r--r-- | modules/subversion/manifests/tools.pp | 3 |
11 files changed, 289 insertions, 177 deletions
diff --git a/modules/subversion/manifests/client.pp b/modules/subversion/manifests/client.pp new file mode 100644 index 00000000..083a58da --- /dev/null +++ b/modules/subversion/manifests/client.pp @@ -0,0 +1,13 @@ +class subversion::client { + # svn spam log with + # Oct 26 13:30:01 valstar svn: No worthy mechs found + # without it, + # https://mail-index.netbsd.org/pkgsrc-users/2008/11/23/msg008706.html + # + $sasl2_package = $::architecture ? { + x86_64 => 'lib64sasl2-plug-anonymous', + default => 'libsasl2-plug-anonymous' + } + + package { ['subversion', $sasl2_package]: } +} diff --git a/modules/subversion/manifests/hook.pp b/modules/subversion/manifests/hook.pp new file mode 100644 index 00000000..a29ae22d --- /dev/null +++ b/modules/subversion/manifests/hook.pp @@ -0,0 +1,9 @@ +define subversion::hook($content, $type) { + $array = split($name,'\|') + $repo = $array[0] + $script = $array[1] + file { "${repo}/hooks/${type}.d/${script}": + content => $content, + mode => '0755', + } +} diff --git a/modules/subversion/manifests/hook/post_commit.pp b/modules/subversion/manifests/hook/post_commit.pp new file mode 100644 index 00000000..90d939cd --- /dev/null +++ b/modules/subversion/manifests/hook/post_commit.pp @@ -0,0 +1,6 @@ +define subversion::hook::post_commit($content) { + hook { $name: + content => $content, + type => 'post-commit', + } +} diff --git a/modules/subversion/manifests/hook/pre_commit.pp b/modules/subversion/manifests/hook/pre_commit.pp new file mode 100644 index 00000000..fa44b168 --- /dev/null +++ b/modules/subversion/manifests/hook/pre_commit.pp @@ -0,0 +1,6 @@ +define subversion::hook::pre_commit($content) { + hook { $name: + content => $content, + type => 'pre-commit', + } +} diff --git a/modules/subversion/manifests/init.pp b/modules/subversion/manifests/init.pp index 638fa1ec..9f009b5e 100644 --- a/modules/subversion/manifests/init.pp +++ b/modules/subversion/manifests/init.pp @@ -2,49 +2,62 @@ # https://github.com/reductivelabs/puppet-vcsrepo # but not integrated in puppet directly for the moment class subversion { + class server { + include subversion::tools + package { 'subversion-server': } - class server { - package { ["subversion-server", "subversion-tools"]: - ensure => installed, + $svn_base_path = '/svn/' + + xinetd::service { 'svnserve': + content => template('subversion/xinetd') } - package { ["perl-SVN-Notify-Config", "perl-SVN-Notify-Mirror"]: - ensure => installed, + file { $svn_base_path: + ensure => directory, } - - $local_dir = "/usr/local/share/subversion/" - $local_dirs = ["$local_dir/pre-commit.d", "$local_dir/post-commit.d"] + + package { ['perl-SVN-Notify-Config', 'perl-SVN-Notify-Mirror']: } + + $local_dir = '/usr/local/share/subversion/' + $local_dirs = ["${local_dir}/pre-commit.d", "${local_dir}/post-commit.d"] file { [$local_dir,$local_dirs]: - owner => root, - group => root, - mode => 755, - ensure => directory, + ensure => directory, } - # workaround the lack of umask command in puppet < 2.7 - file { "/usr/local/bin/create_svn_repo.sh": - ensure => present, - owner => root, - group => root, - mode => 755, - content => template('subversion/create_svn_repo.sh') - } + # workaround the lack of umask command in puppet < 2.7 + mga_common::local_script { 'create_svn_repo.sh': + content => template('subversion/create_svn_repo.sh') + } - file { "$local_dir/pre-commit.d/no_root_commit": - ensure => present, - owner => root, - group => root, - mode => 755, - content => template('subversion/no_root_commit') + file { "${local_dir}/pre-commit.d/no_binary": + mode => '0755', + content => template('subversion/no_binary') } - file { "$local_dir/pre-commit.d/no_empty_message": - ensure => present, - owner => root, - group => root, - mode => 755, - content => template('subversion/no_empty_message') + file { "${local_dir}/pre-commit.d/no_root_commit": + mode => '0755', + content => template('subversion/no_root_commit') + } + + file { "${local_dir}/pre-commit.d/no_empty_message": + mode => '0755', + content => template('subversion/no_empty_message') + } + + file { "${local_dir}/pre-commit.d/single_word_commit": + mode => '0755', + content => template('subversion/single_word_commit') + } + + file { "${local_dir}/pre-revprop-change": + mode => '0755', + content => template('subversion/pre-revprop-change') + } + + file { "${local_dir}/pre-commit.d/converted_to_git": + mode => '0755', + content => template('subversion/converted_to_git') } # TODO : add check for @@ -57,166 +70,46 @@ class subversion { # - openldap , like named define syntax_check($regexp_ext,$check_cmd) { - file { "$local_dir/pre-commit.d/$name": - ensure => present, - owner => root, - group => root, - mode => 755, - content => template('subversion/syntax_check.sh') + file { "${subversion::server::local_dir}/pre-commit.d/${name}": + mode => '0755', + content => template('subversion/syntax_check.sh') } } - syntax_check{"check_perl": - regexp_ext => "\.p[lm]$", - check_cmd => "perl -c" - } - - syntax_check{"check_puppet": - regexp_ext => "\.pp$", - check_cmd => "puppet --color=false --confdir=/tmp --vardir=/tmp --parseonly" - } - - syntax_check{"check_ruby": - regexp_ext => "\.rb$", - check_cmd => "ruby -c" + syntax_check{'check_perl': + regexp_ext => '\.p[lm]$', + check_cmd => 'perl -c' } - syntax_check{"check_puppet_templates": - regexp_ext => "modules/.*/templates/.*$", - check_cmd => "erb -x -T - | ruby -c" + syntax_check{'check_puppet': + regexp_ext => '\.pp$', + check_cmd => 'puppet parser validate -' } - } - - # FIXME ugly - define pre_commit_link($directory) { - file { "pre_commit_link-${name}": - path => "$directory/$name", - ensure => "/usr/local/share/subversion/pre-commit.d/$name", - owner => root, - group => root, - mode => 755, - } - } - - # TODO - # deploy a cronjob to make a backup file ( ie, dump in some directory ) - - # documentation : - # group : group that have commit access on the svn - # public : boolean if the svn is readable by anybody or not - # commit_mail : array of people who will receive mail after each commit - # syntax_check : array of pre-commit script with syntax check to add - # extract_dir : hash of directory to update upon commit ( with svn update ), - # initial checkout is not handled, nor the permission - # TODO, handle the tags ( see svn::notify::mirror ) - - define repository ($group = "svn", - $public = true, - $commit_mail = [], - $syntax_check = [], - $extract_dir = []) { - # check permissions - # http://svnbook.red-bean.com/nightly/fr/svn.serverconfig.multimethod.html - # $name ==> directory of the repo - include subversion::server - # TODO set umask -> requires puppet 2.7.0 - # unfortunatly, umask is required - # http://projects.puppetlabs.com/issues/4424 - exec { "/usr/local/bin/create_svn_repo.sh $name": - user => root, - group => $group, - creates => "$name/hooks", - require => Package['subversion-tools'], - } - - file { "$name": - group => $group, - owner => root, - mode => $public ? { - true => 644, - false => 640 - }, - ensure => directory - } - - file { ["$name/hooks/pre-commit","$name/hooks/post-commit"]: - ensure => present, - owner => root, - group => root, - mode => 755, - content => template("subversion/hook_commit.sh"), - require => Exec["/usr/local/bin/create_svn_repo.sh $name"], - } - - file { ["$name/hooks/post-commit.d", "$name/hooks/pre-commit.d"]: - ensure => directory, - owner => root, - group => root, - mode => 755, - require => File["$name/hooks/pre-commit"], - } - - if $commit_mail { - file { "$name/hooks/post-commit.d/send_mail": - ensure => present, - owner => root, - group => root, - mode => 755, - content => template("subversion/hook_sendmail.pl"), - require => [Package['perl-SVN-Notify-Config']], - } + syntax_check{'check_ruby': + regexp_ext => '\.rb$', + check_cmd => 'ruby -c' } - if $extract_dir { - file { "$name/hooks/post-commit.d/extract_dir": - ensure => present, - owner => root, - group => root, - mode => 755, - content => template("subversion/hook_extract.pl"), - require => [Package['perl-SVN-Notify-Mirror']], - } + syntax_check{'check_puppet_templates': + regexp_ext => 'modules/.*/templates/.*$', + check_cmd => 'erb -P -x -T - | ruby -c' } - pre_commit_link { ['no_empty_message','no_root_commit', $syntax_check]: - directory => "$name/hooks/pre-commit.d/" - } - } - - - class client { - package { subversion: - ensure => installed, - } - # svn spam log with - # Oct 26 13:30:01 valstar svn: No worthy mechs found - # without it, source http://mail-index.netbsd.org/pkgsrc-users/2008/11/23/msg008706.html - # - $sasl2_package = $architecture ? { - x86_64 => "lib64sasl2-plug-anonymous", - default => "libsasl2-plug-anonymous" - } - - package {"$sasl2_package": - ensure => "installed" + syntax_check{'check_po': + regexp_ext => '\.po$', + check_cmd => 'msgfmt -c -' } - } - - define snapshot($source, $refresh = '*/5', $user = 'root') { - include subversion::client - - exec { "/usr/bin/svn co $source $name": - creates => $name, - user => $user, + syntax_check{'check_php': + regexp_ext => '\.php$', + check_cmd => 'php -d display_errors=1 -d error_reporting="E_ALL|E_STRICT" -l' } - cron { "update $name": - command => "cd $name && /usr/bin/svn update -q", - user => $user, - minute => $refresh - } + # needed for check_php + package { 'php-cli': } } + # TODO + # deploy a cronjob to make a backup file ( ie, dump in some directory ) } diff --git a/modules/subversion/manifests/mirror.pp b/modules/subversion/manifests/mirror.pp new file mode 100644 index 00000000..2285ecb2 --- /dev/null +++ b/modules/subversion/manifests/mirror.pp @@ -0,0 +1,6 @@ +class subversion::mirror { + include subversion::tools + mga_common::local_script { 'create_svn_mirror.sh': + content => template('subversion/create_svn_mirror.sh') + } +} diff --git a/modules/subversion/manifests/mirror_repository.pp b/modules/subversion/manifests/mirror_repository.pp new file mode 100644 index 00000000..1e0fabd3 --- /dev/null +++ b/modules/subversion/manifests/mirror_repository.pp @@ -0,0 +1,15 @@ +define subversion::mirror_repository( $source, + $refresh = '*/5') { + include subversion::mirror + + exec { "/usr/local/bin/create_svn_mirror.sh ${name} ${source}": + creates => $name, + require => Package['subversion-tools'] + } + + cron { "update ${name}": + command => "/usr/bin/svnsync synchronize -q file://${name}", + minute => $refresh, + require => Exec["/usr/local/bin/create_svn_mirror.sh ${name} ${source}"], + } +} diff --git a/modules/subversion/manifests/pre_commit_link.pp b/modules/subversion/manifests/pre_commit_link.pp new file mode 100644 index 00000000..fa3c2b2c --- /dev/null +++ b/modules/subversion/manifests/pre_commit_link.pp @@ -0,0 +1,8 @@ +define subversion::pre_commit_link() { + $scriptname = regsubst($name,'^.*/', '') + file { $name: + ensure => 'link', + target => "/usr/local/share/subversion/pre-commit.d/${scriptname}", + mode => '0755', + } +} diff --git a/modules/subversion/manifests/repository.pp b/modules/subversion/manifests/repository.pp new file mode 100644 index 00000000..b223e6ae --- /dev/null +++ b/modules/subversion/manifests/repository.pp @@ -0,0 +1,132 @@ +# documentation : +# group : group that have commit access on the svn +# public : boolean if the svn is readable by anybody or not +# commit_mail : array of people who will receive mail after each commit +# irker_conf : hash containing irker config values. See man irkerhook +# for possible values in irker.conf. +# irkerhook_path : path to irkerhook.py script +# no_binary : do not accept files with common binary extensions +# on this repository +# restricted_to_user : restrict commits to select user +# syntax_check : array of pre-commit script with syntax check to add +# extract_dir : hash of directory to update upon commit ( with svn update ), +# initial checkout is not handled, nor the permission +# TODO, handle the tags ( see svn::notify::mirror ) + +define subversion::repository($group = 'svn', + $public = true, + $commit_mail = '', + $irker_conf = undef, + $irkerhook_path = '/usr/lib/irker/irkerhook.py', + $i18n_mail = '', + $no_binary = false, + $restricted_to_user = false, + $syntax_check = '', + $extract_dir = '') { + # check permissions + # https://svnbook.red-bean.com/nightly/fr/svn.serverconfig.multimethod.html + # $name ==> directory of the repo + include subversion::server + # TODO set umask -> requires puppet 2.7.0 + # unfortunately, umask is required + # https://projects.puppetlabs.com/issues/4424 + exec { "/usr/local/bin/create_svn_repo.sh ${name}": + user => 'root', + group => $group, + creates => "${name}/hooks", + require => Package['subversion-tools'], + } + + file { $name: + ensure => directory, + group => $group, + owner => 'root', + mode => $public ? { + true => '0644', + false => '0640', + }, + } + + file { ["${name}/hooks/pre-commit","${name}/hooks/post-commit"]: + mode => '0755', + content => template('subversion/hook_commit.sh'), + require => Exec["/usr/local/bin/create_svn_repo.sh ${name}"], + } + + file { ["${name}/hooks/post-commit.d", "${name}/hooks/pre-commit.d"]: + ensure => directory, + require => File["${name}/hooks/pre-commit"], + } + + file { "${name}/hooks/pre-revprop-change": + ensure => "${subversion::server::local_dir}/pre-revprop-change", + mode => '0755', + require => File["${name}/hooks/pre-commit"], + } + + if $restricted_to_user { + subversion::hook::pre_commit { "${name}|restricted_to_user": + content => template('subversion/restricted_to_user'), + } + } else { + file { "${name}/hooks/pre-commit.d/restricted_to_user": + ensure => absent, + } + } + + if $commit_mail { + subversion::hook::post_commit { "${name}|send_mail": + content => template('subversion/hook_sendmail.pl'), + require => Package['perl-SVN-Notify-Config'], + } + } else { + file { "${name}/hooks/post-commit.d/send_mail": + ensure => absent, + } + } + + + if $irker_conf { + subversion::hook::post_commit { "${name}|irker": + content => template('subversion/hook_irker'), + } + file { "${name}/irker.conf": + content => template('subversion/irker.conf'), + } + } else { + file { "${name}/hooks/post-commit.d/irker": + ensure => absent, + } + } + + + if $no_binary { + pre_commit_link { "${name}/hooks/pre-commit.d/no_binary": } + } else { + file { "${name}/hooks/pre-commit.d/no_binary": + ensure => absent, + } + } + + if $extract_dir { + subversion::hook::post_commit {"${name}|extract_dir": + content => template('subversion/hook_extract.pl'), + require => [Package['perl-SVN-Notify-Mirror']], + } + } else { + file { "${name}/hooks/post-commit.d/extract_dir": + ensure => absent, + } + } + + pre_commit_link { "${name}/hooks/pre-commit.d/no_empty_message": } + + pre_commit_link { "${name}/hooks/pre-commit.d/no_root_commit": } + + pre_commit_link { "${name}/hooks/pre-commit.d/converted_to_git": } + + if $syntax_check { + $syntax_check_array = regsubst($syntax_check,'^',"${name}/hooks/pre-commit.d/") + pre_commit_link { $syntax_check_array: } + } +} diff --git a/modules/subversion/manifests/snapshot.pp b/modules/subversion/manifests/snapshot.pp new file mode 100644 index 00000000..00e66dde --- /dev/null +++ b/modules/subversion/manifests/snapshot.pp @@ -0,0 +1,21 @@ +define subversion::snapshot($source, + $refresh = '*/5', + $user = 'root') { + + include subversion::client + + exec { "/usr/bin/svn co ${source} ${name}": + creates => $name, + user => $user, + require => Package['subversion'], + } + + if ($refresh != '0') { + cron { "update ${name}": + command => "cd ${name} && /usr/bin/svn update -q", + user => $user, + minute => $refresh, + require => Exec["/usr/bin/svn co ${source} ${name}"], + } + } +} diff --git a/modules/subversion/manifests/tools.pp b/modules/subversion/manifests/tools.pp new file mode 100644 index 00000000..39d86373 --- /dev/null +++ b/modules/subversion/manifests/tools.pp @@ -0,0 +1,3 @@ +class subversion::tools { + package { 'subversion-tools': } +} |