diff options
author | Leif Johansson <leifj@sunet.se> | 2014-02-22 21:43:18 +0100 |
---|---|---|
committer | Leif Johansson <leifj@sunet.se> | 2014-02-22 21:43:18 +0100 |
commit | 31772848b3dfcf53971ae1a98020e1ff8875aa90 (patch) | |
tree | 623e644e57cec8d6956fe692ea22b69f5db77f59 /global | |
parent | 67337f5c7cba477b9e4a37d0e85ca5b0e7426f65 (diff) | |
parent | 9b801d3be8e0268994169729cf5d5dd4600367cb (diff) |
merged pull-request
Diffstat (limited to 'global')
-rwxr-xr-x | global/overlay/etc/puppet/cosmos_enc.py | 20 | ||||
-rwxr-xr-x | global/post-tasks.d/018packages | 20 |
2 files changed, 16 insertions, 24 deletions
diff --git a/global/overlay/etc/puppet/cosmos_enc.py b/global/overlay/etc/puppet/cosmos_enc.py index 63c3a66..131d161 100755 --- a/global/overlay/etc/puppet/cosmos_enc.py +++ b/global/overlay/etc/puppet/cosmos_enc.py @@ -5,20 +5,14 @@ import yaml import os import re -rules_path = os.environ.get("COSMOS_RULES_PATH","/etc/puppet") - node_name = sys.argv[1] -rules = dict() -for p in rules_path.split(":"): - rules_file = os.path.join(p,"cosmos-rules.yaml") - if os.path.exists(rules_file): - with open(rules_file) as fd: - rules.update(yaml.load(fd)) +db_file = os.environ.get("COSMOS_ENC_DB","/etc/puppet/cosmos-db.yaml") +db = dict(classes=dict()) + +if os.path.exists(db_file): + with open(db_file) as fd: + db.update(yaml.load(fd)) -classes = dict() -for reg,cls in rules.iteritems(): - if re.search(reg,node_name): - classes.update(cls) +print yaml.dump(dict(classes=db['classes'].get(node_name,dict()),parameters=dict(roles=db.get('members',[])))) -print yaml.dump(dict(classes=classes)) diff --git a/global/post-tasks.d/018packages b/global/post-tasks.d/018packages index 57dff1a..bf7bf64 100755 --- a/global/post-tasks.d/018packages +++ b/global/post-tasks.d/018packages @@ -3,7 +3,6 @@ CONFIG=${CONFIG:=/etc/puppet/cosmos-modules.conf} CACHE_DIR=/var/cache/puppet-modules MODULES_DIR=${MODULES_DIR:=/etc/puppet/cosmos-modules} -GIT_TAG_PATTERN=${COSMOS_UPDATE_VERIFY_GIT_TAG_PATTERN:-multiverse*} export GNUPGHOME=/etc/cosmos/gnupg python -c "import yaml" 2>/dev/null || apt-get -y install python-yaml @@ -24,7 +23,7 @@ if [ -f $CONFIG ]; then # First pass to clone any new modules, and update those marked for updating. grep -E -v "^#" $CONFIG | ( - while read module src update; do + while read module src update pattern; do # We only support git:// urls atm if [ "${src:0:6}" = "git://" ]; then if [ ! -d $CACHE_DIR/scm/$module ]; then @@ -47,23 +46,22 @@ if [ -f $CONFIG ]; then # Second pass to verify the signatures on all modules and stage those that # have good signatures. grep -E -v "^#" $CONFIG | ( - while read module src update; do + while read module src update pattern; do # We only support git:// urls atm if [ "${src:0:6}" = "git://" ]; then # Verify git tag cd $CACHE_DIR/scm/$module - TAG=$(git tag -l $GIT_TAG_PATTERN | sort | tail -1) + TAG=$(git tag -l "${pattern:-*}" | sort | tail -1) if [ "$COSMOS_VERBOSE" = "y" ]; then echo "" echo "Checking signature on tag ${TAG} for puppet-module $module" fi if [ -z "$TAG" ]; then - echo "ERROR: No git tag found for pattern '$GIT_TAG_PATTERN' on puppet-module $module" + echo "ERROR: No git tag found for pattern '${pattern:-*}' on puppet-module $module" continue fi - fail=1 - git tag -v $TAG > /dev/null 2>&1 && fail=0 - if [ $fail == 0 ]; then + git tag -v $TAG &> /dev/null + if [ $? == 0 ]; then if [ "$COSMOS_VERBOSE" = "y" ]; then # short output on good signature git tag -v $TAG 2>&1 | grep "gpg: Good signature" @@ -82,9 +80,9 @@ if [ -f $CONFIG ]; then # Cleanup removed puppet modules from CACHE_DIR for MODULE in $(ls -1 $CACHE_DIR/staging/); do - if ! grep -E -q "^$MODULE\s+" $CONFIG; then - rm -rf $CACHE_DIR/{scm,staging}/$MODULE - fi + if ! grep -E -q "^$MODULE\s+" $CONFIG; then + rm -rf $CACHE_DIR/{scm,staging}/$MODULE + fi done # Installing verified puppet modules |