/[adm]/puppet/modules/subversion/manifests/init.pp
ViewVC logotype

Annotation of /puppet/modules/subversion/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1688 - (hide annotations) (download)
Wed Jun 1 14:20:47 2011 UTC (10 years, 7 months ago) by boklm
File size: 10191 byte(s)
allow restricting commits to a user
1 misc 83 # should be replaced by vcsrepo
2     # https://github.com/reductivelabs/puppet-vcsrepo
3     # but not integrated in puppet directly for the moment
4     class subversion {
5    
6 misc 810 class tools {
7     package { "subversion-tools":
8     ensure => installed,
9     }
10     }
11 misc 83
12     class server {
13 misc 810 include subversion::tools
14     package { "subversion-server":
15 misc 83 ensure => installed,
16     }
17 dmorgan 131
18 misc 322 package { ["perl-SVN-Notify-Config", "perl-SVN-Notify-Mirror"]:
19 dmorgan 131 ensure => installed,
20     }
21 misc 299
22     $local_dir = "/usr/local/share/subversion/"
23     $local_dirs = ["$local_dir/pre-commit.d", "$local_dir/post-commit.d"]
24 misc 311 file { [$local_dir,$local_dirs]:
25     owner => root,
26     group => root,
27     mode => 755,
28     ensure => directory,
29 misc 299 }
30 misc 306
31 misc 324 # workaround the lack of umask command in puppet < 2.7
32 misc 323 file { "/usr/local/bin/create_svn_repo.sh":
33     ensure => present,
34     owner => root,
35     group => root,
36     mode => 755,
37     content => template('subversion/create_svn_repo.sh')
38     }
39    
40 boklm 650 file { "$local_dir/pre-commit.d/no_binary":
41     ensure => present,
42     owner => root,
43     group => root,
44     mode => 755,
45     content => template('subversion/no_binary')
46     }
47    
48 misc 307 file { "$local_dir/pre-commit.d/no_root_commit":
49     ensure => present,
50     owner => root,
51     group => root,
52     mode => 755,
53     content => template('subversion/no_root_commit')
54     }
55    
56     file { "$local_dir/pre-commit.d/no_empty_message":
57     ensure => present,
58     owner => root,
59     group => root,
60     mode => 755,
61     content => template('subversion/no_empty_message')
62     }
63    
64 misc 809 file { "$local_dir/pre-revprop-change":
65     ensure => present,
66     owner => root,
67     group => root,
68     mode => 755,
69     content => template('subversion/pre-revprop-change')
70     }
71    
72 misc 309 # TODO : add check for
73     # - ym perl -MYAML -e 'YAML::LoadFile("-");'
74     # - tt ( do not seem to be possible, but this would be great )
75     # - php php -l
76     # - python
77     # - named named-checkzone/named-checkconf ( may requires some interaction with facter/erb )
78     # - po msgfmt -c
79     # - openldap , like named
80    
81 misc 324 define syntax_check($regexp_ext,$check_cmd) {
82     file { "$local_dir/pre-commit.d/$name":
83     ensure => present,
84     owner => root,
85     group => root,
86     mode => 755,
87     content => template('subversion/syntax_check.sh')
88     }
89     }
90    
91    
92 misc 306 syntax_check{"check_perl":
93 misc 318 regexp_ext => "\.p[lm]$",
94 misc 306 check_cmd => "perl -c"
95     }
96 misc 318
97     syntax_check{"check_puppet":
98     regexp_ext => "\.pp$",
99 misc 693 check_cmd => "puppet --color=false --confdir=/tmp --vardir=/tmp --parseonly --ignoreimport"
100 misc 318 }
101    
102     syntax_check{"check_ruby":
103     regexp_ext => "\.rb$",
104     check_cmd => "ruby -c"
105     }
106    
107     syntax_check{"check_puppet_templates":
108     regexp_ext => "modules/.*/templates/.*$",
109 misc 1031 check_cmd => "erb -P -x -T - | ruby -c"
110 misc 318 }
111 misc 1587
112     syntax_check{"check_po":
113     regexp_ext => "\.po$",
114 misc 1595 check_cmd => "msgfmt -c -"
115 misc 1587 }
116    
117    
118 misc 83 }
119    
120 misc 319
121 misc 1271 define pre_commit_link() {
122     $scriptname = regsubst($name,'^.*/', '')
123 boklm 714 file { "${name}":
124     ensure => "/usr/local/share/subversion/pre-commit.d/$scriptname",
125 misc 319 owner => root,
126     group => root,
127     mode => 755,
128     }
129     }
130    
131 misc 298 # TODO
132 misc 309 # deploy a cronjob to make a backup file ( ie, dump in some directory )
133 misc 298
134 misc 324 # documentation :
135     # group : group that have commit access on the svn
136     # public : boolean if the svn is readable by anybody or not
137     # commit_mail : array of people who will receive mail after each commit
138 boklm 727 # cia_post : send commits to cia.vc
139     # cia_module : name of the module to send to cia.vc
140     # cia_ignore_author : a regexp to ignore commits from some authors
141     # no_binary : do not accept files with common binary extentions on this repository
142 boklm 1688 # restricted_to_user : restrict commits to select user
143 boklm 811 # syntax_check : array of pre-commit script with syntax check to add
144 misc 324 # extract_dir : hash of directory to update upon commit ( with svn update ),
145     # initial checkout is not handled, nor the permission
146     # TODO, handle the tags ( see svn::notify::mirror )
147    
148 misc 301 define repository ($group = "svn",
149 misc 302 $public = true,
150 misc 453 $commit_mail = '',
151 misc 1571 $i18n_mail = '',
152 boklm 704 $cia_post = true,
153 boklm 708 $cia_module = 'default',
154 boklm 726 $cia_ignore_author = '',
155 boklm 711 $no_binary = false,
156 boklm 1688 $restricted_to_user = false,
157 misc 807 $syntax_check = '',
158 misc 453 $extract_dir = '') {
159 misc 309 # check permissions
160 misc 301 # http://svnbook.red-bean.com/nightly/fr/svn.serverconfig.multimethod.html
161 misc 309 # $name ==> directory of the repo
162 misc 315 include subversion::server
163 misc 301 # TODO set umask -> requires puppet 2.7.0
164 misc 323 # unfortunatly, umask is required
165     # http://projects.puppetlabs.com/issues/4424
166     exec { "/usr/local/bin/create_svn_repo.sh $name":
167 misc 301 user => root,
168     group => $group,
169 misc 315 creates => "$name/hooks",
170     require => Package['subversion-tools'],
171 misc 301 }
172 misc 324
173     file { "$name":
174 misc 301 group => $group,
175 misc 312 owner => root,
176 misc 301 mode => $public ? {
177     true => 644,
178     false => 640
179     },
180     ensure => directory
181     }
182 misc 83
183 misc 320 file { ["$name/hooks/pre-commit","$name/hooks/post-commit"]:
184 misc 303 ensure => present,
185     owner => root,
186     group => root,
187     mode => 755,
188 misc 321 content => template("subversion/hook_commit.sh"),
189 misc 323 require => Exec["/usr/local/bin/create_svn_repo.sh $name"],
190 misc 303 }
191    
192 misc 320 file { ["$name/hooks/post-commit.d", "$name/hooks/pre-commit.d"]:
193 misc 303 ensure => directory,
194     owner => root,
195     group => root,
196     mode => 755,
197 misc 323 require => File["$name/hooks/pre-commit"],
198 misc 303 }
199    
200 misc 815 file { "$name/hooks/pre-revprop-change":
201 misc 906 ensure => "$subversion::server::local_dir/pre-revprop-change",
202 misc 815 owner => root,
203     group => root,
204     mode => 755,
205     }
206 boklm 1688
207     if $restricted_to_user {
208     file { "$name/hooks/pre-commit.d/restricted_to_user":
209     ensure => present,
210     owner => root,
211     group => root,
212     mode => 755,
213     content => template("subversion/restricted_to_user"),
214     }
215     }
216 misc 815
217 misc 304 if $commit_mail {
218     file { "$name/hooks/post-commit.d/send_mail":
219     ensure => present,
220     owner => root,
221     group => root,
222     mode => 755,
223 misc 321 content => template("subversion/hook_sendmail.pl"),
224 misc 323 require => [Package['perl-SVN-Notify-Config']],
225 misc 304 }
226 misc 305 }
227    
228 boklm 704 if $cia_post {
229     file { "$name/hooks/post-commit.d/cia.vc":
230     ensure => present,
231     owner => root,
232     group => root,
233     mode => 755,
234 boklm 706 content => template("subversion/ciabot_svn.sh"),
235 boklm 704 }
236    
237     }
238    
239 boklm 711 if $no_binary {
240 misc 1271 pre_commit_link { "$name/hooks/pre-commit.d/no_binary": }
241 boklm 711 }
242    
243 misc 305 if $extract_dir {
244     file { "$name/hooks/post-commit.d/extract_dir":
245     ensure => present,
246     owner => root,
247     group => root,
248     mode => 755,
249 misc 321 content => template("subversion/hook_extract.pl"),
250 misc 322 require => [Package['perl-SVN-Notify-Mirror']],
251 misc 305 }
252     }
253 misc 83
254 misc 1271 pre_commit_link { "$name/hooks/pre-commit.d/no_empty_message": }
255    
256     pre_commit_link { "$name/hooks/pre-commit.d/no_root_commit": }
257    
258 misc 807 if $syntax_check {
259 misc 1271 $syntax_check_array = regsubst($syntax_check,'^',"$name/hooks/pre-commit.d/")
260     pre_commit_link { $syntax_check_array: }
261 misc 807 }
262 misc 308 }
263    
264    
265 misc 83 class client {
266     package { subversion:
267     ensure => installed,
268     }
269 misc 101 # svn spam log with
270     # Oct 26 13:30:01 valstar svn: No worthy mechs found
271     # without it, source http://mail-index.netbsd.org/pkgsrc-users/2008/11/23/msg008706.html
272 misc 310 #
273     $sasl2_package = $architecture ? {
274     x86_64 => "lib64sasl2-plug-anonymous",
275     default => "libsasl2-plug-anonymous"
276     }
277    
278     package {"$sasl2_package":
279 misc 101 ensure => "installed"
280     }
281 misc 83 }
282    
283 misc 95 define snapshot($source, $refresh = '*/5', $user = 'root') {
284 misc 158
285 misc 161 include subversion::client
286 misc 158
287 misc 83 exec { "/usr/bin/svn co $source $name":
288     creates => $name,
289 misc 1034 user => $user,
290     require => Package['subversion']
291 misc 83 }
292    
293     cron { "update $name":
294     command => "cd $name && /usr/bin/svn update -q",
295     user => $user,
296 misc 1285 minute => $refresh,
297 misc 1286 require => Exec["/usr/bin/svn co $source $name"],
298 misc 83 }
299     }
300 misc 813
301     class mirror {
302     include subversion::tools
303     file { "/usr/local/bin/create_svn_mirror.sh":
304     ensure => present,
305     owner => root,
306     group => root,
307     mode => 755,
308     content => template('subversion/create_svn_mirror.sh')
309     }
310     }
311    
312     define mirror_repository($source,
313     $refresh = '*/5') {
314     include subversion::mirror
315    
316     exec { "/usr/local/bin/create_svn_mirror.sh $name $source":
317     creates => $name,
318     require => Package['subversion-tools']
319     }
320    
321     cron { "update $name":
322 misc 1303 command => "/usr/bin/svnsync synchronize -q file://$name",
323 misc 813 minute => $refresh,
324 misc 1286 require => Exec["/usr/local/bin/create_svn_mirror.sh $name $source"],
325 misc 813 }
326     }
327 misc 83 }

  ViewVC Help
Powered by ViewVC 1.1.28