1 |
# should be replaced by vcsrepo |
2 |
# https://github.com/reductivelabs/puppet-vcsrepo |
3 |
# but not integrated in puppet directly for the moment |
4 |
class subversion { |
5 |
|
6 |
class tools { |
7 |
package { "subversion-tools": |
8 |
ensure => installed, |
9 |
} |
10 |
} |
11 |
|
12 |
class server { |
13 |
include subversion::tools |
14 |
package { "subversion-server": |
15 |
ensure => installed, |
16 |
} |
17 |
|
18 |
package { ["perl-SVN-Notify-Config", "perl-SVN-Notify-Mirror"]: |
19 |
ensure => installed, |
20 |
} |
21 |
|
22 |
$local_dir = "/usr/local/share/subversion/" |
23 |
$local_dirs = ["$local_dir/pre-commit.d", "$local_dir/post-commit.d"] |
24 |
file { [$local_dir,$local_dirs]: |
25 |
owner => root, |
26 |
group => root, |
27 |
mode => 755, |
28 |
ensure => directory, |
29 |
} |
30 |
|
31 |
# workaround the lack of umask command in puppet < 2.7 |
32 |
file { "/usr/local/bin/create_svn_repo.sh": |
33 |
ensure => present, |
34 |
owner => root, |
35 |
group => root, |
36 |
mode => 755, |
37 |
content => template('subversion/create_svn_repo.sh') |
38 |
} |
39 |
|
40 |
file { "$local_dir/pre-commit.d/no_binary": |
41 |
ensure => present, |
42 |
owner => root, |
43 |
group => root, |
44 |
mode => 755, |
45 |
content => template('subversion/no_binary') |
46 |
} |
47 |
|
48 |
file { "$local_dir/pre-commit.d/no_root_commit": |
49 |
ensure => present, |
50 |
owner => root, |
51 |
group => root, |
52 |
mode => 755, |
53 |
content => template('subversion/no_root_commit') |
54 |
} |
55 |
|
56 |
file { "$local_dir/pre-commit.d/no_empty_message": |
57 |
ensure => present, |
58 |
owner => root, |
59 |
group => root, |
60 |
mode => 755, |
61 |
content => template('subversion/no_empty_message') |
62 |
} |
63 |
|
64 |
file { "$local_dir/pre-revprop-change": |
65 |
ensure => present, |
66 |
owner => root, |
67 |
group => root, |
68 |
mode => 755, |
69 |
content => template('subversion/pre-revprop-change') |
70 |
} |
71 |
|
72 |
# TODO : add check for |
73 |
# - ym perl -MYAML -e 'YAML::LoadFile("-");' |
74 |
# - tt ( do not seem to be possible, but this would be great ) |
75 |
# - php php -l |
76 |
# - python |
77 |
# - named named-checkzone/named-checkconf ( may requires some interaction with facter/erb ) |
78 |
# - po msgfmt -c |
79 |
# - openldap , like named |
80 |
|
81 |
define syntax_check($regexp_ext,$check_cmd) { |
82 |
file { "$local_dir/pre-commit.d/$name": |
83 |
ensure => present, |
84 |
owner => root, |
85 |
group => root, |
86 |
mode => 755, |
87 |
content => template('subversion/syntax_check.sh') |
88 |
} |
89 |
} |
90 |
|
91 |
|
92 |
syntax_check{"check_perl": |
93 |
regexp_ext => "\.p[lm]$", |
94 |
check_cmd => "perl -c" |
95 |
} |
96 |
|
97 |
syntax_check{"check_puppet": |
98 |
regexp_ext => "\.pp$", |
99 |
check_cmd => "puppet --color=false --confdir=/tmp --vardir=/tmp --parseonly --ignoreimport" |
100 |
} |
101 |
|
102 |
syntax_check{"check_ruby": |
103 |
regexp_ext => "\.rb$", |
104 |
check_cmd => "ruby -c" |
105 |
} |
106 |
|
107 |
syntax_check{"check_puppet_templates": |
108 |
regexp_ext => "modules/.*/templates/.*$", |
109 |
check_cmd => "erb -P -x -T - | ruby -c" |
110 |
} |
111 |
|
112 |
syntax_check{"check_po": |
113 |
regexp_ext => "\.po$", |
114 |
check_cmd => "msgfmt -c -" |
115 |
} |
116 |
|
117 |
|
118 |
} |
119 |
|
120 |
|
121 |
define pre_commit_link() { |
122 |
$scriptname = regsubst($name,'^.*/', '') |
123 |
file { "${name}": |
124 |
ensure => "/usr/local/share/subversion/pre-commit.d/$scriptname", |
125 |
owner => root, |
126 |
group => root, |
127 |
mode => 755, |
128 |
} |
129 |
} |
130 |
|
131 |
# TODO |
132 |
# deploy a cronjob to make a backup file ( ie, dump in some directory ) |
133 |
|
134 |
# documentation : |
135 |
# group : group that have commit access on the svn |
136 |
# public : boolean if the svn is readable by anybody or not |
137 |
# commit_mail : array of people who will receive mail after each commit |
138 |
# cia_post : send commits to cia.vc |
139 |
# cia_module : name of the module to send to cia.vc |
140 |
# cia_ignore_author : a regexp to ignore commits from some authors |
141 |
# no_binary : do not accept files with common binary extentions on this repository |
142 |
# syntax_check : array of pre-commit script with syntax check to add |
143 |
# extract_dir : hash of directory to update upon commit ( with svn update ), |
144 |
# initial checkout is not handled, nor the permission |
145 |
# TODO, handle the tags ( see svn::notify::mirror ) |
146 |
|
147 |
define repository ($group = "svn", |
148 |
$public = true, |
149 |
$commit_mail = '', |
150 |
$i18n_mail = '', |
151 |
$cia_post = true, |
152 |
$cia_module = 'default', |
153 |
$cia_ignore_author = '', |
154 |
$no_binary = false, |
155 |
$syntax_check = '', |
156 |
$extract_dir = '') { |
157 |
# check permissions |
158 |
# http://svnbook.red-bean.com/nightly/fr/svn.serverconfig.multimethod.html |
159 |
# $name ==> directory of the repo |
160 |
include subversion::server |
161 |
# TODO set umask -> requires puppet 2.7.0 |
162 |
# unfortunatly, umask is required |
163 |
# http://projects.puppetlabs.com/issues/4424 |
164 |
exec { "/usr/local/bin/create_svn_repo.sh $name": |
165 |
user => root, |
166 |
group => $group, |
167 |
creates => "$name/hooks", |
168 |
require => Package['subversion-tools'], |
169 |
} |
170 |
|
171 |
file { "$name": |
172 |
group => $group, |
173 |
owner => root, |
174 |
mode => $public ? { |
175 |
true => 644, |
176 |
false => 640 |
177 |
}, |
178 |
ensure => directory |
179 |
} |
180 |
|
181 |
file { ["$name/hooks/pre-commit","$name/hooks/post-commit"]: |
182 |
ensure => present, |
183 |
owner => root, |
184 |
group => root, |
185 |
mode => 755, |
186 |
content => template("subversion/hook_commit.sh"), |
187 |
require => Exec["/usr/local/bin/create_svn_repo.sh $name"], |
188 |
} |
189 |
|
190 |
file { ["$name/hooks/post-commit.d", "$name/hooks/pre-commit.d"]: |
191 |
ensure => directory, |
192 |
owner => root, |
193 |
group => root, |
194 |
mode => 755, |
195 |
require => File["$name/hooks/pre-commit"], |
196 |
} |
197 |
|
198 |
file { "$name/hooks/pre-revprop-change": |
199 |
ensure => "$subversion::server::local_dir/pre-revprop-change", |
200 |
owner => root, |
201 |
group => root, |
202 |
mode => 755, |
203 |
} |
204 |
|
205 |
if $commit_mail { |
206 |
file { "$name/hooks/post-commit.d/send_mail": |
207 |
ensure => present, |
208 |
owner => root, |
209 |
group => root, |
210 |
mode => 755, |
211 |
content => template("subversion/hook_sendmail.pl"), |
212 |
require => [Package['perl-SVN-Notify-Config']], |
213 |
} |
214 |
} |
215 |
|
216 |
if $cia_post { |
217 |
file { "$name/hooks/post-commit.d/cia.vc": |
218 |
ensure => present, |
219 |
owner => root, |
220 |
group => root, |
221 |
mode => 755, |
222 |
content => template("subversion/ciabot_svn.sh"), |
223 |
} |
224 |
|
225 |
} |
226 |
|
227 |
if $no_binary { |
228 |
pre_commit_link { "$name/hooks/pre-commit.d/no_binary": } |
229 |
} |
230 |
|
231 |
if $extract_dir { |
232 |
file { "$name/hooks/post-commit.d/extract_dir": |
233 |
ensure => present, |
234 |
owner => root, |
235 |
group => root, |
236 |
mode => 755, |
237 |
content => template("subversion/hook_extract.pl"), |
238 |
require => [Package['perl-SVN-Notify-Mirror']], |
239 |
} |
240 |
} |
241 |
|
242 |
pre_commit_link { "$name/hooks/pre-commit.d/no_empty_message": } |
243 |
|
244 |
pre_commit_link { "$name/hooks/pre-commit.d/no_root_commit": } |
245 |
|
246 |
if $syntax_check { |
247 |
$syntax_check_array = regsubst($syntax_check,'^',"$name/hooks/pre-commit.d/") |
248 |
pre_commit_link { $syntax_check_array: } |
249 |
} |
250 |
} |
251 |
|
252 |
|
253 |
class client { |
254 |
package { subversion: |
255 |
ensure => installed, |
256 |
} |
257 |
# svn spam log with |
258 |
# Oct 26 13:30:01 valstar svn: No worthy mechs found |
259 |
# without it, source http://mail-index.netbsd.org/pkgsrc-users/2008/11/23/msg008706.html |
260 |
# |
261 |
$sasl2_package = $architecture ? { |
262 |
x86_64 => "lib64sasl2-plug-anonymous", |
263 |
default => "libsasl2-plug-anonymous" |
264 |
} |
265 |
|
266 |
package {"$sasl2_package": |
267 |
ensure => "installed" |
268 |
} |
269 |
} |
270 |
|
271 |
define snapshot($source, $refresh = '*/5', $user = 'root') { |
272 |
|
273 |
include subversion::client |
274 |
|
275 |
exec { "/usr/bin/svn co $source $name": |
276 |
creates => $name, |
277 |
user => $user, |
278 |
require => Package['subversion'] |
279 |
} |
280 |
|
281 |
cron { "update $name": |
282 |
command => "cd $name && /usr/bin/svn update -q", |
283 |
user => $user, |
284 |
minute => $refresh, |
285 |
require => Exec["/usr/bin/svn co $source $name"], |
286 |
} |
287 |
} |
288 |
|
289 |
class mirror { |
290 |
include subversion::tools |
291 |
file { "/usr/local/bin/create_svn_mirror.sh": |
292 |
ensure => present, |
293 |
owner => root, |
294 |
group => root, |
295 |
mode => 755, |
296 |
content => template('subversion/create_svn_mirror.sh') |
297 |
} |
298 |
} |
299 |
|
300 |
define mirror_repository($source, |
301 |
$refresh = '*/5') { |
302 |
include subversion::mirror |
303 |
|
304 |
exec { "/usr/local/bin/create_svn_mirror.sh $name $source": |
305 |
creates => $name, |
306 |
require => Package['subversion-tools'] |
307 |
} |
308 |
|
309 |
cron { "update $name": |
310 |
command => "/usr/bin/svnsync synchronize -q file://$name", |
311 |
minute => $refresh, |
312 |
require => Exec["/usr/local/bin/create_svn_mirror.sh $name $source"], |
313 |
} |
314 |
} |
315 |
} |