1 |
# should be replaced by vcsrepo |
2 |
# https://github.com/reductivelabs/puppet-vcsrepo |
3 |
# but not integrated in puppet directly for the moment |
4 |
class subversion { |
5 |
|
6 |
class tools { |
7 |
package { "subversion-tools": |
8 |
ensure => installed, |
9 |
} |
10 |
} |
11 |
|
12 |
class server { |
13 |
include subversion::tools |
14 |
package { "subversion-server": |
15 |
ensure => installed, |
16 |
} |
17 |
|
18 |
$svn_base_path = '/svn/' |
19 |
|
20 |
xinetd::service { "svnserve": |
21 |
content => template('subversion/xinetd') |
22 |
} |
23 |
|
24 |
file { "$svn_base_path": |
25 |
ensure => directory |
26 |
owner => root, |
27 |
group => root, |
28 |
mode => 755, |
29 |
} |
30 |
|
31 |
package { ["perl-SVN-Notify-Config", "perl-SVN-Notify-Mirror"]: |
32 |
ensure => installed, |
33 |
} |
34 |
|
35 |
$local_dir = "/usr/local/share/subversion/" |
36 |
$local_dirs = ["$local_dir/pre-commit.d", "$local_dir/post-commit.d"] |
37 |
file { [$local_dir,$local_dirs]: |
38 |
owner => root, |
39 |
group => root, |
40 |
mode => 755, |
41 |
ensure => directory, |
42 |
} |
43 |
|
44 |
# workaround the lack of umask command in puppet < 2.7 |
45 |
file { "/usr/local/bin/create_svn_repo.sh": |
46 |
ensure => present, |
47 |
owner => root, |
48 |
group => root, |
49 |
mode => 755, |
50 |
content => template('subversion/create_svn_repo.sh') |
51 |
} |
52 |
|
53 |
file { "$local_dir/pre-commit.d/no_binary": |
54 |
ensure => present, |
55 |
owner => root, |
56 |
group => root, |
57 |
mode => 755, |
58 |
content => template('subversion/no_binary') |
59 |
} |
60 |
|
61 |
file { "$local_dir/pre-commit.d/no_root_commit": |
62 |
ensure => present, |
63 |
owner => root, |
64 |
group => root, |
65 |
mode => 755, |
66 |
content => template('subversion/no_root_commit') |
67 |
} |
68 |
|
69 |
file { "$local_dir/pre-commit.d/no_empty_message": |
70 |
ensure => present, |
71 |
owner => root, |
72 |
group => root, |
73 |
mode => 755, |
74 |
content => template('subversion/no_empty_message') |
75 |
} |
76 |
|
77 |
file { "$local_dir/pre-revprop-change": |
78 |
ensure => present, |
79 |
owner => root, |
80 |
group => root, |
81 |
mode => 755, |
82 |
content => template('subversion/pre-revprop-change') |
83 |
} |
84 |
|
85 |
# TODO : add check for |
86 |
# - ym perl -MYAML -e 'YAML::LoadFile("-");' |
87 |
# - tt ( do not seem to be possible, but this would be great ) |
88 |
# - php php -l |
89 |
# - python |
90 |
# - named named-checkzone/named-checkconf ( may requires some interaction with facter/erb ) |
91 |
# - po msgfmt -c |
92 |
# - openldap , like named |
93 |
|
94 |
define syntax_check($regexp_ext,$check_cmd) { |
95 |
file { "$local_dir/pre-commit.d/$name": |
96 |
ensure => present, |
97 |
owner => root, |
98 |
group => root, |
99 |
mode => 755, |
100 |
content => template('subversion/syntax_check.sh') |
101 |
} |
102 |
} |
103 |
|
104 |
|
105 |
syntax_check{"check_perl": |
106 |
regexp_ext => "\.p[lm]$", |
107 |
check_cmd => "perl -c" |
108 |
} |
109 |
|
110 |
syntax_check{"check_puppet": |
111 |
regexp_ext => "\.pp$", |
112 |
check_cmd => "puppet --color=false --confdir=/tmp --vardir=/tmp --parseonly --ignoreimport" |
113 |
} |
114 |
|
115 |
syntax_check{"check_ruby": |
116 |
regexp_ext => "\.rb$", |
117 |
check_cmd => "ruby -c" |
118 |
} |
119 |
|
120 |
syntax_check{"check_puppet_templates": |
121 |
regexp_ext => "modules/.*/templates/.*$", |
122 |
check_cmd => "erb -P -x -T - | ruby -c" |
123 |
} |
124 |
|
125 |
syntax_check{"check_po": |
126 |
regexp_ext => "\.po$", |
127 |
check_cmd => "msgfmt -c -" |
128 |
} |
129 |
|
130 |
syntax_check{"check_php": |
131 |
regexp_ext => "\.php$", |
132 |
check_cmd => "php -l" |
133 |
} |
134 |
|
135 |
} |
136 |
|
137 |
|
138 |
define pre_commit_link() { |
139 |
$scriptname = regsubst($name,'^.*/', '') |
140 |
file { "${name}": |
141 |
ensure => "/usr/local/share/subversion/pre-commit.d/$scriptname", |
142 |
owner => root, |
143 |
group => root, |
144 |
mode => 755, |
145 |
} |
146 |
} |
147 |
|
148 |
# TODO |
149 |
# deploy a cronjob to make a backup file ( ie, dump in some directory ) |
150 |
|
151 |
# documentation : |
152 |
# group : group that have commit access on the svn |
153 |
# public : boolean if the svn is readable by anybody or not |
154 |
# commit_mail : array of people who will receive mail after each commit |
155 |
# cia_post : send commits to cia.vc |
156 |
# cia_module : name of the module to send to cia.vc |
157 |
# cia_ignore_author : a regexp to ignore commits from some authors |
158 |
# no_binary : do not accept files with common binary extentions on this repository |
159 |
# restricted_to_user : restrict commits to select user |
160 |
# syntax_check : array of pre-commit script with syntax check to add |
161 |
# extract_dir : hash of directory to update upon commit ( with svn update ), |
162 |
# initial checkout is not handled, nor the permission |
163 |
# TODO, handle the tags ( see svn::notify::mirror ) |
164 |
|
165 |
define repository ($group = "svn", |
166 |
$public = true, |
167 |
$commit_mail = '', |
168 |
$i18n_mail = '', |
169 |
$cia_post = true, |
170 |
$cia_module = 'default', |
171 |
$cia_ignore_author = '', |
172 |
$no_binary = false, |
173 |
$restricted_to_user = false, |
174 |
$syntax_check = '', |
175 |
$extract_dir = '') { |
176 |
# check permissions |
177 |
# http://svnbook.red-bean.com/nightly/fr/svn.serverconfig.multimethod.html |
178 |
# $name ==> directory of the repo |
179 |
include subversion::server |
180 |
# TODO set umask -> requires puppet 2.7.0 |
181 |
# unfortunatly, umask is required |
182 |
# http://projects.puppetlabs.com/issues/4424 |
183 |
exec { "/usr/local/bin/create_svn_repo.sh $name": |
184 |
user => root, |
185 |
group => $group, |
186 |
creates => "$name/hooks", |
187 |
require => Package['subversion-tools'], |
188 |
} |
189 |
|
190 |
file { "$name": |
191 |
group => $group, |
192 |
owner => root, |
193 |
mode => $public ? { |
194 |
true => 644, |
195 |
false => 640 |
196 |
}, |
197 |
ensure => directory |
198 |
} |
199 |
|
200 |
file { ["$name/hooks/pre-commit","$name/hooks/post-commit"]: |
201 |
ensure => present, |
202 |
owner => root, |
203 |
group => root, |
204 |
mode => 755, |
205 |
content => template("subversion/hook_commit.sh"), |
206 |
require => Exec["/usr/local/bin/create_svn_repo.sh $name"], |
207 |
} |
208 |
|
209 |
file { ["$name/hooks/post-commit.d", "$name/hooks/pre-commit.d"]: |
210 |
ensure => directory, |
211 |
owner => root, |
212 |
group => root, |
213 |
mode => 755, |
214 |
require => File["$name/hooks/pre-commit"], |
215 |
} |
216 |
|
217 |
file { "$name/hooks/pre-revprop-change": |
218 |
ensure => "$subversion::server::local_dir/pre-revprop-change", |
219 |
owner => root, |
220 |
group => root, |
221 |
mode => 755, |
222 |
} |
223 |
|
224 |
if $restricted_to_user { |
225 |
file { "$name/hooks/pre-commit.d/restricted_to_user": |
226 |
ensure => present, |
227 |
owner => root, |
228 |
group => root, |
229 |
mode => 755, |
230 |
content => template("subversion/restricted_to_user"), |
231 |
} |
232 |
} else { |
233 |
file { "$name/hooks/pre-commit.d/restricted_to_user": |
234 |
ensure => absent, |
235 |
} |
236 |
} |
237 |
|
238 |
if $commit_mail { |
239 |
file { "$name/hooks/post-commit.d/send_mail": |
240 |
ensure => present, |
241 |
owner => root, |
242 |
group => root, |
243 |
mode => 755, |
244 |
content => template("subversion/hook_sendmail.pl"), |
245 |
require => [Package['perl-SVN-Notify-Config']], |
246 |
} |
247 |
} else { |
248 |
file { "$name/hooks/post-commit.d/send_mail": |
249 |
ensure => absent, |
250 |
} |
251 |
} |
252 |
|
253 |
if $cia_post { |
254 |
file { "$name/hooks/post-commit.d/cia.vc": |
255 |
ensure => present, |
256 |
owner => root, |
257 |
group => root, |
258 |
mode => 755, |
259 |
content => template("subversion/ciabot_svn.sh"), |
260 |
} |
261 |
|
262 |
} else { |
263 |
file { "$name/hooks/post-commit.d/cia.vc": |
264 |
ensure => absent, |
265 |
} |
266 |
} |
267 |
|
268 |
if $no_binary { |
269 |
pre_commit_link { "$name/hooks/pre-commit.d/no_binary": } |
270 |
} else { |
271 |
file { "$name/hooks/pre-commit.d/no_binary": |
272 |
ensure => absent, |
273 |
} |
274 |
} |
275 |
|
276 |
if $extract_dir { |
277 |
file { "$name/hooks/post-commit.d/extract_dir": |
278 |
ensure => present, |
279 |
owner => root, |
280 |
group => root, |
281 |
mode => 755, |
282 |
content => template("subversion/hook_extract.pl"), |
283 |
require => [Package['perl-SVN-Notify-Mirror']], |
284 |
} |
285 |
} else { |
286 |
file { "$name/hooks/post-commit.d/extract_dir": |
287 |
ensure => absent, |
288 |
} |
289 |
} |
290 |
|
291 |
pre_commit_link { "$name/hooks/pre-commit.d/no_empty_message": } |
292 |
|
293 |
pre_commit_link { "$name/hooks/pre-commit.d/no_root_commit": } |
294 |
|
295 |
if $syntax_check { |
296 |
$syntax_check_array = regsubst($syntax_check,'^',"$name/hooks/pre-commit.d/") |
297 |
pre_commit_link { $syntax_check_array: } |
298 |
} |
299 |
} |
300 |
|
301 |
|
302 |
class client { |
303 |
package { subversion: |
304 |
ensure => installed, |
305 |
} |
306 |
# svn spam log with |
307 |
# Oct 26 13:30:01 valstar svn: No worthy mechs found |
308 |
# without it, source http://mail-index.netbsd.org/pkgsrc-users/2008/11/23/msg008706.html |
309 |
# |
310 |
$sasl2_package = $architecture ? { |
311 |
x86_64 => "lib64sasl2-plug-anonymous", |
312 |
default => "libsasl2-plug-anonymous" |
313 |
} |
314 |
|
315 |
package {"$sasl2_package": |
316 |
ensure => "installed" |
317 |
} |
318 |
} |
319 |
|
320 |
define snapshot($source, $refresh = '*/5', $user = 'root') { |
321 |
|
322 |
include subversion::client |
323 |
|
324 |
exec { "/usr/bin/svn co $source $name": |
325 |
creates => $name, |
326 |
user => $user, |
327 |
require => Package['subversion'] |
328 |
} |
329 |
|
330 |
cron { "update $name": |
331 |
command => "cd $name && /usr/bin/svn update -q", |
332 |
user => $user, |
333 |
minute => $refresh, |
334 |
require => Exec["/usr/bin/svn co $source $name"], |
335 |
} |
336 |
} |
337 |
|
338 |
class mirror { |
339 |
include subversion::tools |
340 |
file { "/usr/local/bin/create_svn_mirror.sh": |
341 |
ensure => present, |
342 |
owner => root, |
343 |
group => root, |
344 |
mode => 755, |
345 |
content => template('subversion/create_svn_mirror.sh') |
346 |
} |
347 |
} |
348 |
|
349 |
define mirror_repository($source, |
350 |
$refresh = '*/5') { |
351 |
include subversion::mirror |
352 |
|
353 |
exec { "/usr/local/bin/create_svn_mirror.sh $name $source": |
354 |
creates => $name, |
355 |
require => Package['subversion-tools'] |
356 |
} |
357 |
|
358 |
cron { "update $name": |
359 |
command => "/usr/bin/svnsync synchronize -q file://$name", |
360 |
minute => $refresh, |
361 |
require => Exec["/usr/local/bin/create_svn_mirror.sh $name $source"], |
362 |
} |
363 |
} |
364 |
} |