Commit graph

997 commits

Author SHA1 Message Date
Darko Poljak
49bb041330
Merge pull request #696 from thriqon/shellcheck-party-SC2086
Fix SC2086 on all scripts
2018-10-05 10:26:53 +02:00
Darko Poljak
c01cf38660 Fix SC2164 2018-10-04 23:10:42 +02:00
Darko Poljak
68b6477fe3
Merge pull request #705 from thriqon/shellcheck-party-various
Fix various shellcheck issues (SC2215, SC2059, SC2155, SC2091)
2018-10-04 22:39:05 +02:00
Darko Poljak
f0fb5215e8
Merge pull request #700 from thriqon/shellcheck-party-SC2034
Remove unused variables (SC2034)
2018-10-04 22:35:08 +02:00
Jonas Weber
34b571b7d9 Fix SC2091 (execute result of condition)
For some reason, the echo|grep pattern was enclosed four times in a $()
operation. Nothing happened, since grep is always invoked with -q
(quiet, nothing printed to stdout).
2018-10-04 22:23:48 +02:00
Jonas Weber
bcd7fbbcc4 Fix SC2155 (directly export computed variables) 2018-10-04 22:23:48 +02:00
Jonas Weber
a0db375f91 Disable SC2059 (printf injection) for staged_file
We're explicitly allowing for 'printf injection' here, so it's ok to
just disable the corresponding shellcheck check.
2018-10-04 22:23:38 +02:00
Jonas Weber
a6fdf4255a Fix SC2069 (wrong stdout/stderr redirect order)
In the original order, stderr was connected to the old stdout
(terminal). This was _probably_ not intended. The new order fixes this
by first connecting stdout to /dev/null and then attaching stderr to
that as well.
2018-10-04 22:04:24 +02:00
Jonas Weber
e2593c0dcb Fix SC2215 (missing brackets on if)
This might have never worked as intended, but how would you know?
2018-10-04 22:03:52 +02:00
Jonas Weber
fff656d1ac Unquote $recursive to support empty-case
This is safe to do, as the value of $recursive is not dependent on
user-supplied code.
2018-10-04 19:45:26 +02:00
Jonas Weber
53728a7ff0 Change backslash-dquote to single quote
Slightly breaking change, but improves security and readability.
2018-10-04 19:45:26 +02:00
Jonas Weber
ae7ccc5995 Fix SC2086 on all scripts
Relevant documentation: https://github.com/koalaman/shellcheck/wiki/SC2086

relates to: #540

This commit addresses 241 separate cases of missing quotes around
variables.
2018-10-04 19:45:22 +02:00
Jonas Weber
23debd5b6f Use cur_ip in jail for freebsd 2018-10-04 19:22:28 +02:00
Jonas Weber
352679386d Drop unused options parameter in __install_reboot 2018-10-04 19:22:28 +02:00
Jonas Weber
b3f4d3849a Fix __install_umount target parameter 2018-10-04 19:22:28 +02:00
Jonas Weber
6b0f8fba22 Remove unused variables (almost, found bugs?)
Solves SC2034

references #540.
2018-10-04 19:22:28 +02:00
085b2a2b10 remove set -e on explorers (they should be able to fail gracefully) 2018-10-04 17:38:39 +02:00
a46da35bbc fix SC2148 (missing shebang) and make executable 2018-10-04 17:38:38 +02:00
d950ddada3 fix SC2045 (use globs instead of ls) 2018-10-04 16:01:45 +02:00
134c84607f fix another SC2166 (test [ .. -a.. ] replaced by [ .. ] && ]) 2018-10-04 12:28:59 +02:00
Darko Poljak
e1b62ec560
Merge pull request #699 from darko-poljak/SC2039
Fix SC2039
2018-10-04 09:08:23 +02:00
Darko Poljak
8ef2773c0d Fix SC2039 2018-10-03 14:32:39 +02:00
Darko Poljak
44acfcdd12 Fix SC2002 2018-10-03 14:12:07 +02:00
Darko Poljak
e69be05f70
Merge pull request #694 from darko-poljak/SC2005
Fix SC2005
2018-10-02 21:49:45 +02:00
Darko Poljak
d29534861b
Merge pull request #695 from darko-poljak/SC2004
Fix SC2004
2018-10-02 21:49:01 +02:00
Darko Poljak
0928708d19 Fix SC2004 2018-10-02 20:34:54 +02:00
Darko Poljak
5ed95ce93b Fix SC2005 2018-10-02 20:22:44 +02:00
Jonas Weber
6326eae1bb Fix SC2166 on all manfest/gencode/explorers 2018-10-01 22:13:24 +02:00
Jonas Weber
b3f3b907a4 Quote aptget command and params, simplify explorer 2018-09-12 11:36:11 +02:00
Jonas Weber
346f1f8af3 Send messages when installing packages via __package_apt 2018-09-12 11:36:06 +02:00
Adam Dej
2e653409c1 Update __docker type
- Update installation method, following official installation
instructions.
  - docker-engine was renamed to Docker CE around March 2017. Update
manpage to reflect that change.
  - Remove flag `--experimental` since it is no longer necessary to install a
different binary to get experimental features. Experimental features are
included in the stable binary and can be enabled by a flag or in a
config file.
2018-09-07 11:38:49 +02:00
Adam Dej
c2f8c7abb3 Add explorer for info in /etc/os-release 2018-09-07 11:38:49 +02:00
Darko Poljak
a627247908 Check if certbot exists before using it. Fixes #685. 2018-09-01 23:27:58 +02:00
Stu Zhao
ad46c39c86
Merge branch 'master' into master 2018-08-30 15:56:19 -07:00
Darko Poljak
93d877f5bf Add nonparallel marker for __apt_source type. 2018-08-30 20:22:51 +02:00
Stu Zhao
f143a70463 Support pacman with --maxage parameter 2018-08-29 11:31:31 -07:00
Stu Zhao
b12c02138d Refactor __package_update_index explorers
* add an type explorer to unify detecting of package type.
* update currage use the type explorer, so if os and passed in type
does not match, it behaves correctly.
2018-08-29 00:22:28 -07:00
Stu Zhao
2f89d8a514 Fix __package_update_index processing error
exit 1 in explorer will abort cdist.
2018-08-29 00:22:28 -07:00
Dominique Roux
f04f76524c Bugfix:
- __grafana_dashboard had the wrong release name for devuan ascii
2018-07-22 18:35:30 +02:00
Adam Dej
43982f821f __systemd_unit: add support for masking units 2018-07-11 16:22:36 +02:00
Adam Dej
37b37f6e66 __systemd_unit: fix crash when transitioning to state=absent
This type tried to disable an unit after it has removed it, which
failed. Now the removal happens in gencode-remote, after the unit has
been stopped and disabled.
2018-07-11 16:22:36 +02:00
Adam Dej
8d84834db6 __systemd_unit: manpage clarifications
Clarify that this type only operates on units in /etc/systemd/system.
Also, when state=present, it is not always true that the type is
"installed, enabled and started"
2018-07-11 16:16:08 +02:00
Darko Poljak
6c8014b407 __letsencrypt_cert: add support for devuan ascii 2018-06-22 14:09:31 +02:00
Jonas Weber
4eaace7dd5 Handle missing file in __line explorer gracefully
closes #675
2018-06-20 11:14:25 +02:00
Darko Poljak
ec8f2f9488 Fix temp file location and removal 2018-06-20 08:29:41 +02:00
Darko Poljak
f75af95bda
Merge pull request #663 from asteven/type/__line
RFC: rewrite __line type for --before and --after support
2018-06-16 10:51:33 +02:00
Darko Poljak
9d4c0331a9 __sysctl: support sysctl.d 2018-06-16 07:42:43 +02:00
d7a1645e4e __acl: fix os explorer 2018-06-11 11:21:07 +03:00
90adefe2e4 add __acl: Basic wrapper around setfacl 2018-06-08 15:06:35 +03:00
Steven Armstrong
4516ee0baa position can not be empty
Signed-off-by: Steven Armstrong <steven@icarus.ethz.ch>
2018-06-01 15:27:40 +02:00
Darko Poljak
efebe15386 Fix __letsencrypt_cert type: use object id as domain if domain param is not specified 2018-05-30 19:38:56 +02:00
Darko Poljak
98ceebe386
Merge pull request #667 from aluuu/master
Fix __package_yum explorer
2018-05-28 08:05:59 +02:00
Nico Schottelius
709c216096 [__consul_agent] Add LSB header so that innserv doe not fail 2018-05-27 19:07:57 +02:00
Alexander Dinu
b3a4152e00 Fix __package_yum explorer
Why:

In case when name contains package name with exact version specified (e.g. rpm-build-4.11.3)
```
rpm -q --whatprovides "$pkg_name"
```

will tell you that no package could provide you with 'rpm-build-4.11.3',
because it's not virtual or file-provide, but exact package name.

This will lead to the installation of the package which was already installed.
It slows down manifest execution a lot.

My change will keep previous behaviour which relies on --whatprovides and
will fix wrong behaviour when argument is full package name with version.
2018-05-27 17:20:55 +02:00
e7e8f1428a Add new type __install_coreos 2018-05-21 11:10:54 +02:00
Steven Armstrong
fb26894cbd when searching treat line as string, and regex as regexp
Signed-off-by: Steven Armstrong <steven@icarus.ethz.ch>
2018-05-18 16:57:34 +02:00
Steven Armstrong
a3968f8313 rewrite __line type for --before and --after support
Signed-off-by: Steven Armstrong <steven@icarus.ethz.ch>
2018-05-18 01:25:35 +02:00
22d570ae60 Rewrite __letsencrypt_cert type
This commit adds the following features:

 * Ability to expand existing certificate
 * Ability to manage object state
 * Ability to obtain test certificate
 * Ability to promote test certificate to production
 * Ability to specify custom certificate name
 * Ability to specify multiple domains per certificate
 * Ability to use Certbot in standalone mode
 * Messaging

This commit also introduces the following behavioral changes:

 * Attempt to install Certbot only when it is not installed
   already
 * Installation of the cron job has to be enabled using
   `--automatic-renewal` parameter

**Note:** Object ID is now treated as certificate name and new
required parameter `--domain` was added.
2018-05-08 10:49:49 +02:00
Darko Poljak
543bc8fed9
Merge pull request #660 from devinsolutions/docker-secret
__docker_secret: Set executable flag on scripts
2018-05-04 17:08:10 +02:00
fdb5bbcf91 __docker_secret: Set executable flag on scripts 2018-05-04 16:47:09 +02:00
1efbd6a3a0 __docker_config: Fix config-data explorer
Before this fix, the explorer returned binary data when config did
not exist.

This commit also removes dependency on jq and sets executable flag
on the explorer file.
2018-05-04 16:42:47 +02:00
Darko Poljak
3ddd46e489
Merge pull request #658 from devinsolutions/docker-secret
Add new type __docker_secret
2018-05-02 08:36:17 +02:00
5a7d74b905 Add new type __docker_secret 2018-04-30 17:59:31 +02:00
4f61f6be9c Add new type __docker_config 2018-04-30 17:58:10 +02:00
aa20ed5ea1 __docker_stack: Use --with-registry-auth deploy option
Without this option, Swarm agents are unable to download images from
private registries.
2018-04-29 13:05:50 +02:00
Steven Armstrong
999f221c88 need a way to distinguish between install-config and normal config
Signed-off-by: Steven Armstrong <steven@icarus.ethz.ch>
2018-04-05 10:32:33 +02:00
b695e82bec FreeBSD improvements (#651) 2018-03-26 08:53:31 +02:00
958222133b Fix spelling errors in manpages 2018-03-19 15:16:37 +01:00
Darko Poljak
ef13449687 Fix sphinx warnings. 2018-03-15 18:01:23 +01:00
Darko Poljak
fa32bd865b
Merge pull request #650 from devinsolutions/type-docker-stack
Add new type __docker_stack
2018-03-13 18:50:14 +01:00
7184228536 Add new type __docker_stack 2018-03-13 15:55:54 +01:00
8b86c6fc95 Add new type __docker_swarm 2018-03-13 15:54:47 +01:00
Darko Poljak
1bb9da233e
Merge pull request #647 from ungleich/new-prometheus
New __prometheus_server, __prometheus_alertmanager, __grafana_dashboard
2018-03-11 21:11:54 +01:00
f03a0e586e __prometheus_{server,alertmanager}: restart when cli parameters change 2018-03-11 20:47:01 +01:00
f9443532a1 __key_value: --onchange parameter added (#648) 2018-03-11 18:01:38 +01:00
e63c3429da __prometheus_{server,alertmanager}: update man pages 2018-03-11 11:07:59 +01:00
787f5237e5 __prometheus_{server,alertmanager}: use os_version instead of lsb_release
works without the `lsb-release` package and actually seems to be more reliable, even though it is inconsistent between debian and devuan
2018-03-11 10:55:24 +01:00
7ae24cf677 __grafana_dashboard: cleanup 2018-03-11 10:52:25 +01:00
34aefbc0f6 __prometheus_{server,alertmanager}: new man pages 2018-03-11 01:35:16 +01:00
ee6d63325d new __prometheus_alertmanager; fixes to __prometheus_server 2018-03-11 01:28:26 +01:00
8a488591bb __prometheus_server: switch to packages; assume prometheus 2.x 2018-03-11 00:47:33 +01:00
Nico Schottelius
54ca7b40c7 Update consul agent init script so that it works again on Devuan
Error before:

---- BEGIN code-remote:stderr ----
insserv: warning: script 'consul' missing LSB tags and overrides
insserv: There is a loop between service monit and consul if stopped
insserv:  loop involving service consul at depth 2
insserv:  loop involving service monit at depth 1
insserv: Stopping consul depends on monit and therefore on system facility `$all' which can not be true!
insserv: exiting now without changing boot order!
update-rc.d: error: insserv rejected the script header
2018-03-06 22:33:10 +01:00
Nico Schottelius
bfe8b8fa57 Support stretch + ascii in __grafana_dashboard 2018-03-06 20:52:55 +01:00
Darko Poljak
bc94c01c49 Amend __file man. 2018-03-06 07:39:50 +01:00
a9a359d542 Add pre-exists state to __file (#641)
This allows checking whether a file exists, but erroring out instead of
creating the file if it does not (or is not a regular file).
2018-03-06 07:33:22 +01:00
b8ed816af4 Add __apt_default_release type (#643) 2018-03-05 12:40:11 +01:00
Darko Poljak
b870b6e43a bugfix: __consul fails if consul is already running #633 2018-02-25 09:51:51 +01:00
Darko Poljak
ef7304499a
Merge pull request #629 from tom-ee/feature/improve__package_dpkg
add `--state`-parameter and messaging to __package_dpkg
2018-02-21 21:19:07 +01:00
a5dc6214e1 dpkg {-r|-P} needs the package-, not the filename 2018-02-21 15:01:08 +01:00
3208ab614e review notes (duplicate boolean section, comma separate "see also" items) 2018-02-21 11:16:23 +01:00
Darko Poljak
526e1c9a6d
Merge pull request #628 from tom-ee/bugfix/messaging__package_update_index
fix messaging for __package_update_index
2018-02-21 10:03:58 +01:00
Darko Poljak
1f93e7291e Fix consul message and document messaging. 2018-02-21 10:00:25 +01:00
a545b10538 add --state-parameter and messaging to __package_dpkg
- `--state` allows to remove a deb-package, if `--purge-if-absent` is
  specified the package is purged instead of "only" removed
- messaging was added
- man-page updated accordingly
2018-02-20 16:46:26 +01:00
94c9d11cb8 fix messaging for __package_update_index
The message was printed unconditionally, even if no `apt-get update` had
been running.
2018-02-20 10:20:54 +01:00
Darko Poljak
c0dc26a577 Fix consul message. 2018-02-15 22:03:28 +01:00
Darko Poljak
48a0fb5bd0 Add message when adding consule directly on target. 2018-02-15 21:34:54 +01:00
Darko Poljak
9a832d88b5
Add option for directly downloading on target host. 2018-02-15 15:45:31 +01:00
Darko Poljak
0074bb0564 Fix minor docs formatting. 2018-02-14 20:07:44 +01:00
Darko Poljak
eb94d7a8bb
Remove update index type dep, call update index after adding new source. (#623) 2018-02-12 12:13:38 +01:00
Darko Poljak
47399bfa9f Add --renew-hook param to letsencrypt_cert type. 2018-02-05 13:57:53 +01:00