Compare commits
211 Commits
Author | SHA1 | Date |
---|---|---|
Darko Poljak | 067d0a62e7 | |
Darko Poljak | 65b9e1d00f | |
poljakowski | 61ce1c4756 | |
lubo | 451dfaffe4 | |
Nico Schottelius | 6c780c24c7 | |
Nico Schottelius | a86893889b | |
Nico Schottelius | 5033f67d96 | |
Nico Schottelius | 7182de5968 | |
Nico Schottelius | c0aa2214aa | |
Darko Poljak | 2f7dc5a65d | |
Darko Poljak | c6b739b5b6 | |
poljakowski | b9303b1ef6 | |
Dominique Roux | 031d59c82c | |
Darko Poljak | f7efde0d0a | |
poljakowski | 9773fcf719 | |
Dominique Roux | a70d2e0af5 | |
Dominique Roux | 6bb58f8820 | |
Darko Poljak | 5c11c15ae4 | |
Darko Poljak | 6915d30015 | |
Darko Poljak | 8881ff2224 | |
poljakowski | b4f090fd7f | |
ander | a4bc051ad9 | |
ander | a5df0badaf | |
ander | 91a6ecc701 | |
Darko Poljak | d723f60673 | |
poljakowski | 175ab90a9e | |
Darko Poljak | 3cb4e76175 | |
Darko Poljak | 55ba49efac | |
Darko Poljak | 8315677ad1 | |
poljakowski | 3c8b470367 | |
Darko Poljak | 68837e45cc | |
Darko Poljak | 520cfeda98 | |
poljakowski | bd27d432b1 | |
poljakowski | 811ed151fc | |
ander | 1d57305d35 | |
Darko Poljak | c58ae44409 | |
poljakowski | 1f7d76ae75 | |
Darko Poljak | 4949af894e | |
poljakowski | ea291efbf6 | |
Darko Poljak | 34eec3c214 | |
ander | e30d76014a | |
ander | 02e10b1ffd | |
ander | 03f8c3aaed | |
Nico Schottelius | 21a16f5584 | |
Darko Poljak | 4a5425a95e | |
Darko Poljak | d604a9db7a | |
Darko Poljak | 7195b594f3 | |
poljakowski | f376eb361f | |
ander | 69622b0fa5 | |
Nico Schottelius | fe643b9092 | |
Nico Schottelius | ce52203ba3 | |
Nico Schottelius | 5f462d6380 | |
ander | 7a25ec00ed | |
ander | 7dfc5bc473 | |
ander | ca8bc959ed | |
Nico Schottelius | 569ae29955 | |
Darko Poljak | 66cdbc5233 | |
Darko Poljak | afa00a9094 | |
Darko Poljak | a8ee4356ef | |
Darko Poljak | 15f01149f9 | |
Darko Poljak | 73fd1ffbc1 | |
poljakowski | 5ceb4928c7 | |
Darko Poljak | 4f40c6ac65 | |
Darko Poljak | d696a55879 | |
poljakowski | fb52bfb353 | |
Darko Poljak | 02eb6c75a7 | |
Darko Poljak | 28082c710a | |
Darko Poljak | 735f57b3a0 | |
Darko Poljak | 4d75a05e35 | |
Darko Poljak | aad6c34178 | |
Darko Poljak | 10a29ca9e6 | |
poljakowski | 954663475a | |
Darko Poljak | 513fde1cc1 | |
Darko Poljak | d242f1e758 | |
Darko Poljak | 2f93320627 | |
Darko Poljak | 249ac917d3 | |
Darko Poljak | 0ab43e2405 | |
Darko Poljak | bd9884fac4 | |
Darko Poljak | 71945ef956 | |
Darko Poljak | fe833fdfcb | |
Darko Poljak | 6258e397ed | |
Darko Poljak | 2a0a24eccc | |
poljakowski | de1c198dc0 | |
Darko Poljak | edfaa65d2b | |
Darko Poljak | 2505023387 | |
Darko Poljak | 6ad261fdf2 | |
Darko Poljak | 8b93bf0218 | |
Darko Poljak | 3ca337dfe0 | |
Darko Poljak | 880f653ec2 | |
Darko Poljak | 5b20950045 | |
Darko Poljak | 281691cfd9 | |
Takashi Yoshi | f7ace88ec2 | |
Takashi Yoshi | 6dd5278ade | |
Takashi Yoshi | 510ea220f2 | |
ander | 4c21983698 | |
ander | f586937614 | |
ander | d66b6969f3 | |
ander | 894311a572 | |
Darko Poljak | 31b9859e08 | |
Dmitry Bogatov | a95d4ffefa | |
Darko Poljak | 2536cd6f95 | |
Darko Poljak | 7c0ba0d5be | |
Darko Poljak | 6bd34c74d3 | |
Darko Poljak | e516c9741a | |
Darko Poljak | 7ca66b7b6a | |
Darko Poljak | c2d32a78a9 | |
Darko Poljak | 5314f514c5 | |
Darko Poljak | a8588019ee | |
Darko Poljak | 84c4bf5577 | |
Darko Poljak | b0273af0d4 | |
Darko Poljak | c10074780e | |
Darko Poljak | d08ab628da | |
Darko Poljak | c8bf78d651 | |
ander | 038524ba30 | |
ander | e3a900c1c9 | |
Darko Poljak | 087066687c | |
Darko Poljak | b5bdb54b7f | |
Darko Poljak | 250f3d3fb8 | |
Darko Poljak | 3b3ac95ac3 | |
Darko Poljak | f8d36446db | |
ander | ab3544d5e8 | |
Darko Poljak | 69fc80ec95 | |
Darko Poljak | e32982a648 | |
ander | 108e46abee | |
ander | 186ce77bb2 | |
ander | c7e6109462 | |
ander | 05225352aa | |
ander | 6d71ae342a | |
ander | 13df0a2a2b | |
ander | 8729e39c21 | |
ander | 86f45db1b9 | |
ander | 0f3c162696 | |
ander | 0809d89836 | |
ander | f5d3196dd4 | |
Darko Poljak | 82f310f4f8 | |
Darko Poljak | 3defdfa8df | |
Nico Schottelius | aba1ae68f0 | |
ander | 68f61c35ff | |
ander | f23099218a | |
ander | 7924c1339c | |
ander | 8b3c84dfef | |
ander | a1634b3ec0 | |
ander | c1a34caba7 | |
ander | e04d647d8e | |
ander | 53c963b2ee | |
ander | 8b9b2c56ab | |
ander | cea639d1c9 | |
ander | 731986ef8b | |
ander | 9e3cd47b9a | |
ander | 2b5887bdbd | |
ander | ab954ffbcf | |
ander | ef8ff06b5f | |
ander | d71eb3d8bd | |
ander | 2cde09648c | |
Darko Poljak | e997e98a73 | |
Darko Poljak | c7a4ae112f | |
Dimitrios Apostolou | 437af3a0a3 | |
Nico Schottelius | 63d7499b75 | |
Nico Schottelius | 1722fced72 | |
Nico Schottelius | a1cb9ee869 | |
Nico Schottelius | e290733a00 | |
Nico Schottelius | f4db6e908e | |
Nico Schottelius | c801fb4965 | |
Dimitrios Apostolou | 6062e3557c | |
Dimitrios Apostolou | 45e9ed441e | |
Nico Schottelius | 978aee668c | |
Nico Schottelius | ec935353d7 | |
Nico Schottelius | dbf29c18c1 | |
Nico Schottelius | 707426d1f0 | |
Nico Schottelius | e32d92c109 | |
Nico Schottelius | c7a9e60de0 | |
Nico Schottelius | c17f5a7ccd | |
Nico Schottelius | 3a2041019b | |
Darko Poljak | 797522f91e | |
Darko Poljak | d18584b4ff | |
Darko Poljak | 51e650423e | |
Darko Poljak | b37b25f573 | |
Darko Poljak | 4d9a8d78f7 | |
Darko Poljak | b21b6d0a7e | |
ander | 44c9d09383 | |
Darko Poljak | 4c8037764a | |
Ander Punnar | 1c152f0acb | |
Darko Poljak | 20a16fe853 | |
Darko Poljak | 279aada5db | |
Darko Poljak | a4ed9e4d0e | |
Darko Poljak | 2ec553b480 | |
Darko Poljak | 7a68df48f1 | |
Darko Poljak | d11ac7dda4 | |
Darko Poljak | 540434557d | |
Darko Poljak | e37d955845 | |
ander | 204a572709 | |
Darko Poljak | 13671c666c | |
Darko Poljak | 1ba5f6276e | |
Mark Polyakov | 0ce96f0860 | |
Darko Poljak | e90e296266 | |
Darko Poljak | 671bb82a46 | |
Darko Poljak | f6b318bb00 | |
Darko Poljak | 8ee667f57f | |
Darko Poljak | 1402e3f084 | |
Darko Poljak | 9cd95f12dc | |
Darko Poljak | cabb0be7b6 | |
Steven Armstrong | 88513e6693 | |
Darko Poljak | 0583cdff09 | |
Darko Poljak | b47c6e3fe4 | |
Darko Poljak | a5e66bc3f6 | |
Darko Poljak | 6e56de4580 | |
ander | decd80bf5d | |
ander | da6a22c71a | |
Darko Poljak | 033e0611b5 | |
Darko Poljak | cfe2afc225 | |
ander | 668dc83632 |
|
@ -4,3 +4,5 @@
|
|||
docs/speeches export-ignore
|
||||
docs/video export-ignore
|
||||
docs/src/man7 export-ignore
|
||||
bin/build-helper export-ignore
|
||||
README-maintainers export-ignore
|
||||
|
|
|
@ -12,6 +12,7 @@ Session.vim
|
|||
# Temporary
|
||||
.netrwhist
|
||||
*~
|
||||
*.tmp
|
||||
# Auto-generated tag files
|
||||
tags
|
||||
# Persistent undo
|
||||
|
@ -43,6 +44,7 @@ _build/
|
|||
docs/dist
|
||||
|
||||
# Ignore temp files used for signing
|
||||
cdist-*.tar
|
||||
cdist-*.tar.gz
|
||||
cdist-*.tar.gz.asc
|
||||
|
||||
|
|
216
Makefile
216
Makefile
|
@ -18,36 +18,30 @@
|
|||
#
|
||||
#
|
||||
|
||||
helper=./bin/build-helper
|
||||
.PHONY: help
|
||||
help:
|
||||
@echo "Please use \`make <target>' where <target> is one of"
|
||||
@echo "man build only man user documentation"
|
||||
@echo "html build only html user documentation"
|
||||
@echo "docs build both man and html user documentation"
|
||||
@echo "dotman build man pages for types in your ~/.cdist directory"
|
||||
@echo "speeches build speeches pdf files"
|
||||
@echo "install install in the system site-packages directory"
|
||||
@echo "install-user install in the user site-packages directory"
|
||||
@echo "docs-clean clean documentation"
|
||||
@echo "clean clean"
|
||||
|
||||
DOCS_SRC_DIR=docs/src
|
||||
SPEECHDIR=docs/speeches
|
||||
TYPEDIR=cdist/conf/type
|
||||
|
||||
WEBSRCDIR=docs/web
|
||||
|
||||
WEBDIR=$$HOME/vcs/www.nico.schottelius.org
|
||||
WEBBLOG=$(WEBDIR)/blog
|
||||
WEBBASE=$(WEBDIR)/software/cdist
|
||||
WEBPAGE=$(WEBBASE).mdwn
|
||||
|
||||
CHANGELOG_VERSION=$(shell $(helper) changelog-version)
|
||||
CHANGELOG_FILE=docs/changelog
|
||||
|
||||
PYTHON_VERSION=cdist/version.py
|
||||
DOCS_SRC_DIR=./docs/src
|
||||
SPEECHDIR=./docs/speeches
|
||||
TYPEDIR=./cdist/conf/type
|
||||
|
||||
SPHINXM=make -C $(DOCS_SRC_DIR) man
|
||||
SPHINXH=make -C $(DOCS_SRC_DIR) html
|
||||
SPHINXC=make -C $(DOCS_SRC_DIR) clean
|
||||
|
||||
SHELLCHECKCMD=shellcheck -s sh -f gcc -x
|
||||
# Skip SC2154 for variables starting with __ since such variables are cdist
|
||||
# environment variables.
|
||||
SHELLCHECK_SKIP=grep -v ': __.*is referenced but not assigned.*\[SC2154\]'
|
||||
################################################################################
|
||||
# Manpages
|
||||
#
|
||||
MAN1DSTDIR=$(DOCS_SRC_DIR)/man1
|
||||
MAN7DSTDIR=$(DOCS_SRC_DIR)/man7
|
||||
|
||||
# Manpages #1: Types
|
||||
|
@ -69,11 +63,16 @@ DOCSREFSH=$(DOCS_SRC_DIR)/cdist-reference.rst.sh
|
|||
$(DOCSREF): $(DOCSREFSH)
|
||||
$(DOCSREFSH)
|
||||
|
||||
version:
|
||||
@[ -f "cdist/version.py" ] || { \
|
||||
printf "Missing 'cdist/version.py', please generate it first.\n" && exit 1; \
|
||||
}
|
||||
|
||||
# Manpages #3: generic part
|
||||
man: $(MANTYPES) $(DOCSREF) $(PYTHON_VERSION)
|
||||
man: version $(MANTYPES) $(DOCSREF)
|
||||
$(SPHINXM)
|
||||
|
||||
html: $(MANTYPES) $(DOCSREF) $(PYTHON_VERSION)
|
||||
html: version $(MANTYPES) $(DOCSREF)
|
||||
$(SPHINXH)
|
||||
|
||||
docs: man html
|
||||
|
@ -81,24 +80,6 @@ docs: man html
|
|||
docs-clean:
|
||||
$(SPHINXC)
|
||||
|
||||
# Manpages #5: release part
|
||||
MANWEBDIR=$(WEBBASE)/man/$(CHANGELOG_VERSION)
|
||||
HTMLBUILDDIR=docs/dist/html
|
||||
|
||||
docs-dist: html
|
||||
rm -rf "${MANWEBDIR}"
|
||||
mkdir -p "${MANWEBDIR}"
|
||||
# mkdir -p "${MANWEBDIR}/man1" "${MANWEBDIR}/man7"
|
||||
# cp ${MAN1DSTDIR}/*.html ${MAN1DSTDIR}/*.css ${MANWEBDIR}/man1
|
||||
# cp ${MAN7DSTDIR}/*.html ${MAN7DSTDIR}/*.css ${MANWEBDIR}/man7
|
||||
cp -R ${HTMLBUILDDIR}/* ${MANWEBDIR}
|
||||
cd ${MANWEBDIR} && git add . && git commit -m "cdist manpages update: $(CHANGELOG_VERSION)" || true
|
||||
|
||||
man-latest-link: web-pub
|
||||
# Fix ikiwiki, which does not like symlinks for pseudo security
|
||||
ssh staticweb.ungleich.ch \
|
||||
"cd /home/services/www/nico/nico.schottelius.org/www/software/cdist/man/ && rm -f latest && ln -sf "$(CHANGELOG_VERSION)" latest"
|
||||
|
||||
# Manpages: .cdist Types
|
||||
DOT_CDIST_PATH=${HOME}/.cdist
|
||||
DOTMAN7DSTDIR=$(MAN7DSTDIR)
|
||||
|
@ -111,8 +92,7 @@ DOTMANTYPES=$(subst /man.rst,.rst,$(DOTMANTYPEPREFIX))
|
|||
$(DOTMAN7DSTDIR)/cdist-type%.rst: $(DOTTYPEDIR)/%/man.rst
|
||||
ln -sf "$^" $@
|
||||
|
||||
# Manpages #3: generic part
|
||||
dotman: $(DOTMANTYPES)
|
||||
dotman: version $(DOTMANTYPES)
|
||||
$(SPHINXM)
|
||||
|
||||
################################################################################
|
||||
|
@ -120,7 +100,6 @@ dotman: $(DOTMANTYPES)
|
|||
#
|
||||
SPEECHESOURCES=$(SPEECHDIR)/*.tex
|
||||
SPEECHES=$(SPEECHESOURCES:.tex=.pdf)
|
||||
SPEECHESWEBDIR=$(WEBBASE)/speeches
|
||||
|
||||
# Create speeches and ensure Toc is up-to-date
|
||||
$(SPEECHDIR)/%.pdf: $(SPEECHDIR)/%.tex
|
||||
|
@ -130,157 +109,26 @@ $(SPEECHDIR)/%.pdf: $(SPEECHDIR)/%.tex
|
|||
|
||||
speeches: $(SPEECHES)
|
||||
|
||||
speeches-dist: speeches
|
||||
rm -rf "${SPEECHESWEBDIR}"
|
||||
mkdir -p "${SPEECHESWEBDIR}"
|
||||
cp ${SPEECHES} "${SPEECHESWEBDIR}"
|
||||
cd ${SPEECHESWEBDIR} && git add . && git commit -m "cdist speeches updated" || true
|
||||
|
||||
################################################################################
|
||||
# Website
|
||||
# Misc
|
||||
#
|
||||
|
||||
BLOGFILE=$(WEBBLOG)/cdist-$(CHANGELOG_VERSION)-released.mdwn
|
||||
|
||||
$(BLOGFILE): $(CHANGELOG_FILE)
|
||||
$(helper) blog $(CHANGELOG_VERSION) $(BLOGFILE)
|
||||
|
||||
web-blog: $(BLOGFILE)
|
||||
|
||||
web-doc:
|
||||
# Go to top level, because of cdist.mdwn
|
||||
rsync -av "$(WEBSRCDIR)/" "${WEBBASE}/.."
|
||||
cd "${WEBBASE}/.." && git add cdist* && git commit -m "cdist doc update" cdist* || true
|
||||
|
||||
web-dist: web-blog web-doc
|
||||
|
||||
web-pub: web-dist docs-dist speeches-dist
|
||||
cd "${WEBDIR}" && make pub
|
||||
|
||||
web-release-all: man-latest-link
|
||||
web-release-all-no-latest: web-pub
|
||||
|
||||
################################################################################
|
||||
# Release: Mailinglist
|
||||
#
|
||||
ML_FILE=.lock-ml
|
||||
|
||||
# Only send mail once - lock until new changelog things happened
|
||||
$(ML_FILE): $(CHANGELOG_FILE)
|
||||
$(helper) ml-release $(CHANGELOG_VERSION)
|
||||
touch $@
|
||||
|
||||
ml-release: $(ML_FILE)
|
||||
|
||||
|
||||
################################################################################
|
||||
# pypi
|
||||
#
|
||||
PYPI_FILE=.pypi-release
|
||||
$(PYPI_FILE): man $(PYTHON_VERSION)
|
||||
python3 setup.py sdist upload
|
||||
touch $@
|
||||
|
||||
pypi-release: $(PYPI_FILE)
|
||||
################################################################################
|
||||
# archlinux
|
||||
#
|
||||
ARCHLINUX_FILE=.lock-archlinux
|
||||
ARCHLINUXTAR=cdist-$(CHANGELOG_VERSION)-1.src.tar.gz
|
||||
|
||||
$(ARCHLINUXTAR): PKGBUILD
|
||||
umask 022; mkaurball
|
||||
|
||||
PKGBUILD: PKGBUILD.in $(PYTHON_VERSION)
|
||||
./PKGBUILD.in $(CHANGELOG_VERSION)
|
||||
|
||||
$(ARCHLINUX_FILE): $(ARCHLINUXTAR) $(PYTHON_VERSION)
|
||||
burp -c system $(ARCHLINUXTAR)
|
||||
touch $@
|
||||
|
||||
archlinux-release: $(ARCHLINUX_FILE)
|
||||
|
||||
################################################################################
|
||||
# Release
|
||||
#
|
||||
|
||||
$(PYTHON_VERSION) version: .git/refs/heads/master
|
||||
$(helper) version
|
||||
|
||||
# Code that is better handled in a shell script
|
||||
check-%:
|
||||
$(helper) $@
|
||||
|
||||
release:
|
||||
$(helper) $@
|
||||
|
||||
################################################################################
|
||||
# Cleanup
|
||||
#
|
||||
|
||||
clean:
|
||||
clean: docs-clean
|
||||
rm -f $(DOCS_SRC_DIR)/cdist-reference.rst
|
||||
|
||||
find "$(DOCS_SRC_DIR)" -mindepth 2 -type l \
|
||||
| xargs rm -f
|
||||
|
||||
make -C $(DOCS_SRC_DIR) clean
|
||||
|
||||
find * -name __pycache__ | xargs rm -rf
|
||||
|
||||
# Archlinux
|
||||
rm -f cdist-*.pkg.tar.xz cdist-*.tar.gz
|
||||
rm -rf pkg/ src/
|
||||
|
||||
rm -f MANIFEST PKGBUILD
|
||||
rm -rf dist/
|
||||
|
||||
# Signed release
|
||||
rm -f cdist-*.tar.gz
|
||||
rm -f cdist-*.tar.gz.asc
|
||||
|
||||
distclean: clean
|
||||
rm -f cdist/version.py
|
||||
# distutils
|
||||
rm -rf ./build
|
||||
|
||||
################################################################################
|
||||
# Misc
|
||||
# install
|
||||
#
|
||||
|
||||
# The pub is Nico's "push to all git remotes" way ("make pub")
|
||||
pub:
|
||||
git push --mirror
|
||||
install:
|
||||
python3 setup.py install
|
||||
|
||||
test:
|
||||
$(helper) $@
|
||||
|
||||
test-remote:
|
||||
$(helper) $@
|
||||
|
||||
pycodestyle pep8:
|
||||
$(helper) $@
|
||||
|
||||
shellcheck-global-explorers:
|
||||
@find cdist/conf/explorer -type f -exec $(SHELLCHECKCMD) {} + | $(SHELLCHECK_SKIP) || exit 0
|
||||
|
||||
shellcheck-type-explorers:
|
||||
@find cdist/conf/type -type f -path "*/explorer/*" -exec $(SHELLCHECKCMD) {} + | $(SHELLCHECK_SKIP) || exit 0
|
||||
|
||||
shellcheck-manifests:
|
||||
@find cdist/conf/type -type f -name manifest -exec $(SHELLCHECKCMD) {} + | $(SHELLCHECK_SKIP) || exit 0
|
||||
|
||||
shellcheck-local-gencodes:
|
||||
@find cdist/conf/type -type f -name gencode-local -exec $(SHELLCHECKCMD) {} + | $(SHELLCHECK_SKIP) || exit 0
|
||||
|
||||
shellcheck-remote-gencodes:
|
||||
@find cdist/conf/type -type f -name gencode-remote -exec $(SHELLCHECKCMD) {} + | $(SHELLCHECK_SKIP) || exit 0
|
||||
|
||||
shellcheck-gencodes: shellcheck-local-gencodes shellcheck-remote-gencodes
|
||||
|
||||
shellcheck-types: shellcheck-type-explorers shellcheck-manifests shellcheck-gencodes
|
||||
|
||||
shellcheck: shellcheck-global-explorers shellcheck-types
|
||||
|
||||
shellcheck-type-files:
|
||||
@find cdist/conf/type -type f -path "*/files/*" -exec $(SHELLCHECKCMD) {} + | $(SHELLCHECK_SKIP) || exit 0
|
||||
|
||||
shellcheck-with-files: shellcheck shellcheck-type-files
|
||||
install-user:
|
||||
python3 setup.py install --user
|
||||
|
|
|
@ -9,7 +9,7 @@ pkgver=$version
|
|||
pkgrel=1
|
||||
pkgdesc='A Usable Configuration Management System"'
|
||||
arch=('any')
|
||||
url='http://www.nico.schottelius.org/software/cdist/'
|
||||
url='https://www.cdi.st/'
|
||||
license=('GPL3')
|
||||
depends=('python>=3.2.0')
|
||||
source=("http://pypi.python.org/packages/source/c/cdist/cdist-\${pkgver}.tar.gz")
|
||||
|
|
3
README
3
README
|
@ -3,4 +3,5 @@ cdist
|
|||
|
||||
cdist is a usable configuration management system.
|
||||
|
||||
For the web documentation have a look at docs/web/.
|
||||
For the web documentation have a look at https://www.cdi.st/
|
||||
or at docs/src for reStructuredText manual.
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
Maintainers should use ./bin/build-helper script.
|
||||
|
||||
Makefile is intended for end users. It can be used for non-maintaining
|
||||
targets that can be run from pure source (without git repository).
|
388
bin/build-helper
388
bin/build-helper
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2016-2019 Darko Poljak (darko.poljak at gmail.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -18,17 +19,66 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# This file contains the heavy lifting found usually in the Makefile
|
||||
# This file contains the heavy lifting found usually in the Makefile.
|
||||
#
|
||||
|
||||
basedir=${0%/*}/../
|
||||
# Change to checkout directory
|
||||
cd "$basedir"
|
||||
usage() {
|
||||
printf "usage: %s TARGET [TARGET-ARGS...]
|
||||
Available targets:
|
||||
changelog-changes
|
||||
changelog-version
|
||||
check-date
|
||||
check-unittest
|
||||
ml-release
|
||||
archlinux-release
|
||||
pypi-release
|
||||
release-git-tag
|
||||
sign-git-release
|
||||
release
|
||||
test
|
||||
test-remote
|
||||
pycodestyle
|
||||
pep8
|
||||
check-pycodestyle
|
||||
shellcheck-global-explorers
|
||||
shellcheck-type-explorers
|
||||
shellcheck-manifests
|
||||
shellcheck-local-gencodes
|
||||
shellcheck-remote-gencodes
|
||||
shellcheck-scripts
|
||||
shellcheck-gencodes
|
||||
shellcheck-types
|
||||
shellcheck
|
||||
shellcheck-type-files
|
||||
shellcheck-with-files
|
||||
shellcheck-build-helper
|
||||
check-shellcheck
|
||||
version-branch
|
||||
version
|
||||
target-version
|
||||
clean
|
||||
distclean\n" "$1"
|
||||
}
|
||||
|
||||
version=$(git describe)
|
||||
basename="${0##*/}"
|
||||
|
||||
if [ $# -lt 1 ]
|
||||
then
|
||||
usage "${basename}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
option=$1; shift
|
||||
|
||||
SHELLCHECKCMD="shellcheck -s sh -f gcc -x"
|
||||
# Skip SC2154 for variables starting with __ since such variables are cdist
|
||||
# environment variables.
|
||||
SHELLCHECK_SKIP=': __.*is referenced but not assigned.*\[SC2154\]'
|
||||
|
||||
# Change to checkout directory
|
||||
basedir="${0%/*}/../"
|
||||
cd "$basedir"
|
||||
|
||||
case "$option" in
|
||||
changelog-changes)
|
||||
if [ "$#" -eq 1 ]; then
|
||||
|
@ -66,8 +116,8 @@ case "$option" in
|
|||
date_changelog=$(grep '^[[:digit:]]' "$basedir/docs/changelog" | head -n1 | sed 's/.*: //')
|
||||
|
||||
if [ "$date_today" != "$date_changelog" ]; then
|
||||
echo "Date in changelog is not today"
|
||||
echo "Changelog: $date_changelog"
|
||||
printf "Date in changelog is not today\n"
|
||||
printf "Changelog date: %s\n" "${date_changelog}"
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
|
@ -76,54 +126,17 @@ case "$option" in
|
|||
"$0" test
|
||||
;;
|
||||
|
||||
blog)
|
||||
version=$1; shift
|
||||
blogfile=$1; shift
|
||||
dir=${blogfile%/*}
|
||||
file=${blogfile##*/}
|
||||
|
||||
|
||||
cat << eof > "$blogfile"
|
||||
[[!meta title="Cdist $version released"]]
|
||||
|
||||
Here's a short overview about the changes found in version ${version}:
|
||||
|
||||
eof
|
||||
|
||||
$0 changelog-changes "$version" >> "$blogfile"
|
||||
|
||||
cat << eof >> "$blogfile"
|
||||
For more information visit the [[cdist homepage|software/cdist]].
|
||||
|
||||
[[!tag cdist config unix]]
|
||||
eof
|
||||
cd "$dir"
|
||||
git add "$file"
|
||||
# Allow git commit to fail if there are no changes
|
||||
git commit -m "cdist blog update: $version" "$blogfile" || true
|
||||
;;
|
||||
|
||||
ml-release)
|
||||
if [ $# -ne 1 ]; then
|
||||
echo "$0 ml-release version" >&2
|
||||
printf "%s ml-release version\n" "$0" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
version=$1; shift
|
||||
|
||||
to_a=cdist
|
||||
to_d=l.schottelius.org
|
||||
to=${to_a}@${to_d}
|
||||
|
||||
from_a=nico-cdist
|
||||
from_d=schottelius.org
|
||||
from=${from_a}@${from_d}
|
||||
|
||||
(
|
||||
cat << eof
|
||||
From: Nico -telmich- Schottelius <$from>
|
||||
To: cdist mailing list <$to>
|
||||
Subject: cdist $version released
|
||||
Subject: cdist $version has been released
|
||||
|
||||
Hello .*,
|
||||
|
||||
|
@ -134,25 +147,41 @@ eof
|
|||
"$0" changelog-changes "$version"
|
||||
cat << eof
|
||||
|
||||
Cheers,
|
||||
|
||||
Nico
|
||||
|
||||
--
|
||||
Automatisation at its best level. With cdist.
|
||||
eof
|
||||
) | /usr/sbin/sendmail -f "$from" "$to"
|
||||
) > mailinglist.tmp
|
||||
;;
|
||||
|
||||
archlinux-release)
|
||||
if [ $# -ne 1 ]; then
|
||||
printf "%s archlinux-release version\n" "$0" >&2
|
||||
exit 1
|
||||
fi
|
||||
version=$1; shift
|
||||
|
||||
ARCHLINUXTAR="cdist-${version}-1.src.tar.gz"
|
||||
./PKGBUILD.in "${version}"
|
||||
umask 022
|
||||
mkaurball
|
||||
burp -c system "${ARCHLINUXTAR}"
|
||||
;;
|
||||
|
||||
pypi-release)
|
||||
# Ensure that pypi release has the right version
|
||||
"$0" version
|
||||
|
||||
make docs-clean
|
||||
make docs
|
||||
python3 setup.py sdist upload
|
||||
;;
|
||||
|
||||
release-git-tag)
|
||||
target_version=$($0 changelog-version)
|
||||
if git rev-parse --verify refs/tags/$target_version 2>/dev/null; then
|
||||
echo "Tag for $target_version exists, aborting"
|
||||
if git rev-parse --verify "refs/tags/${target_version}" 2>/dev/null; then
|
||||
printf "Tag for %s exists, aborting\n" "${target_version}"
|
||||
exit 1
|
||||
fi
|
||||
printf "Enter tag description for ${target_version}: "
|
||||
read tagmessage
|
||||
printf "Enter tag description for %s: " "${target_version}"
|
||||
read -r tagmessage
|
||||
|
||||
# setup for signed tags:
|
||||
# gpg --fulL-gen-key
|
||||
|
@ -170,7 +199,8 @@ eof
|
|||
# gpg --verify <asc-file> <file>
|
||||
# gpg --no-default-keyring --keyring <pubkey.gpg> --verify <asc-file> <file>
|
||||
# Ensure gpg-agent is running.
|
||||
export GPG_TTY=$(tty)
|
||||
GPG_TTY=$(tty)
|
||||
export GPG_TTY
|
||||
gpg-agent
|
||||
|
||||
git tag -s "$target_version" -m "$tagmessage"
|
||||
|
@ -180,14 +210,14 @@ eof
|
|||
sign-git-release)
|
||||
if [ $# -lt 2 ]
|
||||
then
|
||||
printf "usage: $0 sign-git-release TAG TOKEN [ARCHIVE]\n"
|
||||
printf "usage: %s sign-git-release TAG TOKEN [ARCHIVE]\n" "$0"
|
||||
printf " if ARCHIVE is not specified then it is created\n"
|
||||
exit 1
|
||||
fi
|
||||
tag="$1"
|
||||
if ! git rev-parse -q --verify "${tag}" >/dev/null 2>&1
|
||||
then
|
||||
printf "Tag \"${tag}\" not found.\n"
|
||||
printf "Tag \"%s\" not found.\n" "${tag}"
|
||||
exit 1
|
||||
fi
|
||||
token="$2"
|
||||
|
@ -195,44 +225,53 @@ eof
|
|||
then
|
||||
archivename="$3"
|
||||
else
|
||||
archivename="cdist-${tag}.tar.gz"
|
||||
archivename="cdist-${tag}.tar"
|
||||
git archive --prefix="cdist-${tag}/" -o "${archivename}" "${tag}" \
|
||||
|| exit 1
|
||||
# make sure target version is generated
|
||||
"$0" target-version
|
||||
tar -x -f "${archivename}" || exit 1
|
||||
cp cdist/version.py "cdist-${tag}/cdist/version.py" || exit 1
|
||||
tar -c -f "${archivename}" "cdist-${tag}/" || exit 1
|
||||
rm -r -f "cdist-${tag}/"
|
||||
gzip "${archivename}" || exit 1
|
||||
archivename="${archivename}.gz"
|
||||
fi
|
||||
gpg --armor --detach-sign "${archivename}" || exit 1
|
||||
|
||||
# make github release
|
||||
curl -H "Authorization: token ${token}" \
|
||||
--request POST \
|
||||
--data "{ \"tag_name\":\"${tag}\", \
|
||||
\"target_commitish\":\"master\", \
|
||||
\"name\": \"${tag}\", \
|
||||
\"body\":\"${tag}\", \
|
||||
\"draft\":false, \
|
||||
\"prerelease\": false}" \
|
||||
"https://api.github.com/repos/ungleich/cdist/releases" || exit 1
|
||||
project="ungleich-public%2Fcdist"
|
||||
sed_cmd='s/^.*"markdown":"\([^"]*\)".*$/\1/'
|
||||
|
||||
# get release ID
|
||||
repoid=$(curl "https://api.github.com/repos/ungleich/cdist/releases/tags/${tag}" \
|
||||
| python3 -c 'import json; import sys; print(json.loads(sys.stdin.read())["id"])') \
|
||||
|| exit 1
|
||||
# upload archive
|
||||
response_archive=$(curl -f -X POST \
|
||||
--http1.1 \
|
||||
-H "PRIVATE-TOKEN: ${token}" \
|
||||
-F "file=@${archivename}" \
|
||||
"https://code.ungleich.ch/api/v4/projects/${project}/uploads" \
|
||||
| sed "${sed_cmd}") || exit 1
|
||||
|
||||
# upload archive and then signature
|
||||
curl -H "Authorization: token ${token}" \
|
||||
-H "Accept: application/vnd.github.manifold-preview" \
|
||||
-H "Content-Type: application/x-gtar" \
|
||||
--data-binary @${archivename} \
|
||||
"https://uploads.github.com/repos/ungleich/cdist/releases/${repoid}/assets?name=${archivename}" \
|
||||
|| exit 1
|
||||
curl -H "Authorization: token ${token}" \
|
||||
-H "Accept: application/vnd.github.manifold-preview" \
|
||||
-H "Content-Type: application/pgp-signature" \
|
||||
--data-binary @${archivename}.asc \
|
||||
"https://uploads.github.com/repos/ungleich/cdist/releases/${repoid}/assets?name=${archivename}.asc" \
|
||||
# upload archive signature
|
||||
response_archive_sig=$(curl -f -X POST \
|
||||
--http1.1 \
|
||||
-H "PRIVATE-TOKEN: ${token}" \
|
||||
-F "file=@${archivename}.asc" \
|
||||
"https://code.ungleich.ch/api/v4/projects/${project}/uploads" \
|
||||
| sed "${sed_cmd}") || exit 1
|
||||
|
||||
# make release
|
||||
changelog=$("$0" changelog-changes "$1" | sed 's/^[[:space:]]*//')
|
||||
release_notes=$(
|
||||
printf "%s\n\n%s\n\n**Changelog**\n\n%s\n" \
|
||||
"${response_archive}" "${response_archive_sig}" "${changelog}"
|
||||
)
|
||||
curl -f -X POST \
|
||||
-H "PRIVATE-TOKEN: ${token}" \
|
||||
-F "description=${release_notes}" \
|
||||
"https://code.ungleich.ch/api/v4/projects/${project}/repository/tags/${tag}/release" \
|
||||
|| exit 1
|
||||
|
||||
# remove generated files (archive and asc)
|
||||
if [ $# -eq 2]
|
||||
if [ $# -eq 2 ]
|
||||
then
|
||||
rm -f "${archivename}"
|
||||
fi
|
||||
|
@ -244,30 +283,30 @@ eof
|
|||
target_version=$($0 changelog-version)
|
||||
target_branch=$($0 version-branch)
|
||||
|
||||
echo "Beginning release process for $target_version"
|
||||
printf "Beginning release process for %s\n" "${target_version}"
|
||||
|
||||
# First check everything is sane
|
||||
"$0" check-date
|
||||
"$0" check-unittest
|
||||
"$0" check-pycodestyle
|
||||
"$0" shellcheck
|
||||
"$0" check-shellcheck
|
||||
|
||||
# Generate version file to be included in packaging
|
||||
"$0" target-version
|
||||
|
||||
# Ensure the git status is clean, else abort
|
||||
if ! git diff-index --name-only --exit-code HEAD ; then
|
||||
echo "Unclean tree, see files above, aborting"
|
||||
printf "Unclean tree, see files above, aborting.\n"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Ensure we are on the master branch
|
||||
masterbranch=yes
|
||||
if [ "$(git rev-parse --abbrev-ref HEAD)" != "master" ]; then
|
||||
echo "Releases are happening from the master branch, aborting"
|
||||
printf "Releases are happening from the master branch, aborting.\n"
|
||||
|
||||
echo "Enter the magic word to release anyway"
|
||||
read magicword
|
||||
printf "Enter the magic word to release anyway:"
|
||||
read -r magicword
|
||||
|
||||
if [ "$magicword" = "iknowwhatido" ]; then
|
||||
masterbranch=no
|
||||
|
@ -278,7 +317,7 @@ eof
|
|||
|
||||
if [ "$masterbranch" = yes ]; then
|
||||
# Ensure version branch exists
|
||||
if ! git rev-parse --verify refs/heads/$target_branch 2>/dev/null; then
|
||||
if ! git rev-parse --verify "refs/heads/${target_branch}" 2>/dev/null; then
|
||||
git branch "$target_branch"
|
||||
fi
|
||||
|
||||
|
@ -296,20 +335,12 @@ eof
|
|||
make docs-clean
|
||||
make docs
|
||||
|
||||
# Generate speeches (indirect check if they build)
|
||||
make speeches
|
||||
|
||||
#############################################################
|
||||
# Everything green, let's do the release
|
||||
|
||||
# Tag the current commit
|
||||
"$0" release-git-tag
|
||||
|
||||
# sign git tag
|
||||
printf "Enter github authentication token: "
|
||||
read token
|
||||
"$0" sign-git-release "${target_version}" "${token}"
|
||||
|
||||
# Also merge back the version branch
|
||||
if [ "$masterbranch" = yes ]; then
|
||||
git checkout master
|
||||
|
@ -317,41 +348,41 @@ eof
|
|||
fi
|
||||
|
||||
# Publish git changes
|
||||
make pub
|
||||
|
||||
# publish man, speeches, website
|
||||
if [ "$masterbranch" = yes ]; then
|
||||
make web-release-all
|
||||
else
|
||||
make web-release-all-no-latest
|
||||
fi
|
||||
|
||||
# Ensure that pypi release has the right version
|
||||
"$0" version
|
||||
# if you want to have mirror locally then uncomment this and comment below
|
||||
# git push --mirror
|
||||
git push
|
||||
# push also new branch and set up tracking
|
||||
git push -u origin "${target_branch}"
|
||||
# fi
|
||||
|
||||
# Create and publish package for pypi
|
||||
make pypi-release
|
||||
"$0" pypi-release
|
||||
|
||||
# Archlinux release is based on pypi
|
||||
make archlinux-release
|
||||
# sign git tag
|
||||
printf "Enter upstream repository authentication token: "
|
||||
read -r token
|
||||
"$0" sign-git-release "${target_version}" "${token}"
|
||||
|
||||
# Announce change on ML
|
||||
make ml-release
|
||||
"$0" ml-release "${target_version}"
|
||||
|
||||
cat << eof
|
||||
Manual steps post release:
|
||||
|
||||
- linkedin
|
||||
- hackernews
|
||||
- reddit
|
||||
- cdist-web
|
||||
- send mail body generated in mailinglist.tmp and inform Dmitry for deb
|
||||
- twitter
|
||||
|
||||
eof
|
||||
|
||||
;;
|
||||
|
||||
test)
|
||||
export PYTHONPATH="$(pwd -P)"
|
||||
if [ ! -f "cdist/version.py" ]
|
||||
then
|
||||
printf "cdist/version.py is missing, generate it first.\n"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
PYTHONPATH="$(pwd -P)"
|
||||
export PYTHONPATH
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
python3 -m cdist.test
|
||||
|
@ -361,7 +392,15 @@ eof
|
|||
;;
|
||||
|
||||
test-remote)
|
||||
export PYTHONPATH="$(pwd -P)"
|
||||
if [ ! -f "cdist/version.py" ]
|
||||
then
|
||||
printf "cdist/version.py is missing, generate it first.\n"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
PYTHONPATH="$(pwd -P)"
|
||||
export PYTHONPATH
|
||||
|
||||
python3 -m cdist.test.exec.remote
|
||||
;;
|
||||
|
||||
|
@ -374,9 +413,9 @@ eof
|
|||
printf "\\nPlease review pycodestyle report.\\n"
|
||||
while true
|
||||
do
|
||||
echo "Continue (yes/no)?"
|
||||
printf "Continue (yes/no)?\n"
|
||||
any=
|
||||
read any
|
||||
read -r any
|
||||
case "$any" in
|
||||
yes)
|
||||
break
|
||||
|
@ -385,20 +424,74 @@ eof
|
|||
exit 1
|
||||
;;
|
||||
*)
|
||||
echo "Please answer with 'yes' or 'no' explicitly."
|
||||
printf "Please answer with 'yes' or 'no' explicitly.\n"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
;;
|
||||
|
||||
shellcheck-global-explorers)
|
||||
find cdist/conf/explorer -type f -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
|
||||
;;
|
||||
|
||||
shellcheck-type-explorers)
|
||||
find cdist/conf/type -type f -path "*/explorer/*" -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
|
||||
;;
|
||||
|
||||
shellcheck-manifests)
|
||||
find cdist/conf/type -type f -name manifest -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
|
||||
;;
|
||||
|
||||
shellcheck-local-gencodes)
|
||||
find cdist/conf/type -type f -name gencode-local -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
|
||||
;;
|
||||
|
||||
shellcheck-remote-gencodes)
|
||||
find cdist/conf/type -type f -name gencode-remote -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
|
||||
;;
|
||||
|
||||
shellcheck-scripts)
|
||||
${SHELLCHECKCMD} scripts/cdist-dump scripts/cdist-new-type || exit 0
|
||||
;;
|
||||
|
||||
shellcheck-gencodes)
|
||||
"$0" shellcheck-local-gencodes
|
||||
"$0" shellcheck-remote-gencodes
|
||||
;;
|
||||
|
||||
shellcheck-types)
|
||||
"$0" shellcheck-type-explorers
|
||||
"$0" shellcheck-manifests
|
||||
"$0" shellcheck-gencodes
|
||||
;;
|
||||
|
||||
shellcheck)
|
||||
make helper=${helper} WEBDIR=${WEBDIR} shellcheck
|
||||
"$0" shellcheck-global-explorers
|
||||
"$0" shellcheck-types
|
||||
"$0" shellcheck-scripts
|
||||
;;
|
||||
|
||||
shellcheck-type-files)
|
||||
find cdist/conf/type -type f -path "*/files/*" -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" || exit 0
|
||||
;;
|
||||
|
||||
shellcheck-with-files)
|
||||
"$0" shellcheck
|
||||
"$0" shellcheck-type-files
|
||||
;;
|
||||
|
||||
shellcheck-build-helper)
|
||||
${SHELLCHECKCMD} ./bin/build-helper
|
||||
;;
|
||||
|
||||
check-shellcheck)
|
||||
"$0" shellcheck
|
||||
printf "\\nPlease review shellcheck report.\\n"
|
||||
while true
|
||||
do
|
||||
echo "Continue (yes/no)?"
|
||||
printf "Continue (yes/no)?\n"
|
||||
any=
|
||||
read any
|
||||
read -r any
|
||||
case "$any" in
|
||||
yes)
|
||||
break
|
||||
|
@ -407,7 +500,7 @@ eof
|
|||
exit 1
|
||||
;;
|
||||
*)
|
||||
echo "Please answer with 'yes' or 'no' explicitly."
|
||||
printf "Please answer with 'yes' or 'no' explicitly.\n"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
@ -418,16 +511,39 @@ eof
|
|||
;;
|
||||
|
||||
version)
|
||||
echo "VERSION = \"$(git describe)\"" > cdist/version.py
|
||||
printf "VERSION = \"%s\"\n" "$(git describe)" > cdist/version.py
|
||||
;;
|
||||
|
||||
target-version)
|
||||
target_version=$($0 changelog-version)
|
||||
echo "VERSION = \"${target_version}\"" > cdist/version.py
|
||||
printf "VERSION = \"%s\"\n" "${target_version}" > cdist/version.py
|
||||
;;
|
||||
|
||||
clean)
|
||||
make clean
|
||||
|
||||
# Archlinux
|
||||
rm -f cdist-*.pkg.tar.xz cdist-*.tar.gz
|
||||
rm -rf pkg/ src/
|
||||
|
||||
rm -f MANIFEST PKGBUILD
|
||||
rm -rf dist/
|
||||
|
||||
# Signed release
|
||||
rm -f cdist-*.tar.gz
|
||||
rm -f cdist-*.tar.gz.asc
|
||||
|
||||
# Temp files
|
||||
rm -f ./*.tmp
|
||||
;;
|
||||
|
||||
distclean)
|
||||
"$0" clean
|
||||
rm -f cdist/version.py
|
||||
;;
|
||||
*)
|
||||
echo "Unknown helper target $@ - aborting"
|
||||
printf "Unknown target: '%s'.\n" "${option}" >&2
|
||||
usage "${basename}"
|
||||
exit 1
|
||||
;;
|
||||
|
||||
|
|
|
@ -1,496 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2011-2013 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2016 Darko Poljak (darko.poljak at gmail.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# This file contains the heavy lifting found usually in the Makefile
|
||||
#
|
||||
|
||||
# vars for make
|
||||
helper=$0
|
||||
|
||||
basedir=${0%/*}/../
|
||||
# run_as is used to check how the script is called (by $0 value)
|
||||
# currently supported sufixes for $0 are:
|
||||
# .freebsd - run as freebsd
|
||||
basename=${0##*/}
|
||||
run_as=${basename#*.}
|
||||
case "$run_as" in
|
||||
freebsd)
|
||||
to_a=cdist-configuration-management
|
||||
to_d=googlegroups.com
|
||||
from_a=darko.poljak
|
||||
from_d=gmail.com
|
||||
ml_name="Darko Poljak"
|
||||
ml_sig_name="Darko"
|
||||
|
||||
# vars for make
|
||||
WEBDIR=../vcs/www.nico.schottelius.org
|
||||
;;
|
||||
*)
|
||||
to_a=cdist
|
||||
to_d=l.schottelius.org
|
||||
from_a=nico-cdist
|
||||
from_d=schottelius.org
|
||||
ml_name="Nico -telmich- Schottelius"
|
||||
ml_sig_name="Nico"
|
||||
|
||||
# vars for make
|
||||
WEBDIR=$$HOME/vcs/www.nico.schottelius.org
|
||||
;;
|
||||
esac
|
||||
|
||||
# Change to checkout directory
|
||||
cd "$basedir"
|
||||
|
||||
version=$(git describe)
|
||||
|
||||
option=$1; shift
|
||||
|
||||
case "$option" in
|
||||
print-make-vars)
|
||||
printf "helper: ${helper}\n"
|
||||
printf "WEBDIR: ${WEBDIR}\n"
|
||||
;;
|
||||
print-runas)
|
||||
printf "run_as: $run_as\n"
|
||||
;;
|
||||
changelog-changes)
|
||||
if [ "$#" -eq 1 ]; then
|
||||
start=$1
|
||||
else
|
||||
start="[[:digit:]]"
|
||||
fi
|
||||
|
||||
end="[[:digit:]]"
|
||||
|
||||
awk -F: "BEGIN { start=0 }
|
||||
{
|
||||
if(start == 0) {
|
||||
if (\$0 ~ /^$start/) {
|
||||
start = 1
|
||||
}
|
||||
} else {
|
||||
if (\$0 ~ /^$end/) {
|
||||
exit
|
||||
} else {
|
||||
print \$0
|
||||
}
|
||||
}
|
||||
}" "$basedir/docs/changelog"
|
||||
;;
|
||||
|
||||
changelog-version)
|
||||
# get version from changelog
|
||||
grep '^[[:digit:]]' "$basedir/docs/changelog" | head -n1 | sed 's/:.*//'
|
||||
;;
|
||||
|
||||
check-date)
|
||||
# verify date in changelog is today
|
||||
date_today="$(date +%Y-%m-%d)"
|
||||
date_changelog=$(grep '^[[:digit:]]' "$basedir/docs/changelog" | head -n1 | sed 's/.*: //')
|
||||
|
||||
if [ "$date_today" != "$date_changelog" ]; then
|
||||
echo "Date in changelog is not today"
|
||||
echo "Changelog: $date_changelog"
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
|
||||
check-unittest)
|
||||
"$0" test
|
||||
;;
|
||||
|
||||
blog)
|
||||
version=$1; shift
|
||||
blogfile=$1; shift
|
||||
dir=${blogfile%/*}
|
||||
file=${blogfile##*/}
|
||||
|
||||
|
||||
cat << eof > "$blogfile"
|
||||
[[!meta title="Cdist $version released"]]
|
||||
|
||||
Here's a short overview about the changes found in version ${version}:
|
||||
|
||||
eof
|
||||
|
||||
$0 changelog-changes "$version" >> "$blogfile"
|
||||
|
||||
cat << eof >> "$blogfile"
|
||||
For more information visit the [[cdist homepage|software/cdist]].
|
||||
|
||||
[[!tag cdist config unix]]
|
||||
eof
|
||||
cd "$dir"
|
||||
git add "$file"
|
||||
# Allow git commit to fail if there are no changes
|
||||
git commit -m "cdist blog update: $version" "$blogfile" || true
|
||||
;;
|
||||
|
||||
ml-release)
|
||||
if [ $# -ne 1 ]; then
|
||||
echo "$0 ml-release version" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
version=$1; shift
|
||||
|
||||
to=${to_a}@${to_d}
|
||||
from=${from_a}@${from_d}
|
||||
|
||||
(
|
||||
cat << eof
|
||||
From: ${ml_name} <$from>
|
||||
To: cdist mailing list <$to>
|
||||
Subject: cdist $version released
|
||||
|
||||
Hello .*,
|
||||
|
||||
cdist $version has been released with the following changes:
|
||||
|
||||
eof
|
||||
|
||||
"$0" changelog-changes "$version"
|
||||
cat << eof
|
||||
|
||||
Cheers,
|
||||
|
||||
${ml_sig_name}
|
||||
|
||||
--
|
||||
Automatisation at its best level. With cdist.
|
||||
eof
|
||||
) | /usr/sbin/sendmail -f "$from" "$to"
|
||||
;;
|
||||
|
||||
release-git-tag)
|
||||
target_version=$($0 changelog-version)
|
||||
if git rev-parse --verify refs/tags/$target_version 2>/dev/null; then
|
||||
echo "Tag for $target_version exists, aborting"
|
||||
exit 1
|
||||
fi
|
||||
printf "Enter tag description for ${target_version}: "
|
||||
read tagmessage
|
||||
|
||||
# setup for signed tags:
|
||||
# gpg --fulL-gen-key
|
||||
# gpg --list-secret-keys --keyid-format LONG
|
||||
# git config --local user.signingkey <id>
|
||||
# for exporting pub key:
|
||||
# gpg --armor --export <id> > pubkey.asc
|
||||
# gpg --output pubkey.gpg --export <id>
|
||||
# show tag with signature
|
||||
# git show <tag>
|
||||
# verify tag signature
|
||||
# git tag -v <tag>
|
||||
#
|
||||
# gpg verify signature
|
||||
# gpg --verify <asc-file> <file>
|
||||
# gpg --no-default-keyring --keyring <pubkey.gpg> --verify <asc-file> <file>
|
||||
# Ensure gpg-agent is running.
|
||||
export GPG_TTY=$(tty)
|
||||
gpg-agent
|
||||
|
||||
git tag -s "$target_version" -m "$tagmessage"
|
||||
git push --tags
|
||||
;;
|
||||
|
||||
sign-git-release)
|
||||
if [ $# -lt 2 ]
|
||||
then
|
||||
printf "usage: $0 sign-git-release TAG TOKEN [ARCHIVE]\n"
|
||||
printf " if ARCHIVE is not specified then it is created\n"
|
||||
exit 1
|
||||
fi
|
||||
tag="$1"
|
||||
if ! git rev-parse -q --verify "${tag}" >/dev/null 2>&1
|
||||
then
|
||||
printf "Tag \"${tag}\" not found.\n"
|
||||
exit 1
|
||||
fi
|
||||
token="$2"
|
||||
if [ $# -gt 2 ]
|
||||
then
|
||||
archivename="$3"
|
||||
else
|
||||
archivename="cdist-${tag}.tar.gz"
|
||||
git archive --prefix="cdist-${tag}/" -o "${archivename}" "${tag}" \
|
||||
|| exit 1
|
||||
fi
|
||||
gpg --armor --detach-sign "${archivename}" || exit 1
|
||||
|
||||
# make github release
|
||||
curl -H "Authorization: token ${token}" \
|
||||
--request POST \
|
||||
--data "{ \"tag_name\":\"${tag}\", \
|
||||
\"target_commitish\":\"master\", \
|
||||
\"name\": \"${tag}\", \
|
||||
\"body\":\"${tag}\", \
|
||||
\"draft\":false, \
|
||||
\"prerelease\": false}" \
|
||||
"https://api.github.com/repos/ungleich/cdist/releases" || exit 1
|
||||
|
||||
# get release ID
|
||||
repoid=$(curl "https://api.github.com/repos/ungleich/cdist/releases/tags/${tag}" \
|
||||
| python3 -c 'import json; import sys; print(json.loads(sys.stdin.read())["id"])') \
|
||||
|| exit 1
|
||||
|
||||
# upload archive and then signature
|
||||
curl -H "Authorization: token ${token}" \
|
||||
-H "Accept: application/vnd.github.manifold-preview" \
|
||||
-H "Content-Type: application/x-gtar" \
|
||||
--data-binary @${archivename} \
|
||||
"https://uploads.github.com/repos/ungleich/cdist/releases/${repoid}/assets?name=${archivename}" \
|
||||
|| exit 1
|
||||
curl -H "Authorization: token ${token}" \
|
||||
-H "Accept: application/vnd.github.manifold-preview" \
|
||||
-H "Content-Type: application/pgp-signature" \
|
||||
--data-binary @${archivename}.asc \
|
||||
"https://uploads.github.com/repos/ungleich/cdist/releases/${repoid}/assets?name=${archivename}.asc" \
|
||||
|| exit 1
|
||||
|
||||
# remove generated files (archive and asc)
|
||||
if [ $# -eq 2]
|
||||
then
|
||||
rm -f "${archivename}"
|
||||
fi
|
||||
rm -f "${archivename}.asc"
|
||||
;;
|
||||
|
||||
release)
|
||||
set -e
|
||||
target_version=$($0 changelog-version)
|
||||
target_branch=$($0 version-branch)
|
||||
|
||||
echo "Beginning release process for $target_version"
|
||||
|
||||
# First check everything is sane
|
||||
"$0" check-date
|
||||
"$0" check-unittest
|
||||
"$0" check-pycodestyle
|
||||
"$0" shellcheck
|
||||
|
||||
# Generate version file to be included in packaging
|
||||
"$0" target-version
|
||||
|
||||
# Ensure the git status is clean, else abort
|
||||
if ! git diff-index --name-only --exit-code HEAD ; then
|
||||
echo "Unclean tree, see files above, aborting"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Ensure we are on the master branch
|
||||
masterbranch=yes
|
||||
if [ "$(git rev-parse --abbrev-ref HEAD)" != "master" ]; then
|
||||
echo "Releases are happening from the master branch, aborting"
|
||||
|
||||
echo "Enter the magic word to release anyway"
|
||||
read magicword
|
||||
|
||||
if [ "$magicword" = "iknowwhatido" ]; then
|
||||
masterbranch=no
|
||||
else
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "$masterbranch" = yes ]; then
|
||||
# Ensure version branch exists
|
||||
if ! git rev-parse --verify refs/heads/$target_branch 2>/dev/null; then
|
||||
git branch "$target_branch"
|
||||
fi
|
||||
|
||||
# Merge master branch into version branch
|
||||
git checkout "$target_branch"
|
||||
git merge master
|
||||
fi
|
||||
|
||||
# Verify that after the merge everything works
|
||||
"$0" check-date
|
||||
"$0" check-unittest
|
||||
|
||||
# Generate documentation (man and html)
|
||||
# First, clean old generated docs
|
||||
make helper=${helper} WEBDIR=${WEBDIR} docs-clean
|
||||
make helper=${helper} WEBDIR=${WEBDIR} docs
|
||||
|
||||
# Generate speeches (indirect check if they build)
|
||||
make helper=${helper} WEBDIR=${WEBDIR} speeches
|
||||
|
||||
#############################################################
|
||||
# Everything green, let's do the release
|
||||
|
||||
# Tag the current commit
|
||||
"$0" release-git-tag
|
||||
|
||||
# sign git tag
|
||||
printf "Enter github authentication token: "
|
||||
read token
|
||||
"$0" sign-git-release "${target_version}" "${token}"
|
||||
|
||||
# Also merge back the version branch
|
||||
if [ "$masterbranch" = yes ]; then
|
||||
git checkout master
|
||||
git merge "$target_branch"
|
||||
fi
|
||||
|
||||
# Publish git changes
|
||||
case "$run_as" in
|
||||
freebsd)
|
||||
# if we are not Nico :) then just push, no mirror
|
||||
git push
|
||||
# push also new branch and set up tracking
|
||||
git push -u origin "${target_branch}"
|
||||
;;
|
||||
*)
|
||||
make helper=${helper} WEBDIR=${WEBDIR} pub
|
||||
;;
|
||||
esac
|
||||
|
||||
# publish man, speeches, website
|
||||
if [ "$masterbranch" = yes ]; then
|
||||
make helper=${helper} WEBDIR=${WEBDIR} web-release-all
|
||||
else
|
||||
make helper=${helper} WEBDIR=${WEBDIR} web-release-all-no-latest
|
||||
fi
|
||||
|
||||
# Ensure that pypi release has the right version
|
||||
"$0" version
|
||||
|
||||
# Create and publish package for pypi
|
||||
make helper=${helper} WEBDIR=${WEBDIR} pypi-release
|
||||
|
||||
case "$run_as" in
|
||||
freebsd)
|
||||
;;
|
||||
*)
|
||||
# Archlinux release is based on pypi
|
||||
make archlinux-release
|
||||
;;
|
||||
esac
|
||||
|
||||
# Announce change on ML
|
||||
make helper=${helper} WEBDIR=${WEBDIR} ml-release
|
||||
|
||||
cat << eof
|
||||
Manual steps post release:
|
||||
|
||||
- linkedin
|
||||
- hackernews
|
||||
- reddit
|
||||
- twitter
|
||||
|
||||
eof
|
||||
|
||||
case "$run_as" in
|
||||
freebsd)
|
||||
cat <<eof
|
||||
Additional steps post release:
|
||||
- archlinux release
|
||||
eof
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
||||
;;
|
||||
|
||||
test)
|
||||
export PYTHONPATH="$(pwd -P)"
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
python3 -m cdist.test
|
||||
else
|
||||
python3 -m unittest "$@"
|
||||
fi
|
||||
;;
|
||||
|
||||
test-remote)
|
||||
export PYTHONPATH="$(pwd -P)"
|
||||
python3 -m cdist.test.exec.remote
|
||||
;;
|
||||
|
||||
pycodestyle|pep8)
|
||||
pycodestyle "${basedir}" "${basedir}/scripts/cdist" | less
|
||||
;;
|
||||
|
||||
check-pycodestyle)
|
||||
"$0" pycodestyle
|
||||
printf "\\nPlease review pycodestyle report.\\n"
|
||||
while true
|
||||
do
|
||||
echo "Continue (yes/no)?"
|
||||
any=
|
||||
read any
|
||||
case "$any" in
|
||||
yes)
|
||||
break
|
||||
;;
|
||||
no)
|
||||
exit 1
|
||||
;;
|
||||
*)
|
||||
echo "Please answer with 'yes' or 'no' explicitly."
|
||||
;;
|
||||
esac
|
||||
done
|
||||
;;
|
||||
|
||||
shellcheck)
|
||||
make helper=${helper} WEBDIR=${WEBDIR} shellcheck
|
||||
printf "\\nPlease review shellcheck report.\\n"
|
||||
while true
|
||||
do
|
||||
echo "Continue (yes/no)?"
|
||||
any=
|
||||
read any
|
||||
case "$any" in
|
||||
yes)
|
||||
break
|
||||
;;
|
||||
no)
|
||||
exit 1
|
||||
;;
|
||||
*)
|
||||
echo "Please answer with 'yes' or 'no' explicitly."
|
||||
;;
|
||||
esac
|
||||
done
|
||||
;;
|
||||
|
||||
version-branch)
|
||||
"$0" changelog-version | cut -d. -f '1,2'
|
||||
;;
|
||||
|
||||
version)
|
||||
echo "VERSION = \"$(git describe)\"" > cdist/version.py
|
||||
;;
|
||||
|
||||
target-version)
|
||||
target_version=$($0 changelog-version)
|
||||
echo "VERSION = \"${target_version}\"" > cdist/version.py
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "Unknown helper target $@ - aborting"
|
||||
exit 1
|
||||
;;
|
||||
|
||||
esac
|
|
@ -181,17 +181,40 @@ class CdistObjectError(CdistEntityError):
|
|||
params, stdout_paths, stderr_paths, subject)
|
||||
|
||||
|
||||
class CdistObjectExplorerError(CdistEntityError):
|
||||
"""
|
||||
Something went wrong while working on a specific
|
||||
cdist object explorer
|
||||
"""
|
||||
def __init__(self, cdist_object, explorer_name, explorer_path,
|
||||
stderr_path, subject=''):
|
||||
params = [
|
||||
('object name', cdist_object.name, ),
|
||||
('object path', cdist_object.absolute_path, ),
|
||||
('object source', " ".join(cdist_object.source), ),
|
||||
('object type', os.path.realpath(
|
||||
cdist_object.cdist_type.absolute_path), ),
|
||||
('explorer name', explorer_name, ),
|
||||
('explorer path', explorer_path, ),
|
||||
]
|
||||
stdout_paths = []
|
||||
stderr_paths = [
|
||||
('remote', stderr_path, ),
|
||||
]
|
||||
super().__init__("explorer '{}' of object '{}'".format(
|
||||
explorer_name, cdist_object.name), params, stdout_paths,
|
||||
stderr_paths, subject)
|
||||
|
||||
|
||||
class InitialManifestError(CdistEntityError):
|
||||
"""Something went wrong while executing initial manifest"""
|
||||
def __init__(self, initial_manifest, stdout_path, stderr_path, subject=''):
|
||||
params = [
|
||||
('path', initial_manifest, ),
|
||||
]
|
||||
stdout_paths = []
|
||||
stdout_paths = [
|
||||
('init', stdout_path, ),
|
||||
]
|
||||
stderr_paths = []
|
||||
stderr_paths = [
|
||||
('init', stderr_path, ),
|
||||
]
|
||||
|
@ -199,6 +222,20 @@ class InitialManifestError(CdistEntityError):
|
|||
stderr_paths, subject)
|
||||
|
||||
|
||||
class GlobalExplorerError(CdistEntityError):
|
||||
"""Something went wrong while executing global explorer"""
|
||||
def __init__(self, name, path, stderr_path, subject=''):
|
||||
params = [
|
||||
('name', name, ),
|
||||
('path', path, ),
|
||||
]
|
||||
stderr_paths = [
|
||||
('remote', stderr_path, ),
|
||||
]
|
||||
super().__init__("global explorer '{}'".format(name),
|
||||
params, [], stderr_paths, subject)
|
||||
|
||||
|
||||
def file_to_list(filename):
|
||||
"""Return list from \n seperated file"""
|
||||
if os.path.isfile(filename):
|
||||
|
|
|
@ -11,9 +11,9 @@ import cdist.configuration
|
|||
BETA_COMMANDS = set(('install', 'inventory', ))
|
||||
# set of beta arguments for sub-commands
|
||||
BETA_ARGS = {
|
||||
'config': set(('jobs', 'tag', 'all_tagged_hosts', 'use_archiving', )),
|
||||
'config': set(('tag', 'all_tagged_hosts', 'use_archiving', )),
|
||||
}
|
||||
EPILOG = "Get cdist at http://www.nico.schottelius.org/software/cdist/"
|
||||
EPILOG = "Get cdist at https://code.ungleich.ch/ungleich-public/cdist"
|
||||
# Parser others can reuse
|
||||
parser = None
|
||||
|
||||
|
@ -191,8 +191,7 @@ def get_parsers():
|
|||
name="positive int"),
|
||||
help=('Operate in parallel in specified maximum number of jobs. '
|
||||
'Global explorers, object prepare and object run are '
|
||||
'supported. Without argument CPU count is used by default. '
|
||||
'Currently in beta.'),
|
||||
'supported. Without argument CPU count is used by default. '),
|
||||
action='store', dest='jobs',
|
||||
const=multiprocessing.cpu_count())
|
||||
parser['config_main'].add_argument(
|
||||
|
|
|
@ -1,16 +1,27 @@
|
|||
#!/bin/sh -e
|
||||
#!/bin/sh
|
||||
|
||||
os=$("$__explorer/os")
|
||||
case "$os" in
|
||||
openbsd)
|
||||
IFS=',' disks=$(sysctl -n hw.disknames)
|
||||
for d in $disks; do
|
||||
echo "${d%%:*}"
|
||||
done | sed -n '/^[sw]d[0-9][0-9]*/p'
|
||||
uname_s="$(uname -s)"
|
||||
|
||||
case "${uname_s}" in
|
||||
FreeBSD)
|
||||
sysctl -n kern.disks
|
||||
;;
|
||||
OpenBSD|NetBSD)
|
||||
sysctl -n hw.disknames | grep -Eo '[lsw]d[0-9]+' | xargs
|
||||
;;
|
||||
Linux)
|
||||
if command -v lsblk > /dev/null
|
||||
then
|
||||
# exclude ram disks, floppies and cdroms
|
||||
# https://www.kernel.org/doc/Documentation/admin-guide/devices.txt
|
||||
lsblk -e 1,2,11 -dno name | xargs
|
||||
else
|
||||
printf "Don't know how to list disks for %s operating system without lsblk, if you can please submit a patch\n" "${uname_s}" >&2
|
||||
fi
|
||||
;;
|
||||
|
||||
*)
|
||||
cd /dev || exit 0
|
||||
echo sd? hd? vd?
|
||||
printf "Don't know how to list disks for %s operating system, if you can please submit a patch\n" "${uname_s}" >&2
|
||||
;;
|
||||
esac
|
||||
|
||||
exit 0
|
||||
|
|
|
@ -29,7 +29,7 @@ case "$uname_s" in
|
|||
Linux)
|
||||
(pgrep -P0 -l | awk '/^1[ \t]/ {print $2;}') || true
|
||||
;;
|
||||
FreeBSD)
|
||||
FreeBSD|OpenBSD)
|
||||
ps -o comm= -p 1 || true
|
||||
;;
|
||||
*)
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
#!/bin/sh -e
|
||||
#
|
||||
# 2012 Sébastien Gross <seb•ɑƬ•chezwam•ɖɵʈ•org>
|
||||
# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -17,35 +17,14 @@
|
|||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# List all network interfaces in explorer/ifaces. One interface per line.
|
||||
#
|
||||
# If your OS is not supported please provide a ifconfig output
|
||||
#
|
||||
|
||||
# Use ip, if available
|
||||
if command -v ip >/dev/null; then
|
||||
if command -v ip > /dev/null
|
||||
then
|
||||
ip -o link show | sed -n 's/^[0-9]\+: \(.\+\): <.*/\1/p'
|
||||
exit 0
|
||||
|
||||
elif command -v ifconfig > /dev/null
|
||||
then
|
||||
ifconfig -a \
|
||||
| sed -n -E 's/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p' \
|
||||
| sort -u
|
||||
fi
|
||||
|
||||
if ! command -v ifconfig >/dev/null; then
|
||||
# no ifconfig, nothing we could do
|
||||
exit 0
|
||||
fi
|
||||
|
||||
uname_s="$(uname -s)"
|
||||
REGEXP='s/^(.*)(:[[:space:]]*flags=|Link encap).*/\1/p'
|
||||
|
||||
case "$uname_s" in
|
||||
Darwin)
|
||||
ifconfig -a | sed -n -E "$REGEXP"
|
||||
;;
|
||||
Linux|*BSD)
|
||||
ifconfig -a | sed -n -r "$REGEXP"
|
||||
;;
|
||||
*)
|
||||
echo "Unsupported ifconfig output for $uname_s" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -18,6 +18,14 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
if [ -e "/$__object_id" ]
|
||||
then getfacl "/$__object_id" | grep -E '^((default:|)(user|group)):[a-z]' || true
|
||||
[ ! -e "/$__object_id" ] && exit 0
|
||||
|
||||
if ! command -v getfacl > /dev/null
|
||||
then
|
||||
echo 'getfacl not available' >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
getfacl "/$__object_id" 2>/dev/null \
|
||||
| grep -Eo '^(default:)?(user|group|(mask|other):):[^:][[:graph:]]+' \
|
||||
|| true
|
||||
|
|
|
@ -0,0 +1,39 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
# TODO check if filesystem has ACL turned on etc
|
||||
|
||||
if [ -f "$__object/parameter/acl" ]
|
||||
then
|
||||
grep -E '^(default:)?(user|group):' "$__object/parameter/acl" \
|
||||
| while read -r acl
|
||||
do
|
||||
param="$( echo "$acl" | awk -F: '{print $(NF-2)}' )"
|
||||
check="$( echo "$acl" | awk -F: '{print $(NF-1)}' )"
|
||||
|
||||
[ "$param" = 'user' ] && db=passwd || db="$param"
|
||||
|
||||
if ! getent "$db" "$check" > /dev/null
|
||||
then
|
||||
echo "missing $param '$check'" >&2
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
fi
|
|
@ -0,0 +1,31 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2018 Ander Punnar (ander-at-kvlt-dot-ee)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
if [ -e "/$__object_id" ]
|
||||
then
|
||||
if [ -d "/$__object_id" ]
|
||||
then echo directory
|
||||
elif [ -f "/$__object_id" ]
|
||||
then echo regular
|
||||
else echo other
|
||||
fi
|
||||
else
|
||||
echo missing
|
||||
fi
|
|
@ -18,32 +18,67 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
file_is="$( cat "$__object/explorer/file_is" )"
|
||||
|
||||
[ "$file_is" = 'missing' ] && [ -z "$__cdist_dry_run" ] && exit 0
|
||||
|
||||
os="$( cat "$__global/explorer/os" )"
|
||||
|
||||
acl_path="/$__object_id"
|
||||
|
||||
acl_is="$( cat "$__object/explorer/acl_is" )"
|
||||
|
||||
acl_should="$( for parameter in user group
|
||||
do
|
||||
if [ ! -f "$__object/parameter/$parameter" ]
|
||||
then continue
|
||||
fi
|
||||
while read -r l
|
||||
if [ -f "$__object/parameter/acl" ]
|
||||
then
|
||||
acl_should="$( cat "$__object/parameter/acl" )"
|
||||
elif
|
||||
[ -f "$__object/parameter/user" ] \
|
||||
|| [ -f "$__object/parameter/group" ] \
|
||||
|| [ -f "$__object/parameter/mask" ] \
|
||||
|| [ -f "$__object/parameter/other" ]
|
||||
then
|
||||
acl_should="$( for param in user group mask other
|
||||
do
|
||||
echo "$parameter:$l"
|
||||
[ ! -f "$__object/parameter/$param" ] && continue
|
||||
|
||||
if [ -f "$__object/parameter/default" ]
|
||||
then echo "default:$parameter:$l"
|
||||
fi
|
||||
done < "$__object/parameter/$parameter"
|
||||
done )"
|
||||
echo "$param" | grep -Eq 'mask|other' && sep=:: || sep=:
|
||||
|
||||
echo "$param$sep$( cat "$__object/parameter/$param" )"
|
||||
done )"
|
||||
else
|
||||
echo 'no parameters set' >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/default" ]
|
||||
then
|
||||
acl_should="$( echo "$acl_should" \
|
||||
| sed 's/^default://' \
|
||||
| sort -u \
|
||||
| sed 's/\(.*\)/default:\1\n\1/' )"
|
||||
fi
|
||||
|
||||
if [ "$file_is" = 'regular' ] \
|
||||
&& echo "$acl_should" | grep -Eq '^default:'
|
||||
then
|
||||
# only directories can have default ACLs,
|
||||
# but instead of error,
|
||||
# let's just remove default entries
|
||||
acl_should="$( echo "$acl_should" | grep -Ev '^default:' )"
|
||||
fi
|
||||
|
||||
if echo "$acl_should" | awk -F: '{ print $NF }' | grep -Fq 'X'
|
||||
then
|
||||
[ "$file_is" = 'directory' ] && rep=x || rep=-
|
||||
|
||||
acl_should="$( echo "$acl_should" | sed "s/\\(.*\\)X/\\1$rep/" )"
|
||||
fi
|
||||
|
||||
setfacl_exec='setfacl'
|
||||
|
||||
if [ -f "$__object/parameter/recursive" ]
|
||||
then
|
||||
if echo "$os" | grep -E 'macosx|netbsd|freebsd|openbsd'
|
||||
if echo "$os" | grep -Fq 'freebsd'
|
||||
then
|
||||
echo "$os setfacl do not support recursive operations" >&2
|
||||
else
|
||||
|
@ -53,29 +88,39 @@ fi
|
|||
|
||||
if [ -f "$__object/parameter/remove" ]
|
||||
then
|
||||
if echo "$os" | grep 'solaris'
|
||||
then
|
||||
# Solaris setfacl behaves differently.
|
||||
# We will not support Solaris for now, because no way to test it.
|
||||
# But adding support should be easy (use -s instead of -m on modify).
|
||||
echo "$os setfacl do not support -x flag for ACL remove" >&2
|
||||
else
|
||||
echo "$acl_is" | while read -r acl
|
||||
do
|
||||
if echo "$acl_should" | grep -Fq "$acl"
|
||||
then continue
|
||||
fi
|
||||
echo "$acl_is" | while read -r acl
|
||||
do
|
||||
# skip wanted ACL entries which already exist
|
||||
# and skip mask and other entries, because we
|
||||
# can't actually remove them, but only change.
|
||||
if echo "$acl_should" | grep -Eq "^$acl" \
|
||||
|| echo "$acl" | grep -Eq '^(default:)?(mask|other)'
|
||||
then continue
|
||||
fi
|
||||
|
||||
no_bits="$( echo "$acl" | sed -r 's/:[rwx-]+$//' )"
|
||||
if echo "$os" | grep -Fq 'freebsd'
|
||||
then
|
||||
remove="$acl"
|
||||
else
|
||||
remove="$( echo "$acl" | sed 's/:...$//' )"
|
||||
fi
|
||||
|
||||
echo "$setfacl_exec -x \"$no_bits\" \"$acl_path\""
|
||||
done
|
||||
fi
|
||||
echo "$setfacl_exec -x \"$remove\" \"$acl_path\""
|
||||
echo "removed '$remove'" >> "$__messages_out"
|
||||
done
|
||||
fi
|
||||
|
||||
for acl in $acl_should
|
||||
do
|
||||
if ! echo "$acl_is" | grep -Eq "^$acl"
|
||||
then echo "$setfacl_exec -m \"$acl\" \"$acl_path\""
|
||||
then
|
||||
if echo "$os" | grep -Fq 'freebsd' \
|
||||
&& echo "$acl" | grep -Eq '^default:'
|
||||
then
|
||||
echo "setting default ACL in $os is currently not supported" >&2
|
||||
else
|
||||
echo "$setfacl_exec -m \"$acl\" \"$acl_path\""
|
||||
echo "added '$acl'" >> "$__messages_out"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
|
|
@ -3,35 +3,41 @@ cdist-type__acl(7)
|
|||
|
||||
NAME
|
||||
----
|
||||
cdist-type__acl - Basic wrapper around `setfacl`
|
||||
cdist-type__acl - Set ACL entries
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
ACL must be defined as 3-symbol combination, using `r`, `w`, `x` and `-`.
|
||||
Fully supported and tested on Linux (ext4 filesystem), partial support for FreeBSD.
|
||||
|
||||
See setfacl(1) and acl(5) for more details.
|
||||
See ``setfacl`` and ``acl`` manpages for more details.
|
||||
|
||||
|
||||
OPTIONAL MULTIPLE PARAMETERS
|
||||
REQUIRED MULTIPLE PARAMETERS
|
||||
----------------------------
|
||||
user
|
||||
Add user ACL entry.
|
||||
|
||||
group
|
||||
Add group ACL entry.
|
||||
acl
|
||||
Set ACL entry following ``getfacl`` output syntax.
|
||||
|
||||
|
||||
BOOLEAN PARAMETERS
|
||||
------------------
|
||||
recursive
|
||||
Operate recursively (Linux only).
|
||||
|
||||
default
|
||||
Add default ACL entries.
|
||||
Set all ACL entries as default too.
|
||||
Only directories can have default ACLs.
|
||||
Setting default ACL in FreeBSD is currently not supported.
|
||||
|
||||
recursive
|
||||
Make ``setfacl`` recursive (Linux only), but not ``getfacl`` in explorer.
|
||||
|
||||
remove
|
||||
Remove undefined ACL entries (Solaris not supported).
|
||||
Remove undefined ACL entries.
|
||||
``mask`` and ``other`` entries can't be removed, but only changed.
|
||||
|
||||
|
||||
DEPRECATED PARAMETERS
|
||||
---------------------
|
||||
Parameters ``user``, ``group``, ``mask`` and ``other`` are deprecated and they
|
||||
will be removed in future versions. Please use ``acl`` parameter instead.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
|
@ -40,13 +46,30 @@ EXAMPLES
|
|||
.. code-block:: sh
|
||||
|
||||
__acl /srv/project \
|
||||
--default \
|
||||
--recursive \
|
||||
--remove \
|
||||
--acl user:alice:rwx \
|
||||
--acl user:bob:r-x \
|
||||
--acl group:project-group:rwx \
|
||||
--acl group:some-other-group:r-x \
|
||||
--acl mask::r-x \
|
||||
--acl other::r-x
|
||||
|
||||
# give Alice read-only access to subdir,
|
||||
# but don't allow her to see parent content.
|
||||
|
||||
__acl /srv/project2 \
|
||||
--remove \
|
||||
--acl default:group:secret-project:rwx \
|
||||
--acl group:secret-project:rwx \
|
||||
--acl user:alice:--x
|
||||
|
||||
__acl /srv/project2/subdir \
|
||||
--default \
|
||||
--remove \
|
||||
--user alice:rwx \
|
||||
--user bob:r-x \
|
||||
--group project-group:rwx \
|
||||
--group some-other-group:r-x
|
||||
--acl group:secret-project:rwx \
|
||||
--acl user:alice:r-x
|
||||
|
||||
|
||||
AUTHORS
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
see manual for details
|
|
@ -0,0 +1 @@
|
|||
see manual for details
|
|
@ -0,0 +1 @@
|
|||
see manual for details
|
|
@ -0,0 +1 @@
|
|||
see manual for details
|
|
@ -0,0 +1,2 @@
|
|||
mask
|
||||
other
|
|
@ -1,2 +1,3 @@
|
|||
acl
|
||||
user
|
||||
group
|
||||
|
|
|
@ -27,6 +27,18 @@ else
|
|||
keyid="$__object_id"
|
||||
fi
|
||||
|
||||
apt-key export "$keyid" | head -n 1 | grep -Fqe "BEGIN PGP PUBLIC KEY BLOCK" \
|
||||
&& echo present \
|
||||
|| echo absent
|
||||
keydir="$(cat "$__object/parameter/keydir")"
|
||||
keyfile="$keydir/$__object_id.gpg"
|
||||
|
||||
if [ -d "$keydir" ]
|
||||
then
|
||||
if [ -f "$keyfile" ]
|
||||
then echo present
|
||||
else echo absent
|
||||
fi
|
||||
else
|
||||
# fallback to deprecated apt-key
|
||||
apt-key export "$keyid" | head -n 1 | grep -Fqe "BEGIN PGP PUBLIC KEY BLOCK" \
|
||||
&& echo present \
|
||||
|| echo absent
|
||||
fi
|
||||
|
|
|
@ -31,12 +31,84 @@ if [ "$state_should" = "$state_is" ]; then
|
|||
exit 0
|
||||
fi
|
||||
|
||||
keydir="$(cat "$__object/parameter/keydir")"
|
||||
keyfile="$keydir/$__object_id.gpg"
|
||||
|
||||
case "$state_should" in
|
||||
present)
|
||||
keyserver="$(cat "$__object/parameter/keyserver")"
|
||||
echo "apt-key adv --keyserver \"$keyserver\" --recv-keys \"$keyid\""
|
||||
|
||||
if [ -f "$__object/parameter/uri" ]; then
|
||||
uri="$(cat "$__object/parameter/uri")"
|
||||
|
||||
if [ -d "$keydir" ]; then
|
||||
cat << EOF
|
||||
|
||||
curl -s -L \\
|
||||
-o "$keyfile" \\
|
||||
"$uri"
|
||||
|
||||
if grep -Fq 'BEGIN PGP PUBLIC KEY BLOCK' \\
|
||||
"$keyfile"
|
||||
then
|
||||
cat "$keyfile" \\
|
||||
| gpg --export > "$keyfile"
|
||||
fi
|
||||
|
||||
EOF
|
||||
else
|
||||
# fallback to deprecated apt-key
|
||||
echo "curl -s -L '$uri' | apt-key add -"
|
||||
fi
|
||||
elif [ -d "$keydir" ]; then
|
||||
tmp='/tmp/cdist_apt_key_tmp'
|
||||
|
||||
# we need to kill gpg after 30 seconds, because gpg
|
||||
# can get stuck if keyserver is not responding.
|
||||
# exporting env var and not exit 1,
|
||||
# because we need to clean up and kill dirmngr.
|
||||
cat << EOF
|
||||
|
||||
mkdir -m 700 -p "$tmp"
|
||||
|
||||
if timeout 30s \\
|
||||
gpg --homedir "$tmp" \\
|
||||
--keyserver "$keyserver" \\
|
||||
--recv-keys "$keyid"
|
||||
then
|
||||
gpg --homedir "$tmp" \\
|
||||
--export "$keyid" \\
|
||||
> "$keyfile"
|
||||
else
|
||||
export GPG_GOT_STUCK=1
|
||||
fi
|
||||
|
||||
GNUPGHOME="$tmp" gpgconf --kill dirmngr
|
||||
|
||||
rm -rf "$tmp"
|
||||
|
||||
if [ -n "\$GPG_GOT_STUCK" ]
|
||||
then
|
||||
echo "GPG GOT STUCK - no response from keyserver after 30 seconds" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
EOF
|
||||
else
|
||||
# fallback to deprecated apt-key
|
||||
echo "apt-key adv --keyserver \"$keyserver\" --recv-keys \"$keyid\""
|
||||
fi
|
||||
|
||||
echo "added '$keyid'" >> "$__messages_out"
|
||||
;;
|
||||
absent)
|
||||
echo "apt-key del \"$keyid\""
|
||||
if [ -f "$keyfile" ]; then
|
||||
echo "rm '$keyfile'"
|
||||
else
|
||||
# fallback to deprecated apt-key
|
||||
echo "apt-key del \"$keyid\""
|
||||
fi
|
||||
|
||||
echo "removed '$keyid'" >> "$__messages_out"
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -28,6 +28,12 @@ keyserver
|
|||
the keyserver from which to fetch the key. If omitted the default set
|
||||
in ./parameter/default/keyserver is used.
|
||||
|
||||
keydir
|
||||
key save location, defaults to ``/etc/apt/trusted.pgp.d``
|
||||
|
||||
uri
|
||||
the URI from which to download the key
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
@ -47,15 +53,20 @@ EXAMPLES
|
|||
# same thing with other keyserver
|
||||
__apt_key UbuntuArchiveKey --keyid 437D05B5 --keyserver keyserver.ubuntu.com
|
||||
|
||||
# download key from the internet
|
||||
__apt_key rabbitmq \
|
||||
--uri http://www.rabbitmq.com/rabbitmq-signing-key-public.asc
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Steven Armstrong <steven-cdist--@--armstrong.cc>
|
||||
Ander Punnar <ander-at-kvlt-dot-ee>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2011-2014 Steven Armstrong. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
Copyright \(C) 2011-2019 Steven Armstrong and Ander Punnar. You can
|
||||
redistribute it and/or modify it under the terms of the GNU General Public
|
||||
License as published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
__package gnupg
|
||||
|
||||
if [ -f "$__object/parameter/uri" ]
|
||||
then __package curl
|
||||
else __package dirmngr
|
||||
fi
|
|
@ -0,0 +1 @@
|
|||
/etc/apt/trusted.gpg.d
|
|
@ -1,3 +1,5 @@
|
|||
state
|
||||
keyid
|
||||
keyserver
|
||||
keydir
|
||||
uri
|
||||
|
|
|
@ -18,6 +18,11 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
# quote function from http://www.etalabs.net/sh_tricks.html
|
||||
quote() {
|
||||
printf '%s\n' "$1" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/'/"
|
||||
}
|
||||
|
||||
file="$(cat "$__object/parameter/file" 2>/dev/null || echo "/$__object_id")"
|
||||
state_should=$(cat "$__object/parameter/state")
|
||||
prefix=$(cat "$__object/parameter/prefix" 2>/dev/null || echo "#cdist:__block/$__object_id")
|
||||
|
@ -46,7 +51,7 @@ tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
|
|||
if [ -f "$file" ]; then
|
||||
cp -p "$file" "\$tmpfile"
|
||||
fi
|
||||
awk -v prefix="^$prefix\$" -v suffix="^$suffix\$" '
|
||||
awk -v prefix=^$(quote "$prefix")\$ -v suffix=^$(quote "$suffix")\$ '
|
||||
{
|
||||
if (match(\$0,prefix)) {
|
||||
triggered=1
|
||||
|
|
|
@ -30,7 +30,7 @@ username
|
|||
|
||||
source
|
||||
Select the source from which to clone cdist from.
|
||||
Defaults to "git://github.com/ungleich/cdist.git".
|
||||
Defaults to "git@code.ungleich.ch:ungleich-public/cdist.git".
|
||||
|
||||
|
||||
branch
|
||||
|
@ -47,7 +47,7 @@ EXAMPLES
|
|||
__cdist /home/cdist/cdist
|
||||
|
||||
# Use alternative source
|
||||
__cdist --source "git://github.com/ungleich/cdist" /home/cdist/cdist
|
||||
__cdist --source "git@code.ungleich.ch:ungleich-public/cdist.git" /home/cdist/cdist
|
||||
|
||||
|
||||
AUTHORS
|
||||
|
|
|
@ -1 +1 @@
|
|||
git://github.com/ungleich/cdist.git
|
||||
git@code.ungleich.ch:ungleich-public/cdist.git
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Ander Punnar (ander-at-kvlt-dot-ee)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
if grep -Eq \
|
||||
"$( cat "$__object/parameter/pattern" )" \
|
||||
"$__messages_in"
|
||||
then
|
||||
tee "$__messages_out" < "$__object/parameter/execute"
|
||||
fi
|
|
@ -0,0 +1,52 @@
|
|||
cdist-type__check_messages(7)
|
||||
=============================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__check_messages - Check messages for pattern and execute command on match.
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Check messages for pattern and execute command on match.
|
||||
|
||||
This type is useful if you chain together multiple related types using
|
||||
dependencies and want to restart service if at least one type changes
|
||||
something.
|
||||
|
||||
For more information about messages see `cdist messaging <cdist-messaging.html>`_.
|
||||
|
||||
For more information about dependencies and execution order see
|
||||
`cdist manifest <cdist-manifest.html#dependencies>`_ documentation.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
pattern
|
||||
Extended regular expression pattern for search (passed to ``grep -E``).
|
||||
|
||||
execute
|
||||
Command to execute on pattern match.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
__check_messages munin \
|
||||
--pattern '^__(file|link|line)/etc/munin/' \
|
||||
--execute 'service munin-node restart'
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Ander Punnar <ander-at-kvlt-dot-ee>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2019 Ander Punnar. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
|
@ -0,0 +1,2 @@
|
|||
pattern
|
||||
execute
|
|
@ -20,11 +20,7 @@
|
|||
|
||||
path="/$__object_id"
|
||||
|
||||
if [ ! -d "$path" ]
|
||||
then
|
||||
echo "$path is not a directory" >&2
|
||||
exit 1
|
||||
fi
|
||||
[ ! -d "$path" ] && exit 0
|
||||
|
||||
pattern="$( cat "$__object/parameter/pattern" )"
|
||||
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
886614099 103959898 consul
|
|
@ -0,0 +1 @@
|
|||
https://releases.hashicorp.com/consul/1.5.0/consul_1.5.0_linux_amd64.zip
|
|
@ -42,7 +42,7 @@ source_file_name="${source##*/}"
|
|||
cksum_should=$(cut -d' ' -f1,2 "$version_dir/cksum")
|
||||
|
||||
cat << eof
|
||||
tmpdir=\$(mktemp -d --tmpdir="/tmp" "${__type##*/}.XXXXXXXXXX")
|
||||
tmpdir=\$(mktemp -d -p /tmp "${__type##*/}.XXXXXXXXXX")
|
||||
curl -s -L "$source" > "\$tmpdir/$source_file_name"
|
||||
unzip -p "\$tmpdir/$source_file_name" > "${destination}.tmp"
|
||||
rm -rf "\$tmpdir"
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
scientific|centos|redhat|ubuntu|debian|devuan|archlinux|gentoo)
|
||||
alpine|scientific|centos|redhat|ubuntu|debian|devuan|archlinux|gentoo)
|
||||
# any linux should work
|
||||
:
|
||||
;;
|
||||
|
@ -47,6 +47,7 @@ fi
|
|||
|
||||
if [ -f "$__object/parameter/direct" ]; then
|
||||
__package unzip
|
||||
__package curl
|
||||
else
|
||||
__staged_file /usr/local/bin/consul \
|
||||
--source "$(cat "$version_dir/source")" \
|
||||
|
|
|
@ -0,0 +1,38 @@
|
|||
#!/sbin/openrc-run
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
|
||||
description="consul agent"
|
||||
|
||||
pidfile="${CONSUL_PIDFILE:-"/var/run/$RC_SVCNAME/pidfile"}"
|
||||
command="${CONSUL_BINARY:-"/usr/local/bin/consul"}"
|
||||
|
||||
|
||||
checkconfig() {
|
||||
if [ ! -d /var/run/consul ] ; then
|
||||
mkdir -p /var/run/consul || return 1
|
||||
chown consul:consul /var/run/$NAME || return 1
|
||||
chmod 2770 /var/run/$NAME || return 1
|
||||
fi
|
||||
}
|
||||
|
||||
start() {
|
||||
need net
|
||||
|
||||
start-stop-daemon --start --quiet --oknodo \
|
||||
--pidfile "$pidfile" --background \
|
||||
--exec $command -- agent -pid-file="$pidfile" -config-dir /etc/consul/conf.d
|
||||
}
|
||||
start_pre() {
|
||||
checkconfig
|
||||
}
|
||||
|
||||
stop() {
|
||||
if [ "${RC_CMD}" = "restart" ] ; then
|
||||
checkconfig || return 1
|
||||
fi
|
||||
|
||||
ebegin "Stopping $RC_SVCNAME"
|
||||
start-stop-daemon --stop --exec "$command" \
|
||||
--pidfile "$pidfile" --quiet
|
||||
eend $?
|
||||
}
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2015 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2015-2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -23,7 +23,7 @@
|
|||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
scientific|centos|debian|devuan|redhat|ubuntu)
|
||||
alpine|scientific|centos|debian|devuan|redhat|ubuntu)
|
||||
# whitelist safeguard
|
||||
:
|
||||
;;
|
||||
|
@ -181,22 +181,25 @@ init_upstart()
|
|||
|
||||
# Install init script to start on boot
|
||||
case "$os" in
|
||||
centos|redhat)
|
||||
os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
|
||||
major_version="${os_version%%.*}"
|
||||
case "$major_version" in
|
||||
[456])
|
||||
init_sysvinit redhat
|
||||
;;
|
||||
7)
|
||||
init_systemd
|
||||
;;
|
||||
*)
|
||||
echo "Unsupported CentOS/Redhat version: $os_version" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
alpine|devuan)
|
||||
init_sysvinit debian
|
||||
;;
|
||||
centos|redhat)
|
||||
os_version="$(sed 's/[^0-9.]//g' "$__global/explorer/os_version")"
|
||||
major_version="${os_version%%.*}"
|
||||
case "$major_version" in
|
||||
[456])
|
||||
init_sysvinit redhat
|
||||
;;
|
||||
7)
|
||||
init_systemd
|
||||
;;
|
||||
*)
|
||||
echo "Unsupported CentOS/Redhat version: $os_version" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
||||
debian)
|
||||
os_version=$(cat "$__global/explorer/os_version")
|
||||
|
@ -214,13 +217,9 @@ case "$os" in
|
|||
exit 1
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
||||
devuan)
|
||||
init_sysvinit debian
|
||||
;;
|
||||
;;
|
||||
|
||||
ubuntu)
|
||||
init_upstart
|
||||
;;
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -25,23 +25,51 @@ destination="/$__object_id"
|
|||
|
||||
os=$("$__explorer/os")
|
||||
case "$os" in
|
||||
"freebsd"|"netbsd"|"openbsd")
|
||||
# FIXME: should be something like this based on man page, but can not test
|
||||
stat -f "type: %ST
|
||||
"freebsd"|"netbsd"|"openbsd"|"macosx")
|
||||
stat -f "type: %HT
|
||||
owner: %Du %Su
|
||||
group: %Dg %Sg
|
||||
mode: %Op %Sp
|
||||
mode: %Lp %Sp
|
||||
" "$destination" | awk '/^type/ { print tolower($0); next; } { print; }'
|
||||
;;
|
||||
alpine)
|
||||
stat -c "type: %F
|
||||
owner: %u %U
|
||||
group: %g %G
|
||||
mode: %a %A
|
||||
" "$destination"
|
||||
;;
|
||||
"macosx")
|
||||
stat -f "type: %HT
|
||||
owner: %Du %Su
|
||||
group: %Dg %Sg
|
||||
mode: %Lp %Sp
|
||||
" "$destination"
|
||||
;;
|
||||
solaris)
|
||||
ls1="$( ls -ld "$destination" )"
|
||||
ls2="$( ls -ldn "$destination" )"
|
||||
|
||||
if [ -f "$__object/parameter/mode" ]
|
||||
then mode_should="$( cat "$__object/parameter/mode" )"
|
||||
fi
|
||||
|
||||
# yes, it is ugly hack, but if you know better way...
|
||||
if [ -z "$( find "$destination" -perm "$mode_should" )" ]
|
||||
then octets=888
|
||||
else octets="$( echo "$mode_should" | sed 's/^0//' )"
|
||||
fi
|
||||
|
||||
case "$( echo "$ls1" | cut -c1-1 )" in
|
||||
-) echo 'type: regular file' ;;
|
||||
d) echo 'type: directory' ;;
|
||||
esac
|
||||
|
||||
echo "owner: $( echo "$ls2" \
|
||||
| awk '{print $3}' ) $( echo "$ls1" \
|
||||
| awk '{print $3}' )"
|
||||
|
||||
echo "group: $( echo "$ls2" \
|
||||
| awk '{print $4}' ) $( echo "$ls1" \
|
||||
| awk '{print $4}' )"
|
||||
|
||||
echo "mode: $octets $( echo "$ls1" | awk '{print $1}' )"
|
||||
;;
|
||||
*)
|
||||
stat --printf="type: %F
|
||||
stat --printf="type: %F
|
||||
owner: %u %U
|
||||
group: %g %G
|
||||
mode: %a %A
|
||||
|
|
|
@ -64,6 +64,43 @@ case "$os" in
|
|||
require="__apt_source/docker" __package docker-ce --state "${state}"
|
||||
fi
|
||||
;;
|
||||
devuan)
|
||||
os_version="$(cat "$__global/explorer/os_version")"
|
||||
|
||||
case "$os_version" in
|
||||
ascii)
|
||||
distribution="stretch"
|
||||
;;
|
||||
jessie)
|
||||
distribution="jessie"
|
||||
;;
|
||||
*)
|
||||
echo "Your devuan release ($os_version) is currently not supported by this type (${__type##*/}).">&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ "${state}" = "present" ]; then
|
||||
__package apt-transport-https
|
||||
__package ca-certificates
|
||||
__package gnupg2
|
||||
fi
|
||||
__apt_key_uri docker --name "Docker Release (CE deb) <docker@docker.com>" \
|
||||
--uri "https://download.docker.com/linux/${os}/gpg" --state "${state}"
|
||||
|
||||
require="__apt_key_uri/docker" __apt_source docker \
|
||||
--uri "https://download.docker.com/linux/${os}" \
|
||||
--distribution "${distribution}" \
|
||||
--state "${state}" \
|
||||
--component "stable"
|
||||
if [ "$version" != "latest" ]; then
|
||||
require="__apt_source/docker" __package docker-ce --version "${version}" --state "${state}"
|
||||
else
|
||||
require="__apt_source/docker" __package docker-ce --state "${state}"
|
||||
fi
|
||||
|
||||
;;
|
||||
*)
|
||||
echo "Your operating system ($os) is currently not supported by this type (${__type##*/})." >&2
|
||||
echo "Please contribute an implementation for it if you can." >&2
|
||||
|
|
|
@ -18,4 +18,4 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
docker info 2>/dev/null | grep "^Swarm: " | cut -d " " -f 2-
|
||||
docker info 2>/dev/null | grep '^ *Swarm: ' | awk '{print $2}'
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2013 Steven Armstrong (steven-cdist armstrong.cc)
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -25,25 +26,56 @@ destination="/$__object_id"
|
|||
|
||||
os=$("$__explorer/os")
|
||||
case "$os" in
|
||||
"freebsd"|"netbsd"|"openbsd")
|
||||
# FIXME: should be something like this based on man page, but can not test
|
||||
stat -f "type: %ST
|
||||
owner: %Du %Su
|
||||
group: %Dg %Sg
|
||||
mode: %Op %Sp
|
||||
size: %Dz
|
||||
links: %Dl
|
||||
" "$destination"
|
||||
;;
|
||||
"macosx")
|
||||
stat -f "type: %HT
|
||||
"freebsd"|"netbsd"|"openbsd"|"macosx")
|
||||
stat -f "type: %HT
|
||||
owner: %Du %Su
|
||||
group: %Dg %Sg
|
||||
mode: %Lp %Sp
|
||||
size: %Dz
|
||||
links: %Dl
|
||||
" "$destination" | awk '/^type/ { print tolower($0); next; } { print; }'
|
||||
;;
|
||||
alpine)
|
||||
# busybox stat
|
||||
stat -c "type: %F
|
||||
owner: %u %U
|
||||
group: %g %G
|
||||
mode: %a %A
|
||||
size: %s
|
||||
links: %h
|
||||
" "$destination"
|
||||
;;
|
||||
;;
|
||||
solaris)
|
||||
ls1="$( ls -ld "$destination" )"
|
||||
ls2="$( ls -ldn "$destination" )"
|
||||
|
||||
if [ -f "$__object/parameter/mode" ]
|
||||
then mode_should="$( cat "$__object/parameter/mode" )"
|
||||
fi
|
||||
|
||||
# yes, it is ugly hack, but if you know better way...
|
||||
if [ -z "$( find "$destination" -perm "$mode_should" )" ]
|
||||
then octets=888
|
||||
else octets="$( echo "$mode_should" | sed 's/^0//' )"
|
||||
fi
|
||||
|
||||
case "$( echo "$ls1" | cut -c1-1 )" in
|
||||
-) echo 'type: regular file' ;;
|
||||
d) echo 'type: directory' ;;
|
||||
esac
|
||||
|
||||
echo "owner: $( echo "$ls2" \
|
||||
| awk '{print $3}' ) $( echo "$ls1" \
|
||||
| awk '{print $3}' )"
|
||||
|
||||
echo "group: $( echo "$ls2" \
|
||||
| awk '{print $4}' ) $( echo "$ls1" \
|
||||
| awk '{print $4}' )"
|
||||
|
||||
echo "mode: $octets $( echo "$ls1" | awk '{print $1}' )"
|
||||
echo "size: $( echo "$ls1" | awk '{print $5}' )"
|
||||
echo "links: $( echo "$ls1" | awk '{print $2}' )"
|
||||
;;
|
||||
*)
|
||||
stat --printf="type: %F
|
||||
owner: %u %U
|
||||
|
@ -52,5 +84,5 @@ mode: %a %A
|
|||
size: %s
|
||||
links: %h
|
||||
" "$destination"
|
||||
;;
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -79,6 +79,10 @@ case "$state_should" in
|
|||
fi
|
||||
fi
|
||||
done
|
||||
if [ -f "$__object/files/set-attributes" ]; then
|
||||
# set-attributes is created if file is created or uploaded in gencode-local
|
||||
fire_onchange=1
|
||||
fi
|
||||
|
||||
;;
|
||||
|
||||
|
|
|
@ -44,7 +44,7 @@ EXAMPLES
|
|||
__git /home/services/dokuwiki --source git://github.com/splitbrain/dokuwiki.git
|
||||
|
||||
# Checkout cdist, stay on branch 2.1
|
||||
__git /home/nico/cdist --source git://github.com/ungleich/cdist.git --branch 2.1
|
||||
__git /home/nico/cdist --source git@code.ungleich.ch:ungleich-public/cdist.git --branch 2.1
|
||||
|
||||
|
||||
AUTHORS
|
||||
|
|
|
@ -8,10 +8,12 @@ case $os in
|
|||
debian|devuan)
|
||||
case $os_version in
|
||||
8*|jessie)
|
||||
apt_source_distribution=jessie
|
||||
# Differntation not needed anymore
|
||||
apt_source_distribution=stable
|
||||
;;
|
||||
9*|ascii/ceres|ascii)
|
||||
apt_source_distribution=stretch
|
||||
# Differntation not needed anymore
|
||||
apt_source_distribution=stable
|
||||
;;
|
||||
*)
|
||||
echo "Don't know how to install Grafana on $os $os_version. Send us a pull request!" >&2
|
||||
|
@ -21,10 +23,10 @@ case $os in
|
|||
|
||||
__apt_key_uri grafana \
|
||||
--name 'Grafana Release Signing Key' \
|
||||
--uri https://packagecloud.io/gpg.key
|
||||
--uri https://packages.grafana.com/gpg.key
|
||||
|
||||
require="$require __apt_key_uri/grafana" __apt_source grafana \
|
||||
--uri https://packagecloud.io/grafana/stable/debian/ \
|
||||
--uri https://packages.grafana.com/oss/deb \
|
||||
--distribution $apt_source_distribution \
|
||||
--component main
|
||||
|
||||
|
|
|
@ -35,7 +35,7 @@ has_hostnamectl=$(cat "$__object/explorer/has_hostnamectl")
|
|||
# If everything is ok -> exit
|
||||
#
|
||||
case "$os" in
|
||||
archlinux|debian|suse|ubuntu|devuan|coreos)
|
||||
archlinux|debian|suse|ubuntu|devuan|coreos|alpine)
|
||||
if [ "$name_config" = "$name_should" ] && [ "$name_running" = "$name_should" ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
@ -58,7 +58,7 @@ echo changed >> "$__messages_out"
|
|||
|
||||
# Use the good old way to set the hostname even on machines running systemd.
|
||||
case "$os" in
|
||||
archlinux|debian|ubuntu|devuan|centos|coreos)
|
||||
archlinux|debian|ubuntu|devuan|centos|coreos|alpine)
|
||||
printf "printf '%%s\\\\n' '$name_should' > /etc/hostname\\n"
|
||||
echo "hostname -F /etc/hostname"
|
||||
;;
|
||||
|
|
|
@ -41,7 +41,7 @@ not_supported() {
|
|||
}
|
||||
|
||||
case "$os" in
|
||||
archlinux|debian|suse|ubuntu|devuan|coreos)
|
||||
archlinux|debian|suse|ubuntu|devuan|coreos|alpine)
|
||||
# handled in gencode-remote
|
||||
:
|
||||
;;
|
||||
|
|
|
@ -62,11 +62,12 @@ if [ -z "${certbot_fullpath}" ]; then
|
|||
--distribution ascii-backports \
|
||||
--component main
|
||||
|
||||
require="__apt_source/ascii-backports" __package_apt python-certbot \
|
||||
--target-release ascii-backports
|
||||
require="__apt_source/ascii-backports" __package_apt certbot \
|
||||
--target-release ascii-backports
|
||||
;;
|
||||
bewoulf*)
|
||||
__package_apt certbot
|
||||
;;
|
||||
*)
|
||||
echo "Unsupported OS version: $os_version" >&2
|
||||
exit 1
|
||||
|
|
|
@ -48,21 +48,25 @@ case "$state_should" in
|
|||
if [ "$file_type" = "directory" ]; then
|
||||
# our destination is currently a directory, delete it
|
||||
printf 'rm -rf "%s" &&\n' "$destination"
|
||||
echo "removed '$destination' (directory)" >> "$__messages_out"
|
||||
else
|
||||
if [ "$state_is" = "wrongsource" ]; then
|
||||
# our destination is a symlink but points to the wrong source,
|
||||
# delete it
|
||||
printf 'rm -f "%s" &&\n' "$destination"
|
||||
echo "removed '$destination' (wrongsource)" >> "$__messages_out"
|
||||
fi
|
||||
fi
|
||||
|
||||
# create our link
|
||||
printf 'ln %s -f "%s" "%s"\n' "$lnopt" "$source" "$destination"
|
||||
echo "created '$destination'" >> "$__messages_out"
|
||||
;;
|
||||
absent)
|
||||
# only delete if it is a sym/hard link
|
||||
if [ "$file_type" = "symlink" ] || [ "$file_type" = "hardlink" ]; then
|
||||
printf 'rm -f "%s"\n' "$destination"
|
||||
echo "removed '$destination'" >> "$__messages_out"
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
|
|
|
@ -27,6 +27,22 @@ state
|
|||
'present' or 'absent', defaults to 'present'
|
||||
|
||||
|
||||
MESSAGES
|
||||
--------
|
||||
|
||||
created <destination>
|
||||
Link to destination was created.
|
||||
|
||||
removed <destination>
|
||||
Link to destination was removed.
|
||||
|
||||
removed <destination> (directory)
|
||||
Destination was removed because state is ``present`` and destination was directory.
|
||||
|
||||
removed <destination> (wrongsource)
|
||||
Destination was removed because state is ``present`` and destination link source was wrong.
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2013 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2013-2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -37,6 +37,15 @@ locale_remove=$(echo "$locale" | sed 's/UTF-8/utf8/')
|
|||
|
||||
state=$(cat "$__object/parameter/state")
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
# Nothing to be done on alpine
|
||||
case "$os" in
|
||||
alpine)
|
||||
exit 0
|
||||
;;
|
||||
esac
|
||||
|
||||
case "$state" in
|
||||
present)
|
||||
echo localedef -A "$alias" -f "$charmap" -i "$input" "$locale"
|
||||
|
|
|
@ -8,7 +8,8 @@ cdist-type__locale - Configure locales
|
|||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
This cdist type allows you to setup locales.
|
||||
This cdist type allows you to setup locales. On systems that don't
|
||||
support locale setting like alpine/musl libc, it is a no-op.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
|
@ -44,6 +45,6 @@ Nico Schottelius <nico-cdist--@--schottelius.org>
|
|||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2013-2016 Nico Schottelius. Free use of this software is
|
||||
Copyright \(C) 2013-2019 Nico Schottelius. Free use of this software is
|
||||
granted under the terms of the GNU General Public License version 3 or
|
||||
later (GPLv3+).
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2013-2015 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2013-2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2015 David Hürlimann (david at ungleich.ch)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
|
@ -19,7 +19,7 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Install required packages
|
||||
# Install required packages
|
||||
#
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
|
@ -30,7 +30,7 @@ case "$os" in
|
|||
# Debian needs a seperate package
|
||||
__package locales --state present
|
||||
;;
|
||||
archlinux|suse|ubuntu|scientific|centos)
|
||||
archlinux|suse|ubuntu|scientific|centos|alpine)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2011-2013 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -44,6 +45,7 @@ else
|
|||
suse) type="zypper" ;;
|
||||
openwrt) type="opkg" ;;
|
||||
openbsd) type="pkg_openbsd" ;;
|
||||
alpine) type="apk" ;;
|
||||
*)
|
||||
echo "Don't know how to manage packages on: $os" >&2
|
||||
exit 1
|
||||
|
|
|
@ -0,0 +1,38 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Retrieve the status of a package - parsed apk output
|
||||
#
|
||||
|
||||
if [ -f "$__object/parameter/name" ]; then
|
||||
name="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
name="$__object_id"
|
||||
fi
|
||||
|
||||
# Remove the @.. repo tag for finding out whether it is installed
|
||||
# f.i. pass@testing => pass
|
||||
name="$(echo "$name" | sed 's/@.*//')"
|
||||
|
||||
if [ "$(apk list -I "$name")" ]; then
|
||||
echo present
|
||||
else
|
||||
echo absent
|
||||
fi
|
|
@ -0,0 +1,49 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Manage packages on Debian and co.
|
||||
#
|
||||
|
||||
if [ -f "$__object/parameter/name" ]; then
|
||||
name="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
name="$__object_id"
|
||||
fi
|
||||
|
||||
state_should="$(cat "$__object/parameter/state")"
|
||||
state_is="$(cat "$__object/explorer/state")"
|
||||
|
||||
# Nothing to be done
|
||||
[ "$state_is" = "$state_should" ] && exit 0
|
||||
|
||||
case "$state_should" in
|
||||
present)
|
||||
echo "apk add -q '$name'"
|
||||
echo "installed" >> "$__messages_out"
|
||||
;;
|
||||
absent)
|
||||
echo "apk del -q '$name'"
|
||||
echo "removed" >> "$__messages_out"
|
||||
;;
|
||||
*)
|
||||
echo "Unknown state: $state_should" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
|
@ -0,0 +1,55 @@
|
|||
cdist-type__package_akp(7)
|
||||
==========================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__package_akp - Manage packages with akp
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
apk is usually used on Alpine to manage packages.
|
||||
|
||||
|
||||
REQUIRED PARAMETERS
|
||||
-------------------
|
||||
None
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
name
|
||||
If supplied, use the name and not the object id as the package name.
|
||||
|
||||
state
|
||||
Either "present" or "absent", defaults to "present"
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# Ensure zsh in installed
|
||||
__package_apk zsh --state present
|
||||
|
||||
# Remove package
|
||||
__package_apk apache2 --state absent
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`cdist-type__package`\ (7)
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Nico Schottelius <nico-cdist--@--schottelius.org>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2019 Nico Schottelius. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
|
@ -0,0 +1 @@
|
|||
present
|
|
@ -0,0 +1,2 @@
|
|||
name
|
||||
state
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -22,7 +23,7 @@
|
|||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
ubuntu|debian|archlinux|suse|scientific|centos|devuan)
|
||||
alpine|ubuntu|debian|archlinux|suse|scientific|centos|devuan)
|
||||
__package postfix --state present
|
||||
;;
|
||||
*)
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
os=$("$__explorer/os")
|
||||
|
||||
case "$os" in
|
||||
ubuntu|debian|archlinux|suse|scientific|centos|devuan)
|
||||
alpine|ubuntu|debian|archlinux|suse|scientific|centos|devuan)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -21,7 +22,7 @@
|
|||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
ubuntu|debian|archlinux|suse|scientific|centos|devuan)
|
||||
alpine|archlinux|centos|debian|devuan|suse|scientific|ubuntu)
|
||||
:
|
||||
;;
|
||||
*)
|
||||
|
|
|
@ -34,7 +34,7 @@ esac
|
|||
|
||||
name="$__object_id"
|
||||
|
||||
if test -n "$(su - "$postgres_user" -c "psql postgres -tAc \"SELECT 1 FROM pg_database WHERE datname='$name'\"")"
|
||||
if test -n "$(su - "$postgres_user" -c "psql postgres -twAc \"SELECT 1 FROM pg_database WHERE datname='$name'\"")"
|
||||
then
|
||||
echo 'present'
|
||||
else
|
||||
|
|
|
@ -34,7 +34,7 @@ esac
|
|||
|
||||
name="$__object_id"
|
||||
|
||||
if test -n "$(su - "$postgres_user" -c "psql postgres -tAc \"SELECT 1 FROM pg_roles WHERE rolname='$name'\"")"
|
||||
if test -n "$(su - "$postgres_user" -c "psql postgres -twAc \"SELECT 1 FROM pg_roles WHERE rolname='$name'\"")"
|
||||
then
|
||||
echo 'present'
|
||||
else
|
||||
|
|
|
@ -55,7 +55,7 @@ case "$state_should" in
|
|||
[ -n "$password" ] && password="PASSWORD '$password'"
|
||||
|
||||
cmd="CREATE ROLE $name WITH $password $booleans"
|
||||
echo "su - '$postgres_user' -c \"psql postgres -c \\\"$cmd\\\"\""
|
||||
echo "su - '$postgres_user' -c \"psql postgres -wc \\\"$cmd\\\"\""
|
||||
;;
|
||||
absent)
|
||||
echo "su - '$postgres_user' -c \"dropuser \\\"$name\\\"\""
|
||||
|
|
|
@ -45,18 +45,6 @@ if [ ! -f "$__object/parameter/noparent" ] || [ ! -f "$__object/parameter/nofile
|
|||
fi
|
||||
fi
|
||||
|
||||
# Remove legacy blocks created by old versions of this type
|
||||
# FIXME: remove me in 3.2+
|
||||
__block "$__object_name" \
|
||||
--file "$file" \
|
||||
--prefix "#cdist:$__object_name" \
|
||||
--suffix "#/cdist:$__object_name" \
|
||||
--state 'absent' \
|
||||
--text - << DONE
|
||||
remove legacy block
|
||||
DONE
|
||||
export require="__block/$__object_name"
|
||||
|
||||
_cksum() {
|
||||
echo "$1" | cksum | cut -d' ' -f 1
|
||||
}
|
||||
|
@ -69,7 +57,8 @@ while read -r key; do
|
|||
set -- "$@" --key "$key"
|
||||
set -- "$@" --state "$state"
|
||||
if [ -f "$__object/parameter/option" ]; then
|
||||
set -- "$@" --option "$(cat "$__object/parameter/option")"
|
||||
# shellcheck disable=SC2046
|
||||
set -- "$@" $(printf -- '--option %s ' $(cat "$__object/parameter/option"))
|
||||
fi
|
||||
if [ -f "$__object/parameter/comment" ]; then
|
||||
set -- "$@" --comment "$(cat "$__object/parameter/comment")"
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# 2012-2015 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2012-2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2013 Daniel Heule (hda at sfs.biz)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
|
@ -75,9 +75,14 @@ else
|
|||
state=$(chkconfig --check "$name" "$runlevel" || echo absent)
|
||||
[ "$state" ] || state="present"
|
||||
;;
|
||||
gentoo)
|
||||
state="present"
|
||||
[ -f "/etc/runlevels/${target_runlevel}/${name}" ] || state="absent"
|
||||
gentoo|alpine)
|
||||
state="absent"
|
||||
for d in /etc/runlevels/*; do
|
||||
if [ -f "/etc/runlevels/${d}/${name}" ];then
|
||||
state="present"
|
||||
break
|
||||
fi
|
||||
done
|
||||
;;
|
||||
freebsd)
|
||||
state="absent"
|
||||
|
@ -88,6 +93,7 @@ else
|
|||
# OpenBSD 5.7 and higher
|
||||
rcctl ls on | grep "^${name}$" && state='present'
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "Unsupported os: $os" >&2
|
||||
exit 1
|
||||
|
|
|
@ -58,7 +58,7 @@ case "$state_should" in
|
|||
echo "update-rc.d '$name' defaults >/dev/null"
|
||||
;;
|
||||
|
||||
gentoo)
|
||||
alpine|gentoo)
|
||||
echo "rc-update add '$name' '$target_runlevel'"
|
||||
;;
|
||||
|
||||
|
@ -106,7 +106,7 @@ case "$state_should" in
|
|||
echo "update-rc.d -f '$name' remove"
|
||||
;;
|
||||
|
||||
gentoo)
|
||||
alpine|gentoo)
|
||||
echo "rc-update del '$name' '$target_runlevel'"
|
||||
;;
|
||||
|
||||
|
|
|
@ -55,7 +55,7 @@ Nico Schottelius <nico-cdist--@--schottelius.org>
|
|||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2012 Nico Schottelius. You can redistribute it
|
||||
Copyright \(C) 2012-2019 Nico Schottelius. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -29,7 +30,7 @@ if [ "$timezone_is" = "$timezone_should" ]; then
|
|||
fi
|
||||
|
||||
case "$os" in
|
||||
ubuntu|debian|devuan|coreos)
|
||||
ubuntu|debian|devuan|coreos|alpine)
|
||||
echo "echo \"$timezone_should\" > /etc/timezone"
|
||||
;;
|
||||
esac
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
#
|
||||
# 2011 Ramon Salvadó (rsalvado at gnuine dot com)
|
||||
# 2012-2015 Steven Armstrong (steven-cdist at armstrong.cc)
|
||||
# 2012 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
# 2012-2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
|
@ -26,7 +26,7 @@ timezone="$__object_id"
|
|||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
archlinux|debian|ubuntu|devuan)
|
||||
archlinux|debian|ubuntu|devuan|alpine)
|
||||
__package tzdata
|
||||
export require="__package/tzdata"
|
||||
;;
|
||||
|
|
|
@ -0,0 +1,62 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Mark Polyakov (mark--@--markasoftware.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
|
||||
case "$state" in
|
||||
enabled)
|
||||
echo 'ufw --force enable'
|
||||
;;
|
||||
|
||||
present)
|
||||
echo 'ufw --force disable'
|
||||
;;
|
||||
# absent will be uninstalled in manifest
|
||||
esac
|
||||
|
||||
if [ "$state" != absent ]; then
|
||||
if [ -f "$__object/parameter/logging" ]; then
|
||||
logging="$(cat "$__object/parameter/logging")"
|
||||
case "$logging" in
|
||||
off|low|medium|high|full)
|
||||
echo "ufw --force logging $logging"
|
||||
;;
|
||||
*)
|
||||
echo 'Logging parameter must be off, low, medium, high, or full!' >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
for direction in incoming outgoing routed; do
|
||||
if [ -f "$__object/parameter/default_$direction" ]; then
|
||||
treatment="$(cat "$__object/parameter/default_$direction")"
|
||||
case "$treatment" in
|
||||
allow|deny|reject)
|
||||
echo "ufw --force default $treatment $direction"
|
||||
;;
|
||||
*)
|
||||
echo 'UFW default policies must be either "allow", "deny", or "reject".' >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
done
|
||||
fi
|
|
@ -0,0 +1,59 @@
|
|||
cdist-type__ufw(7)
|
||||
==================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__ufw - Install the Uncomplicated FireWall
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Installs the Uncomplicated FireWall. Most modern distributions carry UFW in their main repositories, but on CentOS this type will automatically enable the EPEL repository.
|
||||
|
||||
Some global configuration can also be set with this type.
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state
|
||||
Either "enabled", "running", "present", or "absent". Defaults to "enabled", which registers UFW to start on boot.
|
||||
|
||||
logging
|
||||
Either "off", "low", "medium", "high", or "full". Will be passed to `ufw logging`. If not specified, logging level is not modified.
|
||||
|
||||
default_incoming
|
||||
Either "allow", "deny", or "reject". The default policy for dealing with ingress packets.
|
||||
|
||||
default_outgoing
|
||||
Either "allow", "deny", or "reject". The default policy for dealing with egress packets.
|
||||
|
||||
default_routed
|
||||
Either "allow", "deny", or "reject". The default policy for dealing with routed packets (passing through this machine).
|
||||
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# Install UFW
|
||||
__ufw
|
||||
# Setup UFW with maximum logging and no restrictions on routed packets.
|
||||
__ufw --logging full --default_routed allow
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`ufw`\ (8)
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Mark Polyakov <mark@markasoftware.com>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2019 Mark Polyakov. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
|
@ -0,0 +1,67 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Mark Polyakov (mark--@--markasoftware.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
state="$(cat "$__object/parameter/state")"
|
||||
|
||||
case "$state" in
|
||||
present|enabled)
|
||||
os="$(cat "$__global/explorer/os")"
|
||||
|
||||
case "$os" in
|
||||
centos)
|
||||
# shellcheck source=/dev/null
|
||||
if (. "$__global/explorer/os_release" && [ "${VERSION_ID}" = "7" ]); then
|
||||
__package epel-release
|
||||
require='__package/epel-release' __package ufw
|
||||
else
|
||||
echo 'CentOS version 7 is required!'
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
__package ufw
|
||||
;;
|
||||
esac
|
||||
|
||||
# ufw expects to always be enabled, then uses a switch in /etc to
|
||||
# determine whether to "actually start" after the init system calls it.
|
||||
# So, we have to both enable on bootup through init and run `ufw enable`
|
||||
|
||||
# operators ae left-associative, so if !enabled it will never run
|
||||
if [ "$(cat "$__global/explorer/os")" != ubuntu ] || \
|
||||
[ "$(cat "$__global/explorer/init")" != init ] && \
|
||||
[ "$state" = enabled ]; then
|
||||
# Why don't we disable start_on_boot when state=present|absent?
|
||||
# Because UFW should always be enabled at boot -- /etc/ufw/ufw.conf
|
||||
# will stop it from "really" starting
|
||||
require='__package/ufw' __start_on_boot ufw
|
||||
fi
|
||||
;;
|
||||
|
||||
absent)
|
||||
__package ufw --state absent
|
||||
;;
|
||||
|
||||
*)
|
||||
echo 'State must be "enabled", "present", or "absent".'
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
|
@ -0,0 +1 @@
|
|||
enabled
|
|
@ -0,0 +1,5 @@
|
|||
state
|
||||
logging
|
||||
default_incoming
|
||||
default_outgoing
|
||||
default_routed
|
|
@ -0,0 +1,45 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Mark Polyakov (mark@markasoftware.com)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
# This type does not bother with checking the current state of the rules.
|
||||
# While it is possible to retrieve the list of rules in a consistent format from
|
||||
# `ufw status`, it is a completely different format than the one used on the
|
||||
# command line. I also do not suspect it is any faster.
|
||||
|
||||
ufw='ufw --force rule'
|
||||
|
||||
case "$(cat "$__object/parameter/state")" in
|
||||
present) ;;
|
||||
absent)
|
||||
ufw="$ufw delete"
|
||||
;;
|
||||
*)
|
||||
echo 'State must be "present" or "absent".' >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ -f "$__object/parameter/rule" ]; then
|
||||
ufw="$ufw $(cat "$__object/parameter/rule")"
|
||||
else
|
||||
ufw="$ufw allow $__object_id"
|
||||
fi
|
||||
|
||||
echo "$ufw"
|
|
@ -0,0 +1,53 @@
|
|||
cdist-type__ufw_rule(7)
|
||||
=======================
|
||||
|
||||
NAME
|
||||
----
|
||||
cdist-type__ufw_rule - A single UFW rule
|
||||
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Adds or removes a single UFW rule. This type supports adding and deleting rules for port ranges or applications.
|
||||
|
||||
Understanding what is "to" and what is "from" can be confusing. If the rule is ingress (default), then "from" is the remote machine and "to" is the local one. The opposite is true for egress traffic (--out).
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
state
|
||||
Either "present" or "absent". Defaults to "present". If "absent", only removes rules that exactly match the rule expected.
|
||||
|
||||
rule
|
||||
A firewall rule in UFW syntax. This is what you would usually write after `ufw` on the command line. Defaults to "allow" followed by the object ID. You can use either the short syntax (just allow|deny|reject|limit followed by a port or application name) or the full syntax. Do not include `delete` in your command. Set `--state absent` instead.
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
|
||||
.. code-block:: sh
|
||||
|
||||
# open port 80 (ufw allow 80)
|
||||
__ufw_rule 80
|
||||
# Allow mosh application (if installed)
|
||||
__ufw_rule mosh
|
||||
# Allow all traffic from local network (ufw allow from 10.0.0.0/24)
|
||||
__ufw_rule local --rule 'allow from 10.0.0.0/24'
|
||||
# Block egress traffic from port 25 to 111.55.55.55 on interface eth0
|
||||
__ufw_rule block_smtp --rule 'deny out on eth0 from any port 25 to 111.55.55.55'
|
||||
|
||||
|
||||
SEE ALSO
|
||||
--------
|
||||
:strong:`ufw`\ (8)
|
||||
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
Mark Polyakov <mark@markasoftware.com>
|
||||
|
||||
|
||||
COPYING
|
||||
-------
|
||||
Copyright \(C) 2019 Mark Polyakov. You can redistribute it
|
||||
and/or modify it under the terms of the GNU General Public License as
|
||||
published by the Free Software Foundation, either version 3 of the
|
||||
License, or (at your option) any later version.
|
|
@ -0,0 +1 @@
|
|||
present
|
|
@ -0,0 +1,2 @@
|
|||
state
|
||||
rule
|
|
@ -0,0 +1,32 @@
|
|||
#!/bin/sh -e
|
||||
#
|
||||
# 2019 Nico Schottelius (nico-cdist at schottelius.org)
|
||||
#
|
||||
# This file is part of cdist.
|
||||
#
|
||||
# cdist is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# cdist is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# Manage users.
|
||||
|
||||
os=$(cat "$__global/explorer/os")
|
||||
|
||||
case "$os" in
|
||||
alpine)
|
||||
__package shadow
|
||||
;;
|
||||
*)
|
||||
:
|
||||
;;
|
||||
esac
|
|
@ -46,10 +46,10 @@ EXAMPLES
|
|||
# Ensure that internal SLES11 SP3 RIS is in installed and all other services and repos are discarded
|
||||
__zypper_service INTERNAL_SLES11_SP3 --service_desc "Internal SLES11 SP3 RIS" --uri "http://path/to/your/ris/dir" --remove-all-other-services --remove-all-repos
|
||||
|
||||
# Ensure that internal SLES11 SP3 RIS is in installed, no changes to ohter services or repos
|
||||
# Ensure that internal SLES11 SP3 RIS is in installed, no changes to other services or repos
|
||||
__zypper_service INTERNAL_SLES11_SP3 --service_desc "Internal SLES11 SP3 RIS" --uri "http://path/to/your/ris/dir"
|
||||
|
||||
# Drop service by uri, no changes to ohter services or repos
|
||||
# Drop service by uri, no changes to other services or repos
|
||||
__zypper_service INTERNAL_SLES11_SP3 --state absent --uri "http://path/to/your/ris/dir"
|
||||
|
||||
|
||||
|
|
|
@ -43,6 +43,33 @@ from cdist import core, inventory
|
|||
from cdist.util.remoteutil import inspect_ssh_mux_opts
|
||||
|
||||
|
||||
def graph_check_cycle(graph):
|
||||
# Start from each node in the graph and check for cycle starting from it.
|
||||
for node in graph:
|
||||
# Cycle path.
|
||||
path = [node]
|
||||
has_cycle = _graph_dfs_cycle(graph, node, path)
|
||||
if has_cycle:
|
||||
return has_cycle, path
|
||||
return False, None
|
||||
|
||||
|
||||
def _graph_dfs_cycle(graph, node, path):
|
||||
for neighbour in graph.get(node, ()):
|
||||
# If node is already in path then this is cycle.
|
||||
if neighbour in path:
|
||||
path.append(neighbour)
|
||||
return True
|
||||
path.append(neighbour)
|
||||
rv = _graph_dfs_cycle(graph, neighbour, path)
|
||||
if rv:
|
||||
return True
|
||||
# Remove last item from list - neighbour whose DFS path we have have
|
||||
# just checked.
|
||||
del path[-1]
|
||||
return False
|
||||
|
||||
|
||||
class Config(object):
|
||||
"""Cdist main class to hold arbitrary data"""
|
||||
|
||||
|
@ -77,9 +104,12 @@ class Config(object):
|
|||
self.remove_remote_files_dirs = remove_remote_files_dirs
|
||||
|
||||
self.explorer = core.Explorer(self.local.target_host, self.local,
|
||||
self.remote, jobs=self.jobs)
|
||||
self.manifest = core.Manifest(self.local.target_host, self.local)
|
||||
self.code = core.Code(self.local.target_host, self.local, self.remote)
|
||||
self.remote, jobs=self.jobs,
|
||||
dry_run=self.dry_run)
|
||||
self.manifest = core.Manifest(self.local.target_host, self.local,
|
||||
dry_run=self.dry_run)
|
||||
self.code = core.Code(self.local.target_host, self.local, self.remote,
|
||||
dry_run=self.dry_run)
|
||||
|
||||
def _init_files_dirs(self):
|
||||
"""Prepare files and directories for the run"""
|
||||
|
@ -254,14 +284,14 @@ class Config(object):
|
|||
cls.onehost(host, host_tags, host_base_path, hostdir,
|
||||
args, parallel=False,
|
||||
configuration=configuration)
|
||||
except cdist.Error as e:
|
||||
except cdist.Error:
|
||||
failed_hosts.append(host)
|
||||
if args.parallel and len(process_args) == 1:
|
||||
log.debug("Only 1 host for parallel processing, doing it "
|
||||
"sequentially")
|
||||
try:
|
||||
cls.onehost(*process_args[0])
|
||||
except cdist.Error as e:
|
||||
except cdist.Error:
|
||||
failed_hosts.append(host)
|
||||
elif args.parallel:
|
||||
log.trace("Multiprocessing start method is {}".format(
|
||||
|
@ -653,6 +683,28 @@ class Config(object):
|
|||
self.__dict__.update(state)
|
||||
self._open_logger()
|
||||
|
||||
def _validate_dependencies(self):
|
||||
'''
|
||||
Build dependency graph for unfinished objects and
|
||||
check for cycles.
|
||||
'''
|
||||
graph = {}
|
||||
for cdist_object in self.object_list():
|
||||
obj_name = cdist_object.name
|
||||
if obj_name not in graph:
|
||||
graph[obj_name] = []
|
||||
if cdist_object.state == cdist_object.STATE_DONE:
|
||||
continue
|
||||
|
||||
for requirement in cdist_object.requirements_unfinished(
|
||||
cdist_object.requirements):
|
||||
graph[obj_name].append(requirement.name)
|
||||
|
||||
for requirement in cdist_object.requirements_unfinished(
|
||||
cdist_object.autorequire):
|
||||
graph[obj_name].append(requirement.name)
|
||||
return graph_check_cycle(graph)
|
||||
|
||||
def iterate_until_finished(self):
|
||||
"""
|
||||
Go through all objects and solve them
|
||||
|
@ -662,6 +714,12 @@ class Config(object):
|
|||
objects_changed = True
|
||||
|
||||
while objects_changed:
|
||||
# Check for cycles as early as possible.
|
||||
has_cycle, path = self._validate_dependencies()
|
||||
if has_cycle:
|
||||
raise cdist.UnresolvableRequirementsError(
|
||||
"Cycle detected in object dependencies:\n{}!".format(
|
||||
" -> ".join(path)))
|
||||
objects_changed = self.iterate_once()
|
||||
|
||||
# Check whether all objects have been finished
|
||||
|
@ -700,14 +758,34 @@ class Config(object):
|
|||
("The requirements of the following objects could not be "
|
||||
"resolved:\n%s") % ("\n".join(info_string)))
|
||||
|
||||
def _handle_deprecation(self, cdist_object):
|
||||
cdist_type = cdist_object.cdist_type
|
||||
deprecated = cdist_type.deprecated
|
||||
if deprecated is not None:
|
||||
if deprecated:
|
||||
self.log.warning("Type %s is deprecated: %s", cdist_type.name,
|
||||
deprecated)
|
||||
else:
|
||||
self.log.warning("Type %s is deprecated.", cdist_type.name)
|
||||
for param in cdist_object.parameters:
|
||||
if param in cdist_type.deprecated_parameters:
|
||||
msg = cdist_type.deprecated_parameters[param]
|
||||
if msg:
|
||||
format = "%s parameter of type %s is deprecated: %s"
|
||||
args = [param, cdist_type.name, msg]
|
||||
else:
|
||||
format = "%s parameter of type %s is deprecated."
|
||||
args = [param, cdist_type.name]
|
||||
self.log.warning(format, *args)
|
||||
|
||||
def object_prepare(self, cdist_object, transfer_type_explorers=True):
|
||||
"""Prepare object: Run type explorer + manifest"""
|
||||
self._handle_deprecation(cdist_object)
|
||||
self.log.verbose("Preparing object {}".format(cdist_object.name))
|
||||
self.log.verbose(
|
||||
"Running manifest and explorers for " + cdist_object.name)
|
||||
self.explorer.run_type_explorers(cdist_object, transfer_type_explorers)
|
||||
try:
|
||||
self.log.verbose("Preparing object {}".format(cdist_object.name))
|
||||
self.log.verbose(
|
||||
"Running manifest and explorers for " + cdist_object.name)
|
||||
self.explorer.run_type_explorers(cdist_object,
|
||||
transfer_type_explorers)
|
||||
self.manifest.run_type_manifest(cdist_object)
|
||||
cdist_object.state = core.CdistObject.STATE_PREPARED
|
||||
except cdist.Error as e:
|
||||
|
|
|
@ -69,6 +69,7 @@ class CdistType(object):
|
|||
self.__optional_multiple_parameters = None
|
||||
self.__boolean_parameters = None
|
||||
self.__parameter_defaults = None
|
||||
self.__deprecated_parameters = None
|
||||
|
||||
def __hash__(self):
|
||||
return hash(self.name)
|
||||
|
@ -133,6 +134,17 @@ class CdistType(object):
|
|||
cannot run in parallel."""
|
||||
return os.path.isfile(os.path.join(self.absolute_path, "nonparallel"))
|
||||
|
||||
@property
|
||||
def deprecated(self):
|
||||
"""Get type deprecation message. If message is None then type
|
||||
is not deprecated."""
|
||||
deprecated_path = os.path.join(self.absolute_path, "deprecated")
|
||||
try:
|
||||
with open(deprecated_path, 'r') as f:
|
||||
return f.read()
|
||||
except FileNotFoundError:
|
||||
return None
|
||||
|
||||
@property
|
||||
def explorers(self):
|
||||
"""Return a list of available explorers"""
|
||||
|
@ -264,3 +276,23 @@ class CdistType(object):
|
|||
finally:
|
||||
self.__parameter_defaults = defaults
|
||||
return self.__parameter_defaults
|
||||
|
||||
@property
|
||||
def deprecated_parameters(self):
|
||||
if not self.__deprecated_parameters:
|
||||
deprecated = {}
|
||||
try:
|
||||
deprecated_dir = os.path.join(self.absolute_path,
|
||||
"parameter",
|
||||
"deprecated")
|
||||
for name in cdist.core.listdir(deprecated_dir):
|
||||
try:
|
||||
with open(os.path.join(deprecated_dir, name)) as fd:
|
||||
deprecated[name] = fd.read().strip()
|
||||
except EnvironmentError:
|
||||
pass # Swallow errors raised by open() or read()
|
||||
except EnvironmentError:
|
||||
pass # Swallow error raised by os.listdir()
|
||||
finally:
|
||||
self.__deprecated_parameters = deprecated
|
||||
return self.__deprecated_parameters
|
||||
|
|
|
@ -97,7 +97,7 @@ class Code(object):
|
|||
|
||||
"""
|
||||
# target_host is tuple (target_host, target_hostname, target_fqdn)
|
||||
def __init__(self, target_host, local, remote):
|
||||
def __init__(self, target_host, local, remote, dry_run=False):
|
||||
self.target_host = target_host
|
||||
self.local = local
|
||||
self.remote = remote
|
||||
|
@ -113,6 +113,9 @@ class Code(object):
|
|||
local.log),
|
||||
}
|
||||
|
||||
if dry_run:
|
||||
self.env['__cdist_dry_run'] = '1'
|
||||
|
||||
def _run_gencode(self, cdist_object, which):
|
||||
cdist_type = cdist_object.cdist_type
|
||||
script = os.path.join(self.local.type_path,
|
||||
|
|
|
@ -67,7 +67,7 @@ class Explorer(object):
|
|||
"""Executes cdist explorers.
|
||||
|
||||
"""
|
||||
def __init__(self, target_host, local, remote, jobs=None):
|
||||
def __init__(self, target_host, local, remote, jobs=None, dry_run=False):
|
||||
self.target_host = target_host
|
||||
|
||||
self._open_logger()
|
||||
|
@ -84,6 +84,10 @@ class Explorer(object):
|
|||
'__cdist_log_level_name': util.log_level_name_env_var_val(
|
||||
self.log),
|
||||
}
|
||||
|
||||
if dry_run:
|
||||
self.env['__cdist_dry_run'] = '1'
|
||||
|
||||
self._type_explorers_transferred = []
|
||||
self.jobs = jobs
|
||||
|
||||
|
@ -109,10 +113,17 @@ class Explorer(object):
|
|||
self._run_global_explorers_parallel(out_path)
|
||||
|
||||
def _run_global_explorer(self, explorer, out_path):
|
||||
output = self.run_global_explorer(explorer)
|
||||
path = os.path.join(out_path, explorer)
|
||||
with open(path, 'w') as fd:
|
||||
fd.write(output)
|
||||
try:
|
||||
path = os.path.join(out_path, explorer)
|
||||
output = self.run_global_explorer(explorer)
|
||||
with open(path, 'w') as fd:
|
||||
fd.write(output)
|
||||
except cdist.Error as e:
|
||||
local_path = os.path.join(self.local.global_explorer_path,
|
||||
explorer)
|
||||
stderr_path = os.path.join(self.local.stderr_base_path, "remote")
|
||||
raise cdist.GlobalExplorerError(explorer, local_path, stderr_path,
|
||||
e)
|
||||
|
||||
def _run_global_explorers_seq(self, out_path):
|
||||
self.log.debug("Running global explorers sequentially")
|
||||
|
@ -186,11 +197,21 @@ class Explorer(object):
|
|||
self.log.trace("Transferring object parameters for object: %s",
|
||||
cdist_object.name)
|
||||
self.transfer_object_parameters(cdist_object)
|
||||
for explorer in self.list_type_explorer_names(cdist_object.cdist_type):
|
||||
output = self.run_type_explorer(explorer, cdist_object)
|
||||
cdist_type = cdist_object.cdist_type
|
||||
for explorer in self.list_type_explorer_names(cdist_type):
|
||||
self.log.trace("Running type explorer '%s' for object '%s'",
|
||||
explorer, cdist_object.name)
|
||||
cdist_object.explorers[explorer] = output
|
||||
try:
|
||||
output = self.run_type_explorer(explorer, cdist_object)
|
||||
cdist_object.explorers[explorer] = output
|
||||
except cdist.Error as e:
|
||||
path = os.path.join(self.local.type_path,
|
||||
cdist_type.explorer_path,
|
||||
explorer)
|
||||
stderr_path = os.path.join(self.local.stderr_base_path,
|
||||
"remote")
|
||||
raise cdist.CdistObjectExplorerError(
|
||||
cdist_object, explorer, path, stderr_path, e)
|
||||
|
||||
def run_type_explorer(self, explorer, cdist_object):
|
||||
"""Run the given type explorer for the given object and return
|
||||
|
|
|
@ -96,7 +96,7 @@ class Manifest(object):
|
|||
"""Executes cdist manifests.
|
||||
|
||||
"""
|
||||
def __init__(self, target_host, local):
|
||||
def __init__(self, target_host, local, dry_run=False):
|
||||
self.target_host = target_host
|
||||
self.local = local
|
||||
|
||||
|
@ -117,6 +117,9 @@ class Manifest(object):
|
|||
self.log),
|
||||
}
|
||||
|
||||
if dry_run:
|
||||
self.env['__cdist_dry_run'] = '1'
|
||||
|
||||
def _open_logger(self):
|
||||
self.log = logging.getLogger(self.target_host[0])
|
||||
|
||||
|
|
|
@ -283,7 +283,8 @@ class Emulator(object):
|
|||
self.object_source)))
|
||||
raise
|
||||
|
||||
self.log.debug("Recording requirement: %s", requirement)
|
||||
self.log.debug("Recording requirement %s for %s",
|
||||
requirement, self.cdist_object.name)
|
||||
|
||||
# Save the sanitised version, not the user supplied one
|
||||
# (__file//bar => __file/bar)
|
||||
|
@ -305,13 +306,28 @@ class Emulator(object):
|
|||
# get the type created before this one ...
|
||||
try:
|
||||
lastcreatedtype = typecreationorder[-2].strip()
|
||||
if 'require' in self.env:
|
||||
self.env['require'] += " " + lastcreatedtype
|
||||
# __object_name is the name of the object whose type
|
||||
# manifest is currently executed
|
||||
__object_name = self.env.get('__object_name', None)
|
||||
if lastcreatedtype == __object_name:
|
||||
self.log.debug(("Not injecting require for "
|
||||
"CDIST_ORDER_DEPENDENCY: %s for %s,"
|
||||
" %s's type manifest is currently"
|
||||
" being executed"),
|
||||
lastcreatedtype,
|
||||
self.cdist_object.name,
|
||||
lastcreatedtype)
|
||||
else:
|
||||
self.env['require'] = lastcreatedtype
|
||||
self.log.debug(("Injecting require for "
|
||||
"CDIST_ORDER_DEPENDENCY: %s for %s"),
|
||||
lastcreatedtype, self.cdist_object.name)
|
||||
if 'require' in self.env:
|
||||
appendix = " " + lastcreatedtype
|
||||
if appendix not in self.env['require']:
|
||||
self.env['require'] += appendix
|
||||
else:
|
||||
self.env['require'] = lastcreatedtype
|
||||
self.log.debug(("Injecting require for "
|
||||
"CDIST_ORDER_DEPENDENCY: %s for %s"),
|
||||
lastcreatedtype,
|
||||
self.cdist_object.name)
|
||||
except IndexError:
|
||||
# if no second last line, we are on the first type,
|
||||
# so do not set a requirement
|
||||
|
@ -360,4 +376,6 @@ class Emulator(object):
|
|||
# But only if the user hasn't said otherwise.
|
||||
# Must prevent circular dependencies.
|
||||
if parent.name not in current_object.requirements:
|
||||
self.log.debug("Recording autorequirement %s for %s",
|
||||
current_object.name, parent.name)
|
||||
parent.autorequire.append(current_object.name)
|
||||
|
|
|
@ -304,6 +304,7 @@ class Remote(object):
|
|||
try:
|
||||
if self.quiet_mode:
|
||||
stderr = subprocess.DEVNULL
|
||||
close_stderr = False
|
||||
if return_output:
|
||||
output = subprocess.check_output(command, env=os_environ,
|
||||
stderr=stderr).decode()
|
||||
|
|
|
@ -315,7 +315,7 @@ class InventoryHost(Inventory):
|
|||
hostpath = self._host_path(host)
|
||||
self.log.trace("hostpath: {}".format(hostpath))
|
||||
if self.action == "add" and not os.path.exists(hostpath):
|
||||
self._new_hostpath(hostpath)
|
||||
self._new_hostpath(hostpath)
|
||||
else:
|
||||
if not os.path.isfile(hostpath):
|
||||
raise cdist.Error(("Host path \'{}\' is"
|
||||
|
|
|
@ -123,6 +123,16 @@ class TypeTestCase(test.CdistTestCase):
|
|||
cdist_type = core.CdistType(base_path, '__not_nonparallel')
|
||||
self.assertFalse(cdist_type.is_nonparallel)
|
||||
|
||||
def test_deprecated(self):
|
||||
base_path = fixtures
|
||||
cdist_type = core.CdistType(base_path, '__deprecated')
|
||||
self.assertIsNotNone(cdist_type.deprecated)
|
||||
|
||||
def test_not_deprecated(self):
|
||||
base_path = fixtures
|
||||
cdist_type = core.CdistType(base_path, '__not_deprecated')
|
||||
self.assertIsNone(cdist_type.deprecated)
|
||||
|
||||
def test_install_is_install(self):
|
||||
base_path = fixtures
|
||||
cdist_type = core.CdistType(base_path, '__install')
|
||||
|
@ -190,3 +200,18 @@ class TypeTestCase(test.CdistTestCase):
|
|||
self.assertEqual(
|
||||
list(sorted(cdist_type.parameter_defaults.keys())),
|
||||
['bar', 'foo'])
|
||||
|
||||
def test_without_deprecated_parameters(self):
|
||||
base_path = fixtures
|
||||
cdist_type = core.CdistType(base_path,
|
||||
'__without_deprecated_parameters')
|
||||
self.assertEqual(cdist_type.deprecated_parameters, {})
|
||||
|
||||
def test_with_deprecated_parameters(self):
|
||||
base_path = fixtures
|
||||
cdist_type = core.CdistType(base_path, '__with_deprecated_parameters')
|
||||
self.assertTrue('eggs' in cdist_type.deprecated_parameters)
|
||||
self.assertTrue('spam' in cdist_type.deprecated_parameters)
|
||||
self.assertEqual(cdist_type.deprecated_parameters['eggs'],
|
||||
'Deprecated')
|
||||
self.assertEqual(cdist_type.deprecated_parameters['spam'], '')
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
Deprecated
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue