Defined Type: bolt::project

Defined in:
manifests/project.pp

Summary

creates required files for a bolt project. Will create one oneshot service for each plan

Overview

Examples:

create one project and provide plan parameters

bolt::project { 'peadmmig': }
-> file { '/opt/peadmmig/profiles::convert.json':
  owner   => 'peadmmig',
  group   => 'peadmmig',
  content => { 'primary_host' => $facts['networking']['fqdn'] }.stdlib::to_json_pretty,
}

Parameters:

  • basepath (Stdlib::Absolutepath) (defaults to: '/opt/')

    rootdir where the project will be created into

  • project (String[1]) (defaults to: $name)

    the name of the project

  • owner (String[1]) (defaults to: $project)

    the user that will own the files and run the service

  • group (String[1]) (defaults to: $project)

    the group for all files

  • manage_user (Boolean) (defaults to: true)

    if we should create the user+group or not

  • environment (String[1]) (defaults to: 'peadm')

    the desired code environment we will use

  • modulepaths (Array[Stdlib::Absolutepath]) (defaults to: ["/etc/puppetlabs/code/environments/${environment}/modules", "/etc/puppetlabs/code/environments/${environment}/site", '/opt/puppetlabs/puppet/modules'])

    an array of directories where code lives

  • local_transport_tmpdir (Optional[Stdlib::Absolutepath]) (defaults to: undef)

    the bolt tmpdir for all local transports

  • puppetdb_urls (Array[Stdlib::HTTPUrl]) (defaults to: ['http://127.0.0.1:8080'])

    URIs for PuppetDB, usually the localhost http listener

Author:

  • Tim Meusel <tim@bastelfreak.de>



24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
 
# File 'manifests/project.pp', line 24

define bolt::project (
  Stdlib::Absolutepath $basepath = '/opt/',
  String[1] $project = $name,
  String[1] $owner = $project,
  String[1] $group = $project,
  Boolean $manage_user = true,
  String[1] $environment = 'peadm',
  Array[Stdlib::Absolutepath] $modulepaths = ["/etc/puppetlabs/code/environments/${environment}/modules", "/etc/puppetlabs/code/environments/${environment}/site", '/opt/puppetlabs/puppet/modules'],
  Optional[Stdlib::Absolutepath] $local_transport_tmpdir = undef,
  Array[Stdlib::HTTPUrl] $puppetdb_urls = ['http://127.0.0.1:8080'],
) {
  unless $facts['pe_status_check_role'] {
    fail('pe_status_check_role fact is missing from module puppetlabs/pe_status_check')
  }
  unless $facts['pe_status_check_role'] in ['primary', 'legacy_primary', 'pe_compiler', 'legacy_compiler'] {
    fail("bolt::project works only on PE primaries and compilers, not: ${facts['pe_status_check_role']}")
  }
  # installs bolt
  require bolt

  # ensure /tmp is mounted with +exec, otherwise we cannot call bolt later on

  $project_path = "${basepath}${name}"
  if $manage_user {
    user { $project:
      ensure         => 'present',
      managehome     => true,
      purge_ssh_keys => true,
      system         => true,
      home           => $project_path,
      gid            => $project,
      groups         => ['pe-puppet'], # required to read codedir
      shell          => '/sbin/nologin',
      comment        => 'user to run bolt plans',
    }
    group { $project:
      ensure => 'present',
      system => true,
    }
  }
  file { $project_path:
    ensure => 'directory',
    owner  => $owner,
    group  => $group,
  }

  $bolt_project = {
    'analytics' => false,
    'name' => $project,
    'modulepath' => $modulepaths,
    'stream' => true,
    'puppetdb' => { 'server_urls' => $puppetdb_urls },
  }.stdlib::to_yaml({ 'indentation' => 2 })

  file { "${project_path}/bolt-project.yaml":
    ensure  => 'file',
    owner   => $owner,
    group   => $group,
    content => $bolt_project,
  }

  $inventory_config = if $local_transport_tmpdir {
    { 'config' => { 'local' => { 'tmpdir' => $local_transport_tmpdir } } }
  } else {
    {}
  }
  $inventory = {
    'groups' => [
      {
        'name' => 'primary',
        'targets' => [
          {
            'name' => $facts['networking']['fqdn'],
            'uri' => 'local://localhost',
          },
        ]
      }
    ],
  } + $inventory_config

  file { "${project_path}/inventory.yaml":
    ensure  => 'file',
    owner   => $owner,
    group   => $group,
    content => $inventory.stdlib::to_yaml({ indentation => 2 }),
  }

  $data = { 'project' => $project, 'user'=> $owner, 'group' => $group, 'project_path' => $project_path, 'environment' => 'peadm' }

  systemd::unit_file { "${project}@.service":
    content => epp("${module_name}/project.service.epp", $data),
  }

  include sudo
  sudo::conf { $owner:
    priority => 10,
    content  => "${owner} ALL=(ALL) NOPASSWD: ALL",
  }
}