-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixes #34684 - install pulp-cli #252
Changes from all commits
80f13c9
61dd2e8
302934f
c6c3ad4
feac418
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
# = Pulpcore command line interface | ||
# | ||
# This class installs the Pulpcore command line interface (CLI). | ||
# | ||
# === Parameters: | ||
# | ||
# $pulpcore_url:: URL on which Pulpcore runs | ||
# | ||
# $username:: Username for authentication | ||
# | ||
# $password:: Password for authentication | ||
# | ||
# $cert:: Client certificate for authentication | ||
# | ||
# $key:: Client key for authentication | ||
# | ||
# === Advanced parameters: | ||
# | ||
# $manage_root_config:: Whether to manage /root/.config/pulp configuration. | ||
# | ||
# $api_root:: Absolute API base path on server (not including 'api/v3/') | ||
# | ||
# $verify_ssl:: Verify SSL connection | ||
# | ||
# $dry_run:: Trace commands without performing any unsafe HTTP calls | ||
# | ||
# $version:: pulp-cli package version, it's passed to ensure parameter of package resource | ||
# can be set to specific version number, 'latest', 'present' etc. | ||
# | ||
class pulpcore::cli ( | ||
Optional[Stdlib::HTTPUrl] $pulpcore_url = undef, | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. should this default to There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It's not exposed to users so I think this is fine. |
||
String $version = 'installed', | ||
Optional[String] $username = undef, | ||
Optional[String] $password = undef, | ||
Optional[String] $cert = undef, | ||
Optional[String] $key = undef, | ||
Optional[String] $api_root = undef, | ||
Boolean $verify_ssl = true, | ||
Boolean $dry_run = true, | ||
Boolean $manage_root_config = true, | ||
) { | ||
package { 'pulp-cli': | ||
ensure => $version, | ||
} | ||
-> file { '/etc/pulp/cli.toml': | ||
evgeni marked this conversation as resolved.
Show resolved
Hide resolved
|
||
ensure => file, | ||
owner => 'root', | ||
group => 'root', | ||
mode => '0644', | ||
evgeni marked this conversation as resolved.
Show resolved
Hide resolved
|
||
content => epp( | ||
'pulpcore/cli-config.toml.epp', | ||
{ | ||
base_url => $pulpcore_url, | ||
api_root => $api_root, | ||
verify_ssl => $verify_ssl, | ||
dry_run => $dry_run, | ||
} | ||
), | ||
} | ||
|
||
if $manage_root_config and (($username and $password) or ($cert and $key)) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Should we have some validates above that throw a clean error if for either combo one is supplied and not the other? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. So in I think for this module, it would be sufficient to check:
Everything else is imho valid (like setting username via config, but using CLI |
||
file { '/root/.config': | ||
ensure => directory, | ||
owner => 'root', | ||
group => 'root', | ||
mode => '0600', | ||
} | ||
file { '/root/.config/pulp': | ||
ensure => directory, | ||
owner => 'root', | ||
group => 'root', | ||
mode => '0600', | ||
} | ||
file { '/root/.config/pulp/cli.toml': | ||
ensure => file, | ||
owner => 'root', | ||
group => 'root', | ||
mode => '0600', | ||
content => epp( | ||
'pulpcore/cli-config.toml.epp', | ||
{ | ||
username => $username, | ||
password => $password, | ||
cert => $cert, | ||
key => $key, | ||
} | ||
), | ||
} | ||
} | ||
|
||
Anchor <| title == 'pulpcore::repo' |> ~> Package <| tag == 'pulpcore::cli' |> | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
require 'spec_helper_acceptance' | ||
|
||
describe 'installation of server with cli' do | ||
it_behaves_like 'an idempotent resource' do | ||
let(:manifest) do | ||
<<-PUPPET | ||
include pulpcore | ||
ekohl marked this conversation as resolved.
Show resolved
Hide resolved
|
||
class { 'pulpcore::cli': | ||
pulpcore_url => "https://${facts['fqdn']}/", | ||
cert => "/etc/pulpcore-certs/client-cert.pem", | ||
key => "/etc/pulpcore-certs/client-key.pem", | ||
} | ||
PUPPET | ||
end | ||
end | ||
|
||
include_examples 'the default pulpcore application' | ||
|
||
describe command("pulp config validate --location /etc/pulp/cli.toml") do | ||
its(:exit_status) { is_expected.to eq 0 } | ||
its(:stdout) { is_expected.to match(/valid pulp-cli config/) } | ||
its(:stderr) { is_expected.to eq '' } | ||
end | ||
|
||
describe command("REQUESTS_CA_BUNDLE=/etc/pulpcore-certs/ca-cert.pem pulp status") do | ||
its(:exit_status) { is_expected.to eq 0 } | ||
its(:stdout) { is_expected.to match(/versions/) } | ||
its(:stderr) { is_expected.not_to match(/Error/) } | ||
# currently this contains a warning: | ||
# SubjectAltNameWarning: Certificate for centos7-64.example.com has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. | ||
unless %w[centos redhat].include?(os[:family]) && os[:release].to_i == 7 | ||
its(:stderr) { is_expected.to eq '' } | ||
end | ||
end | ||
|
||
describe command("REQUESTS_CA_BUNDLE=/etc/pulpcore-certs/ca-cert.pem pulp user list") do | ||
its(:exit_status) { is_expected.to eq 0 } | ||
its(:stdout) { is_expected.to match(/admin/) } | ||
its(:stderr) { is_expected.not_to match(/Error/) } | ||
# currently this contains a warning: | ||
# SubjectAltNameWarning: Certificate for centos7-64.example.com has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. | ||
unless %w[centos redhat].include?(os[:family]) && os[:release].to_i == 7 | ||
its(:stderr) { is_expected.to eq '' } | ||
end | ||
end | ||
end | ||
|
||
describe 'installation of cli only' do | ||
it_behaves_like 'an idempotent resource' do | ||
let(:manifest) do | ||
<<-PUPPET | ||
include pulpcore::cli | ||
PUPPET | ||
end | ||
end | ||
|
||
describe command("pulp config validate --location /etc/pulp/cli.toml") do | ||
its(:exit_status) { is_expected.to eq 0 } | ||
its(:stdout) { is_expected.to match(/valid pulp-cli config/) } | ||
its(:stderr) { is_expected.to eq '' } | ||
end | ||
end | ||
|
||
describe 'installation of cli only with password' do | ||
it_behaves_like 'an idempotent resource' do | ||
let(:manifest) do | ||
<<-PUPPET | ||
class { 'pulpcore::cli': | ||
pulpcore_url => "https://${facts['fqdn']}/", | ||
username => "admin", | ||
password => "changeme", | ||
} | ||
PUPPET | ||
end | ||
end | ||
|
||
describe command("pulp config validate --location /etc/pulp/cli.toml") do | ||
its(:exit_status) { is_expected.to eq 0 } | ||
its(:stdout) { is_expected.to match(/valid pulp-cli config/) } | ||
its(:stderr) { is_expected.to eq '' } | ||
end | ||
|
||
describe command("pulp config validate --location /root/.config/pulp/cli.toml") do | ||
its(:exit_status) { is_expected.to eq 0 } | ||
its(:stdout) { is_expected.to match(/valid pulp-cli config/) } | ||
its(:stderr) { is_expected.to eq '' } | ||
end | ||
end |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
require 'spec_helper' | ||
|
||
describe 'pulpcore::cli' do | ||
on_supported_os.each do |os, os_facts| | ||
context "on #{os}" do | ||
let(:facts) { os_facts } | ||
let(:pre_condition) { 'include pulpcore::cli' } | ||
|
||
it { is_expected.to compile.with_all_deps } | ||
it { is_expected.to contain_package('pulp-cli') } | ||
Comment on lines
+9
to
+10
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I guess I should add some asserts on the config content too? |
||
end | ||
end | ||
end |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
<%- | | ||
Optional[Stdlib::HTTPUrl] $base_url = undef, | ||
Optional[String] $username = undef, | ||
Optional[String] $password = undef, | ||
Optional[String] $cert = undef, | ||
Optional[String] $key = undef, | ||
Optional[String] $api_root = undef, | ||
Optional[Boolean] $verify_ssl = undef, | ||
Optional[Boolean] $dry_run = undef, | ||
| -%> | ||
[cli] | ||
<% if $base_url { -%> | ||
base_url = "<%= $base_url %>" | ||
<% } -%> | ||
<% unless $verify_ssl =~ Undef { -%> | ||
verify_ssl = <%= $verify_ssl %> | ||
<% } -%> | ||
<% unless $dry_run =~ Undef { -%> | ||
dry_run = <%= $dry_run %> | ||
<% } -%> | ||
<% if $username { -%> | ||
username = "<%= $username %>" | ||
<% } -%> | ||
<% if $password { -%> | ||
password = "<%= $password %>" | ||
<% } -%> | ||
<% if $cert { -%> | ||
cert = "<%= $cert %>" | ||
<% } -%> | ||
<% if $key { -%> | ||
key = "<%= $key %>" | ||
<% } -%> | ||
<% if $api_root { -%> | ||
api_root = "<%= $api_root %>" | ||
<% } -%> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
in other places (
foreman_proxy
,foreman_proxy_content
) we call thispulpcore_api_url
.pulp-cli itself calls it
base_url
.🚲 shed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Given it's not exposed to users, I don't care that much. Let's start with this.