diff --git a/.kitchen.yml b/.kitchen.yml index b5224a7d..57a3edbc 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -80,6 +80,28 @@ platforms: provisioner: puppetfile_path: build/centos7-puppet6/Puppetfile + # CentOS8 with Systemd - Puppet 5 + - name: centos8-puppet5 + driver: + platform: centos + dockerfile: build/centos8-puppet5/Dockerfile.kitchen + run_command: /sbin/init + volume: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + provisioner: + puppetfile_path: build/centos8-puppet5/Puppetfile + + # CentOS8 with Systemd - Puppet 6 + - name: centos8-puppet6 + driver: + platform: centos + dockerfile: build/centos8-puppet6/Dockerfile.kitchen + run_command: /sbin/init + volume: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + provisioner: + puppetfile_path: build/centos8-puppet6/Puppetfile + # Ubuntu Xenial with Systemd - Puppet 5 - name: ubuntu16-puppet5 driver: diff --git a/.travis.yml b/.travis.yml index 3908e1de..aa4d4397 100644 --- a/.travis.yml +++ b/.travis.yml @@ -84,6 +84,16 @@ matrix: gemfile: build/kitchen/Gemfile env: - TEST_NAME="centos7-puppet6" + - name: "RHEL/CentOS 8 - Puppet 5" + rvm: 2.5 + gemfile: build/kitchen/Gemfile + env: + - TEST_NAME="centos8-puppet5" + - name: "RHEL/CentOS 8 - Puppet 6" + rvm: 2.5 + gemfile: build/kitchen/Gemfile + env: + - TEST_NAME="centos8-puppet6" - name: "Ubuntu 16 - Puppet 5" rvm: 2.5 gemfile: build/kitchen/Gemfile diff --git a/README.md b/README.md index 7530b335..6abe3154 100644 --- a/README.md +++ b/README.md @@ -389,6 +389,7 @@ $res = run_task('st2::key_get', $stackstorm_target, * Ubuntu 18.04 * RHEL/CentOS 6 * RHEL/CentOS 7 +* RHEL/CentOS 8 ### Supported Puppet versions diff --git a/build/centos8-puppet5/Dockerfile b/build/centos8-puppet5/Dockerfile new file mode 100644 index 00000000..87ab2eb6 --- /dev/null +++ b/build/centos8-puppet5/Dockerfile @@ -0,0 +1,44 @@ +# usage (from the root of the puppet-st2/ directory): +# docker build -t stackstorm/puppet-st2-puppet5 -f build/puppet5/Dockerfile . + +FROM stackstorm/packagingtest:centos8-systemd + +# install ruby and dependencies for gem install +RUN yum -y install gcc gcc-c++ make which openssl +RUN gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB +RUN curl -sSL https://get.rvm.io | bash -s stable +RUN /bin/bash -l -c "rvm requirements" +RUN /bin/bash -l -c "rvm install 2.4.4" +RUN /bin/bash -l -c "rvm use 2.4.4 --default" +RUN /bin/bash -l -c "gem install bundler --no-rdoc --no-ri" + +# install puppet +RUN yum -y install https://yum.puppet.com/puppet5/puppet5-release-el-8.noarch.rpm +RUN yum -y install puppet-agent +ENV PATH="/opt/puppetlabs/bin:${PATH}" + +# print versions (ruby 2.4.x, puppet 5.x) +RUN /bin/bash -l -c "ruby --version" +RUN /bin/bash -l -c "gem --version" +RUN /bin/bash -l -c "bundle --version" +RUN puppet --version + +# create our working directory with the code from our repo in it +ENV APP_HOME /puppet_st2 +RUN mkdir $APP_HOME +WORKDIR $APP_HOME +COPY . $APP_HOME + +# use bundler to install our gems +ENV PUPPET_GEM_VERSION "~> 5.0" +ENV BUNDLE_GEMFILE=$APP_HOME/Gemfile \ + BUNDLE_JOBS=2 \ + BUNDLE_PATH=/bundle +RUN /bin/bash -l -c "bundle -v" +RUN /bin/bash -l -c "rm -f ${APP_HOME}/Gemfile.lock" +RUN /bin/bash -l -c "gem update --system" +RUN /bin/bash -l -c "gem --version" +RUN /bin/bash -l -c "bundle -v" +RUN cat $BUNDLE_GEMFILE +RUN /bin/bash -l -c "bundle install --without system_tests" +RUN cat $BUNDLE_GEMFILE.lock diff --git a/build/centos8-puppet5/Dockerfile.kitchen b/build/centos8-puppet5/Dockerfile.kitchen new file mode 100644 index 00000000..62f0d83e --- /dev/null +++ b/build/centos8-puppet5/Dockerfile.kitchen @@ -0,0 +1,37 @@ +# usage (from the root of the puppet-st2/ directory): +# docker build -t stackstorm/puppet-st2-puppet5 -f build/puppet5/Dockerfile.kitchen . + +FROM stackstorm/packagingtest:centos8-systemd + +RUN mkdir -p /var/run/sshd +RUN useradd -d /home/<%= @username %> -m -s /bin/bash <%= @username %> +RUN echo <%= "#{@username}:#{@password}" %> | chpasswd +RUN echo '<%= @username %> ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers +RUN mkdir -p /home/<%= @username %>/.ssh +RUN chown -R <%= @username %> /home/<%= @username %>/.ssh +RUN chmod 0700 /home/<%= @username %>/.ssh +RUN touch /home/<%= @username %>/.ssh/authorized_keys +RUN chown <%= @username %> /home/<%= @username %>/.ssh/authorized_keys +RUN chmod 0600 /home/<%= @username %>/.ssh/authorized_keys +RUN echo '<%= IO.read(@public_key).strip %>' >> /home/<%= @username %>/.ssh/authorized_keys + +# upgrade the image, otherwise installing st2 package hangs +RUN yum -y upgrade + +# install doc files (/usr/share/docs) when installing yum packages +# otherwise /usr/share/docs/st2/conf/nginx/st2.conf won't be present +# https://github.com/docker-library/docs/tree/master/centos#package-documentation +RUN sed -i '/nodocs/d' /etc/yum.conf + +# install puppet +RUN yum -y install https://yum.puppet.com/puppet5/puppet5-release-el-8.noarch.rpm +RUN yum -y install puppet-agent +ENV PATH="/opt/puppetlabs/bin:${PATH}" +RUN ln -s /opt/puppetlabs/bin/facter /usr/bin/ +RUN ln -s /opt/puppetlabs/bin/hiera /usr/bin/ +RUN ln -s /opt/puppetlabs/bin/mco /usr/bin/ +RUN ln -s /opt/puppetlabs/bin/puppet /usr/bin/ + +# print versions (ruby 2.4.x, puppet 5.x) +RUN puppet --version +RUN sudo -E puppet --version diff --git a/build/ubuntu14-puppet5/Puppetfile b/build/centos8-puppet5/Puppetfile similarity index 100% rename from build/ubuntu14-puppet5/Puppetfile rename to build/centos8-puppet5/Puppetfile diff --git a/build/centos8-puppet6/Dockerfile b/build/centos8-puppet6/Dockerfile new file mode 100644 index 00000000..dcefbbae --- /dev/null +++ b/build/centos8-puppet6/Dockerfile @@ -0,0 +1,44 @@ +# usage (from the root of the puppet-st2/ directory): +# docker build -t stackstorm/puppet-st2-puppet6 -f build/puppet6/Dockerfile . + +FROM stackstorm/packagingtest:centos8-systemd + +# install ruby and dependencies for gem install +RUN yum -y install gcc gcc-c++ make which openssl +RUN gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB +RUN curl -sSL https://get.rvm.io | bash -s stable +RUN /bin/bash -l -c "rvm requirements" +RUN /bin/bash -l -c "rvm install 2.5.1" +RUN /bin/bash -l -c "rvm use 2.5.1 --default" +RUN /bin/bash -l -c "gem install bundler --no-rdoc --no-ri" + +# install puppet +RUN yum -y install https://yum.puppet.com/puppet6/puppet6-release-el-8.noarch.rpm +RUN yum -y install puppet-agent +ENV PATH="/opt/puppetlabs/bin:${PATH}" + +# print versions (ruby 2.5.x, puppet 6.x) +RUN /bin/bash -l -c "ruby --version" +RUN /bin/bash -l -c "gem --version" +RUN /bin/bash -l -c "bundle --version" +RUN puppet --version + +# create our working directory with the code from our repo in it +ENV APP_HOME /puppet_st2 +RUN mkdir $APP_HOME +WORKDIR $APP_HOME +COPY . $APP_HOME + +# use bundler to install our gems +ENV PUPPET_GEM_VERSION "~> 6.0" +ENV BUNDLE_GEMFILE=$APP_HOME/Gemfile \ + BUNDLE_JOBS=2 \ + BUNDLE_PATH=/bundle +RUN /bin/bash -l -c "bundle -v" +RUN /bin/bash -l -c "rm -f ${APP_HOME}/Gemfile.lock" +RUN /bin/bash -l -c "gem update --system" +RUN /bin/bash -l -c "gem --version" +RUN /bin/bash -l -c "bundle -v" +RUN cat $BUNDLE_GEMFILE +RUN /bin/bash -l -c "bundle install --without system_tests" +RUN cat $BUNDLE_GEMFILE.lock diff --git a/build/centos8-puppet6/Dockerfile.kitchen b/build/centos8-puppet6/Dockerfile.kitchen new file mode 100644 index 00000000..dc978f0c --- /dev/null +++ b/build/centos8-puppet6/Dockerfile.kitchen @@ -0,0 +1,37 @@ +# usage (from the root of the puppet-st2/ directory): +# docker build -t stackstorm/puppet-st2-puppet6 -f build/puppet6/Dockerfile.kitchen . + +FROM stackstorm/packagingtest:centos8-systemd + +RUN mkdir -p /var/run/sshd +RUN useradd -d /home/<%= @username %> -m -s /bin/bash <%= @username %> +RUN echo <%= "#{@username}:#{@password}" %> | chpasswd +RUN echo '<%= @username %> ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers +RUN mkdir -p /home/<%= @username %>/.ssh +RUN chown -R <%= @username %> /home/<%= @username %>/.ssh +RUN chmod 0700 /home/<%= @username %>/.ssh +RUN touch /home/<%= @username %>/.ssh/authorized_keys +RUN chown <%= @username %> /home/<%= @username %>/.ssh/authorized_keys +RUN chmod 0600 /home/<%= @username %>/.ssh/authorized_keys +RUN echo '<%= IO.read(@public_key).strip %>' >> /home/<%= @username %>/.ssh/authorized_keys + +# upgrade the image, otherwise installing st2 package hangs +RUN yum -y upgrade + +# install doc files (/usr/share/docs) when installing yum packages +# otherwise /usr/share/docs/st2/conf/nginx/st2.conf won't be present +# https://github.com/docker-library/docs/tree/master/centos#package-documentation +RUN sed -i '/nodocs/d' /etc/yum.conf + +# install puppet +RUN yum -y install https://yum.puppet.com/puppet6/puppet6-release-el-8.noarch.rpm +RUN yum -y install puppet-agent +ENV PATH="/opt/puppetlabs/bin:${PATH}" +RUN ln -s /opt/puppetlabs/bin/facter /usr/bin/ +RUN ln -s /opt/puppetlabs/bin/hiera /usr/bin/ +RUN ln -s /opt/puppetlabs/bin/mco /usr/bin/ +RUN ln -s /opt/puppetlabs/bin/puppet /usr/bin/ + +# print versions (ruby 2.5.x, puppet 6.x) +RUN puppet --version +RUN sudo -E puppet --version diff --git a/build/ubuntu14-puppet6/Puppetfile b/build/centos8-puppet6/Puppetfile similarity index 100% rename from build/ubuntu14-puppet6/Puppetfile rename to build/centos8-puppet6/Puppetfile diff --git a/build/ubuntu14-puppet5/Dockerfile.kitchen b/build/ubuntu14-puppet5/Dockerfile.kitchen deleted file mode 100644 index 87e1753c..00000000 --- a/build/ubuntu14-puppet5/Dockerfile.kitchen +++ /dev/null @@ -1,40 +0,0 @@ -# usage (from the root of the puppet-st2/ directory): -# docker build -t stackstorm/puppet-st2-ubuntu14-puppet5 -f build/ubuntu14-puppet5/Dockerfile.kitchen . - -FROM stackstorm/packagingtest:trusty-upstart - -# kitchen setup -RUN mkdir -p /var/run/sshd -RUN useradd -d /home/<%= @username %> -m -s /bin/bash <%= @username %> -RUN echo '<%= @username %> ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers -RUN mkdir -p /home/<%= @username %>/.ssh -RUN chown -R <%= @username %> /home/<%= @username %>/.ssh -RUN chmod 0700 /home/<%= @username %>/.ssh -RUN touch /home/<%= @username %>/.ssh/authorized_keys -RUN chown <%= @username %> /home/<%= @username %>/.ssh/authorized_keys -RUN chmod 0600 /home/<%= @username %>/.ssh/authorized_keys -RUN echo '<%= IO.read(@public_key).strip %>' >> /home/<%= @username %>/.ssh/authorized_keys - -# Due to issues with running apt-get during 'docker build' on Ubuntu 14, -# we need to install Puppet once the container has started. -# Do NOT run the following install commands on Ubuntu14, instead let kitchen-puppet -# install Puppet after the container is built. - -# # install puppet -# # https://puppet.com/docs/puppet/5.5/puppet_platform.html#apt-based-systems -# RUN wget https://apt.puppetlabs.com/puppet5-release-trusty.deb -# RUN sudo dpkg -i puppet5-release-trusty.deb -# RUN sudo apt-get update -# RUN sudo apt-get -y install puppet-agent -# RUN sudo apt-get clean - -# # put puppet in our path -# ENV PATH="/opt/puppetlabs/bin:${PATH}" -# RUN ln -s /opt/puppetlabs/bin/facter /usr/bin/ -# RUN ln -s /opt/puppetlabs/bin/hiera /usr/bin/ -# RUN ln -s /opt/puppetlabs/bin/mco /usr/bin/ -# RUN ln -s /opt/puppetlabs/bin/puppet /usr/bin/ - -# # print versions (ruby 2.4.x, puppet 5.x) -# RUN puppet --version -# RUN sudo -E puppet --version diff --git a/build/ubuntu14-puppet6/Dockerfile.kitchen b/build/ubuntu14-puppet6/Dockerfile.kitchen deleted file mode 100644 index 44b70b38..00000000 --- a/build/ubuntu14-puppet6/Dockerfile.kitchen +++ /dev/null @@ -1,40 +0,0 @@ -# usage (from the root of the puppet-st2/ directory): -# docker build -t stackstorm/puppet-st2-ubuntu14-puppet6 -f build/ubuntu14-puppet6/Dockerfile.kitchen . - -FROM stackstorm/packagingtest:trusty-upstart - -# kitchen setup -RUN mkdir -p /var/run/sshd -RUN useradd -d /home/<%= @username %> -m -s /bin/bash <%= @username %> -RUN echo '<%= @username %> ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers -RUN mkdir -p /home/<%= @username %>/.ssh -RUN chown -R <%= @username %> /home/<%= @username %>/.ssh -RUN chmod 0700 /home/<%= @username %>/.ssh -RUN touch /home/<%= @username %>/.ssh/authorized_keys -RUN chown <%= @username %> /home/<%= @username %>/.ssh/authorized_keys -RUN chmod 0600 /home/<%= @username %>/.ssh/authorized_keys -RUN echo '<%= IO.read(@public_key).strip %>' >> /home/<%= @username %>/.ssh/authorized_keys - -# Due to issues with running apt-get during 'docker build' on Ubuntu 14, -# we need to install Puppet once the container has started. -# Do NOT run the following install commands on Ubuntu14, instead let kitchen-puppet -# install Puppet after the container is built. - -# # install puppet -# # https://puppet.com/docs/puppet/6.0/puppet_platform.html -# RUN wget https://apt.puppetlabs.com/puppet6-release-trusty.deb -# RUN sudo dpkg -i puppet6-release-trusty.deb -# RUN sudo apt-get update -# RUN sudo apt-get -y install puppet-agent -# RUN sudo apt-get clean - -# # put puppet in our path -# ENV PATH="/opt/puppetlabs/bin:${PATH}" -# RUN ln -s /opt/puppetlabs/bin/facter /usr/bin/ -# RUN ln -s /opt/puppetlabs/bin/hiera /usr/bin/ -# RUN ln -s /opt/puppetlabs/bin/mco /usr/bin/ -# RUN ln -s /opt/puppetlabs/bin/puppet /usr/bin/ - -# # print versions (ruby 2.5.x, puppet 6.x) -# RUN puppet --version -# RUN sudo -E puppet --version diff --git a/docs/dev_notes.md b/docs/dev_notes.md index 638450c0..9debf0c2 100644 --- a/docs/dev_notes.md +++ b/docs/dev_notes.md @@ -115,3 +115,164 @@ PUPPET_VERSION="~> 5.0" TEST_KITCHEN_ENABLED=false bundle package; mv Gemfile.lo ``` +## Adding support for a new OS or Puppet version + +### 1. Create new build/- environments + +In the `build/` directory, create new directories for your OS (or copy from existing). +Directory naming format is `build/-` (example: `build/centos8-puppet6`). + +**TIP** Start from the previous major release of the OS you're using and just copy those, then edit. + +#### build/-/Dockerfile + +This file is used for unit testing. You'll need to edit the following things: + +- Change the `FROM` container to the appropriate OS version from `st2packaging-dockerfiles` repo: https://github.com/StackStorm/st2packaging-dockerfiles +- Change the `Ruby` version installed by `rvm` to match whatever is used by that Puppet version +- Change the `yum` repo to install the proper Puppet version for that OS +- Change `ENV PUPPET_GEM_VERSION "~> 6.0"` to match your Puppet version + +#### build/-/Dockerfile.kitchen + +This file is used by Kitchen for integration testing. + +- Change the `FROM` container to the appropriate OS version from `st2packaging-dockerfiles` repo: https://github.com/StackStorm/st2packaging-dockerfiles +- Change the `yum` repo to install the proper Puppet version for that OS + +#### build/-/Puppetfile + +You probably won't have to do anything here, but if you want: + +- Spin up a vagrant box for the OS you're testing. +- Follow the instructions in the Puppetfile to generate the module list +```shell +# In the puppet-st2 repo +pdk build + +# upload the package to Vagrant box + + +# install the module +puppet module install ./pkg/stackstorm-st2-x.y.z.tar.gz +# list the module dependencies +puppet module list --tree +``` + +### 2. Edit .travis.yml + +`.travis.yml` contains the build matrix for Travis. + +Create new integration testing `jobs` for your OS. + +The `TEST_NAME` environment variable should match your `-` pattern from above. + +Example: +```yaml + - name: "RHEL/CentOS 8 - Puppet 5" + rvm: 2.5 + gemfile: build/kitchen/Gemfile + env: + - TEST_NAME="centos8-puppet5" + - name: "RHEL/CentOS 8 - Puppet 6" + rvm: 2.5 + gemfile: build/kitchen/Gemfile + env: + - TEST_NAME="centos8-puppet6" +``` + +If you're adding a new Puppet version, copy an existing `Unit Testing` job. + - Make sure the `rvm` version matches the suppred Ruby version for that version of Puppet + - Edit `PUPPET_GEM_VERSION` environment variable to match your major version of Puppet + +Example: +```yaml + - name: "Unit Testing - Puppet 6" + rvm: 2.5 + # use default Gemfile in repo root (from PDK) + env: + - UNIT_TEST="true" + - PUPPET_GEM_VERSION="~> 6.0" + - CHECK="syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop parallel_spec" +``` + +### 3. Edit .kitchen.yml + +`.kitchen.yml` contains the test matrix for integation testing used by Travis. + +Create new integration test platforms (copy some existing ones) and change the following: + +- `name` This should be your new `-` name +- `driver.dockerfile` This should be the path to your `Dockerfile.kitchen`, example `build/centos8-puppet5/Dockerfile.kitchen` +- `provisioner.puppetfile_path` This should be the path to your `Puppetfil`, example `build/centos8-puppet5/Puppetfile` + +Example: +```yaml + # CentOS8 with Systemd - Puppet 6 + - name: centos8-puppet6 + driver: + platform: centos + dockerfile: build/centos8-puppet6/Dockerfile.kitchen + run_command: /sbin/init + volume: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + provisioner: + puppetfile_path: build/centos8-puppet6/Puppetfile +``` + +### 4. Edit test/integration/stackstorm/inspec.yml + +`test/integration/stackstorm/inspec.yml` contains the supported OS versions for Inspec testing + +Add a new `supports` platform. On CentOS you can do `8.*` or whatever your major version is. +On Ubuntu you need to match the version exactly, example `18.04`. + +Example: +``` +supports: + - os-name: centos + release: 8.* +``` + +### 5. Edit metadata.json + +`metadata.json` describes the OSes and Puppet versions that are supported by this module. + +If you're adding support for a new OS, add it to `operatingsystem_support`, example: + +```json + "operatingsystem_support": [ + { + "operatingsystem": "RedHat", + "operatingsystemrelease": [ + "6", + "7", + "8" + ] + }, + ... +``` + +If you're adding support for a new Puppet version, change the version restrictions for `puppet` in `requirements`, example: + +```json + "requirements": [ + { + "name": "puppet", + "version_requirement": ">= 4.7.0 < 7.0.0" + } + ], +``` + +### 6. Add supported platforms to README + +Edit the `Supported Platforms` section in `README.md` to include your new version. + +### 7. Make code changes in the manifests/ directory + +Places to check for new OS compatability (basically grep for `$facts['os']`): +- manifests/init.pp +- manifests/repo.pp +- manifests/profile/mongodb.pp + + diff --git a/docs/release_to_forge.md b/docs/release_to_forge.md index 8881f12f..bc98effa 100644 --- a/docs/release_to_forge.md +++ b/docs/release_to_forge.md @@ -2,18 +2,18 @@ * Prepare tooling ```shell -bundle config --local path .//vendor/cache +bundle config --local path ./vendor/cache bundle install ``` * Get next version number `bundle exec rake module:verison:next:minor` -* Create new feature branch -`git checkout -b feature/release-x.y.z` +* Create new release branch +`git checkout -b release/vX.Y.Z` -* Update CHANGELOG.md. Add a new line just below `## Development` -`## x.y.z (Feb 13, 2019) ` +* Update `CHANGELOG.md`. Add a new line just below `## Development` +`## vX.Y.Z (Feb 13, 2019) ` * Update `metadata.json` with new version release. `bundle exec rake module:bump:minor` @@ -29,5 +29,8 @@ git pull * Create a new package `pdk build` -* Create a new Release on GitHub -* Publish to forge +* Create a new Release on GitHub with a tag of the format `vX.Y.Z` + * Copy the releae notes from `CHANGELOG.md` + * Upload the package to this release + * This will create a tag on the repo and trigger a Travis build + * The travis build will detect the new tag, perform a build and deploy to the forge and the end of the build, if the build succeeds diff --git a/manifests/auth/ldap.pp b/manifests/auth/ldap.pp index eefb04b5..aa016a8b 100644 --- a/manifests/auth/ldap.pp +++ b/manifests/auth/ldap.pp @@ -133,7 +133,7 @@ } # install package dependency - $_dep_pkgs = $::osfamily ? { + $_dep_pkgs = $facts['os']['family'] ? { 'Debian' => ['gcc', 'libldap2-dev'], 'RedHat' => ['gcc', 'openldap-devel'], default => undef, diff --git a/manifests/auth/pam.pp b/manifests/auth/pam.pp index fc1c1c6c..4ff72dda 100644 --- a/manifests/auth/pam.pp +++ b/manifests/auth/pam.pp @@ -41,7 +41,7 @@ } # install package dependency - $_dep_pkgs = $::osfamily ? { + $_dep_pkgs = $facts['os']['family'] ? { 'Debian' => 'libpam0g', 'RedHat' => 'pam-devel', default => undef, diff --git a/manifests/params.pp b/manifests/params.pp index 7ee329b9..a0f52bae 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -60,7 +60,7 @@ $st2_web_packages = [ 'st2web', ] - case $::osfamily { + case $facts['os']['family'] { 'Debian': { $st2_client_packages = [ 'python-st2client', @@ -120,12 +120,12 @@ $scheduler_pool_size = 10 ## nginx default config - $nginx_default_conf = $::osfamily ? { + $nginx_default_conf = $facts['os']['family'] ? { 'Debian' => '/etc/nginx/conf.d/default.conf', 'RedHat' => '/etc/nginx/conf.d/default.conf', } ## nginx conf.d directory in /etc - $nginx_conf_d = $::osfamily ? { + $nginx_conf_d = $facts['os']['family'] ? { 'Debian' => '/etc/nginx/conf.d', 'RedHat' => '/etc/nginx/conf.d', } @@ -185,14 +185,14 @@ ## actionrunner config $actionrunner_workers = 10 - $actionrunner_global_env_file = $::osfamily ? { + $actionrunner_global_env_file = $facts['os']['family'] ? { 'Debian' => '/etc/default/st2actionrunner', 'RedHat' => '/etc/sysconfig/st2actionrunner', } ## chatops default config $st2_chatops_dir = '/opt/stackstorm/chatops' - $st2_chatops_global_env_file = $::osfamily ? { + $st2_chatops_global_env_file = $facts['os']['family'] ? { 'Debian' => '/etc/default/st2chatops', 'RedHat' => '/etc/sysconfig/st2chatops', } diff --git a/manifests/profile/mistral.pp b/manifests/profile/mistral.pp index e23af6ac..37da524d 100644 --- a/manifests/profile/mistral.pp +++ b/manifests/profile/mistral.pp @@ -63,7 +63,7 @@ ### End Mistral Variables ### ### Mistral Packages ### - if ($::osfamily == 'RedHat') and ($::operatingsystemmajrelease == '6') { + if ($facts['os']['family'] == 'RedHat') and ($facts['os']['release']['major'] == '6') { package {'st2python': ensure => 'installed', before => Package[$st2::params::st2_mistral_packages], @@ -119,7 +119,7 @@ owner => $db_username, } - if str2bool($::mistral_bootstrapped) != true { + if str2bool($facts['mistral_bootstrapped']) != true { exec { 'setup mistral database': command => "mistral-db-manage --config-file ${mistral_config} upgrade head", refreshonly => true, diff --git a/manifests/profile/mongodb.pp b/manifests/profile/mongodb.pp index 44ff155e..35d6e55d 100644 --- a/manifests/profile/mongodb.pp +++ b/manifests/profile/mongodb.pp @@ -40,11 +40,14 @@ $auth = $st2::mongodb_auth, ) inherits st2 { - # if we're on Ubuntu >= 18.04 then use MongoDB 4.0 + # if we're on CentOS >= 8 then use MongoDB 4.0 or + # we're on Ubuntu >= 18.04 then use MongoDB 4.0 # if the StackStorm version is > 2.4.0 then MongoDB 3.4 # else use MongoDB 3.2 - if ($facts['os']['family'] == 'Debian' and - versioncmp($facts['os']['release']['major'], '18.04') >= 0) { + if (($facts['os']['family'] == 'RedHat' and + versioncmp($facts['os']['release']['major'], '8') >= 0) or + ($facts['os']['family'] == 'Debian' and + versioncmp($facts['os']['release']['major'], '18.04') >= 0)) { $_mongodb_version_default = '4.0' } elsif st2::version_ge('2.4.0') { @@ -95,8 +98,8 @@ # database, the re-enables auth. # # To prevent this from running every time we've create a puppet fact - # called $::mongodb_auth_init that is set when - if versioncmp( $::puppetversion, '4.0.0') >= 0 and !$::mongodb_auth_init { + # called 'mongodb_auth_init' that is set when + if versioncmp($facts['puppetversion'], '4.0.0') >= 0 and !$facts['mongodb_auth_init'] { # unfortinately there is no way to synchronously force a service restart # in Puppet, so we have to revert to exec... sorry diff --git a/manifests/profile/nodejs.pp b/manifests/profile/nodejs.pp index 923c3938..3ae45bc4 100644 --- a/manifests/profile/nodejs.pp +++ b/manifests/profile/nodejs.pp @@ -46,8 +46,8 @@ # Red Hat 7.x + already have NodeJS 6.x installed # trying to install from nodesource repos fails, so just use the builtin - if ($::osfamily == 'RedHat' and - versioncmp($::operatingsystemmajrelease, '7') >= 0) { + if ($facts['os']['family'] == 'RedHat' and + versioncmp($facts['os']['release']['major'], '7') >= 0) { if $use_rhel7_builtin { class { 'nodejs': manage_package_repo => false, @@ -66,7 +66,7 @@ # because the npm package from EPEL has dependencies on the nodejs # and st2chatops package. # This allows us go upgrade RHEL7 clients from NodeJS 6 -> 10 - Package<| title == $::nodejs::npm_package_name |> { + Package<| title == $nodejs::npm_package_name |> { uninstall_options => ['--nodeps'], provider => 'rpm', } diff --git a/manifests/profile/postgresql.pp b/manifests/profile/postgresql.pp index 9bc6c579..beeee891 100644 --- a/manifests/profile/postgresql.pp +++ b/manifests/profile/postgresql.pp @@ -19,7 +19,7 @@ $manage = $::st2::mistral_manage, ) inherits st2 { if $manage and !defined(Class['postgresql::server']) { - if ($::osfamily == 'RedHat') and ($::operatingsystemmajrelease == '6') { + if ($facts['os']['family'] == 'RedHat') and ($facts['os']['release']['major'] == '6') { class { 'postgresql::globals': version => '9.4', manage_package_repo => true, diff --git a/manifests/profile/python.pp b/manifests/profile/python.pp index 1c747978..90d4453f 100644 --- a/manifests/profile/python.pp +++ b/manifests/profile/python.pp @@ -4,7 +4,7 @@ # include st2::profile::python # class st2::profile::python { - if ($::osfamily == 'RedHat') and ($::operatingsystemmajrelease == '6') { + if ($facts['os']['family'] == 'RedHat') and ($facts['os']['release']['major'] == '6') { package {'python27': ensure => present, } @@ -30,6 +30,4 @@ } } } - - } diff --git a/manifests/profile/rabbitmq.pp b/manifests/profile/rabbitmq.pp index 9566807f..2dffbada 100644 --- a/manifests/profile/rabbitmq.pp +++ b/manifests/profile/rabbitmq.pp @@ -57,7 +57,7 @@ } # RHEL needs EPEL installed prior to rabbitmq - if $::osfamily == 'RedHat' { + if $facts['os']['family'] == 'RedHat' { Class['epel'] -> Class['rabbitmq'] diff --git a/manifests/profile/selinux.pp b/manifests/profile/selinux.pp index 8de4cfd8..ebad5716 100644 --- a/manifests/profile/selinux.pp +++ b/manifests/profile/selinux.pp @@ -5,9 +5,16 @@ # class st2::profile::selinux inherits st2::params { # note: the selinux module downcases the mode in the fact - if ($::osfamily == 'RedHat') and ($::selinux_current_mode == 'enforcing') { - if !defined(Package['policycoreutils-python']) { - package { 'policycoreutils-python': + if ($facts['os']['family'] == 'RedHat') and ($facts['selinux_current_mode'] == 'enforcing') { + if versioncmp($facts['os']['release']['major'], '8') >= 0 { + $policycoreutils_package = 'policycoreutils-python-utils' + } + else { + $policycoreutils_package = 'policycoreutils-python' + } + + if !defined(Package[$policycoreutils_package]) { + package { $policycoreutils_package: ensure => present, } } @@ -17,7 +24,6 @@ ensure => 'on', name => 'httpd_can_network_connect', } - # note: rabbitmq puppet module manages its own SELinux config } } diff --git a/manifests/profile/server.pp b/manifests/profile/server.pp index c1643a04..dea43173 100644 --- a/manifests/profile/server.pp +++ b/manifests/profile/server.pp @@ -81,7 +81,7 @@ ######################################## ## Packages - if ($::osfamily == 'RedHat') and ($::operatingsystemmajrelease == '6') { + if ($facts['os']['family'] == 'RedHat') and ($facts['os']['release']['major'] == '6') { package { 'libffi-devel': ensure => present, before => Package[$::st2::params::st2_server_packages], diff --git a/metadata.json b/metadata.json index c3b0fc15..63302ea5 100644 --- a/metadata.json +++ b/metadata.json @@ -74,7 +74,8 @@ "operatingsystem": "RedHat", "operatingsystemrelease": [ "6", - "7" + "7", + "8" ] }, { diff --git a/test/integration/stackstorm/inspec.yml b/test/integration/stackstorm/inspec.yml index c81c15c1..f1e24c81 100644 --- a/test/integration/stackstorm/inspec.yml +++ b/test/integration/stackstorm/inspec.yml @@ -14,6 +14,8 @@ supports: release: 6.* - os-name: centos release: 7.* + - os-name: centos + release: 8.* - os-name: ubuntu release: 16.04 - os-name: ubuntu