MozillaWiki

ReleaseEngineering/PuppetAgain/Modules/config

< ReleaseEngineering‎ | PuppetAgain‎ | Modules
Revision as of 09:21, 9 December 2011 by Callek (talk | contribs) (Created page with "This module handles retrieving and access of the site specific config values. == Summary == We handle config variables via puppets <tt>extlookup()</tt> function, which reads da...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

This module handles retrieving and access of the site specific config values.

Summary

We handle config variables via puppets extlookup() function, which reads data from keys in csv files in a directory we specify, and in the order we specify. Missing files are not errors, but missing keys (when not specified with a default here) are. We do not specify any defaults in the extlookup() function at all.

The csv files are stored in the modules/extlookup/ dir of our whole repo (source). Our search order is as follows, first->last.

  1. local-config.csv
    optional, preferably symlinked to an in-repo site specific config file (e.g. seamonkey-config.csv)
  2. default-config.csv
    stored directly in puppet, and should contain defaults suiteable for MoCo (Firefox) environment, sites with different needs should store only necessary differences in local-config.csv
  3. secrets.csv
    Necessarily not stored in hg as this file contains secrets (e.g. password hashes). For simplicity we have a secrets.csv.in file in this directory that can be copied over and have the secrets added.

Manifests

Config

Usage

in manifests 

class foo {
  include config
  if ($config::builder_username == )
     fail("bad settings")
  }
}

in templates (note use of empty namespace designation) 

Hash is ${::config::builder_username}

Variables

puppet_notif_email
The e-mail address or list to send errors of the puppet daemon to. (Defaults to dustin@mozilla.com)
puppet_server
The server-name of the puppet master we should connect to. Qualified or Unqualified hostnames are acceptable. (Defaults to puppet)
yum_server
The server name of the static yum-repo server (we currently expect the yum repo's to be found at http://${yum_server}/repos/yum/) (Defaults to the value of puppet_server)
builder_username
The username for the build and test slaves (Defaults to cltbld)

Secrets

The Secrets module handles all the secret config options, for clarity. It is imported directly by the config module, for simplicity throughout.

Usage

in manifests 

class foo {
  include config
  if ($config::secrets::builder_password == )
     fail("missing password")
  }
}

in templates (note use of empty namespace designation) 

Hash is ${::config::secrets::builder_password}

Variables

root_pw_hash
linux md5 password hash for the root password (No Default)
builder_pw_hash
linux md5 password hash for the builder user (No Default)
Retrieved from "https://wiki.allizom.org/index.php?title=ReleaseEngineering/PuppetAgain/Modules/config&oldid=377279"