diff --git a/.gitignore b/.gitignore index 7eb39d3d..d0fa62ee 100644 --- a/.gitignore +++ b/.gitignore @@ -34,8 +34,11 @@ spec/fixtures/modules/ ## Puppet module pkg/ coverage/ +Puppetfile.lock ## Librarian-puppet .tmp/ .librarian/ +## gem +Gemfile.lock diff --git a/Gemfile.lock b/Gemfile.lock deleted file mode 100644 index 00f7641c..00000000 --- a/Gemfile.lock +++ /dev/null @@ -1,267 +0,0 @@ -GEM - remote: https://rubygems.org/ - specs: - CFPropertyList (2.3.0) - activemodel (4.2.0) - activesupport (= 4.2.0) - builder (~> 3.1) - activesupport (4.2.0) - i18n (~> 0.7) - json (~> 1.7, >= 1.7.7) - minitest (~> 5.1) - thread_safe (~> 0.3, >= 0.3.4) - tzinfo (~> 1.1) - addressable (2.3.7) - archive-tar-minitar (0.5.2) - autoparse (0.3.3) - addressable (>= 2.3.1) - extlib (>= 0.9.15) - multi_json (>= 1.0.0) - aws-sdk (1.63.0) - aws-sdk-v1 (= 1.63.0) - aws-sdk-v1 (1.63.0) - json (~> 1.4) - nokogiri (>= 1.4.4) - beaker (2.4.1) - aws-sdk (~> 1.57) - docker-api - fission (~> 0.4) - fog (~> 1.25) - google-api-client (~> 0.7) - hocon (~> 0.0.4) - inifile (~> 2.0) - json (~> 1.8) - minitest (~> 5.4) - net-scp (~> 1.2) - net-ssh (~> 2.9) - rbvmomi (~> 1.8) - unf (~> 0.1) - beaker-rspec (4.0.0) - beaker (~> 2.0) - rspec - serverspec (~> 1.0) - specinfra (~> 1.0) - builder (3.2.2) - diff-lcs (1.2.5) - docile (1.1.5) - docker-api (1.19.0) - archive-tar-minitar - excon (>= 0.38.0) - json - domain_name (0.5.24) - unf (>= 0.0.5, < 1.0.0) - excon (0.44.2) - extlib (0.9.16) - facter (1.7.6) - faraday (0.9.1) - multipart-post (>= 1.2, < 3) - fission (0.5.0) - CFPropertyList (~> 2.2) - fog (1.27.0) - fog-atmos - fog-aws (~> 0.0) - fog-brightbox (~> 0.4) - fog-core (~> 1.27, >= 1.27.3) - fog-ecloud - fog-json - fog-profitbricks - fog-radosgw (>= 0.0.2) - fog-sakuracloud (>= 0.0.4) - fog-serverlove - fog-softlayer - fog-storm_on_demand - fog-terremark - fog-vmfusion - fog-voxel - fog-xml (~> 0.1.1) - ipaddress (~> 0.5) - nokogiri (~> 1.5, >= 1.5.11) - fog-atmos (0.1.0) - fog-core - fog-xml - fog-aws (0.1.0) - fog-core (~> 1.27) - fog-json (~> 1.0) - fog-xml (~> 0.1) - ipaddress (~> 0.8) - fog-brightbox (0.7.1) - fog-core (~> 1.22) - fog-json - inflecto (~> 0.0.2) - fog-core (1.28.0) - builder - excon (~> 0.38) - formatador (~> 0.2) - mime-types - net-scp (~> 1.1) - net-ssh (>= 2.1.3) - fog-ecloud (0.0.2) - fog-core - fog-xml - fog-json (1.0.0) - multi_json (~> 1.0) - fog-profitbricks (0.0.1) - fog-core - fog-xml - nokogiri - fog-radosgw (0.0.3) - fog-core (>= 1.21.0) - fog-json - fog-xml (>= 0.0.1) - fog-sakuracloud (1.0.0) - fog-core - fog-json - fog-serverlove (0.1.1) - fog-core - fog-json - fog-softlayer (0.4.1) - fog-core - fog-json - fog-storm_on_demand (0.1.0) - fog-core - fog-json - fog-terremark (0.0.4) - fog-core - fog-xml - fog-vmfusion (0.0.1) - fission - fog-core - fog-voxel (0.0.2) - fog-core - fog-xml - fog-xml (0.1.1) - fog-core - nokogiri (~> 1.5, >= 1.5.11) - formatador (0.2.5) - google-api-client (0.8.2) - activesupport (>= 3.2) - addressable (~> 2.3) - autoparse (~> 0.3) - extlib (~> 0.9) - faraday (~> 0.9) - launchy (~> 2.4) - multi_json (~> 1.10) - retriable (~> 1.4) - signet (~> 0.6) - her (0.7.3) - activemodel (>= 3.0.0, <= 4.2) - activesupport (>= 3.0.0, <= 4.2) - faraday (>= 0.8, < 1.0) - multi_json (~> 1.7) - hiera (1.3.4) - json_pure - highline (1.7.1) - hocon (0.0.7) - http-cookie (1.0.2) - domain_name (~> 0.5) - i18n (0.7.0) - inflecto (0.0.2) - inifile (2.0.2) - ipaddress (0.8.0) - json (1.8.2) - json_pure (1.8.2) - jwt (1.2.1) - launchy (2.4.3) - addressable (~> 2.3) - librarian-puppet (2.1.0) - librarianp (>= 0.4.0) - puppet_forge - rsync - librarianp (0.6.0) - thor (~> 0.15) - metaclass (0.0.4) - mime-types (2.4.3) - mini_portile (0.6.2) - minitest (5.5.1) - mocha (1.1.0) - metaclass (~> 0.0.1) - multi_json (1.10.1) - multipart-post (2.0.0) - net-scp (1.2.1) - net-ssh (>= 2.6.5) - net-ssh (2.9.2) - netrc (0.10.3) - nokogiri (1.6.6.2) - mini_portile (~> 0.6.0) - puppet (3.7.4) - facter (> 1.6, < 3) - hiera (~> 1.0) - json_pure - puppet-blacksmith (3.3.1) - puppet (>= 2.7.16) - rest-client - puppet-lint (1.1.0) - puppet-syntax (2.0.0) - rake - puppet_forge (1.0.4) - her (~> 0.6) - puppetlabs_spec_helper (0.9.1) - mocha - puppet-lint - puppet-syntax - rake - rspec-puppet - rake (10.4.2) - rbvmomi (1.8.2) - builder - nokogiri (>= 1.4.1) - trollop - rest-client (1.8.0) - http-cookie (>= 1.0.2, < 2.0) - mime-types (>= 1.16, < 3.0) - netrc (~> 0.7) - retriable (1.4.1) - rspec (2.99.0) - rspec-core (~> 2.99.0) - rspec-expectations (~> 2.99.0) - rspec-mocks (~> 2.99.0) - rspec-core (2.99.2) - rspec-expectations (2.99.2) - diff-lcs (>= 1.1.3, < 2.0) - rspec-its (1.0.1) - rspec-core (>= 2.99.0.beta1) - rspec-expectations (>= 2.99.0.beta1) - rspec-mocks (2.99.3) - rspec-puppet (2.0.0) - rspec (~> 2.0) - rsync (1.0.9) - serverspec (1.16.0) - highline - net-ssh - rspec (~> 2.99) - rspec-its - specinfra (~> 1.27) - signet (0.6.0) - addressable (~> 2.3) - extlib (~> 0.9) - faraday (~> 0.9) - jwt (~> 1.0) - multi_json (~> 1.10) - simplecov (0.9.2) - docile (~> 1.1.0) - multi_json (~> 1.0) - simplecov-html (~> 0.9.0) - simplecov-html (0.9.0) - specinfra (1.27.5) - thor (0.19.1) - thread_safe (0.3.4) - trollop (2.1.1) - tzinfo (1.2.2) - thread_safe (~> 0.1) - unf (0.1.4) - unf_ext - unf_ext (0.0.6) - -PLATFORMS - ruby - -DEPENDENCIES - beaker-rspec (>= 3.0.0) - librarian-puppet (>= 2.0.0) - puppet (>= 2.7) - puppet-blacksmith (>= 3.3.1) - puppet-lint (>= 1.1.0) - puppetlabs_spec_helper (>= 0.8.0) - rake - rspec-puppet (>= 1.0.0) - simplecov diff --git a/Puppetfile.lock b/Puppetfile.lock deleted file mode 100644 index 5a488fb4..00000000 --- a/Puppetfile.lock +++ /dev/null @@ -1,13 +0,0 @@ -FORGE - remote: http://forge.puppetlabs.com - specs: - maestrodev/maven (1.1.9) - maestrodev/wget (>= 1.0.0) - maestrodev/wget (1.3.1) - puppetlabs/stdlib (4.1.0) - -DEPENDENCIES - maestrodev/maven (>= 1.0.0) - maestrodev/wget (>= 0.0.1) - puppetlabs/stdlib (>= 2.3.0) - diff --git a/README.md b/README.md index edf55aaa..e566407e 100644 --- a/README.md +++ b/README.md @@ -55,14 +55,14 @@ The `sonarqube::plugin` defined type can be used to install SonarQube plugins. N class { 'maven::maven': } -> class { 'sonarqube': } - + sonarqube::plugin { 'sonar-javascript-plugin': groupid => 'org.sonarsource.javascript', artifactid => 'sonar-javascript-plugin', version => '2.10', notify => Service['sonar'], } - + ## Security Configuration @@ -87,6 +87,11 @@ The `sonarqube` class provides an easy way to configure security with LDAP, Crow groupid => 'org.sonarsource.ldap', artifactid => 'sonar-ldap-plugin', version => '1.5.1', + repo => { + url => 'http://repo1.maven.org/maven2', + username => 'user', + password => 'password' + }, notify => Service['sonar'], } diff --git a/manifests/init.pp b/manifests/init.pp index 3a96b781..1410d8ad 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -13,6 +13,7 @@ # limitations under the License. class sonarqube ( $version = '4.5.5', + $testing = false, $user = 'sonar', $group = 'sonar', $user_system = true, @@ -21,7 +22,7 @@ $home = undef, $host = undef, $port = 9000, - $portAjp = -1, + $port_ajp = -1, $download_url = 'https://sonarsource.bintray.com/Distribution/sonarqube', $download_dir = '/usr/local/src', $context_path = '/', @@ -95,62 +96,80 @@ managehome => false, system => $user_system, } - -> - group { $group: + + -> group { $group: ensure => present, system => $user_system, } - -> - wget::fetch { 'download-sonar': + + -> wget::fetch { 'download-sonar': source => "${download_url}/${package_name}-${version}.zip", destination => $tmpzip, } - -> + # ===== Create folder structure ===== # so uncompressing new sonar versions at update time use the previous sonar home, # installing new extensions and plugins over the old ones, reusing the db,... # Sonar home - file { $real_home: + -> file { $real_home: ensure => directory, mode => '0700', } - -> - file { "${installroot}/${package_name}-${version}": + + -> file { "${installroot}/${package_name}-${version}": ensure => directory, } - -> - file { $installdir: + + -> file { $installdir: ensure => link, target => "${installroot}/${package_name}-${version}", notify => Service['sonarqube'], } - -> - sonarqube::move_to_home { 'data': } - -> - sonarqube::move_to_home { 'extras': } - -> - sonarqube::move_to_home { 'extensions': } - -> - sonarqube::move_to_home { 'logs': } - -> + + -> sonarqube::move_to_home { + 'data': + } + + -> sonarqube::move_to_home { + 'extras': + } + + -> sonarqube::move_to_home { + 'extensions': + } + + -> sonarqube::move_to_home { + 'logs': + } + # ===== Install SonarQube ===== - exec { 'untar': - command => "unzip -o ${tmpzip} -d ${installroot} && chown -R ${user}:${group} ${installroot}/${package_name}-${version} && chown -R ${user}:${group} ${real_home}", + -> exec { 'untar': + command => "unzip -o ${tmpzip} -d ${installroot} && chown -R \ + ${user}:${group} ${installroot}/${package_name}-${version} \ + && chown -R ${user}:${group} ${real_home}", creates => "${installroot}/${package_name}-${version}/bin", notify => Service['sonarqube'], } - -> - file { $script: + + -> file { $script: mode => '0755', content => template('sonarqube/sonar.sh.erb'), } - -> - file { "/etc/init.d/${service}": + + -> file { "/etc/init.d/${service}": ensure => link, target => $script, } + file { '/etc/systemd/system/sonar.service': + ensure => file, + owner => root, + group => root, + mode => '0755', + content => template("${module_name}/sonar.service.erb") + } + # Sonar configuration files if $config != undef { file { "${installdir}/conf/sonar.properties": @@ -172,13 +191,13 @@ content => template("${module_name}/cleanup-old-plugin-versions.sh.erb"), mode => '0755', } - -> - file { '/tmp/cleanup-old-sonarqube-versions.sh': + + -> file { '/tmp/cleanup-old-sonarqube-versions.sh': content => template("${module_name}/cleanup-old-sonarqube-versions.sh.erb"), mode => '0755', } - -> - exec { 'remove-old-versions-of-sonarqube': + + -> exec { 'remove-old-versions-of-sonarqube': command => "/tmp/cleanup-old-sonarqube-versions.sh ${installroot} ${version}", path => '/usr/bin:/usr/sbin:/bin:/sbin:/usr/local/bin', refreshonly => true, @@ -196,6 +215,6 @@ hasrestart => true, hasstatus => true, enable => true, - require => File["/etc/init.d/${service}"], + require => [ File["/etc/init.d/${service}"], File['/etc/systemd/system/sonar.service'] ] } } diff --git a/manifests/move_to_home.pp b/manifests/move_to_home.pp index be273932..5d6506cc 100644 --- a/manifests/move_to_home.pp +++ b/manifests/move_to_home.pp @@ -5,8 +5,8 @@ file { "${home}/${name}": ensure => directory, } - -> - file { "${sonarqube::installdir}/${name}": + + -> file { "${sonarqube::installdir}/${name}": ensure => link, target => "${home}/${name}", } diff --git a/manifests/plugin.pp b/manifests/plugin.pp index d334c6fd..c9652d7a 100644 --- a/manifests/plugin.pp +++ b/manifests/plugin.pp @@ -21,6 +21,11 @@ $ensure = present, $artifactid = $name, $groupid = 'org.codehaus.sonar-plugins', + $repo = { + url => 'http://repo1.maven.org/maven2', + username => 'UNSET', + password => 'UNSET', + } ) { $plugin_name = "${artifactid}-${version}.jar" $plugin = "${sonarqube::plugin_dir}/${plugin_name}" @@ -35,15 +40,16 @@ version => $version, before => File[$plugin], require => File[$sonarqube::plugin_dir], + repos => $repo } - ~> - exec { "remove-old-versions-of-${artifactid}": + + ~> exec { "remove-old-versions-of-${artifactid}": command => "/tmp/cleanup-old-plugin-versions.sh ${sonarqube::plugin_dir} ${artifactid} ${version}", path => '/usr/bin:/usr/sbin:/bin:/sbin:/usr/local/bin', refreshonly => true, } - -> - file { $plugin: + + -> file { $plugin: ensure => $ensure, source => "/tmp/${plugin_name}", owner => $sonarqube::user, diff --git a/manifests/runner.pp b/manifests/runner.pp index 6a5e0e14..9f9a6c5e 100644 --- a/manifests/runner.pp +++ b/manifests/runner.pp @@ -20,19 +20,22 @@ path => '/usr/bin:/usr/sbin:/bin:/sbin:/usr/local/bin', } - anchor { 'sonarqube::runner::begin': } -> - class { '::sonarqube::runner::install': + anchor { 'sonarqube::runner::begin': } + + -> class { '::sonarqube::runner::install': package_name => $package_name, version => $version, download_url => $download_url, installroot => $installroot, - } -> - class { '::sonarqube::runner::config': + } + + -> class { '::sonarqube::runner::config': package_name => $package_name, version => $version, installroot => $installroot, jdbc => $jdbc, sonarqube_server => $sonarqube_server, - } ~> - anchor { 'sonarqube::runner::end': } + } + + ~> anchor { 'sonarqube::runner::end': } } diff --git a/manifests/runner/install.pp b/manifests/runner/install.pp index 377e7255..9580a797 100644 --- a/manifests/runner/install.pp +++ b/manifests/runner/install.pp @@ -19,18 +19,18 @@ wget::fetch { 'download-sonar-runner': source => "${download_url}/${version}/sonar-runner-dist-${version}.zip", destination => $tmpzip, - } -> + } - file { "${installroot}/${package_name}-${version}": + -> file { "${installroot}/${package_name}-${version}": ensure => directory, - } -> + } - file { "${installroot}/${package_name}": + -> file { "${installroot}/${package_name}": ensure => link, target => "${installroot}/${package_name}-${version}", - } -> + } - exec { 'unzip-sonar-runner': + -> exec { 'unzip-sonar-runner': command => "unzip -o ${tmpzip} -d ${installroot}", creates => "${installroot}/sonar-runner-${version}/bin", require => [Package[unzip], Wget::Fetch['download-sonar-runner']], @@ -40,6 +40,7 @@ file { '/etc/profile.d/sonarhome.sh': content => 'export SONAR_RUNNER_HOME=/usr/local/sonar-runner', } + file { '/usr/bin/sonar-runner': ensure => link, target => '/var/lib/sonar-runner/bin/sonar-runner', diff --git a/templates/sonar.properties.erb b/templates/sonar.properties.erb index c3a0e1df..858279d8 100644 --- a/templates/sonar.properties.erb +++ b/templates/sonar.properties.erb @@ -16,7 +16,7 @@ sonar.web.host: <%= @host %> #sonar.web.host: 0.0.0.0 <% end -%> sonar.web.port: <%= @port %> -sonar.ajp.port: <%= @portAjp %> +sonar.ajp.port: <%= @port_ajp %> <% if has_variable?('context_path') -%> sonar.web.context: <%= @context_path %> <% end -%> @@ -140,8 +140,13 @@ sonar.search.host=<%= @search_host %> # Permissions to create tables and indexes must be granted to JDBC user. # The schema must be created first. sonar.jdbc.url: <%= @jdbc['url'] %> +<% if @testing == true -%> +sonar.embeddedDatabasePort=9092 +<% end -%> +<% if @testing == false -%> sonar.jdbc.username: <%= @jdbc['username'] %> sonar.jdbc.password: <%= @jdbc['password'] %> +<% end -%> #----- Embedded database H2 # Note : it does not accept connections from remote hosts, so the @@ -195,6 +200,7 @@ sonar.jdbc.password: <%= @jdbc['password'] %> #----- Connection pool settings +<% if @testing == false -%> sonar.jdbc.maxActive: <% if @jdbc['max_active'] %><%= @jdbc['max_active'] %><% else %>50<% end %> sonar.jdbc.maxIdle: <% if @jdbc['max_idle'] %><%= @jdbc['max_idle'] %><% else %>5<% end %> sonar.jdbc.minIdle: <% if @jdbc['min_idle'] %><%= @jdbc['min_idle'] %><% else %>2<% end %> @@ -202,6 +208,7 @@ sonar.jdbc.maxWait: <% if @jdbc['max_wait'] %><%= @jdbc[' sonar.jdbc.minEvictableIdleTimeMillis: <% if @jdbc['min_evictable_idle_time_millis'] %><%= @jdbc['min_evictable_idle_time_millis'] %><% else %>600000<% end %> sonar.jdbc.timeBetweenEvictionRunsMillis: <% if @jdbc['time_between_eviction_runs_millis'] %><%= @jdbc['time_between_eviction_runs_millis'] %><% else %>30000<% end %> +<% end -%> <% end -%> #--------------------------------------------------------- @@ -309,7 +316,7 @@ pam.serviceName=<%= @pam['serviceName'] %> #------------------- # IMPORTANT : before activation, make sure that one Sonar administrator is defined in the external system # Activates the plugin. Leave blank or comment out to use default sonar authentication. -sonar.authenticator.class: org.sonar.plugins.crowd.CrowdAuthenticator +sonar.security.realm=Crowd # Ignore failure at startup if the connection to external system is refused. # Users can browse sonar but not log in as long as the connection fails. diff --git a/templates/sonar.service.erb b/templates/sonar.service.erb new file mode 100644 index 00000000..eacc694e --- /dev/null +++ b/templates/sonar.service.erb @@ -0,0 +1,15 @@ +[Unit] +Description=Sonar <%= @version.to_s %> +After=network.target network-online.target +Wants=network-online.target + +[Service] +ExecStart=<%= @installroot.to_s -%>/sonar/bin/linux-<%= @architecture.to_s.gsub(/_/,'-') -%>/sonar.sh start +ExecStop=<%= @installroot.to_s -%>/sonar/bin/linux-<%= @architecture.to_s.gsub(/_/,'-') -%>/sonar.sh stop +ExecReload=<%= @installroot.to_s -%>/sonar/bin/linux-<%= @architecture.to_s.gsub(/_/,'-') -%>/sonar.sh restart +PIDFile=<%= @installroot.to_s -%>/sonar.pid +Type=forking +User=<%= @user.to_s %> + +[Install] +WantedBy=multi-user.target