lita-puppet 1.0.0 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +8 -0
- data/README.md +6 -1
- data/lib/lita/handlers/puppet.rb +3 -0
- data/lita-puppet.gemspec +1 -2
- data/spec/lita/handlers/puppet_spec.rb +15 -3
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 21c2bf71dcadd164239ace4a8810aa2a7ef3ac78
|
|
4
|
+
data.tar.gz: 769464679133edea58a9d1e7791af3b5a39efea9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5b5d3cc7423f4b833e0658cb23a3aa3c473def0f9576ff1f7c803d3b486af75bf4be55a8211eb2dc64fbaeb92e5a5a9120cf2bba5dd024bc7b573c23c3561fc6
|
|
7
|
+
data.tar.gz: fd0bbf3801dc0e55b8b6ea8ab93cf5fd19795b6303f75e3f99db94413f55d10009656864f560039950fcf9f5d0c8b9dbac3b17bd5d38cb7e04658de2b9157998
|
data/.rubocop.yml
CHANGED
data/README.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
[](https://travis-ci.org/knuedge/lita-puppet)
|
|
4
4
|
[](https://tldrlegal.com/license/mit-license)
|
|
5
|
-
[](https://badge.fury.io/rb/lita-puppet)
|
|
6
6
|
[](https://codeclimate.com/github/knuedge/lita-puppet)
|
|
7
7
|
|
|
8
8
|
A [Lita](https://www.lita.io/) handler plugin for some basic [Puppet](https://puppet.com/) operations.
|
|
@@ -19,6 +19,7 @@ gem "lita-puppet"
|
|
|
19
19
|
|
|
20
20
|
* Some of the commands require a [PuppetDB](https://docs.puppet.com/puppetdb/) server, and it must be specified in the configuration.
|
|
21
21
|
* Other commands require that Lita has SSH access to machines using an SSH key, and that Lita has Passwordless `sudo` capabilities. This sounds scary, but it can be done in a very restrictive way (and if you're using puppet, you can automate it).
|
|
22
|
+
* Lita authorization groups are used to restrict certain commands
|
|
22
23
|
|
|
23
24
|
## Configuration
|
|
24
25
|
|
|
@@ -37,6 +38,7 @@ If you are using this with version 4 of the PuppetDB api you append `/pdq/query`
|
|
|
37
38
|
|
|
38
39
|
#### Deploying an environment via r10k
|
|
39
40
|
puppet r10k [environment [module]]
|
|
41
|
+
This requires the user is a member of the `puppet_admins` authorization group.
|
|
40
42
|
|
|
41
43
|
This is also available as:
|
|
42
44
|
|
|
@@ -44,8 +46,10 @@ This is also available as:
|
|
|
44
46
|
pp deploy [environment [module]]
|
|
45
47
|
pp r10k [environment [module]]
|
|
46
48
|
|
|
49
|
+
|
|
47
50
|
#### Trigger a manual run of the Puppet agent on a host
|
|
48
51
|
puppet agent run on <host>
|
|
52
|
+
This requires the user is a member of the `puppet_admins` authorization group.
|
|
49
53
|
|
|
50
54
|
This is also available as:
|
|
51
55
|
|
|
@@ -59,6 +63,7 @@ Though we don't recomend that last one...
|
|
|
59
63
|
|
|
60
64
|
#### Remove an SSL cert from the Puppet Master
|
|
61
65
|
puppet cert clean <host>
|
|
66
|
+
This requires the user is a member of the `puppet_admins` authorization group.
|
|
62
67
|
|
|
63
68
|
This is also available as:
|
|
64
69
|
|
data/lib/lita/handlers/puppet.rb
CHANGED
|
@@ -14,6 +14,7 @@ module Lita
|
|
|
14
14
|
/(puppet|pp)(\s+agent)?\s+(run)(\s+on)?\s+(\S+)/i,
|
|
15
15
|
:puppet_agent_run,
|
|
16
16
|
command: true,
|
|
17
|
+
restrict_to: :puppet_admins,
|
|
17
18
|
help: { t('help.puppet_agent_run.syntax') => t('help.puppet_agent_run.desc') }
|
|
18
19
|
)
|
|
19
20
|
|
|
@@ -21,6 +22,7 @@ module Lita
|
|
|
21
22
|
/(puppet|pp)\s+(cert)\s+(clean)\s+(\S+)/i,
|
|
22
23
|
:cert_clean,
|
|
23
24
|
command: true,
|
|
25
|
+
restrict_to: :puppet_admins,
|
|
24
26
|
help: { t('help.cert_clean.syntax') => t('help.cert_clean.desc') }
|
|
25
27
|
)
|
|
26
28
|
|
|
@@ -42,6 +44,7 @@ module Lita
|
|
|
42
44
|
/(puppet|pp)\s+(r10k|deploy)(\s+(\S+)(\s+(\S+))?)?/i,
|
|
43
45
|
:r10k_deploy,
|
|
44
46
|
command: true,
|
|
47
|
+
restrict_to: :puppet_admins,
|
|
45
48
|
help: { t('help.r10k_deploy.syntax') => t('help.r10k_deploy.desc') }
|
|
46
49
|
)
|
|
47
50
|
|
data/lita-puppet.gemspec
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
|
-
# rubocop:disable Metrics/BlockLength
|
|
2
1
|
Gem::Specification.new do |spec|
|
|
3
2
|
spec.name = 'lita-puppet'
|
|
4
|
-
spec.version = '
|
|
3
|
+
spec.version = '2.0.0'
|
|
5
4
|
spec.authors = ['Daniel Schaaff', 'Jonathan Gnagy'].sort
|
|
6
5
|
spec.email = ['jgnagy@knuedge.com']
|
|
7
6
|
spec.description = 'Some basic Puppet interactions for Lita'
|
|
@@ -40,14 +40,20 @@ describe Lita::Handlers::Puppet, lita_handler: true do
|
|
|
40
40
|
let(:rye_output_base) { double(exit_status: 0, stdout: ['foo'], stderr: ['bar']) }
|
|
41
41
|
|
|
42
42
|
it 'should have the required routes' do
|
|
43
|
-
is_expected.to route_command('puppet agent run on foo')
|
|
44
|
-
|
|
43
|
+
is_expected.to route_command('puppet agent run on foo')
|
|
44
|
+
.with_authorization_for(:puppet_admins).to(:puppet_agent_run)
|
|
45
|
+
is_expected.to route_command('puppet cert clean foo')
|
|
46
|
+
.with_authorization_for(:puppet_admins).to(:cert_clean)
|
|
45
47
|
is_expected.to route_command('puppet profiles foo').to(:node_profiles)
|
|
46
48
|
is_expected.to route_command('puppet class nodes foo').to(:nodes_with_class)
|
|
47
|
-
is_expected.to route_command('puppet r10k')
|
|
49
|
+
is_expected.to route_command('puppet r10k')
|
|
50
|
+
.with_authorization_for(:puppet_admins).to(:r10k_deploy)
|
|
48
51
|
end
|
|
49
52
|
|
|
50
53
|
describe('#cert_clean') do
|
|
54
|
+
before do
|
|
55
|
+
robot.auth.add_user_to_group!(lita_user, :puppet_admins)
|
|
56
|
+
end
|
|
51
57
|
it 'should clean a cert' do
|
|
52
58
|
allow(Rye::Box).to receive(:new).and_return(rye_box)
|
|
53
59
|
send_command('puppet cert clean server.name', as: lita_user)
|
|
@@ -56,6 +62,9 @@ describe Lita::Handlers::Puppet, lita_handler: true do
|
|
|
56
62
|
end
|
|
57
63
|
|
|
58
64
|
describe('#puppet_agent_run') do
|
|
65
|
+
before do
|
|
66
|
+
robot.auth.add_user_to_group!(lita_user, :puppet_admins)
|
|
67
|
+
end
|
|
59
68
|
it 'should run a puppet agent' do
|
|
60
69
|
allow(Rye::Box).to receive(:new).and_return(rye_box)
|
|
61
70
|
send_command('puppet agent run on server.name', as: lita_user)
|
|
@@ -87,6 +96,9 @@ describe Lita::Handlers::Puppet, lita_handler: true do
|
|
|
87
96
|
end
|
|
88
97
|
|
|
89
98
|
describe('#r10k_deploy') do
|
|
99
|
+
before do
|
|
100
|
+
robot.auth.add_user_to_group!(lita_user, :puppet_admins)
|
|
101
|
+
end
|
|
90
102
|
context 'without a module or environment' do
|
|
91
103
|
it 'should trigger r10k on the puppet master' do
|
|
92
104
|
allow(Rye::Box).to receive(:new).and_return(rye_box)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: lita-puppet
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 2.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Daniel Schaaff
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2017-
|
|
12
|
+
date: 2017-03-22 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: lita
|