diff --git a/bump-tag b/bump-tag index b163569..440809b 100755 --- a/bump-tag +++ b/bump-tag @@ -1,19 +1,30 @@ -#!/bin/sh +#!/bin/bash set -e test -f cosmos.conf && . ./cosmos.conf +echo "Fetching any updates from server:" git pull +echo "" -deftag=`basename $PWD` +if [ "x$1" = "x" ]; then + deftag=`basename $PWD` +else + deftag="$1" +fi tagpfx=${tag:="$deftag"} last_tag=`git tag -l "${tagpfx}-*"|sort|tail -1` -git tag -v $last_tag +echo "Verifying last tag $last_tag:" +(git tag -v $last_tag | grep ^gpg:) || true +# again to not mask exit status of git with grep +git tag -v $last_tag > /dev/null 2>&1 +echo "" -PAGER=cat git diff $last_tag..master +echo "Differences between tag $last_tag and what you are about to sign:" +PAGER=cat git diff --color $last_tag..master iter=1 ok= @@ -29,8 +40,13 @@ while test -z "$ok"; do esac done -echo using new tag $this_tag -echo ONLY SIGN IF YOU APPROVE OF VERIFICATION AND DIFF ABOVE +if [ "$deftag" != "$tagpfx" ]; then + echo -e "Using new tag \e[94m$this_tag\e[0m according to pattern in cosmos.conf" +else + echo -e "Using new tag \e[94m$this_tag\e[0m" +fi + +echo -e "\e[1mONLY SIGN IF YOU APPROVE OF VERIFICATION AND DIFF ABOVE\e[0m" # GITTAGEXTRA is for putting things like "-u 2117364A" diff --git a/cosmos.conf b/cosmos.conf index 32f286a..46ef448 100644 --- a/cosmos.conf +++ b/cosmos.conf @@ -1,2 +1,2 @@ -tag="eduid-cosmos" +tag="cosmos-ops" #repo=git://override-repo-URL diff --git a/docs/cosmos-puppet-ops.mkd b/docs/cosmos-puppet-ops.mkd index 46ceb50..3c7bfcd 100644 --- a/docs/cosmos-puppet-ops.mkd +++ b/docs/cosmos-puppet-ops.mkd @@ -1,5 +1,5 @@ % System Operations using Cosmos & Puppet -% Leif Johansson / SUNET / 2013 / v0.0.3 +% Leif Johansson / SUNET / 2013 / v0.0.4 Introduction @@ -152,7 +152,7 @@ system state using a set of idempotent operations. In theory, anything that can using puppet can be done using cosmos post-processors but puppet allows for greater abstraction which greatly increases readability. -The combination of puppet and cosmos is maintained on github in the 'leifj/multiverse' +The combination of puppet and cosmos is maintained on github in the 'SUNET/multiverse' project. The Cosmos Puppet Module @@ -160,7 +160,7 @@ The Cosmos Puppet Module Although not necessary, a few nice-to-have utilities in the form of puppet modules have been collected as the cosmos puppet module (for want of a better name). The source for -this module is at http://github.com/leifj/puppet-cosmos and it is included (but commented +this module is at https://github.com/SUNET/puppet-cosmos and it is included (but commented out) in the cosmos-modules.conf file (cf below) for easy inclusion. @@ -186,11 +186,11 @@ multiverse. Fabric provides the 'fab' command which will be introduced later on. These two tools (git & fabric) are only needed on mashines where system operators work. -Next clone git://github.com/leifj/multiverse.git - this will form the basis of your cosmos+puppet +Next clone git@github.com:SUNET/multiverse.git - this will form the basis of your cosmos+puppet repository: ``` -# git clone git://github.com/leifj/multiverse.git myproj-cosmos +# git clone git@github.com:SUNET/multiverse.git myproj-cosmos # cd myproj-cosmos ``` @@ -207,21 +207,28 @@ as 'ro'. The read-only remote is used by multiverse scripts during host bootstra ``` # git remote add origin git@yourhost:myproj-cosmos.git -# git remote add ro git://yourhost/myproj-cosmos.git +# git remote add ro https://yourhost/myproj-cosmos.git ``` Now edit .git/config and rename the 'master' branch to use the new 'origin' remote or -you'll try to push to the multiverse remote! Finally create a branch for the 'multiverse' -upstream so you can merge changes to multiverse: +you'll try to push to the multiverse remote! + +``` +[branch "master"] + remote = origin + merge = refs/heads/master +``` + +Finally create a branch for the 'multiverse' upstream so you can merge changes to multiverse: ``` # git checkout -b multiverse --track multiverse/master ``` Note that you can maintain your repo on just about any git hosting platform, including -github, gitorius or your own local setup as long as it supports read-only "git://" access -to your repository. It is important that the remotes called 'origin' and 'ro' refer to -your repository and not to anything else (like a private version of multiverse). +github, gitorius or your own local setup as long as it supports read-only access to your +repository. It is important that the remotes called 'origin' and 'ro' refer to your +repository and not to anything else (like a private version of multiverse). Now add at least one key to 'global/overlay/etc/cosmos/keys/' in a file with a .pub extension (eg 'operator.pub') - the name of the file doesn't matter other than the extension. @@ -238,6 +245,10 @@ At this point you should create and sign your first tag: # ./bump-tag ``` +If Git complains during the first run of bump-tag that "Your configuration specifies to +merge with the ref 'master' from the remote, but no such ref was fetched." then you +have run 'git push' to initialize the connection with the remote repository. + Make sure that you are using the key whose public key you just added to the repository! You can now start adding hosts. @@ -330,14 +341,14 @@ with 3 columns: # concat puppetlabs/concat no stdlib puppetlabs/stdlib no -cosmos git://github.com/leifj/puppet-cosmos.git yes -ufw git://github.com/fredrikt/puppet-module-ufw.git yes +cosmos https://github.com/SUNET/puppet-cosmos.git yes +ufw https://github.com/SUNET/puppet-module-ufw.git yes apt puppetlabs/apt no vcsrepo puppetlabs/vcsrepo no xinetd puppetlabs/xinetd no #golang elithrar/golang yes -python git://github.com/fredrikt/puppet-python.git yes -hiera-gpg git://github.com/fredrikt/hiera-gpg.git no +python https://github.com/SUNET/puppet-python.git yes +hiera-gpg https://github.com/SUNET/hiera-gpg.git no ``` This is an example file - the first field is the name of the module, the second is @@ -448,3 +459,4 @@ On all hosts: ``` # fab -- reboot # danger Will Robinsson! ``` + diff --git a/global/overlay/etc/puppet/cosmos-modules.conf b/global/overlay/etc/puppet/cosmos-modules.conf index e1ef0e5..991a570 100644 --- a/global/overlay/etc/puppet/cosmos-modules.conf +++ b/global/overlay/etc/puppet/cosmos-modules.conf @@ -5,14 +5,14 @@ # in the Cosmos trust list. That is why all the URLs point to forked # versions in the SUNET github organization. # -concat git://github.com/SUNET/puppetlabs-concat.git yes sunet-* -stdlib git://github.com/SUNET/puppetlabs-stdlib.git yes sunet-* -cosmos git://github.com/SUNET/puppet-cosmos.git yes sunet-* -ufw git://github.com/SUNET/puppet-module-ufw.git yes sunet_dev-* -apt git://github.com/SUNET/puppetlabs-apt.git yes sunet_dev-* -vcsrepo git://github.com/SUNET/puppetlabs-vcsrepo.git yes sunet-* -xinetd git://github.com/SUNET/puppetlabs-xinetd.git yes sunet-* -hiera-gpg git://github.com/SUNET/hiera-gpg.git yes sunet-* +concat https://github.com/SUNET/puppetlabs-concat.git yes sunet-* +stdlib https://github.com/SUNET/puppetlabs-stdlib.git yes sunet-* +cosmos https://github.com/SUNET/puppet-cosmos.git yes sunet-* +ufw https://github.com/SUNET/puppet-module-ufw.git yes sunet_dev-* +apt https://github.com/SUNET/puppetlabs-apt.git yes sunet_dev-* +vcsrepo https://github.com/SUNET/puppetlabs-vcsrepo.git yes sunet-* +xinetd https://github.com/SUNET/puppetlabs-xinetd.git yes sunet-* +hiera-gpg https://github.com/SUNET/hiera-gpg.git yes sunet-* # # Alternate sources you might or might not want to use: #concat puppetlabs/concat no @@ -21,16 +21,16 @@ hiera-gpg git://github.com/SUNET/hiera-gpg.git yes sunet-* #apt puppetlabs/apt no #vcsrepo puppetlabs/vcsrepo no #xinetd puppetlabs/xinetd no -#cosmos git://github.com/leifj/puppet-cosmos.git yes -#python git://github.com/SUNET/puppet-python.git yes sunet-* -#erlang git://github.com/SUNET/garethr-erlang.git yes sunet-* -#rabbitmq git://github.com/SUNET/puppetlabs-rabbitmq.git yes sunet_dev-* -#pound git://github.com/SUNET/puppet-pound.git yes sunet_dev-* -#augeas git://github.com/SUNET/puppet-augeas.git yes sunet-* -#bastion git://github.com/SUNET/puppet-bastion.git yes sunet-* -#postgresql git://github.com/SUNET/puppetlabs-postgresql.git yes sunet_dev-* -#munin git://github.com/SUNET/ssm-munin.git yes sunet-* -#nagios git://github.com/SUNET/puppet-nagios.git yes sunet-* -#staging git://github.com/SUNET/puppet-staging.git yes sunet-* -#apparmor git://github.com/SUNET/puppet-apparmor.git yes sunet-* -#docker git://github.com/SUNET/garethr-docker.git yes sunet_dev-* +#cosmos https://github.com/SUNET/puppet-cosmos.git yes +#python https://github.com/SUNET/puppet-python.git yes sunet-* +#erlang https://github.com/SUNET/garethr-erlang.git yes sunet-* +#rabbitmq https://github.com/SUNET/puppetlabs-rabbitmq.git yes sunet_dev-* +#pound https://github.com/SUNET/puppet-pound.git yes sunet_dev-* +#augeas https://github.com/SUNET/puppet-augeas.git yes sunet-* +#bastion https://github.com/SUNET/puppet-bastion.git yes sunet-* +#postgresql https://github.com/SUNET/puppetlabs-postgresql.git yes sunet_dev-* +#munin https://github.com/SUNET/ssm-munin.git yes sunet-* +#nagios https://github.com/SUNET/puppet-nagios.git yes sunet-* +#staging https://github.com/SUNET/puppet-staging.git yes sunet-* +#apparmor https://github.com/SUNET/puppet-apparmor.git yes sunet-* +#docker https://github.com/SUNET/garethr-docker.git yes sunet_dev-* diff --git a/global/overlay/usr/local/sbin/cosmos_vm b/global/overlay/usr/local/sbin/cosmos_vm index ca58022..5eec8f7 100755 --- a/global/overlay/usr/local/sbin/cosmos_vm +++ b/global/overlay/usr/local/sbin/cosmos_vm @@ -9,8 +9,8 @@ hostname="default" bridge="br0" cpus="1" mem="1024" -repo="git://code.mnt.se/mnt-cosmos.git" -tag="eduid-cosmos" +repo="https://yourhost/myproj-cosmos.git" +tag="cosmos-ops" ip="" gateway="" netmask=""