Merge pull request 'neoloc/yumrepos' (#212) from neoloc/yumrepos into develop

Reviewed-on: unkinben/puppet-prod#212
This commit is contained in:
2024-05-19 20:09:50 +09:30
15 changed files with 169 additions and 403 deletions
+1 -1
View File
@@ -19,7 +19,7 @@ class profiles::puppet::agent (
# Ensure the puppet-agent package is installed and locked to a specific version
package { 'puppet-agent':
ensure => $puppet_version,
require => Class['profiles::yum::puppet7'],
require => Yumrepo['puppet'],
}
# versionlock puppet-agent
-92
View File
@@ -1,92 +0,0 @@
# Class: profiles::yum::base
#
# This class manages the 'base', extras' and 'appstream' yum
# repositories for a system, based on the provided list of managed repositories.
#
# Parameters:
# -----------
# - $managed_repos: An array containing the names of the repositories to be
# managed. This can include 'base', 'extras',
# and 'appstream'.
#
# - $baseurl: The base URL for the yum repositories. This should be the root
# URL of your yum mirror server.
#
# Actions:
# --------
# - Sets up the 'base', extras', and 'appstream' yum repositories
# as specified in the $managed_repos parameter, all using the provided baseurl.
#
# - Each repo configuration includes the baseurl parameterized with the OS
# release version and architecture, and specifies the GPG key.
#
# Example usage:
# --------------
# To use this class with the default parameters:
# class { 'profiles::yum::base':
# managed_repos => ['base', 'extras', 'appstream'],
# baseurl => 'http://mylocalmirror.com/yum',
# }
#
class profiles::yum::base (
Array[String] $managed_repos,
String $baseurl,
Enum[
'daily',
'weekly',
'monthly'
] $snapshot = 'daily',
) {
$release = $facts['os']['release']['full']
$basearch = $facts['os']['architecture']
if 'base' in $managed_repos {
yumrepo { 'base':
name => 'base',
descr => 'base repository',
target => '/etc/yum.repos.d/base.repo',
baseurl => "${baseurl}/${release}/BaseOS-${snapshot}/${basearch}/os/",
gpgkey => "${baseurl}/${release}/BaseOS-${snapshot}/${basearch}/os/RPM-GPG-KEY-${facts['os']['name']}",
}
}
if 'extras' in $managed_repos {
yumrepo { 'extras':
name => 'extras',
descr => 'extras repository',
target => '/etc/yum.repos.d/extras.repo',
baseurl => "${baseurl}/${release}/extras-${snapshot}/${basearch}/os/",
gpgkey => "${baseurl}/${release}/extras-${snapshot}/${basearch}/os/RPM-GPG-KEY-${facts['os']['name']}",
}
}
if 'appstream' in $managed_repos {
yumrepo { 'appstream':
name => 'appstream',
descr => 'appstream repository',
target => '/etc/yum.repos.d/appstream.repo',
baseurl => "${baseurl}/${release}/AppStream-${snapshot}/${basearch}/os/",
gpgkey => "${baseurl}/${release}/AppStream-${snapshot}/${basearch}/os/RPM-GPG-KEY-${facts['os']['name']}",
}
}
if 'powertools' in $managed_repos {
yumrepo { 'powertools':
name => 'powertools',
descr => 'powertools repository',
target => '/etc/yum.repos.d/powertools.repo',
baseurl => "${baseurl}/${release}/PowerTools-${snapshot}/${basearch}/os/",
gpgkey => "${baseurl}/${release}/PowerTools-${snapshot}/${basearch}/os/RPM-GPG-KEY-${facts['os']['name']}",
}
}
if 'highavailability' in $managed_repos {
yumrepo { 'highavailability':
name => 'highavailability',
descr => 'highavailability repository',
target => '/etc/yum.repos.d/highavailability.repo',
baseurl => "${baseurl}/${release}/HighAvailability-${snapshot}/${basearch}/os/",
gpgkey => "${baseurl}/${release}/HighAvailability-${snapshot}/${basearch}/os/RPM-GPG-KEY-${facts['os']['name']}",
}
}
}
-48
View File
@@ -1,48 +0,0 @@
# Class: profiles::yum::epel
#
# This class manages the EPEL yum repository for the system.
#
# Parameters:
# -----------
# - $baseurl: The base URL for the EPEL yum repository. This should be the root
# URL of your EPEL mirror server.
#
# Actions:
# --------
# - Checks the OS release version.
#
# - If the release version is 7, 8, or 9, it sets up the 'epel' yum repository
#
# - If the release version is not supported, it raises an error.
#
# Example usage:
# --------------
# To use this class with the default parameters:
# include profiles::yum::epel
#
# To specify a custom base URL:
# class { 'profiles::yum::epel':
# baseurl => 'http://mylocalmirror.com/yum',
# }
class profiles::yum::epel (
Array[String] $managed_repos,
String $baseurl,
Enum[
'daily',
'weekly',
'monthly'
] $snapshot = 'daily',
) {
$release = $facts['os']['release']['major']
$basearch = $facts['os']['architecture']
if 'epel' in $managed_repos {
yumrepo { 'epel':
name => 'epel',
descr => 'epel repository',
target => '/etc/yum.repos.d/epel.repo',
baseurl => "${baseurl}/${release}/Everything-${snapshot}/${basearch}/os/",
gpgkey => "${baseurl}/${release}/Everything-${snapshot}/${basearch}/os/RPM-GPG-KEY-EPEL-${release}",
}
}
}
+4 -81
View File
@@ -1,48 +1,7 @@
# Class: profiles::yum::global
#
# This class manages global YUM configurations and optionally includes the
# base and EPEL yum repository profiles based on the content of the
# $managed_repos parameter, which is an array of repository names.
#
# Parameters:
# -----------
# - $managed_repos: An array of repository names that the Puppet agent should
# manage. This parameter is mandatory and the class will
# fail if it is not provided via hieradata.
# Example: ['base', 'updates', 'extras', 'appstream']
#
# Actions:
# --------
# - Configures global YUM settings, including keeping the kernel development
# packages and cleaning old kernels.
#
# - Establishes default parameters for any YUM repositories managed by Puppet.
# This includes the repository file location, the repository description,
# and enabling the repository and GPG checks.
#
# - Depending on the content of the $managed_repos parameter, it includes the
# profiles::yum::base and/or profiles::yum::epel classes.
#
# - Manages all .repo files under /etc/yum.repos.d. All the repositories listed
# in $managed_repos will have their corresponding .repo files preserved. Any
# .repo file that is not listed in $managed_repos will be removed.
#
# - Creates and maintains a /etc/yum.repos.d/.managed file that lists all the
# .repo files that should be managed by Puppet.
#
# Example usage:
# --------------
# To use this class, include the class and configure hieradata:
# include profiles::yum::global
#
# profiles::yum::managed_repos:
# - 'base'
# - 'extras'
# - 'appstream'
#
class profiles::yum::global (
Array[String] $managed_repos,
Boolean $purge = true,
Hash $repos = {},
Boolean $purge = true,
){
class { 'yum':
keep_kernel_devel => true,
@@ -56,44 +15,8 @@ class profiles::yum::global (
purge => $purge,
}
# Generate the content for the .managed file
$managed_file_content = $managed_repos.map |$repo_name| { "${repo_name}.repo" }.join("\n")
# Create the .managed file
file { '/etc/yum.repos.d/.managed':
ensure => file,
content => $managed_file_content,
}
# Setup base repos
class { 'profiles::yum::base':
managed_repos => $managed_repos,
require => Class['profiles::pki::vaultca'],
}
# Setup epel if included in managed_repos
class { 'profiles::yum::epel':
managed_repos => $managed_repos,
require => Class['profiles::pki::vaultca'],
}
# Setup puppet7 if included in managed_repos
class { 'profiles::yum::puppet7':
managed_repos => $managed_repos,
require => Class['profiles::pki::vaultca'],
}
# Setup unkin repo if included in managed_repos
class { 'profiles::yum::unkin':
managed_repos => $managed_repos,
require => Class['profiles::pki::vaultca'],
}
# Setup ovirt repo if included in managed_repos
class { 'profiles::yum::ovirt':
managed_repos => $managed_repos,
require => Class['profiles::pki::vaultca'],
}
# create repos
create_resources('yumrepo', $repos)
# makecache if changes made to repos
exec {'dnf_makecache':
-25
View File
@@ -1,25 +0,0 @@
# Class: profiles::yum::mariadb
#
# This class manages the mariadb yum repository for the system.
#
class profiles::yum::mariadb (
String $baseurl = 'https://repos.main.unkin.net',
String $version = '11.2',
Enum[
'daily',
'weekly',
'monthly'
] $snapshot = 'daily',
) {
$release = $facts['os']['release']['major']
$basearch = $facts['os']['architecture']
yumrepo { 'mariadb':
name => 'mariadb',
descr => 'mariadb repository',
target => '/etc/yum.repos.d/mariadb.repo',
baseurl => "${baseurl}/mariadb/${version}/el${release}-${snapshot}/${basearch}/os/",
gpgkey => "${baseurl}/mariadb/${version}/el${release}-${snapshot}/${basearch}/os/RPM-GPG-KEY-MariaDB",
require => Class['profiles::pki::vaultca'],
}
}
-48
View File
@@ -1,48 +0,0 @@
# Class: profiles::yum::ovirt
class profiles::yum::ovirt (
Array[String] $managed_repos,
String $baseurl,
Enum[
'daily',
'weekly',
'monthly'
] $snapshot = 'daily',
) {
$release = $facts['os']['release']['major']
$basearch = $facts['os']['architecture']
$centos_nonstream = [
'virt-advanced-virtualization',
'storage-ceph-pacific'
]
$centos_stream = [
'cloud-openstack-xena',
'messaging-rabbitmq-38',
'nfv-openvswitch-2',
'opstools-collectd-5',
'storage-gluster-10',
'virt-ovirt-45'
]
$centos_nonstream.each |$name| {
if $name in $managed_repos {
yumrepo { $name:
name => $name,
descr => $name,
target => '/etc/yum.repos.d/ovirt.repo',
baseurl => "${baseurl}/${release}/${name}-20240311/${basearch}/os/",
gpgcheck => false,
}
}
}
$centos_stream.each |$name| {
if $name in $managed_repos {
yumrepo { $name:
name => $name,
descr => $name,
target => '/etc/yum.repos.d/ovirt.repo',
baseurl => "${baseurl}/${release}-stream/${name}-20240311/${basearch}/os/",
gpgcheck => false,
}
}
}
}
-48
View File
@@ -1,48 +0,0 @@
# Class: profiles::yum::epel
#
# This class manages the puppet7 yum repository for the system.
#
# Parameters:
# -----------
# - $baseurl: The base URL for the puppet7 yum repository. This should be the root
# URL of your puppet7 mirror server.
#
# Actions:
# --------
# - Checks the OS release version.
#
# - If the release version is 7, 8, or 9, it sets up the 'puppet7' yum repository
# and installs the puppet7 release RPM from the provided baseurl.
#
# - If the release version is not supported, it raises an error.
#
# - The repo configuration includes the baseurl parameterized with the OS
# release version and architecture, and specifies the GPG key.
#
# Example usage:
# --------------
# To use this class with the default parameters:
# include profiles::yum::puppet7
#
# To specify a custom base URL:
# class { 'profiles::yum::puppet7':
# baseurl => 'http://mylocalmirror.com/yum',
# }
class profiles::yum::puppet7 (
Array[String] $managed_repos,
String $baseurl = 'http://repos.main.unkin.net/puppet7',
) {
$releasever = $facts['os']['release']['major']
$basearch = $facts['os']['architecture']
if 'puppet7' in $managed_repos {
yumrepo { 'puppet7':
name => 'puppet7',
descr => 'puppet7 repository',
target => '/etc/yum.repos.d/puppet7.repo',
baseurl => "${baseurl}/el/${releasever}-daily/${basearch}/os/",
gpgkey => 'https://yum.puppet.com/RPM-GPG-KEY-puppet-20250406',
#gpgkey => "${baseurl}/el/${releasever}-daily/${basearch}/os/RPM-GPG-KEY-puppet",
}
}
}
-23
View File
@@ -1,23 +0,0 @@
# Class: profiles::yum::unkin
class profiles::yum::unkin (
Array[String] $managed_repos,
String $baseurl,
Enum[
'daily',
'weekly',
'monthly'
] $snapshot = 'daily',
) {
$release = $facts['os']['release']['major']
$basearch = $facts['os']['architecture']
if 'unkin' in $managed_repos {
yumrepo { 'unkin':
name => 'unkin',
descr => 'unkin repository',
target => '/etc/yum.repos.d/unkin.repo',
baseurl => "${baseurl}/${::facts['os']['release']['major']}/${basearch}/os/",
gpgcheck => false,
}
}
}