[MediaWiki-commits] [Gerrit] Extract wmf-beta-scap to sudo-withagent wrapper script - change (operations/puppet)

Filippo Giunchedi (Code Review) Wed, 08 Oct 2014 05:12:17 -0700

Filippo Giunchedi has submitted this change and it was merged.

Change subject: Extract wmf-beta-scap to sudo-withagent wrapper script
......................................................................



Extract wmf-beta-scap to sudo-withagent wrapper script

Change-Id: Id8541b7b28b33e31aaf60f49d1b76553909cae39
---
A files/misc/scripts/sudo-withagent
M manifests/misc/deployment.pp
M modules/beta/files/wmf-beta-scap
M modules/beta/manifests/scap/master.pp
4 files changed, 43 insertions(+), 26 deletions(-)

Approvals:
  Filippo Giunchedi: Verified; Looks good to me, approved
  jenkins-bot: Verified



diff --git a/files/misc/scripts/sudo-withagent 
b/files/misc/scripts/sudo-withagent
new file mode 100755
index 0000000..9e029f8
--- /dev/null
+++ b/files/misc/scripts/sudo-withagent
@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+# sudo-withagent USER /path/to/script param1 param2
+#
+# This file is managed by puppet.
+#
+set -e
+
+# User that the script should be run as
+RUN_AS=$1
+
+# Ensure that script is run as the correct user
+[[ $(whoami) = $RUN_AS ]] || exec sudo -H -u $RUN_AS -- "$0" "$@"
+
+# Pop user
+shift
+
+# Ensure that an ssh-agent is running
+if [[ -z $SSH_AUTH_SOCK ]]; then
+    echo Starting ssh-agent
+    eval $(ssh-agent)
+
+    # Add default keys
+    ssh-add
+
+    # Kill the agent when this script exits
+    trap 'trap - EXIT; [[ $SSH_AGENT_PID ]] && kill $SSH_AGENT_PID' \
+        EXIT SIGHUP SIGINT SIGQUIT SIGPIPE SIGTERM
+fi
+
+# Set a sane terminal type
+export TERM=dumb
+
+# Run script
+"$@"
diff --git a/manifests/misc/deployment.pp b/manifests/misc/deployment.pp
index 0e3ac3d..f5a7389 100644
--- a/manifests/misc/deployment.pp
+++ b/manifests/misc/deployment.pp
@@ -124,6 +124,11 @@
             group   => 'root',
             mode    => '0444',
             source  => 'puppet:///files/misc/scripts/man';
+        '/usr/local/bin/sudo-withagent':
+            owner   => 'root',
+            group   => 'root',
+            mode    => '0555',
+            source  => 'puppet:///files/misc/scripts/sudo-withagent';
     }
 }
 
diff --git a/modules/beta/files/wmf-beta-scap b/modules/beta/files/wmf-beta-scap
index a0c64bc..a0ed58a 100755
--- a/modules/beta/files/wmf-beta-scap
+++ b/modules/beta/files/wmf-beta-scap
@@ -3,29 +3,4 @@
 #
 # Run scap on the beta cluster.
 #
-set -e
-
-# User that scap should be run as
-RUN_AS=mwdeploy
-
-# Ensure that script is run as the correct user
-[[ $(whoami) = $RUN_AS ]] || exec sudo -H -u $RUN_AS -- "$0" "$@"
-
-# Ensure that an ssh-agent is running
-if [[ -z $SSH_AUTH_SOCK ]]; then
-    echo Starting ssh-agent
-    eval $(ssh-agent)
-
-    # Add default keys
-    ssh-add
-
-    # Kill the agent when this script exits
-    trap 'trap - EXIT; [[ $SSH_AGENT_PID ]] && kill $SSH_AGENT_PID' \
-        EXIT SIGHUP SIGINT SIGQUIT SIGPIPE SIGTERM
-fi
-
-# Set a sane terminal type
-export TERM=dumb
-
-# Run scap
-/usr/local/bin/scap "$@"
+/usr/local/bin/sudo-withagent mwdeploy /usr/local/bin/scap "$@"
diff --git a/modules/beta/manifests/scap/master.pp 
b/modules/beta/manifests/scap/master.pp
index fdaa472..32d003d 100644
--- a/modules/beta/manifests/scap/master.pp
+++ b/modules/beta/manifests/scap/master.pp
@@ -45,10 +45,13 @@
     }
 
     # Install a scap runner script for commmand line or jenkins use
+    # Depends on sudo-withagent from misc::deployment::scap_scripts
     file { '/usr/local/bin/wmf-beta-scap':
         owner   => 'root',
         group   => 'root',
         mode    => '0555',
+        require => File['/usr/local/bin/sudo-withagent'],
         source  => 'puppet:///modules/beta/wmf-beta-scap',
     }
+
 }

-- 
To view, visit https://gerrit.wikimedia.org/r/160960
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Id8541b7b28b33e31aaf60f49d1b76553909cae39
Gerrit-PatchSet: 10
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Reedy <re...@wikimedia.org>
Gerrit-Reviewer: 20after4 <mmod...@wikimedia.org>
Gerrit-Reviewer: Andrew Bogott <abog...@wikimedia.org>
Gerrit-Reviewer: BryanDavis <bda...@wikimedia.org>
Gerrit-Reviewer: Dzahn <dz...@wikimedia.org>
Gerrit-Reviewer: Faidon Liambotis <fai...@wikimedia.org>
Gerrit-Reviewer: Filippo Giunchedi <fgiunch...@wikimedia.org>
Gerrit-Reviewer: Hashar <has...@free.fr>
Gerrit-Reviewer: Mark Bergsma <m...@wikimedia.org>
Gerrit-Reviewer: Reedy <re...@wikimedia.org>
Gerrit-Reviewer: Springle <sprin...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Extract wmf-beta-scap to sudo-withagent wrapper script - change (operations/puppet)

Reply via email to