Filippo Giunchedi has submitted this change and it was merged.
Change subject: Extract wmf-beta-scap to sudo-withagent wrapper script
......................................................................
Extract wmf-beta-scap to sudo-withagent wrapper script
Change-Id: Id8541b7b28b33e31aaf60f49d1b76553909cae39
---
A files/misc/scripts/sudo-withagent
M manifests/misc/deployment.pp
M modules/beta/files/wmf-beta-scap
M modules/beta/manifests/scap/master.pp
4 files changed, 43 insertions(+), 26 deletions(-)
Approvals:
Filippo Giunchedi: Verified; Looks good to me, approved
jenkins-bot: Verified
diff --git a/files/misc/scripts/sudo-withagent
b/files/misc/scripts/sudo-withagent
new file mode 100755
index 0000000..9e029f8
--- /dev/null
+++ b/files/misc/scripts/sudo-withagent
@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+# sudo-withagent USER /path/to/script param1 param2
+#
+# This file is managed by puppet.
+#
+set -e
+
+# User that the script should be run as
+RUN_AS=$1
+
+# Ensure that script is run as the correct user
+[[ $(whoami) = $RUN_AS ]] || exec sudo -H -u $RUN_AS -- "$0" "$@"
+
+# Pop user
+shift
+
+# Ensure that an ssh-agent is running
+if [[ -z $SSH_AUTH_SOCK ]]; then
+ echo Starting ssh-agent
+ eval $(ssh-agent)
+
+ # Add default keys
+ ssh-add
+
+ # Kill the agent when this script exits
+ trap 'trap - EXIT; [[ $SSH_AGENT_PID ]] && kill $SSH_AGENT_PID' \
+ EXIT SIGHUP SIGINT SIGQUIT SIGPIPE SIGTERM
+fi
+
+# Set a sane terminal type
+export TERM=dumb
+
+# Run script
+"$@"
diff --git a/manifests/misc/deployment.pp b/manifests/misc/deployment.pp
index 0e3ac3d..f5a7389 100644
--- a/manifests/misc/deployment.pp
+++ b/manifests/misc/deployment.pp
@@ -124,6 +124,11 @@
group => 'root',
mode => '0444',
source => 'puppet:///files/misc/scripts/man';
+ '/usr/local/bin/sudo-withagent':
+ owner => 'root',
+ group => 'root',
+ mode => '0555',
+ source => 'puppet:///files/misc/scripts/sudo-withagent';
}
}
diff --git a/modules/beta/files/wmf-beta-scap b/modules/beta/files/wmf-beta-scap
index a0c64bc..a0ed58a 100755
--- a/modules/beta/files/wmf-beta-scap
+++ b/modules/beta/files/wmf-beta-scap
@@ -3,29 +3,4 @@
#
# Run scap on the beta cluster.
#
-set -e
-
-# User that scap should be run as
-RUN_AS=mwdeploy
-
-# Ensure that script is run as the correct user
-[[ $(whoami) = $RUN_AS ]] || exec sudo -H -u $RUN_AS -- "$0" "$@"
-
-# Ensure that an ssh-agent is running
-if [[ -z $SSH_AUTH_SOCK ]]; then
- echo Starting ssh-agent
- eval $(ssh-agent)
-
- # Add default keys
- ssh-add
-
- # Kill the agent when this script exits
- trap 'trap - EXIT; [[ $SSH_AGENT_PID ]] && kill $SSH_AGENT_PID' \
- EXIT SIGHUP SIGINT SIGQUIT SIGPIPE SIGTERM
-fi
-
-# Set a sane terminal type
-export TERM=dumb
-
-# Run scap
-/usr/local/bin/scap "$@"
+/usr/local/bin/sudo-withagent mwdeploy /usr/local/bin/scap "$@"
diff --git a/modules/beta/manifests/scap/master.pp
b/modules/beta/manifests/scap/master.pp
index fdaa472..32d003d 100644
--- a/modules/beta/manifests/scap/master.pp
+++ b/modules/beta/manifests/scap/master.pp
@@ -45,10 +45,13 @@
}
# Install a scap runner script for commmand line or jenkins use
+ # Depends on sudo-withagent from misc::deployment::scap_scripts
file { '/usr/local/bin/wmf-beta-scap':
owner => 'root',
group => 'root',
mode => '0555',
+ require => File['/usr/local/bin/sudo-withagent'],
source => 'puppet:///modules/beta/wmf-beta-scap',
}
+
}
--
To view, visit https://gerrit.wikimedia.org/r/160960
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Id8541b7b28b33e31aaf60f49d1b76553909cae39
Gerrit-PatchSet: 10
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Reedy <[email protected]>
Gerrit-Reviewer: 20after4 <[email protected]>
Gerrit-Reviewer: Andrew Bogott <[email protected]>
Gerrit-Reviewer: BryanDavis <[email protected]>
Gerrit-Reviewer: Dzahn <[email protected]>
Gerrit-Reviewer: Faidon Liambotis <[email protected]>
Gerrit-Reviewer: Filippo Giunchedi <[email protected]>
Gerrit-Reviewer: Hashar <[email protected]>
Gerrit-Reviewer: Mark Bergsma <[email protected]>
Gerrit-Reviewer: Reedy <[email protected]>
Gerrit-Reviewer: Springle <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
