Andrew Bogott has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/373710 )
Change subject: labs puppetmaster: get allowed servers from hiera rather than
hard-coding
......................................................................
labs puppetmaster: get allowed servers from hiera rather than hard-coding
I finally figured out how to do this!
Change-Id: I6a45b68a6535b19af8c278979ca6b2214b21bd4d
---
M modules/role/templates/labs/puppetmaster/extra_auth_rules.conf.erb
1 file changed, 3 insertions(+), 5 deletions(-)
Approvals:
Andrew Bogott: Looks good to me, approved
jenkins-bot: Verified
diff --git a/modules/role/templates/labs/puppetmaster/extra_auth_rules.conf.erb
b/modules/role/templates/labs/puppetmaster/extra_auth_rules.conf.erb
index 202af5a..ea303da 100644
--- a/modules/role/templates/labs/puppetmaster/extra_auth_rules.conf.erb
+++ b/modules/role/templates/labs/puppetmaster/extra_auth_rules.conf.erb
@@ -2,8 +2,6 @@
path /resource_type
auth any
allow <%= @horizon_host %>
-
-# This should come from
scope.function_hiera(['puppetmaster::servers']).values.flatten(1).map
-# but I absolutely can't make erb work properly
-allow labpuppetmaster1001.wikimedia.org
-allow labpuppetmaster1002.wikimedia.org
+<% scope.function_hiera(['puppetmaster::servers']).values.flatten(1).map { |p|
p['worker'] }.sort.each do |server| -%>
+allow <%= server %>
+<% end -%>
--
To view, visit https://gerrit.wikimedia.org/r/373710
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I6a45b68a6535b19af8c278979ca6b2214b21bd4d
Gerrit-PatchSet: 2
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Andrew Bogott <[email protected]>
Gerrit-Reviewer: Andrew Bogott <[email protected]>
Gerrit-Reviewer: Giuseppe Lavagetto <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
