def handle_repo_ssl(self): """Removes SSL verification for https repositories.""" r = runcmd("sed -i 's/^sslverify.*/sslverify=False/g' %s" % self.config, stop_on_error=False) if r.failed: api.fail("Could not disable SSL in %s" % self.config)
def _run(self): logfile = os.path.join(config.CFG["log_path"], "qc_conf.stderr") module_path = utils.runcmd("puppet config print modulepath", envvars=[( "PATH", "$PATH:/opt/puppetlabs/bin")], nosudo=True, stop_on_error=False) if module_path: self.module_path = ':'.join([self.module_path, module_path]) cmd = ("%s apply --verbose --debug --modulepath %s %s " "--detail-exitcodes") % (self.puppet_bin, self.module_path, self.manifest) r = utils.runcmd(cmd, os.getcwd(), log_to_file="qc_conf", stop_on_error=False, nosudo=True) if r.return_code == 0: api.info("Puppet execution ended successfully.") elif r.return_code == 2: api.info(("Puppet execution ended successfully (changes were " "applied)")) r.failed = False else: api.fail("Puppet execution failed. More information on %s log" % logfile, stop_on_error=True) r.failed = True return r
def run(self, qc_step): self.pre_config() self.nodetype = butils.to_list(self.nodetype) self.siteinfo = butils.to_list(self.siteinfo) if not self.nodetype or not self.siteinfo: raise exception.ConfigException(("Could not run YAIM: Bad " "nodetype or site-info.")) with tempfile.NamedTemporaryFile("w+t", dir=self.config_path, delete=True) as f: for si in self.siteinfo: f.write("source %s\n" % si) f.flush() info(("Creating temporary file '%s' with " "content: %s" % (f.name, f.readlines()))) # NOTE(orviz) Cannot use 'capture=True': execution gets # stalled (defunct) with lcd(self.config_path): abort_exception_default = env.abort_exception env.abort_exception = exception.ConfigException try: local("/opt/glite/yaim/bin/yaim -c -s %s -n %s" % (f.name, " -n ".join(self.nodetype))) except exception.ConfigException: fail(("YAIM execution failed. Check the logs at " "'/opt/glite/yaim/log/yaimlog'.")) info("YAIM configuration ran successfully.") env.abort_exception = abort_exception_default self.post_config()
def validate(self): # Strong validations first: (umd_release, repository_url) v_umd_release = self.get("umd_release", None) v_cmd_release = self.get("cmd_release", None) v_repo = self.get("repository_url", None) v_repo_file = self.get("repository_file", None) if not v_umd_release and not v_cmd_release: if self.get("cmd_one_release", None): v_cmd_release = self.get("cmd_one_release") else: api.fail(("No UMD or CMD release was selected: cannot start " "deployment"), stop_on_error=True) else: api.info("Using UMD %s release repository" % v_umd_release) if v_repo: api.info("Using UMD verification repository: %s" % v_repo) if v_repo_file: api.info("Using UMD verification repository file: %s" % v_repo_file) # Configuration management: Puppet from umd.base.configure.puppet import PuppetConfig if isinstance(self.__getitem__("cfgtool"), PuppetConfig): if not self.__getitem__("puppet_release"): api.fail(("No Puppet release package defined for '%s' " "distribution" % system.distname), stop_on_error=True)
def pre_install(self): if not config.CFG["repository_url"]: api.fail("No CA verification URL was given.", stop_on_error=True) if system.distname in ["debian", "ubuntu"]: repo = "egi-igtf" utils.runcmd("wget -q -O - %s | apt-key add -" % os.path.join(config.CFG["repository_url"][0], "GPG-KEY-EUGridPMA-RPM-3")) elif system.distname in ["redhat"]: repo = ["EGI-trustanchors", "LCG-trustanchors"] utils.remove_repo(repo) # FIXME(orviz) workaround CA release with no Debian '.list' repofile if system.distname in ["debian", "ubuntu"]: # Just one repository is expected repo = config.CFG["repository_url"][0] ca_version = urlparse.urlparse(repo).path.split("cas/")[-1] ca_version = ''.join(ca_version.replace('/', '.', 1).replace('/', '-')) repo = os.path.join(repo, '-'.join(["ca-policy-egi-core", ca_version])) repodeb = "deb %s egi-igtf core" % repo if system.distro_version == "debian6": source = "/etc/apt/sources.list.d/egi-igtf.list" utils.runcmd("echo '%s' > %s" % (repodeb, source)) else: utils.runcmd("apt-add-repository '%s'" % repodeb)
def qc_mon_1(self): """Service Probes.""" if config.CFG["qc_mon_capable"]: headers = {"content-type": "application/json"} url = "http://%s/siteurls" % config.CFG["umdnsu_url"] data = {"name": config.CFG["name"].upper()} try: resp = requests.post(url, data=json.dumps(data), headers=headers) if resp.status_code == 200: data = resp.json() if data["enabled"]: # FIXME Need to provide the Nagios URL where the host # will be monitored api.ok("LDAP URL added:'%s %s'" % (data["prefix"], data["url"])) else: api.warn("Could not add LDAP URL: %s" % resp.text) else: api.fail("Response error received from server (%s): '%s'" % (resp.status_code, resp.text)) except requests.exceptions.ConnectionError: api.fail("Could not connect to Nagios at '%s'" % url) else: api.na("Product cannot be tested by Nagios.")
def format_version(self, version): _version = version.replace('.', '/') if len(_version.split('/')) != 3: api.fail(("CA release version provided has a wrong format: use " "dot '.' separated i.e. '<major>.<minor>.<patch>'"), stop_on_error=True) return _version
def add_openstack_distro_repos(release): """Adds the official OpenStack repositories of the distribution. :release: OpenStack release. """ def _get_release(): release_map = { "mitaka": ["9\.0\.[0-9]", "9\.1\.[0-9]", "9\.2\.[0-9]"]} _release = None if release in release_map.keys(): _release = release else: for name, regexp in release_map.items(): for exp in regexp: if re.search(exp, release): return name return _release matched_release = _get_release() if not matched_release: api.fail("Could not match OpenStack release: %s" % release, stop_on_error=True) if system.distname == "ubuntu": utils.enable_repo("cloud-archive:%s" % matched_release) elif system.distname == "centos": utils.install("centos-release-openstack-%s" % matched_release)
def _run_checks(self, qc_step, config): """Runs the checks received.""" failed_checks = [] for check in self._get_checklist(config): description, user, f, args = check info("Probe '%s'" % description) cmd = "./%s" % " ".join([f, args]) if user: cmd = ' '.join(["su %s -c" % user, cmd]) cmd_failed = False if not self._is_executable(f): result = ("Could not run check '%s': file is not " "executable" % f) cmd_failed = True else: self._handle_user(qc_step, user) with shell_env(**self.qc_envvars): r = qc_step.runcmd(cmd) cmd_failed = r.failed result = r if cmd_failed: fail("Command '%s' failed: %s" % (cmd, result)) failed_checks.append(cmd) else: ok("Command '%s' ended OK with result: %s" % (cmd, result)) return failed_checks
def disable_repo(self, repolist): for repo in to_list(repolist): r = self.client.disable_repo(repo) if r.failed: api.fail("Could not disable repo '%s'" % repo) else: api.info("Repository '%s' disabled" % repo)
def add_repo_key(self, keylist): for key in keylist: r = runcmd("rpm --import %s" % key, stop_on_error=False) if r.failed: api.fail("Could not add key '%s'" % key) else: api.info("Repository key added: %s" % key)
def enable_repo(self, repolist, **kwargs): if not os.path.exists(self.client.path): os.makedirs(self.client.path) for repo in to_list(repolist): r = self.client.add_repo(repo, **kwargs) if r.failed: api.fail("Could not add repo '%s'" % repo) else: api.info("Repository '%s' added" % repo)
def add_repo_key(self, keylist): for key in keylist: runcmd("wget -q %s -O /tmp/key.key" % key, stop_on_error=False) r = runcmd("apt-key add /tmp/key.key", stop_on_error=False) if r.failed: api.fail("Could not add key '%s'" % key) else: api.info("Repository key added: %s" % key)
def _run_validator(self, glue_version, logfile): # NOTE(orviz): within a QCStep? utils.install("glue-validator") if system.distro_version == "redhat5": utils.install("openldap-clients") port = config.CFG.get("info_port", "2170") if glue_version == "glue1": # cmd = ("glue-validator -H localhost -p %s -b " # "mds-vo-name=resource,o=grid -g glue1 -s " # "general -v 3" % port) cmd = ("glue-validator -h localhost -p %s -b " "mds-vo-name=resource,o=grid -t glue1" % port) version = "1.3" elif glue_version == "glue2": # cmd = ("glue-validator -H localhost -p %s -b " # "GLUE2GroupID=resource,o=glue -g glue2 -s general -v 3" # % port) cmd = ("glue-validator -h localhost -p %s -b " "GLUE2GroupID=resource,o=glue -t glue2" % port) version = "2.0" time.sleep(self.attempt_sleep) breathe_time_set = False slapd_working = False summary = None for attempt in xrange(self.attempt_no): r = utils.runcmd(cmd, log_to_file=logfile) if not r.failed: summary = {} if r: summary = info_utils.get_gluevalidator_summary(r) slapd_working = True break else: if not breathe_time_set: self._set_breathe_time() breathe_time_set = True time.sleep(self.attempt_sleep) if not slapd_working: api.fail("Could not connect to LDAP service.", stop_on_error=True) if summary: if summary["errors"] != '0': api.fail(("Found %s errors while validating GlueSchema " "v%s support" % (summary["errors"], version)), logfile=r.logfile) elif summary["warnings"] != '0': api.warn(("Found %s warnings while validating GlueSchema " "v%s support" % (summary["warnings"], version))) else: api.ok(("Found no errors or warnings while validating " "GlueSchema v%s support" % version))
def _support(self, *args, **kwargs): if self.has_infomodel: if self.cfgtool: if not self.cfgtool.has_run: r = self.cfgtool.run() if r.failed: api.fail("Fail while running configuration tool", stop_on_error=True) return f(self, *args, **kwargs) api.na("Product does not publish information through BDII.")
def _deploy(self): # Install release package if not (utils.is_pkg_installed("puppetlabs-release") or utils.is_pkg_installed("puppetlabs-release-pc1")): utils.install_remote(config.CFG["puppet_release"]) # Install puppet client r = utils.install("puppet") if r.failed: api.fail("Puppet installation failed", stop_on_error=True) # Set hiera environment - required before pre_config() method if not os.path.exists(self.hiera_data_dir): utils.runcmd("mkdir -p %s" % self.hiera_data_dir)
def runcmd(cmd, chdir=None, fail_check=True, stop_on_error=False, logfile=None, get_error_msg=False, stderr_to_stdout=False): """Runs a generic command. cmd: command to execute. chdir: local directory to run the command from. fail_check: boolean that indicates if the workflow must be interrupted in case of failure. stop_on_error: whether abort or not in case of failure. logfile: file to log the command execution. get_error_msg: return the formatted error message. stderr_to_stdout: redirect standard error to standard output. """ def _run(): with fabric_api.settings(warn_only=True): with fabric_api.shell_env(LC_ALL="en_US.UTF-8", LANG="en_US.UTF-8"): r = fabric_api.local(cmd, capture=True) return r if stderr_to_stdout: cmd = ' '.join([cmd, "2>&1"]) if chdir: with fabric.context_managers.lcd(chdir): r = _run() else: r = _run() logs = [] if logfile: logs = to_file(r, logfile) if logs: r.logfile = logs if fail_check and r.failed: msg = format_error_msg(logs, cmd) if stop_on_error: fabric_api.abort(api.fail(msg)) else: api.fail(msg) if get_error_msg: # if not msg: # debug("No message was created for command '%s'" % cmd) r.msgerror = msg return r
def get_repo_from_pkg(self, pkglist): d = {} r = runcmd("yum -q list %s" % ' '.join(pkglist), stop_on_error=False) if not r.failed: for line in r.split('\n'): fields = line.split() if len(fields) == 3: pkg, version, repository = fields pkg = pkg.split('.')[0] d[pkg] = repository else: api.fail("Could not get package's repository information") return d
def _log(*args, **kwargs): logfile = kwargs.pop("log_to_file", None) stop_on_error = kwargs.pop("stop_on_error", True) r = f(*args, **kwargs) if logfile: r.logfile = to_file(r, logfile) if r.failed: msg = ("Command execution has failed (reason: \"%s\")" % r.stderr.replace('\n', ' ')) if not stop_on_error: msg += " (action: no exit)" if logfile: msg += " (log: %s)" % r.logfile api.fail(msg, stop_on_error=stop_on_error) return r
def config(self): self.nodetype = utils.to_list(self.nodetype) self.siteinfo = utils.to_list(self.siteinfo) if not self.nodetype or not self.siteinfo: raise exception.ConfigException(("Could not run YAIM: Bad " "nodetype or site-info.")) with tempfile.NamedTemporaryFile("w+t", dir=config.CFG["yaim_path"], delete=True) as f: for si in self.siteinfo: f.write("source %s\n" % si) f.flush() api.info(("Creating temporary file '%s' with " "content: %s" % (f.name, f.readlines()))) # NOTE(orviz) Cannot use 'capture=True': execution gets # stalled (defunct) with context_managers.lcd(config.CFG["yaim_path"]): abort_exception_default = fabric_api.env.abort_exception fabric_api.env.abort_exception = exception.ConfigException try: fabric_api.local("/opt/glite/yaim/bin/yaim -c -s %s -n %s" % (f.name, " -n ".join(self.nodetype))) except exception.ConfigException: fabric_api.abort(api.fail(("YAIM execution failed. Check " "the logs at '/opt/glite/yaim/" "log/yaimlog'."))) api.info("YAIM configuration ran successfully.") fabric_api.env.abort_exception = abort_exception_default
def qc_sec_2(self): """SHA-2 Certificates Support.""" if self.need_cert: if not self.cfgtool: api.warn(("SHA-2 management not tested: configuration tool " "not defined.")) else: if not self.cfgtool.has_run: r = self.cfgtool.run() if r.failed: api.fail("Configuration failed with SHA-2 certs", stop_on_error=True) else: api.ok("Product services can manage SHA-2 certs.") else: api.na("Product does not need certificates.")
def check_input(): """Performs a list of checks based on input parameters.""" # 1) Type of installation if config.CFG["installation_type"]: api.info("Installation type: %s" % config.CFG["installation_type"]) else: api.fail(("Need to provide the type of installation to be performed: " "(install, upgrade)"), do_abort=True) # 2) Verification repository URL if not config.CFG["repository_url"]: api.warn("No verification repository URL provided.") # 3) Metapackage if config.CFG["metapkg"]: msg = "Metapackage/s selected: %s" % ''.join([ "\n\t+ %s" % mpkg for mpkg in config.CFG["metapkg"]]) api.info(msg) print(u'\u2500' * 73)
def clone_repo(repotype, repourl): """Clone a repository in a temporary directory.""" dirname = tempfile.mkdtemp() if repotype in ["git"]: if not is_on_path("git"): r = install("git") if r.failed: api.fail("Could not install 'git'.") cmd = "git clone %s %s" % (repourl, dirname) elif repotype in ["hg", "mercurial"]: if not is_on_path("hg"): r = install("mercurial") if r.failed: api.fail("Could not install 'mercurial'.") cmd = "hg clone %s %s" % (repourl, dirname) else: raise NotImplementedError(("Current implementation does not support " "repository type '%s'" % repotype)) r = runcmd(cmd) if r.failed: api.fail("Could not clone repository '%s' (via %s)" % (repourl, repotype)) dirname = None os.rmdir(dirname) return dirname
def trust_ca(ca_location): """Add the given CA to the system's CA trust database.""" if system.distname == "ubuntu": trust_dir = "/usr/share/ca-certificates/" trust_cmd = "update-ca-certificates" elif system.distname == "centos": trust_dir = "/etc/pki/ca-trust/source/anchors/" trust_cmd = "update-ca-trust" ca_location_basename = os.path.basename(ca_location) ca_location_basename_crt = '.'.join([ ca_location_basename.split('.')[0], "crt"]) utils.runcmd("cp %s %s" % ( ca_location, os.path.join(trust_dir, ca_location_basename_crt))) utils.runcmd("echo '%s' >> /etc/ca-certificates.conf" % ca_location_basename_crt) r = utils.runcmd(trust_cmd) if r.failed: api.fail("Could not add CA '%s' to the system's trust DB" % ca_location) else: api.info("CA '%s' added to system's trust DB" % ca_location)
def qc_sec_5(self): """World Writable Files check.""" _logfile = "qc_sec_5" r = utils.runcmd(("find / -not \\( -path \"/proc\" -prune \\) " "-not \\( -path \"/sys\" -prune \\) " "-type f -perm -002 -exec ls -l {} \;"), log_to_file=_logfile) if r: ww_filelist = sec_utils.get_filelist_from_find(r) try: known_ww_filelist = self.exceptions[ "known_worldwritable_filelist"] except KeyError: known_ww_filelist = [] if set(ww_filelist).difference(set(known_ww_filelist)): api.fail("Found %s world-writable file/s." % len(ww_filelist), logfile=r.logfile) else: api.warn("Found world-writable file/s required for operation.", logfile=r.logfile) else: api.ok("Found no world-writable file.")
def run(self, **kwargs): """Runs UMD installation.""" self._check() # Handle installation type installation_type = config.CFG["installation_type"] if installation_type == "update": qc_step = butils.QCStep("QC_UPGRADE_1", "Upgrade", "qc_upgrade_1") elif installation_type == "install": qc_step = butils.QCStep("QC_DIST_1", "Binary Distribution", "qc_inst_1") repo_config = True if "ignore_repo_config" in kwargs.keys(): repo_config = False if repo_config: # Distribution-based settings repopath = self.pkgtool.client.path msg_purge = "UMD" paths_to_purge = ["%s/UMD-*" % repopath] pkgs_to_purge = ["umd-release*"] pkgs_to_download = [("UMD", config.CFG["umd_release"])] pkgs_additional = [] if system.distname == "redhat": msg_purge = " ".join(["EPEL and/or", msg_purge]) paths_to_purge.insert(0, "%s/epel-*" % repopath) pkgs_to_purge.insert(0, "epel-release*") pkgs_to_download.insert(0, ("EPEL", config.CFG["epel_release"])) pkgs_additional.append("yum-priorities") # Installation/upgrade workflow r = qc_step.runcmd(self.pkgtool.remove(pkgs_to_purge), stop_on_error=False) if r.failed: api.info("Could not delete %s release packages." % msg_purge) if qc_step.runcmd("/bin/rm -f %s" % " ".join(paths_to_purge)): api.info("Purged any previous %s repository file." % msg_purge) for pkg in pkgs_to_download: pkg_id, pkg_url = pkg if pkg_url: pkg_base = os.path.basename(pkg_url) pkg_loc = os.path.join("/tmp", pkg_base) if qc_step.runcmd("wget %s -O %s" % (pkg_url, pkg_loc)): api.info("%s release package fetched from %s." % (pkg_id, pkg_url)) r = qc_step.runcmd(self.pkgtool.install(pkg_loc)) if r.failed: qc_step.print_result("FAIL", ("Error while installing %s " "release.") % pkg_id) else: api.info("%s release package installed." % pkg_id) for pkg in pkgs_additional: r = qc_step.runcmd(self.pkgtool.install(pkg)) if r.failed: api.info("Error while installing '%s'." % pkg) else: api.info("'%s' requirement installed." % pkg) if config.CFG["dryrun"]: api.info(("Installation or upgrade process will be simulated " "(dryrun: ON)")) self.pkgtool.dryrun = True if installation_type == "update": if config.CFG["repository_url"]: # 1) Install base (production) version r = qc_step.runcmd(self.pkgtool.install(self.metapkg)) if not r.failed: api.info("UMD product/s '%s' production version installed." % self.metapkg) # 2) Enable verification repository for url in config.CFG["repository_url"]: self._enable_verification_repo(qc_step, url) # 3) Refresh qc_step.runcmd(self.pkgtool.refresh()) # 4) Update api.info("Using repositories: %s" % self.pkgtool.get_repos()) r = qc_step.runcmd(self.pkgtool.update(), fail_check=False, stop_on_error=False, get_error_msg=True) d = self.pkgtool.get_pkglist(r) elif installation_type == "install": # 1) Enable verification repository for url in config.CFG["repository_url"]: self._enable_verification_repo(qc_step, url) # 2) Refresh qc_step.runcmd(self.pkgtool.refresh()) # 3) Install verification version api.info("Using repositories: %s" % self.pkgtool.get_repos()) r = qc_step.runcmd(self.pkgtool.install(self.metapkg), fail_check=False, stop_on_error=False, get_error_msg=True) d = self.pkgtool.get_pkglist(r) # NOTE(orviz): missing WARNING case else: raise exception.InstallException(("Installation type '%s' " "not implemented." % installation_type)) is_ok = True # r.stderr if r.failed: # FIXME (should be within YUM class) YUM's downloadonly # plugin returns 1 on success if r.stderr.find("--downloadonly specified") != -1: is_ok = True msgtext = "Dry-run installation ended successfully." else: is_ok = False msgtext = r.msgerror else: msgtext = "Installation ended successfully." if is_ok: if self.metapkg: for pkg in self.metapkg: try: api.info("Package '%s' installed version: %s." % (pkg, d[pkg])) except KeyError: api.fail("Package '%s' could not be installed." % pkg) is_ok = False msgtext = "Not all the packages could be installed." else: api.info("List of packages updated: %s" % self.pkgtool.get_pkglist(r)) if is_ok: qc_step.print_result("OK", msgtext) else: qc_step.print_result("FAIL", msgtext, do_abort=True)
def _check(self): if not self.metapkg: api.fail("No metapackage selected", stop_on_error=True)
def post_install(self): r = config.CFG["cfgtool"].run() if r.failed: api.fail("Error while running the configuration tool", stop_on_error=True)
def run(self, **kwargs): """Takes over base deployment. :repository_url: Repository path with the verification content. Could pass multiple values by prefixing with 'repository_url'. :repository_file: URL pointing to a repository file. Could pass multiple values by prefixing with 'repository_file'. :umd_release: Package URL with the UMD release. :igtf_repo: Repository for the IGTF release. :yaim_path: Path pointing to YAIM configuration files. :log_path: Path to store logs produced during the execution. :qcenv_*: Pass environment variables needed by the QC specific checks. :qc_step: Run a given set of Quality Criteria steps. Works exactly as 'repository_url' i.e. to pass more than one QC step to run, prefix it as 'qc_step'. :hostcert: Public key server certificate. :hostkey: Private key server certificate. :package: Custom individual package/s to install. :func_id: Functional test/s to be performed ('id' from etc/qc_specific.yaml) :enable_testing_repo: Enable the UMD or CMD testing repository. :enable_untested_repo: Enable the UMD or CMD untested repository. """ # Get configuration parameters config.CFG.set_defaults() config.CFG.update(utils.get_class_attrs(self)) config.CFG.update(kwargs) # Validate configuration config.CFG.validate() # Show configuration summary utils.show_exec_banner_ascii() # Workspace utils.create_workspace() # Configuration tool if config.CFG["cfgtool"]: config.CFG["cfgtool"].pre_config = self.pre_config config.CFG["cfgtool"].post_config = self.post_config # Create private & public key if self.need_cert: pki.certify() # Run deployment self._config() if config.CFG["qc_step"]: for step in config.CFG["qc_step"]: k, v = (step.rsplit('_', 1)[0], step) try: step_mappings = { "QC_SEC": self._security, "QC_INFO": self._infomodel, "QC_FUNC": self._validate} except KeyError: api.fail("%s step not found in the Quality Criteria" % k, stop_on_error=True) step_mappings[k](**{"qc_step": v}) else: # QC_SEC self._security() # QC_INFO self._infomodel() # QC_MON self._operations() # QC_FUNC self._validate()
# Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. import platform import socket from umd import api # hostname fqdn = socket.getfqdn() distname, version, distid = platform.dist() distname = distname.lower() version = version.lower() distid = distid.lower() # major & distro version version_major = version.split('.')[0] if not version_major.isdigit(): api.fail("Could not get major OS version for '%s'" % version) distro_version = '_'.join(version) else: distro_version = ''.join([distname, version_major]).lower() if distro_version in ["centos6"]: distro_version = "redhat6"
def config(self): self.manifest = os.path.join(config.CFG["puppet_path"], self.manifest) if self.hiera_data: self.hiera_data = os.path.join(config.CFG["puppet_path"], self.hiera_data) utils.install("puppet") # Puppet versions <3 workarounds puppet_version = utils.runcmd("facter -p puppetversion") if puppet_version and (version.StrictVersion(puppet_version) < version.StrictVersion("3.0")): # self._v3_workaround() pkg_url = config.CFG["puppet_release"] pkg_loc = "/tmp/puppet-release.rpm" r = utils.runcmd("wget %s -O %s" % (pkg_url, pkg_loc)) if r.failed: api.fail("Could not fetch Puppet package from '%s'" % pkg_url, stop_on_error=True) else: api.info("Fetched Puppet release package from '%s'." % pkg_url) utils.install(pkg_loc) utils.runcmd(("sed '/enabled=1/a\priority=1' " "/etc/yum.repos.d/puppet*")) # FIXME (orviz) Remove this check when dropping redhat5 support if system.distro_version == "redhat5": pkg = ("ftp://rpmfind.net/linux/centos/5.11/os/x86_64/CentOS/" "virt-what-1.11-2.el5.x86_64.rpm") utils.runcmd(("wget %s -O /tmp/virt-what.rpm && yum -y " "install /tmp/virt-what.rpm") % pkg) utils.install("puppet") # Install modules from puppetforge/local for mod in self.module_from_puppetforge: r = utils.runcmd("puppet module install %s --force" % mod) if r.failed: api.fail("Error while installing module '%s'" % mod) self.module_path.append(*["/etc/puppet/modules"]) module_loc = [] for mod in self.module_from_repository: dirname = utils.clone_repo(*mod) if dirname: module_loc.append(dirname) if module_loc: self.module_path.append(*module_loc) # Hiera environment self._set_hiera() logfile = os.path.join(config.CFG["log_path"], "puppet.log") r = utils.runcmd(("puppet apply -l %s --modulepath %s %s " "--detail-exitcodes") % (logfile, ':'.join(self.module_path), self.manifest)) if r.return_code in [0, 2]: api.info("Puppet execution ended successfully.") else: api.fail("Puppet execution failed. More information in logs: %s" % logfile, stop_on_error=True)