(profile::core::puppetboard) fwv

lsst-it · Mar 28, 2024 · ff587dc · ff587dc
1 parent 5250384
commit ff587dc
Show file tree

Hide file tree

Showing 4 changed files with 50 additions and 2 deletions.
diff --git a/hieradata/role/puppetdb.yaml b/hieradata/role/puppetdb.yaml
@@ -1,6 +1,9 @@
 ---
 classes:
   - "profile::core::common"
+  - "profile::core::docker"
+  - "profile::core::docker::prune"
+  - "profile::core::puppetboard"
   - "puppetdb"
 
 postgresql::globals::manage_dnf_module: true  # use appstream packages

diff --git a/site/profile/manifests/core/puppetboard.pp b/site/profile/manifests/core/puppetboard.pp
@@ -0,0 +1,22 @@
+# @summary
+#   Install puppetboard https://github.com/voxpupuli/puppetboard
+#
+# @param secret_key
+#  The secret key to use for the puppetboard
+#
+class profile::core::puppetboard (
+  Sensitive $secret_key,
+) {
+  docker::image { 'ghcr.io/voxpupuli/puppetboard': }
+
+  docker::run { 'puppetboard':
+    image => 'ghcr.io/voxpupuli/puppetboard',
+    env   => [
+      'PUPPETDB_HOST=127.0.0.1',
+      'PUPPETDB_PORT=8080',
+      'PUPPETBOARD_PORT=8088',
+      "SECRET_KEY=${secret_key.unwrap}",
+    ],
+    net   => 'host',
+  }
+}
diff --git a/spec/fixtures/hieradata/common.yaml b/spec/fixtures/hieradata/common.yaml
@@ -1,5 +1,7 @@
 ---
 lookup_options:
+  profile::core::puppetboard::secret_key:
+    convert_to: "Sensitive"
   '^profile::.+::keytab_base64$':
     convert_to: "Sensitive"
   '^tailscale::auth_key$':
@@ -8,17 +10,18 @@ ccs_database::database: "comcamdbprod"
 ccs_database::password: "foo"
 ipa::admin_password: "foofoofoofoo"  # ipa master only
 ipa::directory_services_password: "foofoofoofoo"  # ipa master only
-ipa::domain_join_password: "foofoofoofoo"  # 8 char min
 foreman_proxy::plugin::dns::route53::aws_access_key: "foo"
 foreman_proxy::plugin::dns::route53::aws_secret_key: "foo"
+ipa::domain_join_password: "foofoofoofoo"  # 8 char min
 profile::ccs::file_transfer::s3daemon_env_access: "foo"
 profile::ccs::file_transfer::s3daemon_env_secret: "foo"
 profile::ccs::postfix::auth: "foo"
 profile::core::monitoring::database: "foo"
 profile::core::monitoring::password: "foo"
 profile::core::monitoring::url: "foo"
 profile::core::monitoring::username: "foo"
-tailscale::auth_key: "foo"
+profile::core::puppetboard::secret_key: "foo"
 restic::id: "foo"
 restic::key: "foo"
 restic::password: "foo"
+tailscale::auth_key: "foo"
diff --git a/spec/hosts/roles/puppetdb_spec.rb b/spec/hosts/roles/puppetdb_spec.rb
@@ -27,6 +27,25 @@
   end
 end
 
+shared_examples 'puppetboard' do
+  it { is_expected.to contain_class('docker') }
+  it { is_expected.to contain_cron__job('docker_prune') }
+  it { is_expected.to contain_docker__image('ghcr.io/voxpupuli/puppetboard') }
+
+  it do
+    is_expected.to contain_docker__run('puppetboard').with(
+      image: 'ghcr.io/voxpupuli/puppetboard',
+      env: [
+        'PUPPETDB_HOST=127.0.0.1',
+        'PUPPETDB_PORT=8080',
+        'PUPPETBOARD_PORT=8088',
+        'SECRET_KEY=foo',
+      ],
+      net: 'host',
+    )
+  end
+end
+
 role = 'puppetdb'
 
 describe "#{role} role" do
@@ -53,6 +72,7 @@
 
           include_examples 'common', os_facts: os_facts, site: site
           include_examples 'puppetdb'
+          include_examples 'puppetboard'
         end # host
       end # lsst_sites
     end