Initial user, frame support
diff --git a/gerrit/_modules/gerrit.py b/gerrit/_modules/gerrit.py
new file mode 100644
index 0000000..66cf0d3
--- /dev/null
+++ b/gerrit/_modules/gerrit.py
@@ -0,0 +1,228 @@
+# -*- coding: utf-8 -*-
+'''
+Module for handling gerrit calls.
+
+:optdepends: - gerritlib Python adapter
+:configuration: This module is not usable until the following are specified
+ either in a pillar or in the minion's config file::
+
+ gerrit.host: localhost
+ gerrit.user: admin
+ gerrit.keyfile: /tmp/key.pub
+
+'''
+
+from __future__ import absolute_import
+
+import logging
+import os
+
+LOG = logging.getLogger(__name__)
+
+# Import third party libs
+HAS_GERRIT = False
+try:
+ from gerritlib import gerrit
+ HAS_GERRIT = True
+except ImportError:
+ pass
+
+
+def __virtual__():
+ '''
+ Only load this module if gerrit
+ is installed on this minion.
+ '''
+ if HAS_GERRIT:
+ return 'gerrit'
+ return False
+
+__opts__ = {}
+
+
+def auth(**connection_args):
+ '''
+ Set up gerrit credentials
+
+ Only intended to be used within gerrit-enabled modules
+ '''
+
+ prefix = "gerrit."
+
+ # look in connection_args first, then default to config file
+ def get(key, default=None):
+ return connection_args.get('connection_' + key,
+ __salt__['config.get'](prefix + key, default))
+
+ host = get('host', 'localhost')
+ user = get('user', 'localhost')
+ keyfile = get('keyfile', '/tmp/.ssh/id_rsa.pub')
+
+ g = gerrit.Gerrit(host, user, keyfile=keyfile)
+
+
+def project_create(name, **kwargs):
+ '''
+ Create a gerrit project
+
+ :param name: new project name
+ :param path: custom repository name for new project. By default generated based on name
+ :param namespace_id: namespace for the new project (defaults to user)
+ :param description: short project description
+ :param issues_enabled:
+ :param merge_requests_enabled:
+ :param wiki_enabled:
+ :param snippets_enabled:
+ :param public: if true same as setting visibility_level = 20
+ :param visibility_level:
+ :param import_url: https://gerrit.tcpcloud.eu/django/django-kedb.gerrit
+
+ CLI Examples:
+
+ .. code-block:: bash
+
+ salt '*' gerrit.project_create namespace/nova description='nova project'
+ salt '*' gerrit.project_create namespace/test enabled=False
+
+ '''
+ ret = {}
+ gerrit = auth(**kwargs)
+
+ project = _get_project(gerrit, name)
+
+ if project and not "Error" in project:
+ LOG.debug("Project {0} exists".format(name))
+ ret[project.get('path_with_namespace')] = project
+ return ret
+
+ group_name, name = name.split('/')
+ group = group_get(name=group_name)[group_name]
+ kwargs['namespace_id'] = group.get('id')
+ kwargs['name'] = name
+ LOG.debug(kwargs)
+
+ new = gerrit.createproject(**kwargs)
+ if not new:
+ return {'Error': 'Error creating project %s' % new}
+ else:
+ LOG.debug(new)
+ ret[new.get('path_with_namespace')] = new
+ return ret
+
+def project_delete(project, **kwargs):
+ '''
+ Delete a project (gerrit project-delete)
+
+ :params project: Name or ID
+
+ CLI Examples:
+
+ .. code-block:: bash
+
+ salt '*' gerrit.project_delete c965f79c4f864eaaa9c3b41904e67082
+ salt '*' gerrit.project_delete project_id=c965f79c4f864eaaa9c3b41904e67082
+ salt '*' gerrit.project_delete name=demo
+ '''
+ gerrit = auth(**kwargs)
+
+ project = _get_project(gerrit, project)
+
+ if not project:
+ return {'Error': 'Unable to resolve project'}
+
+ del_ret = gerrit.deleteproject(project["id"])
+ ret = 'Project ID {0} deleted'.format(project["path_with_namespace"])
+ ret += ' ({0})'.format(project["path_with_namespace"])
+
+ return ret
+
+
+def project_get(project_id=None, name=None, **kwargs):
+ '''
+ Return a specific project
+
+ CLI Examples:
+
+ .. code-block:: bash
+
+ salt '*' gerrit.project_get 323
+ salt '*' gerrit.project_get project_id=323
+ salt '*' gerrit.project_get name=namespace/repository
+ '''
+ gerrit = auth(**kwargs)
+ ret = {}
+ #object_list = project_list(kwargs)
+
+ project = _get_project(gerrit, name or project_id)
+ if not project:
+ return {'Error': 'Error in retrieving project'}
+ ret[project.get('name')] = project
+ return ret
+
+
+def project_list(**connection_args):
+ '''
+ Return a list of available projects
+
+ CLI Example:
+
+ .. code-block:: bash
+
+ salt '*' gerrit.project_list
+ '''
+ gerrit = auth(**connection_args)
+ ret = {}
+
+ projects = gerrit.listProjects()
+
+ while len(projects) > 0:
+ for project in projects:
+ ret[project.get('path_with_namespace')] = project
+ page += 1
+ projects = gerrit.getprojectsall(page=page, per_page=PER_PAGE)
+ return ret
+
+
+def group_list(group_name=None, **connection_args):
+ '''
+ Return a list of available groups
+
+ CLI Example:
+
+ .. code-block:: bash
+
+ salt '*' gerrit.group_list
+ '''
+ gerrit = auth(**connection_args)
+ ret = {}
+ for group in gerrit.listProjects():
+ ret[group.get('name')] = group
+ return ret
+
+
+def group_get(id=None, name=None, **connection_args):
+ '''
+ Return a specific group
+
+ CLI Examples:
+
+ .. code-block:: bash
+
+ salt '*' gerrit.group_get 323
+ salt '*' gerrit.group_get name=namespace
+
+ '''
+ gerrit = auth(**connection_args)
+ ret = {}
+ if id == None:
+ for group in gerrit.getgroups(group_id=None, page=1, per_page=100):
+ if group.get('path') == name or group.get('name') == name:
+ ret[group.get('path')] = group
+ else:
+ group = gerrit.getgroups(id)
+ if group != False:
+ ret[group.get('path')] = group
+ if len(ret) == 0:
+ return {'Error': 'Error in retrieving group'}
+ return ret
+
diff --git a/gerrit/files/apache.conf b/gerrit/files/apache.conf
index c11db68..e7d5d70 100644
--- a/gerrit/files/apache.conf
+++ b/gerrit/files/apache.conf
@@ -1,6 +1,6 @@
{%- from "gerrit/map.jinja" import server with context %}
-<VirtualHost *88>
+<VirtualHost *:88>
ProxyRequests Off
ProxyVia Off
diff --git a/gerrit/files/gerrit.config b/gerrit/files/gerrit.config
index 93510d0..47d09fe 100644
--- a/gerrit/files/gerrit.config
+++ b/gerrit/files/gerrit.config
@@ -10,6 +10,9 @@
{%- if server.canonical_git_url is defined %}
canonicalGitUrl = {{ server.canonical_git_url }}
{%- endif %}
+ {%- if server.get('can_load_in_iframe', False) %}
+ canLoadInIFrame = true
+ {%- endif %}
[database]
type = {{ server.database.engine }}
@@ -124,11 +127,13 @@
{% endfor %}
{%- for plugin_name, plugin in server.get('plugin', {}).iteritems() %}
+{%- if plugin.url is defined %}
[{{ plugin_name }}]
url = {{ plugin.url }}
-{% endfor %}
+{%- endif %}
+{%- endfor %}
[theme]
backgroundColor = ffffff
diff --git a/gerrit/files/secure.config b/gerrit/files/secure.config
index 930b2f0..dcdbfdf 100644
--- a/gerrit/files/secure.config
+++ b/gerrit/files/secure.config
@@ -9,8 +9,10 @@
restTokenPrivateKey = {{ server.token_private_key }}
{%- for plugin_name, plugin in server.get('plugin', {}).iteritems() %}
+{%- if plugin.password is defined %}
[{{ plugin_name }}]
password = {{ plugin.password }}
+{%- endif %}
{%- endfor %}
diff --git a/gerrit/server/plugin.sls b/gerrit/server/plugin.sls
index 5669a3c..1e8738d 100644
--- a/gerrit/server/plugin.sls
+++ b/gerrit/server/plugin.sls
@@ -4,25 +4,16 @@
include:
- gerrit.server.service
-gerrit_plugin_dirs:
- file.directory:
- - names:
- - {{ server.dir.home }}/gerrit-plugins
- - {{ server.dir.home }}/review_site/plugins
- - makedirs: true
- - user: gerrit2
- - group: gerrit2
- - require:
- - file: gerrit_home
+{%- for plugin_name, plugin in server.get('plugin', {}).iteritems() %}
-{% for plugin_name, plugin in server.get('plugin', {}).iteritems() %}
+{%- if plugin.engine == "http" %}
{{ server.dir.home }}/review_site/plugins/{{ plugin_name }}.jar
file.managed:
- source: {{ plugin.address }}
- user: gerrit2
- - require:
- - file: gerrit_plugin_dirs
+
+{%- endif %}
{%- endfor %}
diff --git a/gerrit/server/service.sls b/gerrit/server/service.sls
index c9773ed..61f511f 100644
--- a/gerrit/server/service.sls
+++ b/gerrit/server/service.sls
@@ -15,13 +15,14 @@
file.directory:
- names:
- {{ server.dir.home }}/.ssh
- - {{ server.dir.home }}/gerrit-wars
+ - {{ server.dir.home }}/gerrit-plugins
- {{ server.dir.site }}/bin
- {{ server.dir.site }}/cache
- {{ server.dir.site }}/etc/its
- {{ server.dir.site }}/hooks
- {{ server.dir.site }}/lib
- {{ server.dir.site }}/logs
+ - {{ server.dir.site }}/plugins
- {{ server.dir.site }}/static
- /var/log/gerrit
- makedirs: true
@@ -37,6 +38,7 @@
- user: gerrit2
- group: gerrit2
- template: jinja
+ - replace: False
- require:
- file: gerrit_home
@@ -46,6 +48,7 @@
- user: gerrit2
- group: gerrit2
- template: jinja
+ - replace: False
- require:
- file: gerrit_home
@@ -58,7 +61,7 @@
- require:
- file: gerrit_home
-{%- if server.get('replication', False) %}
+{%- if server.plugin.replication is defined %}
{{ server.dir.site }}/etc/replication.config:
file.managed:
@@ -143,9 +146,9 @@
- require:
- file: gerrit_home
-{% if server.source.engine == "http" %}
+{%- if server.source.engine == "http" %}
-{{ server.dir.site }}/bin/gerrit.war:
+{{ server.dir.home }}/gerrit.war:
file.managed:
- source: {{ server.source.address }}
- source_hash: {{ server.source.hash }}
@@ -160,16 +163,19 @@
gerrit_server_initial_init:
cmd.run:
- - name: /usr/bin/java -jar {{ server.dir.site }}/bin/gerrit.war init -d {{ server.dir.site }} --batch --no-auto-start
- - unless: /usr/bin/test -f /etc/init.d/gerrit
+ - name: /usr/bin/java -jar {{ server.dir.home }}/gerrit.war init -d {{ server.dir.site }} --batch --no-auto-start{% for plugin_name, plugin in server.get('plugin', {}).iteritems() %}{% if plugin.engine == "gerrit" %} --install-plugin {{ plugin_name }}{% endif %}{% endfor %}
+ - unless: /usr/bin/test -f {{ server.dir.home }}/.gerrit-configured
+ - runas: gerrit2
- require:
- file: {{ server.dir.site }}/etc/gerrit.config
- file: {{ server.dir.site }}/etc/secure.config
gerrit_server_initial_index:
cmd.run:
- - name: /usr/bin/java -jar {{ server.dir.site }}/bin/gerrit.war reindex -d {{ server.dir.site }} --threads {{ server.reindex_threads }}
- - watch:
+ - name: /usr/bin/java -jar {{ server.dir.home }}/gerrit.war reindex -d {{ server.dir.site }} --threads {{ server.reindex_threads }}
+ - unless: /usr/bin/test -f {{ server.dir.home }}/.gerrit-configured
+ - runas: gerrit2
+ - require:
- cmd: gerrit_server_initial_init
/etc/default/gerritcodereview:
@@ -203,11 +209,46 @@
- file: gerrit_server_service_symlink
- cmd: gerrit_server_initial_index
+{%- set initial_accounts_queries = [
+ "insert into ACCOUNTS values (NULL, 'admin', NULL, NULL, 'N', NULL, NULL, NULL, NULL, 25, 'N', 'N', 'Y', 'N', NULL, 'Y', 'N', 'admin@ci.localdomain', '2015-05-28 11:00:30.001', 1)",
+ "insert into ACCOUNT_GROUP_MEMBERS values (1, 1)",
+ "insert into ACCOUNT_EXTERNAL_IDS values (1, 'admin@ci.localdomain', NULL, 'username:admin')",
+ "insert into ACCOUNT_EXTERNAL_IDS values (1, 'admin@ci.localdomain', NULL, 'mailto:admin@ci.localdomain')",
+ "insert into ACCOUNTS values (NULL, 'zuul', NULL, NULL, 'N', NULL, NULL, NULL, NULL, 25, 'N', 'N', 'Y', 'N', NULL, 'Y', 'N', 'zuul@ci.localdomain', '2015-05-28 11:00:30.001', 2)",
+ "insert into ACCOUNT_GROUP_MEMBERS values (2, 4)",
+ "insert into ACCOUNT_EXTERNAL_IDS values (2, 'zuul@ci.localdomain', NULL, 'username:zuul')",
+ "insert into ACCOUNT_EXTERNAL_IDS values (2, 'zuul@ci.localdomain', NULL, 'mailto:zuul@ci.localdomain')",
+ "insert into account_ssh_keys values ('"+server.ssh_rsa_key_pub+"', 'Y', 2, 1)",
+ "insert into account_ssh_keys values ('"+server.ssh_rsa_key_pub+"', 'Y', 1, 1)",
+] %}
+
+{%- for query in initial_accounts_queries %}
+
+gerrit_server_initial_accounts_{{ loop.index }}:
+ cmd.run:
+ - name: /usr/bin/java -jar {{ server.dir.home }}/gerrit.war gsql -d {{ server.dir.site }} -c "{{ query }}"
+ - unless: /usr/bin/test -f {{ server.dir.home }}/.gerrit-configured
+ - runas: gerrit2
+ - require:
+ - service: gerrit_server_service
+ - require_in:
+ - file: gerrit_server_configured
+
+{%- endfor %}
+
+gerrit_server_configured:
+ file.touch:
+ - name: {{ server.dir.home }}/.gerrit-configured
+ - unless: /usr/bin/test -f {{ server.dir.home }}/.gerrit-configured
+ - require:
+ - service: gerrit_server_service
+
gerrit_server_known_host:
ssh_known_hosts.present:
- name: localhost
- port: 29418
- user: gerrit2
+ - hash_known_hosts: false
- require:
- file: gerrit_home