Merge "Set enable_fip_topology_check to False in horizon/server/plugin/contrail"
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..485dee6
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.idea
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/2x.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/2x.yml
index 1bf92ed..7e34831 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/2x.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/2x.yml
@@ -2,6 +2,7 @@
_param:
apt_mk_version: stable
mirror_mirantis_openstack_xenial_elastic_2x_source: http://mirror.mirantis.com/${_param:apt_mk_version}/elasticsearch-2.x/xenial/
+ mirror_mirantis_openstack_xenial_elastic_curator_2x_source: http://mirror.mirantis.com/${_param:apt_mk_version}/elasticsearch-curator/xenial/
mirror_mirantis_openstack_xenial_elastic_2x_distribution: stable
mirror_mirantis_openstack_xenial_elastic_2x_components: main
mirror_mirantis_openstack_xenial_elastic_2x_gpgkeys:
@@ -18,4 +19,14 @@
publisher:
component: main
distributions:
- - ubuntu-xenial/elastic/2.x/${_param:apt_mk_version}
\ No newline at end of file
+ - ubuntu-xenial/elastic/2.x/${_param:apt_mk_version}
+ mirantis_openstack_xenial_elastic_curator_2x:
+ source: ${_param:mirror_mirantis_openstack_xenial_elastic_curator_2x_source}
+ distribution: ${_param:mirror_mirantis_openstack_xenial_elastic_2x_distribution}
+ components: ${_param:mirror_mirantis_openstack_xenial_elastic_2x_components}
+ architectures: amd64
+ gpgkeys: ${_param:mirror_mirantis_openstack_xenial_elastic_2x_gpgkeys}
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/elastic/2.x/${_param:apt_mk_version}
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/5x.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/5x.yml
index 1281c30..d746410 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/5x.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/5x.yml
@@ -2,6 +2,7 @@
_param:
apt_mk_version: stable
mirror_mirantis_openstack_xenial_elastic_5x_source: http://mirror.mirantis.com/${_param:apt_mk_version}/elasticsearch-5.x/xenial/
+ mirror_mirantis_openstack_xenial_elastic_curator_5x_source: http://mirror.mirantis.com/${_param:apt_mk_version}/elasticsearch-curator-5/xenial/
mirror_mirantis_openstack_xenial_elastic_5x_distribution: stable
mirror_mirantis_openstack_xenial_elastic_5x_components: main
mirror_mirantis_openstack_xenial_elastic_5x_gpgkeys:
@@ -19,3 +20,13 @@
component: main
distributions:
- ubuntu-xenial/elastic/5.x/${_param:apt_mk_version}
+ mirantis_openstack_xenial_elastic_curator_5x:
+ source: ${_param:mirror_mirantis_openstack_xenial_elastic_curator_5x_source}
+ distribution: ${_param:mirror_mirantis_openstack_xenial_elastic_5x_distribution}
+ components: ${_param:mirror_mirantis_openstack_xenial_elastic_5x_components}
+ architectures: amd64
+ gpgkeys: ${_param:mirror_mirantis_openstack_xenial_elastic_5x_gpgkeys}
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/elastic/5.x/${_param:apt_mk_version}
diff --git a/ceilometer/client/nova_control.yml b/ceilometer/client/nova_control.yml
index 252c67e..7ac8f89 100644
--- a/ceilometer/client/nova_control.yml
+++ b/ceilometer/client/nova_control.yml
@@ -3,3 +3,5 @@
controller:
notification:
driver: messagingv2
+ notify_on:
+ state_change: vm_and_task_state
diff --git a/debmirror/mirror_mirantis_com/ubuntu/xenial.yml b/debmirror/mirror_mirantis_com/ubuntu/xenial.yml
index 4a199bf..6a38787 100644
--- a/debmirror/mirror_mirantis_com/ubuntu/xenial.yml
+++ b/debmirror/mirror_mirantis_com/ubuntu/xenial.yml
@@ -80,6 +80,10 @@
- multiverse/debug
- restricted/debug
- universe/debug
+ - comm
+ - multiverse/comm
+ - universe/comm
+ - restricted/comm
# Updating filter, please always start from section, aka main|universe|multiverse
filter:
1: "--exclude='android*'"
@@ -171,6 +175,4 @@
803: "--include='/main(.*)unittest2'" # openstack* pkgs
804: "--include='/main(.*)libbluetooth3'" # python-guestfs
805: "--include='/main(.*)llvm-toolchain-5.0'" # pki-ca: < 389-ds-base < dogtag
-
-
-
+ 806: "--include='/main(.*)man-db'" # include man tool
diff --git a/docker/swarm/stack/kqueen.yml b/docker/swarm/stack/kqueen.yml
index c6b608d..430a344 100644
--- a/docker/swarm/stack/kqueen.yml
+++ b/docker/swarm/stack/kqueen.yml
@@ -9,6 +9,8 @@
kqueen_api_debug: True
kqueen_api_prometheus_whitelist: '172.16.10.0/24' ##REcheck with network
kqueen_api_ldap_uri: 'ldap://ldap'
+ kqueen_api_ldap_dn: 'cn=admin,dc=example,dc=org'
+ kqueen_api_ldap_password: 'password'
kqueen_api_auth_modules: 'local'
docker_kqueen_ui_replicas: 1
kqueen_ui_bind_port: ${_param:haproxy_kqueen_ui_bind_port}
@@ -38,6 +40,8 @@
KQUEEN_DEBUG: ${_param:kqueen_api_debug}
KQUEEN_CONFIG_FILE: config/prod.py
KQUEEN_LDAP_URI: ${_param:kqueen_api_ldap_uri}
+ KQUEEN_LDAP_DN: ${_param:kqueen_api_ldap_dn}
+ KQUEEN_LDAP_PASSWORD: ${_param:kqueen_api_ldap_password}
KQUEEN_AUTH_MODULES: ${_param:kqueen_api_auth_modules}
KQUEEN_ETCD_HOST: ${_param:kqueen_api_db_host}
KQUEEN_PROMETHEUS_WHITELIST: ${_param:kqueen_api_prometheus_whitelist}
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index 70aa9e6..1fb68c9 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -12,6 +12,7 @@
- method groovy.json.JsonSlurperClassic parseText java.lang.String
- method groovy.lang.GString getBytes
- method groovy.lang.GroovyObject getProperty java.lang.String
+ - method groovy.util.Node get java.lang.String
- method groovy.util.Node attributes
- method groovy.util.XmlParser parse java.io.File
- method groovy.util.XmlParser parseText java.lang.String
@@ -71,6 +72,7 @@
- method java.util.Calendar add int int
- method java.util.Calendar getTime
- method java.util.Date before java.util.Date
+ - method java.text.DateFormat parse java.lang.String
- method jenkins.model.Jenkins getItemByFullName java.lang.String
- method jenkins.model.Jenkins getPluginManager
- method org.jenkinsci.plugins.workflow.job.WorkflowRun doStop
@@ -93,6 +95,7 @@
- new java.util.ArrayList
- new java.util.Date
- new java.util.HashMap
+ - new java.text.SimpleDateFormat java.lang.String java.util.Locale
- staticField groovy.io.FileType FILES
- staticMethod com.cloudbees.plugins.credentials.CredentialsProvider lookupCredentials java.lang.Class hudson.model.ItemGroup
- staticMethod java.lang.Double parseDouble java.lang.String
diff --git a/jenkins/client/init.yml b/jenkins/client/init.yml
index e4a3fcd..856eec5 100644
--- a/jenkins/client/init.yml
+++ b/jenkins/client/init.yml
@@ -37,6 +37,7 @@
ldap: {}
matrix-auth: {}
monitoring: {}
+ performance: {}
pipeline-utility-steps: {}
rebuild: {}
simple-theme-plugin: {}
diff --git a/jenkins/client/job/deploy/lab/component/kubernetes.yml b/jenkins/client/job/deploy/lab/component/kubernetes.yml
index 8cbf766..995acb5 100644
--- a/jenkins/client/job/deploy/lab/component/kubernetes.yml
+++ b/jenkins/client/job/deploy/lab/component/kubernetes.yml
@@ -39,3 +39,9 @@
stack_install: core,k8s,calico
stack_test: ""
job_timer: "H H(0-6) * * *"
+ - stack_name: k8s_ha_calico_flannel_virtlet
+ stack_env: devcloud
+ stack_type: heat
+ stack_install: core,k8s
+ stack_test: "k8s"
+ job_timer: "H H(0-6) * * *"
diff --git a/jenkins/client/job/docker/build-images.yml b/jenkins/client/job/docker/build-images.yml
index 12c84c1..adc1ba8 100644
--- a/jenkins/client/job/docker/build-images.yml
+++ b/jenkins/client/job/docker/build-images.yml
@@ -59,6 +59,14 @@
DOCKER_GIT_TAG:
type: boolean
default: "true"
+ ARTIFACTORY_URL:
+ type: string
+ default: "docker-dev-virtual.docker.mirantis.net"
+ description: "URL to artifactory"
+ ARTIFACTORY_NAMESPACE:
+ type: string
+ default: cicd
+ description: "Artifactory namespace (oss, cicd,...)"
EXTRA_REPO_URL:
type: string
default: "${_param:jenkins_aptly_url}"
diff --git a/jenkins/client/job/docker/init.yml b/jenkins/client/job/docker/init.yml
index e3619b1..00411fb 100644
--- a/jenkins/client/job/docker/init.yml
+++ b/jenkins/client/job/docker/init.yml
@@ -98,6 +98,14 @@
REGISTRY_CREDENTIALS_ID:
type: string
default: "mirantis-dockerhub"
+ ARTIFACTORY_URL:
+ type: string
+ default: "docker-dev-virtual.docker.mirantis.net"
+ description: "URL to artifactory"
+ ARTIFACTORY_NAMESPACE:
+ type: string
+ default: cicd
+ description: "Artifactory namespace (oss, cicd,...)"
DOCKER_GIT_TAG:
type: boolean
default: "true"
diff --git a/jenkins/client/job/oscore/qa.yml b/jenkins/client/job/oscore/qa.yml
index eb565a2..6d54082 100644
--- a/jenkins/client/job/oscore/qa.yml
+++ b/jenkins/client/job/oscore/qa.yml
@@ -71,11 +71,6 @@
branches:
- compare_type: "PLAIN"
name: "master"
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created
diff --git a/jenkins/client/job/oscore/salt_virtual_models.yml b/jenkins/client/job/oscore/salt_virtual_models.yml
index 17c4aa8..9f79cf1 100644
--- a/jenkins/client/job/oscore/salt_virtual_models.yml
+++ b/jenkins/client/job/oscore/salt_virtual_models.yml
@@ -19,10 +19,18 @@
display_name: oscore-test-virtual-model
name: oscore-test-virtual-model
param:
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt-qa-credentials"
+ description: Jenkins credential ID for Salt master
CREDENTIALS_ID:
default: gerrit
type: string
description: "Name of creadentials to use when connecting to gerrit"
+ ARTIFACTORY_CREDENTIALS:
+ type: string
+ default: "artifactory"
+ description: Jenkins credential ID for Artifactory
HEAT_STACK_ZONE:
type: string
description: "Heat stack zone where build stack"
@@ -84,7 +92,7 @@
TEST_TARGET:
type: string
description: Node to run tests
- default: "cfg01*"
+ default: "gtw01*"
TEST_CONCURRENCY:
type: string
description: How much test threads to run
diff --git a/jenkins/client/job/oscore/tests.yml b/jenkins/client/job/oscore/tests.yml
index d06160e..4453dae 100644
--- a/jenkins/client/job/oscore/tests.yml
+++ b/jenkins/client/job/oscore/tests.yml
@@ -378,6 +378,10 @@
type: boolean
description: Whether to use pepper to connect to salt master
default: 'false'
+ USE_RALLY:
+ type: boolean
+ description: Whether to use container with rally
+ default: 'true'
results-checker-template:
name: "{{job_prefix}}-{{test_type}}-results-checker"
template:
diff --git a/linux/system/motd/static.yml b/linux/system/motd/static.yml
index 774abc6..c0e23c0 100644
--- a/linux/system/motd/static.yml
+++ b/linux/system/motd/static.yml
@@ -1,12 +1,20 @@
parameters:
+ _param:
+ motd_company_name: COMPANY_NAME
linux:
system:
motd: |
- WARNING: This is private network
- Unauthorized access is strictly prohibited
+ =================================== WARNING ====================================
+ You have accessed a computer managed by ${_param:motd_company_name}.
+ You are required to have authorisation from ${_param:motd_company_name}
+ before you proceed and you are strictly limited to use set out within that
+ authorisation. Unauthorised access to or misuse of this system is prohibited
+ and constitutes an offence under the Computer Misuse Act 1990.
+ If you disclose any information obtained through this system without
+ authority ${_param:motd_company_name} may take legal action against you.
+ ================================================================================
------------------------------------------------------
Hostname | ${linux:system:name}
Domain | ${linux:system:domain}
------------------------------------------------------
-
diff --git a/linux/system/repo/mcp/apt_mirantis/elastic/2x.yml b/linux/system/repo/mcp/apt_mirantis/elastic/2x.yml
index 1db8267..9fc19c6 100644
--- a/linux/system/repo/mcp/apt_mirantis/elastic/2x.yml
+++ b/linux/system/repo/mcp/apt_mirantis/elastic/2x.yml
@@ -11,3 +11,9 @@
key_id: D88E42B4
key_server: keyserver.ubuntu.com
clean_file: true
+ mcp_elastic_curator_2x:
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_elastic_2x_version}/elasticsearch-curator/${_param:linux_system_codename}/ stable main"
+ architectures: amd64
+ key_id: D88E42B4
+ key_server: keyserver.ubuntu.com
+ clean_file: true
diff --git a/linux/system/repo/mcp/apt_mirantis/elastic/5x.yml b/linux/system/repo/mcp/apt_mirantis/elastic/5x.yml
index 453b3bc..01d2ff0 100644
--- a/linux/system/repo/mcp/apt_mirantis/elastic/5x.yml
+++ b/linux/system/repo/mcp/apt_mirantis/elastic/5x.yml
@@ -11,3 +11,10 @@
key_id: D88E42B4
key_server: keyserver.ubuntu.com
clean_file: true
+ mcp_elastic_curator_5x:
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_elastic_5x_version}/elasticsearch-curator-5/${_param:linux_system_codename}/ stable main"
+ architectures: amd64
+ key_id: D88E42B4
+ key_server: keyserver.ubuntu.com
+ clean_file: true
+
diff --git a/nginx/server/proxy/openstack_api.yml b/nginx/server/proxy/openstack_api.yml
index f9f363d..9492c56 100644
--- a/nginx/server/proxy/openstack_api.yml
+++ b/nginx/server/proxy/openstack_api.yml
@@ -8,4 +8,3 @@
- system.nginx.server.proxy.openstack.keystone_private
- system.nginx.server.proxy.openstack.neutron
- system.nginx.server.proxy.openstack.nova
-- system.nginx.server.proxy.openstack.nova_ec2
diff --git a/openssh/server/team/maintenance.yml b/openssh/server/team/maintenance.yml
index 44e8639..33cc697 100644
--- a/openssh/server/team/maintenance.yml
+++ b/openssh/server/team/maintenance.yml
@@ -1,9 +1,11 @@
classes:
- system.linux.system.sudo
-- system.openssh.server.team.members.astupnikov
- system.openssh.server.team.members.dmeltsaykin
-- system.openssh.server.team.members.myatsenko
- system.openssh.server.team.members.omolchanov
+- system.openssh.server.team.members.ibumarskov
+- system.openssh.server.team.members.vkhlyunev
+- system.openssh.server.team.members.vjigulin
+- system.openssh.server.team.members.dtsapikov
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/members/dtsapikov.yml b/openssh/server/team/members/dtsapikov.yml
new file mode 100644
index 0000000..82b3526
--- /dev/null
+++ b/openssh/server/team/members/dtsapikov.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ dtsapikov:
+ enabled: true
+ name: dtsapikov
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Dmitry Tsapikov
+ home: /home/dtsapikov
+ email: dtsapikov@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ dtsapikov:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDqcQyBOTEtVB82WmUSOpFN2e3/38BxaX3+Gq0lIsBatGK4WlTeSlrnquq9ANenAUzf6yphPy5sQFiegf8mVJ2jD7a8N7MH2K1zVsQUIM2d84SA4f8YxUOyBsAL32nesmxrsFvGQiV2U1XRIuuNqTqjrX5gsTUznkVqYZWvmvoEVT/GsoFKH7aPb7w88/3EAXysSkfJBTEINjWV14+jpv5u/hWv/K/UU/gptx9aEUw9bYUaH5rW8lW9nyIp+BPT0z5BvHTtk+KIDjqS2SEAYVnV/qWoHIU1rGDXbAXcNgN0iFVdOfLhvenxhkyXV/9+UFoAibLBzBTrXxbnoK5AkTyF dtsapikov@Dmitrys-MacBook-Pro.local
+ user: ${linux:system:user:dtsapikov}
diff --git a/openssh/server/team/members/ibumarskov.yml b/openssh/server/team/members/ibumarskov.yml
new file mode 100644
index 0000000..ba87f1e
--- /dev/null
+++ b/openssh/server/team/members/ibumarskov.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ ibumarskov:
+ enabled: true
+ name: ibumarskov
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Ilya Bumarskov
+ home: /home/ibumarskov
+ email: ibumarskov@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ ibumarskov:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDay30C5s6TWCxj2DFgAvSITpuou2bsHQbbtRVVo5vbVWzZExsVr6v9mfqqWIbBwqnoGLDehEf58pczlvSb7np+/uVheFeIoocPoL0hgvK5PveS6Hb5niTBXVUk1pgtbDXWmlLmpUCMQUiX5zEE47x04/orrkqaLkWsZoGyXD9aFEjfZNmFWP38JDUDqv/r1awmi6L2UonDegN5L4PrQTlRk0ZoNUKeGYndHHY2Waop50ZsLtiS7JorIzMvicOtdOnZjZmTvrg9EYoHwS2ZWtPOjvwOtSRziOFdltCjxhHgh7jmETdTLLuvJHVKr8UXMO8tWmqet+LaJOzJNpBfSTKR ibumarskov@ubuntu
+ user: ${linux:system:user:ibumarskov}
diff --git a/openssh/server/team/members/mcp-scale-jenkins.yml b/openssh/server/team/members/mcp-scale-jenkins.yml
new file mode 100644
index 0000000..3ec3a1c
--- /dev/null
+++ b/openssh/server/team/members/mcp-scale-jenkins.yml
@@ -0,0 +1,23 @@
+parameters:
+ linux:
+ system:
+ user:
+ mcp-scale-jenkins:
+ enabled: true
+ name: mcp-scale-jenkins
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: MCP Scale team
+ home: /home/mcp-scale-jenkins
+ email: mos-scale-jenkins@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ mcp-scale-jenkins:
+ enabled: true
+ public_keys: ${public_keys:mcp-scale-jenkins}
+ user: ${linux:system:user:mcp-scale-jenkins}
+ public_keys:
+ mcp-scale-jenkins:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDnaV3xTY8bzK9zdsgNgnQMFyMuuM3sjMaC10Lv5nM0Zl4+4r76XMNMN/Vd1FbI3U5StlHo1CHr0Byrufrnzg4YjoqPED4vlyPwwr5oWeqVHWt7pFitu7HB1xyUPdADR4PSqxUsGV6VWvj+mv18jRZj2w006NJvTSN7N2T7F99lUqUIm9FlfliIH9gNepyX4jaN+/aUppAtFMqomUNjWDbdCxedWQRO2f7H+ZbuRq23jhSbnNTrvhCzg+E6yroarkSKv5lASuBS8nOAw233PZzBi7E1boRF9B9yTDYBX1yFjR9iZyFTq+WXQzvxN2HTInSiL6VFnpz2My5fa3J2ZiTZ
+
diff --git a/openssh/server/team/members/mcp-scale.yml b/openssh/server/team/members/mcp-scale.yml
deleted file mode 100644
index d9376ba..0000000
--- a/openssh/server/team/members/mcp-scale.yml
+++ /dev/null
@@ -1,23 +0,0 @@
-parameters:
- linux:
- system:
- user:
- mos-scale-jenkins:
- enabled: true
- name: mos-scale-jenkins
- sudo: ${_param:linux_system_user_sudo}
- full_name: MCP Scale team
- home: /home/mos-scale-jenkins
- email: mos-scale-jenkins@mirantis.com
- openssh:
- server:
- enabled: true
- user:
- mos-scale-jenkins:
- enabled: true
- public_keys: ${public_keys:mos-scale-jenkins}
- user: ${linux:system:user:mos-scale-jenkins}
- public_keys:
- mos-scale-jenkins:
- - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
-
diff --git a/openssh/server/team/members/vjigulin.yml b/openssh/server/team/members/vjigulin.yml
new file mode 100644
index 0000000..58e3a00
--- /dev/null
+++ b/openssh/server/team/members/vjigulin.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ vjigulin:
+ enabled: true
+ name: vjigulin
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Vladimir Jigulin
+ home: /home/vjigulin
+ email: vjigulin@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ vjigulin:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDI+OmVDWql8hAOtHIN03zmd0vOj6lzgRwgT5/atyJHbkcl9y5CuB5+DdlXplMcPnm7lH+2u9LnWr21dcal3DuoHYSavnRKvyZZfTDDyvWB1FGYwM8igrdrrSGGuhl5yLlRbuXdQzlfo889s0LYtymKDdXIdo+WDdC/jDnVgUXA6J4TWQ/D2U9GLXRoT10J0duN664bbbdmJhSq7Qehq94k2as7Jy9R3HtvT+DIITrCVua3yPg0Zm+SxCA8xT8g3VKtdKTJdTlDG6o6PXWHR3W9jfNbO6CayLTBaiAFXqbKAol31yCaRbcDZfnoWfmFVu6rsQ90WZv4L9gK05uNBH1z mogaika@mogaika
+ user: ${linux:system:user:vjigulin}
diff --git a/openssh/server/team/members/vkhlyunev.yml b/openssh/server/team/members/vkhlyunev.yml
new file mode 100644
index 0000000..9779831
--- /dev/null
+++ b/openssh/server/team/members/vkhlyunev.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ vkhlyunev:
+ enabled: true
+ name: vkhlyunev
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Vladimir Khlyunev
+ home: /home/vkhlyunev
+ email: vkhlyunev@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ vkhlyunev:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1v5pWSan9H2Wl64C8bKWmbULp0QgJUi9FqPyuw1bfS5GfHLxejPxaDzec0uSx0PXWzS9afwIO7aGA1dg+dvdl1iPy9jfpkQbGGsusmSsbLvf6+WLVsPk90Bvoc4anmEsG2DWT1SGR65d/imjlwsnlbHTQIm0YucjDjV/p2MmYlbaFLm+ynfo9mt1mP954GDPKQHvyBpxvAIEHL3xAcnNXcpSXm2jhCNsNGUSpY+R7gin2q8MtrpzQNeZZ8degUMpgba7CTXN1sws2dc3UayJ8KZkyRVJNk6mpt2jey03izJzXzt3ux3hg5lToELvEIMDdHOPHT0b0U7f2H+eBCfH/ vkhlyunev@cz7317
+ user: ${linux:system:user:vkhlyunev}
diff --git a/openssh/server/team/qa_scale.yml b/openssh/server/team/qa_scale.yml
index 20a4e7d..9415496 100644
--- a/openssh/server/team/qa_scale.yml
+++ b/openssh/server/team/qa_scale.yml
@@ -3,7 +3,7 @@
- system.openssh.server.team.members.sgalkin
- system.openssh.server.team.members.obasov
- system.openssh.server.team.members.mikhailkraynov
-- system.openssh.server.team.members.mcp-scale
+- system.openssh.server.team.members.mcp-scale-jenkins
parameters:
_param:
diff --git a/postgresql/client/pushkin.yml b/postgresql/client/pushkin.yml
deleted file mode 100644
index c6ec567..0000000
--- a/postgresql/client/pushkin.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-classes:
- - system.postgresql.client
-parameters:
- _param:
- pushkin_db_host: ${_param:haproxy_postgresql_bind_host}
- pushkin_db_user: pushkin
- pushkin_db_user_password: pushkin
- postgresql:
- client:
- server:
- server01:
- database:
- pushkin:
- enabled: true
- encoding: 'UTF8'
- locale: 'en_US'
- users:
- - name: ${_param:pushkin_db_user}
- password: ${_param:pushkin_db_user_password}
- host: ${_param:pushkin_db_host}
- createdb: true
- rights: all privileges
- extension:
- hstore:
- enabled: true
-
diff --git a/postgresql/client/alertmanager.yml b/postgresql/client/pushkin/alertmanager.yml
similarity index 68%
rename from postgresql/client/alertmanager.yml
rename to postgresql/client/pushkin/alertmanager.yml
index 8bd272a..8e413da 100644
--- a/postgresql/client/alertmanager.yml
+++ b/postgresql/client/pushkin/alertmanager.yml
@@ -12,16 +12,7 @@
server:
server01:
database:
- alertmanager:
- enabled: true
- encoding: 'UTF8'
- locale: 'en_US'
- users:
- - name: ${_param:alertmanager_db_user}
- password: ${_param:alertmanager_db_user_password}
- host: ${_param:alertmanager_db_host}
- createdb: true
- rights: all privileges
+ pushkin:
init:
maintenance_db: pushkin
force: true
diff --git a/postgresql/client/pushkin/init.yml b/postgresql/client/pushkin/init.yml
new file mode 100644
index 0000000..5677646
--- /dev/null
+++ b/postgresql/client/pushkin/init.yml
@@ -0,0 +1,54 @@
+classes:
+ - system.postgresql.client
+parameters:
+ _param:
+ pushkin_db_host: ${_param:haproxy_postgresql_bind_host}
+ pushkin_db_user: pushkin
+ pushkin_db_user_password: pushkin
+ postgresql:
+ client:
+ server:
+ server01:
+ database:
+ pushkin:
+ enabled: true
+ encoding: 'UTF8'
+ locale: 'en_US'
+ users:
+ - name: ${_param:pushkin_db_user}
+ password: ${_param:pushkin_db_user_password}
+ host: ${_param:pushkin_db_host}
+ createdb: true
+ rights: all privileges
+ init:
+ maintenance_db: pushkin
+ queries:
+ - ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO public;
+ - CREATE TABLE IF NOT EXISTS login (id int8 NOT NULL, language_id int2, PRIMARY KEY (id));
+ - CREATE TABLE IF NOT EXISTS device (id serial NOT NULL, login_id int8 NOT NULL, platform_id int2 NOT NULL, device_token text NOT NULL, device_token_new text, application_version int4, unregistered_ts timestamp, device_id text, PRIMARY KEY(id));
+ - CREATE INDEX IF NOT EXISTS idx_device_login_id ON device (login_id);
+ - ALTER TABLE device DROP CONSTRAINT IF EXISTS Ref_device_to_login;
+ - ALTER TABLE device ADD CONSTRAINT Ref_device_to_login FOREIGN KEY (login_id) REFERENCES login(id) MATCH SIMPLE ON DELETE CASCADE ON UPDATE NO ACTION NOT DEFERRABLE;
+ - CREATE TABLE IF NOT EXISTS message (id serial NOT NULL, name text NOT NULL, cooldown_ts int8, trigger_event_id int4, screen text NOT NULL DEFAULT '', PRIMARY KEY (id), CONSTRAINT c_message_unique_name UNIQUE(name));
+ - CREATE TABLE IF NOT EXISTS message_localization (id serial NOT NULL, message_id int4 NOT NULL, language_id int2 NOT NULL, message_title text NOT NULL, message_text text NOT NULL, PRIMARY KEY(id), CONSTRAINT c_message_loc_unique_message_language UNIQUE(message_id, language_id));
+ - ALTER TABLE message_localization DROP CONSTRAINT IF EXISTS ref_message_id_to_message;
+ - ALTER TABLE message_localization ADD CONSTRAINT ref_message_id_to_message FOREIGN KEY (message_id) REFERENCES message(id) MATCH SIMPLE ON DELETE CASCADE ON UPDATE NO ACTION NOT DEFERRABLE;
+ - CREATE TABLE IF NOT EXISTS user_message_last_time_sent (id serial NOT NULL, login_id int8 NOT NULL, message_id int4 NOT NULL, last_time_sent_ts_bigint int8 NOT NULL, PRIMARY KEY (id), CONSTRAINT c_user_unique_message UNIQUE(login_id, message_id));
+ - ALTER TABLE user_message_last_time_sent DROP CONSTRAINT IF EXISTS ref_login_id_to_login
+ - ALTER TABLE user_message_last_time_sent ADD CONSTRAINT ref_login_id_to_login FOREIGN KEY (login_id) REFERENCES login(id) MATCH SIMPLE ON DELETE CASCADE ON UPDATE NO ACTION NOT DEFERRABLE;
+ - ALTER TABLE user_message_last_time_sent DROP CONSTRAINT IF EXISTS ref_message_id_to_message
+ - ALTER TABLE user_message_last_time_sent ADD CONSTRAINT ref_message_id_to_message FOREIGN KEY (message_id) REFERENCES message(id) MATCH SIMPLE ON DELETE CASCADE ON UPDATE NO ACTION NOT DEFERRABLE;
+ - ALTER TABLE login OWNER TO ${_param:pushkin_db_user};
+ - ALTER TABLE device OWNER TO ${_param:pushkin_db_user};
+ - ALTER TABLE message OWNER TO ${_param:pushkin_db_user};
+ - ALTER TABLE message_localization OWNER TO ${_param:pushkin_db_user};
+ - ALTER TABLE user_message_last_time_sent OWNER TO ${_param:pushkin_db_user};
+ - GRANT ALL PRIVILEGES ON TABLE login TO ${_param:pushkin_db_user};
+ - GRANT ALL PRIVILEGES ON TABLE device TO ${_param:pushkin_db_user};
+ - GRANT ALL PRIVILEGES ON TABLE message TO ${_param:pushkin_db_user};
+ - GRANT ALL PRIVILEGES ON TABLE message_localization TO ${_param:pushkin_db_user};
+ - GRANT ALL PRIVILEGES ON TABLE user_message_last_time_sent TO ${_param:pushkin_db_user};
+ extension:
+ hstore:
+ enabled: true
+
diff --git a/postgresql/client/janitor_monkey.yml b/postgresql/client/pushkin/janitor_monkey.yml
similarity index 68%
rename from postgresql/client/janitor_monkey.yml
rename to postgresql/client/pushkin/janitor_monkey.yml
index def9a06..b56d098 100644
--- a/postgresql/client/janitor_monkey.yml
+++ b/postgresql/client/pushkin/janitor_monkey.yml
@@ -12,16 +12,7 @@
server:
server01:
database:
- janmonkey:
- enabled: true
- encoding: 'UTF8'
- locale: 'en_US'
- users:
- - name: ${_param:janmonkey_db_user}
- password: ${_param:janmonkey_db_user_password}
- host: ${_param:janmonkey_db_host}
- createdb: true
- rights: all privileges
+ pushkin:
init:
maintenance_db: pushkin
force: true
diff --git a/postgresql/client/pushkin/security_monkey.yml b/postgresql/client/pushkin/security_monkey.yml
new file mode 100644
index 0000000..18154cd
--- /dev/null
+++ b/postgresql/client/pushkin/security_monkey.yml
@@ -0,0 +1,19 @@
+classes:
+ - system.postgresql.client
+parameters:
+ _param:
+ secmonkey_db_host: ${_param:haproxy_postgresql_bind_host}
+ secmonkey_db_user: secmonkey
+ secmonkey_db_user_password: secmonkey
+ postgresql:
+ client:
+ server:
+ server01:
+ database:
+ pushkin:
+ init:
+ maintenance_db: pushkin
+ force: true
+ queries:
+ - INSERT INTO login VALUES (${_param:secmonkey_login_id}, ${_param:secmonkey_application_id}) ON CONFLICT (id) DO UPDATE SET id = excluded.id;
+ - INSERT INTO device VALUES (${_param:secmonkey_application_id}, ${_param:secmonkey_login_id}, 42, 'security_audit_service', NULL, 1, NULL) ON CONFLICT (id) DO UPDATE SET id = excluded.id;
diff --git a/postgresql/client/sfdc.yml b/postgresql/client/pushkin/sfdc.yml
similarity index 68%
rename from postgresql/client/sfdc.yml
rename to postgresql/client/pushkin/sfdc.yml
index bafd9c9..57af7fe 100644
--- a/postgresql/client/sfdc.yml
+++ b/postgresql/client/pushkin/sfdc.yml
@@ -12,16 +12,7 @@
server:
server01:
database:
- sfdc:
- enabled: true
- encoding: 'UTF8'
- locale: 'en_US'
- users:
- - name: ${_param:sfdc_db_user}
- password: ${_param:sfdc_db_user_password}
- host: ${_param:sfdc_db_host}
- createdb: true
- rights: all privileges
+ pushkin:
init:
maintenance_db: pushkin
force: true
diff --git a/postgresql/client/security_monkey.yml b/postgresql/client/security_monkey.yml
index c47e241..ab7a4c8 100644
--- a/postgresql/client/security_monkey.yml
+++ b/postgresql/client/security_monkey.yml
@@ -20,9 +20,3 @@
host: ${_param:secmonkey_db_host}
createdb: true
rights: all privileges
- init:
- maintenance_db: pushkin
- force: true
- queries:
- - INSERT INTO login VALUES (${_param:secmonkey_login_id}, ${_param:secmonkey_application_id}) ON CONFLICT (id) DO UPDATE SET id = excluded.id;
- - INSERT INTO device VALUES (${_param:secmonkey_application_id}, ${_param:secmonkey_login_id}, 42, 'security_audit_service', NULL, 1, NULL) ON CONFLICT (id) DO UPDATE SET id = excluded.id;