Puppet Class: phabricator::almanac

Defined in:
manifests/almanac.pp

Summary

This class can be used to register an Almanac device using

Overview

Class for registering an Almanac device.

‘./bin/almanac register`. See the / Almanac User Guide for further information.

TODO: Remove the default values after we drop support for Puppet 4.7.

Parameters:

  • device (String)

    The name of the Almanac device to register.

  • private_key (String)

    The contents of an SSH private key that has been associated with the specified Almanac device. This SSH key must be manually marked as trusted using the ‘./bin/almanac trust-key` command.

  • identity (Optional[String]) (defaults to: undef)

    The name of the Almanac device to identify as.



16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
 
# File 'manifests/almanac.pp', line 16

class phabricator::almanac(
  String $device,
  String $private_key,
  Optional[String] $identity = undef,
) {
  $device_id_path   = "${phabricator::install_dir}/phabricator/conf/keys/device.id"
  $private_key_path = "${phabricator::install_dir}/phabricator/conf/keys/device.key"

  file { 'phabricator/conf/device.key':
    ensure  => 'file',
    path    => $private_key_path,
    content => $private_key,
    owner   => $phabricator::daemon_user,
    group   => $phabricator::group,
    mode    => '0400',
    notify  => Exec['almanac register'],
    require => Vcsrepo['phabricator'],
  }

  $_options = [
    "--device ${device}",
    '--force',
    "--private-key ${private_key_path}",
  ]

  if $identity == undef {
    $identity_option = undef
  } else {
    $identity_option = "--identify-as ${identity}"
  }

  $options = delete_undef_values(concat($_options, [$identity_option]))

  # TODO: The `strict_indent` check doesn't seem to work properly here. See
  # https://github.com/relud/puppet-lint-strict_indent-check/issues/11.
  #
  # lint:ignore:strict_indent
  exec { 'almanac register':
    command => "${phabricator::install_dir}/phabricator/bin/almanac register ${join($options, ' ')}",
    creates => $device_id_path,
    require => [
      Class['php::cli'],
      File['phabricator/conf/local.json'],
      Php::Extension['mysql'],
      Vcsrepo['libphutil'],
      Vcsrepo['phabricator'],
    ],
  }
  # lint:endignore

  if $phabricator::storage_upgrade {
    Exec['bin/storage upgrade'] -> Exec['almanac register']
  }

  # TODO: This is dirty, but there's no way that we can accurately determine
  # whether `Class[phabricator::daemons]` exists in the catalogue. I think that
  # the solution here is to make the `phabricator::almanac` and
  # `phabricator::daemons` classes private (using `assert_private()`), and to
  # instead use flags to determine whether these classes should be included
  # (e.g. `$phabricator::almanac = true` and `$phabricator::daemons = true`).
  Exec['almanac register'] -> Service <| title == 'phd' |>
}