diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index cfed22d4..a534cee9 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -1,6 +1,7 @@
name: build
on:
+ workflow_dispatch:
push:
branches: ['*']
tags:
@@ -122,16 +123,14 @@ jobs:
name: 'centos7-puppet7'
- ruby: '2.7'
name: 'centos7-puppet7-python36'
- - ruby: '2.7'
- name: 'ubuntu16-puppet6'
- - ruby: '2.7'
- name: 'ubuntu16-puppet7'
- - ruby: '2.7'
- name: 'ubuntu16-puppet7-python36'
- ruby: '2.7'
name: 'ubuntu18-puppet6'
- ruby: '2.7'
name: 'ubuntu18-puppet7'
+ - ruby: '2.7'
+ name: 'ubuntu20-puppet6'
+ - ruby: '2.7'
+ name: 'ubuntu20-puppet7'
env:
CHECK: '${{ matrix.check }}'
steps:
diff --git a/.kitchen.yml b/.kitchen.yml
index dcde9539..c4b84d07 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -73,61 +73,49 @@ platforms:
puppetfile_path: build/centos7-puppet7/Puppetfile
manifest: test/fullinstall_python36.pp
- # Ubuntu Xenial with Systemd - Puppet 6
- - name: ubuntu16-puppet6
- driver:
- platform: ubuntu
- dockerfile: build/ubuntu16-puppet6/Dockerfile.kitchen
- run_command: /sbin/init
- volume:
- - /sys/fs/cgroup:/sys/fs/cgroup:ro
- provisioner:
- puppetfile_path: build/ubuntu16-puppet6/Puppetfile
-
- # Ubuntu Xenial with Systemd - Puppet 7
- - name: ubuntu16-puppet7
+ # Ubuntu Bionic with Systemd - Puppet 6
+ - name: ubuntu18-puppet6
driver:
platform: ubuntu
- dockerfile: build/ubuntu16-puppet7/Dockerfile.kitchen
+ dockerfile: build/ubuntu18-puppet6/Dockerfile.kitchen
run_command: /sbin/init
volume:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
provisioner:
- puppetfile_path: build/ubuntu16-puppet7/Puppetfile
+ puppetfile_path: build/ubuntu18-puppet6/Puppetfile
- # Ubuntu Xenial with Systemd - Puppet 7 - Python 3.6
- - name: ubuntu16-puppet7-python36
+ # Ubuntu Bionic with Systemd - Puppet 7
+ - name: ubuntu18-puppet7
driver:
platform: ubuntu
- dockerfile: build/ubuntu16-puppet7/Dockerfile.kitchen
+ dockerfile: build/ubuntu18-puppet7/Dockerfile.kitchen
run_command: /sbin/init
volume:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
provisioner:
- puppetfile_path: build/ubuntu16-puppet7/Puppetfile
- manifest: test/fullinstall_python36.pp
+ puppetfile_path: build/ubuntu18-puppet7/Puppetfile
- # Ubuntu Bionic with Systemd - Puppet 6
- - name: ubuntu18-puppet6
+ # Ubuntu Focal with Systemd - Puppet 6
+ - name: ubuntu20-puppet6
driver:
platform: ubuntu
- dockerfile: build/ubuntu18-puppet6/Dockerfile.kitchen
+ dockerfile: build/ubuntu20-puppet6/Dockerfile.kitchen
run_command: /sbin/init
volume:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
provisioner:
- puppetfile_path: build/ubuntu18-puppet6/Puppetfile
+ puppetfile_path: build/ubuntu20-puppet6/Puppetfile
- # Ubuntu Bionic with Systemd - Puppet 7
- - name: ubuntu18-puppet7
+ # Ubuntu Focal with Systemd - Puppet 7
+ - name: ubuntu20-puppet7
driver:
platform: ubuntu
- dockerfile: build/ubuntu18-puppet7/Dockerfile.kitchen
+ dockerfile: build/ubuntu20-puppet7/Dockerfile.kitchen
run_command: /sbin/init
volume:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
provisioner:
- puppetfile_path: build/ubuntu18-puppet7/Puppetfile
+ puppetfile_path: build/ubuntu20-puppet7/Puppetfile
suites:
- name: default
diff --git a/.pdkignore b/.pdkignore
index e6215cd0..e13b4316 100644
--- a/.pdkignore
+++ b/.pdkignore
@@ -36,7 +36,6 @@
/rakelib/
/.rspec
/.rubocop.yml
-/.travis.yml
/.yardopts
/spec/
/.vscode/
diff --git a/.sync.yml b/.sync.yml
index bc8b77fa..d46903a3 100644
--- a/.sync.yml
+++ b/.sync.yml
@@ -13,9 +13,6 @@
.gitlab-ci.yml:
# we don't use GitLab
unmanaged: true
-.travis.yml:
- # we keep our own .travis.yml because of integration testing
- unmanaged: true
.vscode/extensions.json:
# we don't use VSCode
unmanaged: true
diff --git a/.travis-switch-to-github-actions.yml b/.travis-switch-to-github-actions.yml
deleted file mode 100644
index 59a7abc8..00000000
--- a/.travis-switch-to-github-actions.yml
+++ /dev/null
@@ -1,140 +0,0 @@
----
-os: linux
-dist: bionic
-services: docker
-language: ruby
-cache: bundler
-before_install:
- - if [ $BUNDLER_VERSION ]; then
- gem install -v $BUNDLER_VERSION bundler --no-rdoc --no-ri;
- fi
- - bundle -v
- - rm -f Gemfile.lock
- - gem update --system $RUBYGEMS_VERSION
- - gem --version
- - bundle -v
-bundler_args: --without system_tests
-
-# execute all commands in a single script with 'set -e' at the top
-# otherwise if you specify >1 command here, travis will try to run them
-# all and if one fails it will ignore the failure and go onto the next
-script:
- - build/scripts/ci.sh
-
-stages:
- - test
- - if: tag =~ ^v\d
- name: deploy
-
-jobs:
- fast_finish: true
- include:
- - name: "Unit Testing - Puppet 5"
- stage: test
- rvm: 2.4
- # use default Gemfile in repo root (from PDK)
- env:
- - UNIT_TEST="true"
- - PUPPET_GEM_VERSION="~> 5.0"
- - CHECK="syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop parallel_spec"
- - name: "Unit Testing - Puppet 6"
- stage: test
- rvm: 2.5
- # use default Gemfile in repo root (from PDK)
- env:
- - UNIT_TEST="true"
- - PUPPET_GEM_VERSION="~> 6.0"
- - CHECK="syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop parallel_spec"
- - name: "Unit Testing - Bolt Tasks Python 2.7"
- stage: test
- language: python
- python: 2.7
- cache: pip
- before_install:
- - echo 'no bundler needed here'
- script:
- - make python2
- - name: "Unit Testing - Bolt Tasks Python 3.6"
- stage: test
- language: python
- python: 3.6
- cache: pip
- before_install:
- - echo 'no bundler needed here'
- script:
- - make python3
- - name: "Documentation Testing"
- stage: test
- rvm: 2.5
- # use default Gemfile in repo root (from PDK)
- env:
- - DOCS_TEST="true"
- - PUPPET_GEM_VERSION="~> 6.0"
- - name: "RHEL/CentOS 7 - Puppet 5"
- stage: test
- rvm: 2.5
- gemfile: build/kitchen/Gemfile
- env:
- - TEST_NAME="centos7-puppet5"
- - name: "RHEL/CentOS 7 - Puppet 6"
- stage: test
- rvm: 2.5
- gemfile: build/kitchen/Gemfile
- env:
- - TEST_NAME="centos7-puppet6"
- - name: "Ubuntu 16 - Puppet 5"
- stage: test
- rvm: 2.5
- gemfile: build/kitchen/Gemfile
- env:
- - TEST_NAME="ubuntu16-puppet5"
- - name: "Ubuntu 16 - Puppet 6"
- stage: test
- rvm: 2.5
- gemfile: build/kitchen/Gemfile
- env:
- - TEST_NAME="ubuntu16-puppet6"
- - name: "Ubuntu 18 - Puppet 5"
- stage: test
- rvm: 2.5
- gemfile: build/kitchen/Gemfile
- env:
- - TEST_NAME="ubuntu18-puppet5"
- - name: "Ubuntu 18 - Puppet 6"
- stage: test
- rvm: 2.5
- gemfile: build/kitchen/Gemfile
- env:
- - TEST_NAME="ubuntu18-puppet6"
- - name: "Deploy to Forge"
- stage: deploy
- env: DEPLOY_TO_FORGE=yes
- script:
- # override the script so travis just goes on to do the deploy
- - echo "Deploying to Forge..."
-
-notifications:
- # Post build failures to '#puppet' channel in 'stackstorm-community' Slack
- slack:
- rooms:
- - secure: SJ0wpsrrq7oYeepFawJs2iSuKLpWr6aoyWgP+fTPLq8tcZGuIUKJSLM+1FZddYE08QvykO1E0jyeqBrTyvFc7EwsW6vD5bpFYGtVMSMJJIgk76UEhmXbqtTJTjfjYT7/7RDnWlEGXXS7icIZSkEP1moz34fXEDbXKzCpFtqZkAo=
- on_pull_requests: false
- on_success: change # default: always
- on_failure: always # default: always
-
-# restrict build so our tagging deploys work properly
-branches:
- only:
- - master
- - /^v\d/
-
-# deploy to forge when tagged with a new release
-deploy:
- provider: puppetforge
- username: stackstorm
- password:
- secure: "Em3vLHZA/asZiNHN5FO9DQAGLaQYEn9zCoDrkcOJUROFViY8luFvJ6necCnFQEGtC3kHXwoFpD05oCOxeVDm8NNzIbjFKPT7B4/wBndshp4pataxQNgnz8zw3Jufgih8p7nxf/ikugUiQKOiqKlp2U6QEGi5oVEQ5UpKx8KvhNg="
- on:
- tags: true
- all_branches: true
- condition: "$DEPLOY_TO_FORGE = yes"
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0ccdd83e..891fd88a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,19 @@
## Development
+- Remove tests for Ubuntu 18.04 and Python3.6, since it's already default. Contributed by @rush-skills.
+
+- Drop support for ubuntu 16.04 and add support for ubuntu 20.04. Contributed by @rush-skills
+
+- Update build docs. Contributed by @rush-skills
+
+- Change old style fact reference in selinux profile. Contributed by @rush-skills
+
+- Cleaned up old style `::` references. Contributed by @rush-skills
+
+- Removed travis references after switch to GitHub Actions. Contributed by @rush-skills
+
+- Removed `files/etc/st2/st2.conf` as the template was no longer used. Contributed by @rush-skills
## 2.2.0 (Jul 14, 2021)
diff --git a/README.md b/README.md
index 4a30a1b7..154da282 100644
--- a/README.md
+++ b/README.md
@@ -49,6 +49,7 @@ The `st2` module configures the existing into a complete and dedicated StackStor
* MongoDB
* Postgres
* RabbitMQ
+ * Redis
* Nginx
* NodeJS
@@ -69,10 +70,10 @@ and [librarian-puppet](http://librarian-puppet.com/).
* RHEL/CentOS 7 - Puppet 6 - [build/centos7-puppet6/Puppetfile](build/centos7-puppet6/Puppetfile)
* RHEL/CentOS 7 - Puppet 7 - [build/centos7-puppet7/Puppetfile](build/centos7-puppet7/Puppetfile)
- * Ubuntu 16.04 - Puppet 6 - [build/ubuntu16-puppet6/Puppetfile](build/ubuntu16-puppet6/Puppetfile)
- * Ubuntu 16.04 - Puppet 7 - [build/ubuntu16-puppet7/Puppetfile](build/ubuntu16-puppet7/Puppetfile)
* Ubuntu 18.04 - Puppet 6 - [build/ubuntu18-puppet6/Puppetfile](build/ubuntu18-puppet6/Puppetfile)
* Ubuntu 18.04 - Puppet 7 - [build/ubuntu18-puppet7/Puppetfile](build/ubuntu18-puppet7/Puppetfile)
+ * Ubuntu 20.04 - Puppet 6 - [build/ubuntu20-puppet6/Puppetfile](build/ubuntu20-puppet6/Puppetfile)
+ * Ubuntu 20.04 - Puppet 7 - [build/ubuntu20-puppet7/Puppetfile](build/ubuntu20-puppet7/Puppetfile)
### Beginning with st2
@@ -118,17 +119,6 @@ Hiera data bindings. A few notable parameters to take note of:
**Notes**
* RHEL 7 - The Red Hat subscription repo `'rhel-7-server-optional-rpms'`
will need to be enabled prior to running this module.
- * :warning: Ubuntu 16.04 -
- The python3.6 package is a required dependency for the StackStorm `st2` package
- but that is not installable from any of the default Ubuntu 16.04 repositories.
- We recommend switching to Ubuntu 18.04 LTS (Bionic) as a base OS. Support for
- Ubuntu 16.04 will be removed with future StackStorm versions.
- Alternatively the Puppet will try to add python3.6 from the 3rd party 'deadsnakes' repository: https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa.
- Only set to true, if you are aware of the support and security risks associated
- with using unofficial 3rd party PPA repository, and you understand that StackStorm
- does NOT provide ANY support for python3.6 packages on Ubuntu 16.04.
- The unsafe PPA `'ppa:deadsnakes/ppa'` https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa
- can be enabled if you specify the `st2::python_enable_unsafe_repo: true` (default: `false`)
```puppet
# CentOS/RHEL 7
@@ -136,10 +126,9 @@ Hiera data bindings. A few notable parameters to take note of:
python_version => '3.6',
}
- # Ubuntu 16.04 (unsafe deadsnakes PPA will be enabled because of boolean flag)
+ # Ubuntu 18.04/20.04
class { 'st2':
python_version => 'python3.6',
- python_enable_unsafe_repo => true,
}
contain st2::profile::fullinstall
@@ -224,7 +213,7 @@ The following backends are currently available:
By default the `flat_file` backend is used. To change this you can configure it
-when instantiating the `::st2` class in a manifest file:
+when instantiating the `st2` class in a manifest file:
``` ruby
class { 'st2':
@@ -244,7 +233,7 @@ found by looking at the backend class in the `manifests/st2/auth/` directory.
These parameters map 1-for-1 to the configuration options defined in each
backends GitHub page (links above). Backend configurations are passed in as a hash
using the `auth_backend_config` option. This option can be changed when instantiating
-the `::st2` class in a manifest file:
+the `st2` class in a manifest file:
``` ruby
class { 'st2':
@@ -445,8 +434,8 @@ $res = run_task('st2::key_get', $stackstorm_target,
### Supported platforms
-* Ubuntu 16.04
* Ubuntu 18.04
+* Ubuntu 20.04
* RHEL/CentOS 7
### Supported Puppet versions
@@ -461,6 +450,12 @@ Support for Mistral has been dropped as of StackStorm `3.3.0`.
As of version `1.8` this module no longer supports Mistral (and subsequently PostgreSQL)
Neither Mistral nor Postgresql will be installed or managed by this module.
+#### :warning: End-of-Support Notice - Ubuntu 16.04
+
+Support for Ubuntu 16.04 has been dropped as of StackStorm `3.5.0`
+
+As of version `2.3` this module no longer supports Ubuntu 16.04
+
#### :warning: End-of-Support Notice - CentOS 6
Support for CentOS 6 has been dropped as of StackStorm `3.3.0`.
diff --git a/REFERENCE.md b/REFERENCE.md
index e004a210..baa4fcb6 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -138,7 +138,6 @@ $st2_python_version = $facts['os']['family'] ? {
}
class { 'st2':
python_version => $st2_python_version,
- python_enable_unsafe_repo => true,
}
```
@@ -167,23 +166,6 @@ To install Python 3.6 on Ubuntu 16.05 specify 'python3.6'.
Default value: 'system'
-##### `python_enable_unsafe_repo`
-
-Data type: `Boolean`
-
-The python3.6 package is a required dependency for the StackStorm `st2` package
-but that is not installable from any of the default Ubuntu 16.04 repositories.
-We recommend switching to Ubuntu 18.04 LTS (Bionic) as a base OS. Support for
-Ubuntu 16.04 will be removed with future StackStorm versions.
-Alternatively the Puppet will try to add python3.6 from the 3rd party 'deadsnakes' repository: https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa.
-Only set to true, if you are aware of the support and security risks associated
-with using unofficial 3rd party PPA repository, and you understand that StackStorm
-does NOT provide ANY support for python3.6 packages on Ubuntu 16.04.
-The unsafe PPA `'ppa:deadsnakes/ppa'` https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa
-can be enabled if you specify `true` for this parameter. (default: `false`)
-
-Default value: `false`
-
##### `repository`
Data type: `St2::Repository`
@@ -191,7 +173,7 @@ Data type: `St2::Repository`
Release repository to enable. 'stable', 'unstable'
(default = 'stable')
-Default value: $::st2::params::repository
+Default value: $st2::params::repository
##### `conf_dir`
@@ -199,7 +181,7 @@ Data type: `Any`
The directory where st2 configs are stored
-Default value: $::st2::params::conf_dir
+Default value: $st2::params::conf_dir
##### `conf_file`
@@ -207,7 +189,7 @@ Data type: `Any`
The path where st2 config is stored
-Default value: "${::st2::params::conf_dir}/st2.conf"
+Default value: "${st2::params::conf_dir}/st2.conf"
##### `use_ssl`
@@ -215,7 +197,7 @@ Data type: `Any`
Enable/Disable SSL for all st2 APIs
-Default value: $::st2::params::use_ssl
+Default value: $st2::params::use_ssl
##### `ssl_cert_manage`
@@ -232,7 +214,7 @@ Data type: `Any`
Directory where st2web will look for its SSL info.
(default: /etc/ssl/st2)
-Default value: $::st2::params::ssl_dir
+Default value: $st2::params::ssl_dir
##### `ssl_cert`
@@ -241,7 +223,7 @@ Data type: `Any`
Path to the file where the StackStorm SSL cert will
be generated. (default: /etc/ssl/st2/st2.crt)
-Default value: $::st2::params::ssl_cert
+Default value: $st2::params::ssl_cert
##### `ssl_key`
@@ -250,7 +232,7 @@ Data type: `Any`
Path to the file where the StackStorm SSL key will
be generated. (default: /etc/ssl/st2/st2.key)
-Default value: $::st2::params::ssl_key
+Default value: $st2::params::ssl_key
##### `auth`
@@ -267,7 +249,7 @@ Data type: `Any`
URL where StackStorm auth service will communicate
with the StackStorm API service
-Default value: "http://${::st2::params::hostname}:${::st2::params::api_port}"
+Default value: "http://${st2::params::hostname}:${st2::params::api_port}"
##### `auth_debug`
@@ -283,7 +265,7 @@ Data type: `Any`
Auth mode, either 'standalone' or 'backend (default: 'standalone')
-Default value: $::st2::params::auth_mode
+Default value: $st2::params::auth_mode
##### `auth_backend`
@@ -297,7 +279,7 @@ Available backends:
- mongodb
- pam
-Default value: $::st2::params::auth_backend
+Default value: $st2::params::auth_backend
##### `auth_backend_config`
@@ -309,7 +291,7 @@ for every backend. Please see the corresponding
backend class to determine what the config options
should be.
-Default value: $::st2::params::auth_backend_config
+Default value: $st2::params::auth_backend_config
##### `cli_base_url`
@@ -317,7 +299,7 @@ Data type: `Any`
CLI config - Base URL lives
-Default value: "http://${::st2::params::hostname}"
+Default value: "http://${st2::params::hostname}"
##### `cli_api_version`
@@ -349,7 +331,7 @@ Data type: `Any`
CLI config - Auth Username
-Default value: $::st2::params::admin_username
+Default value: $st2::params::admin_username
##### `cli_password`
@@ -357,7 +339,7 @@ Data type: `Any`
CLI config - Auth Password
-Default value: $::st2::params::admin_password
+Default value: $st2::params::admin_password
##### `cli_api_url`
@@ -365,7 +347,7 @@ Data type: `Any`
CLI config - API URL
-Default value: "http://${::st2::params::hostname}:${::st2::params::api_port}"
+Default value: "http://${st2::params::hostname}:${st2::params::api_port}"
##### `cli_auth_url`
@@ -373,7 +355,7 @@ Data type: `Any`
CLI config - Auth URL
-Default value: "http://${::st2::params::hostname}:${::st2::params::auth_port}"
+Default value: "http://${st2::params::hostname}:${st2::params::auth_port}"
##### `actionrunner_workers`
@@ -381,7 +363,7 @@ Data type: `Any`
Set the number of actionrunner processes to start
-Default value: $::st2::params::actionrunner_workers
+Default value: $st2::params::actionrunner_workers
##### `packs`
@@ -397,7 +379,7 @@ Data type: `Any`
Name of the group that will own the /opt/stackstorm/packs directory (default: st2packs)
-Default value: $::st2::params::packs_group_name
+Default value: $st2::params::packs_group_name
##### `index_url`
@@ -461,7 +443,7 @@ Data type: `Any`
Hostname to talk to st2 db
-Default value: $::st2::params::hostname
+Default value: $st2::params::hostname
##### `db_port`
@@ -469,7 +451,7 @@ Data type: `Any`
Port for db server for st2 to talk to
-Default value: $::st2::params::mongodb_port
+Default value: $st2::params::mongodb_port
##### `db_bind_ips`
@@ -477,7 +459,7 @@ Data type: `Any`
Array of bind IP addresses for MongoDB to listen on
-Default value: $::st2::params::mongodb_bind_ips
+Default value: $st2::params::mongodb_bind_ips
##### `db_name`
@@ -485,7 +467,7 @@ Data type: `Any`
Name of db to connect to (default: 'st2')
-Default value: $::st2::params::mongodb_st2_db
+Default value: $st2::params::mongodb_st2_db
##### `db_username`
@@ -493,7 +475,7 @@ Data type: `Any`
Username to connect to db with (default: 'stackstorm')
-Default value: $::st2::params::mongodb_st2_username
+Default value: $st2::params::mongodb_st2_username
##### `db_password`
@@ -502,7 +484,7 @@ Data type: `Any`
Password for 'admin' and 'stackstorm' users in MongDB.
If 'undef' then use $cli_password
-Default value: $::st2::params::admin_password
+Default value: $st2::params::admin_password
##### `mongodb_version`
@@ -553,7 +535,7 @@ Note: the defaults are setup to restrict to TLSv1.2 and TLSv1.3 secure ciphers o
(secure by default). The secure ciphers for each protocol were obtained via:
@see https://wiki.mozilla.org/Security/Server_Side_TLS
-Default value: $::st2::params::nginx_ssl_ciphers
+Default value: $st2::params::nginx_ssl_ciphers
##### `nginx_ssl_protocols`
@@ -563,7 +545,7 @@ String or list of strings of acceptable SSL protocols to configure nginx with.
@see http://nginx.org/en/docs/http/ngx_http_ssl_module.html
Note: the defaults are setup to restrict to TLSv1.2 and TLSv1.3 only (secure by default)
-Default value: $::st2::params::nginx_ssl_protocols
+Default value: $st2::params::nginx_ssl_protocols
##### `nginx_ssl_port`
@@ -571,7 +553,7 @@ Data type: `Any`
What port should nginx listen on publicly for new connections (default: 443)
-Default value: $::st2::params::nginx_ssl_port
+Default value: $st2::params::nginx_ssl_port
##### `nginx_client_max_body_size`
@@ -582,7 +564,7 @@ We default this to '0' to allow for large messages/payloads/inputs/results
to be passed through nginx as is normal in the StackStorm context.
@see http://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size
-Default value: $::st2::params::nginx_client_max_body_size
+Default value: $st2::params::nginx_client_max_body_size
##### `web_root`
@@ -590,7 +572,7 @@ Data type: `Any`
Directory where the StackStorm WebUI site lives on the filesystem
-Default value: $::st2::params::web_root
+Default value: $st2::params::web_root
##### `timersengine_enabled`
@@ -599,7 +581,7 @@ Data type: `Any`
Set to true if the st2timersengine service should be enabled
on this node (default: true)
-Default value: $::st2::params::timersengine_enabled
+Default value: $st2::params::timersengine_enabled
##### `timersengine_timezone`
@@ -607,7 +589,7 @@ Data type: `Any`
The local timezone for this node. (default: 'America/Los_Angeles')
-Default value: $::st2::params::timersengine_timezone
+Default value: $st2::params::timersengine_timezone
##### `scheduler_sleep_interval`
@@ -616,7 +598,7 @@ Data type: `Any`
How long (in seconds) to sleep between each action
scheduler main loop run interval. (default = 0.1)
-Default value: $::st2::params::scheduler_sleep_interval
+Default value: $st2::params::scheduler_sleep_interval
##### `scheduler_gc_interval`
@@ -625,7 +607,7 @@ Data type: `Any`
How often (in seconds) to look for zombie execution requests
before rescheduling them. (default = 10)
-Default value: $::st2::params::scheduler_gc_interval
+Default value: $st2::params::scheduler_gc_interval
##### `scheduler_pool_size`
@@ -634,7 +616,7 @@ Data type: `Any`
The size of the pool used by the scheduler for scheduling
executions. (default = 10)
-Default value: $::st2::params::scheduler_pool_size
+Default value: $st2::params::scheduler_pool_size
##### `chatops_adapter`
@@ -642,7 +624,7 @@ Data type: `Any`
Adapter package(s) to be installed with npm. List of hashes.
-Default value: $::st2::params::chatops_adapter
+Default value: $st2::params::chatops_adapter
##### `chatops_adapter_conf`
@@ -650,7 +632,7 @@ Data type: `Any`
Configuration parameters for Hubot adapter (hash)
-Default value: $::st2::params::chatops_adapter_conf
+Default value: $st2::params::chatops_adapter_conf
##### `chatops_hubot_log_level`
@@ -658,7 +640,7 @@ Data type: `Any`
Logging level for hubot (string)
-Default value: $::st2::params::hubot_log_level
+Default value: $st2::params::hubot_log_level
##### `chatops_hubot_express_port`
@@ -666,7 +648,7 @@ Data type: `Any`
Port that hubot operates on (integer or string)
-Default value: $::st2::params::hubot_express_port
+Default value: $st2::params::hubot_express_port
##### `chatops_tls_cert_reject_unauthorized`
@@ -675,7 +657,7 @@ Data type: `Any`
Should hubot validate SSL certs
Set to 1 when using self signed certs
-Default value: $::st2::params::tls_cert_reject_unauthorized
+Default value: $st2::params::tls_cert_reject_unauthorized
##### `chatops_hubot_name`
@@ -685,7 +667,7 @@ Name of the bot in chat. Should be
properly quoted if it has special characters,
example: '"MyBot!"'
-Default value: $::st2::params::hubot_name
+Default value: $st2::params::hubot_name
##### `chatops_hubot_alias`
@@ -696,7 +678,7 @@ beginning of a message. Must be properly
quoted of it's a special character,
example: "'!'"
-Default value: $::st2::params::hubot_alias
+Default value: $st2::params::hubot_alias
##### `chatops_api_key`
@@ -719,7 +701,7 @@ API and Auth. If unspecified it will
use the default in /opt/stackstorm/chatops/st2chatops.env
(default: undef)
-Default value: $::st2::params::hostname
+Default value: $st2::params::hostname
##### `chatops_api_url`
@@ -727,7 +709,7 @@ Data type: `Any`
ChatOps config - API URL
-Default value: "https://${::st2::params::hostname}/api"
+Default value: "https://${st2::params::hostname}/api"
##### `chatops_auth_url`
@@ -735,7 +717,7 @@ Data type: `Any`
ChatOps config - Auth URL
-Default value: "https://${::st2::params::hostname}/auth"
+Default value: "https://${st2::params::hostname}/auth"
##### `chatops_web_url`
@@ -791,7 +773,7 @@ Data type: `Any`
-Default value: $::st2::params::datstore_keys_dir
+Default value: $st2::params::datstore_keys_dir
##### `datastore_key_path`
@@ -799,7 +781,7 @@ Data type: `Any`
-Default value: "${::st2::params::datstore_keys_dir}/datastore_key.json"
+Default value: "${st2::params::datstore_keys_dir}/datastore_key.json"
##### `rabbitmq_username`
@@ -807,7 +789,7 @@ Data type: `Any`
-Default value: $::st2::params::rabbitmq_username
+Default value: $st2::params::rabbitmq_username
##### `rabbitmq_password`
@@ -815,7 +797,7 @@ Data type: `Any`
-Default value: $::st2::params::rabbitmq_password
+Default value: $st2::params::rabbitmq_password
##### `rabbitmq_hostname`
@@ -823,7 +805,7 @@ Data type: `Any`
-Default value: $::st2::params::rabbitmq_hostname
+Default value: $st2::params::rabbitmq_hostname
##### `rabbitmq_port`
@@ -831,7 +813,7 @@ Data type: `Any`
-Default value: $::st2::params::rabbitmq_port
+Default value: $st2::params::rabbitmq_port
##### `rabbitmq_bind_ip`
@@ -839,7 +821,7 @@ Data type: `Any`
-Default value: $::st2::params::rabbitmq_bind_ip
+Default value: $st2::params::rabbitmq_bind_ip
##### `rabbitmq_vhost`
@@ -847,7 +829,7 @@ Data type: `Any`
-Default value: $::st2::params::rabbitmq_vhost
+Default value: $st2::params::rabbitmq_vhost
### st2::auth
@@ -914,7 +896,7 @@ Available backends:
* mongodb
* pam
-Default value: $::st2::auth_backend
+Default value: $st2::auth_backend
##### `backend_config`
@@ -924,7 +906,7 @@ Hash of parameters to pass to the backend class when it's instantiated.
This will be different for every backend.
Please see the corresponding backend class to determine what the config options should be.
-Default value: $::st2::auth_backend_config
+Default value: $st2::auth_backend_config
##### `debug`
@@ -932,7 +914,7 @@ Data type: `Any`
Enable Debug (default: false)
-Default value: $::st2::auth_debug
+Default value: $st2::auth_debug
##### `mode`
@@ -940,7 +922,7 @@ Data type: `Any`
Authentication mode, either 'standalone' or 'proxy' (default: standalone)
-Default value: $::st2::auth_mode
+Default value: $st2::auth_mode
##### `use_ssl`
@@ -948,7 +930,7 @@ Data type: `Any`
Enable SSL (default: false)
-Default value: $::st2::use_ssl
+Default value: $st2::use_ssl
##### `ssl_cert`
@@ -956,7 +938,7 @@ Data type: `Any`
Path to SSL Certificate file (default: '/etc/ssl/st2/st2.crt')
-Default value: $::st2::ssl_cert
+Default value: $st2::ssl_cert
##### `ssl_key`
@@ -964,7 +946,7 @@ Data type: `Any`
Path to SSL Key file (default: '/etc/ssl/st2/st2.key')
-Default value: $::st2::ssl_key
+Default value: $st2::ssl_key
### st2::auth::common
@@ -982,7 +964,7 @@ Data type: `Any`
URL to the StackStorm API
-Default value: $::st2::auth_api_url
+Default value: $st2::auth_api_url
##### `conf_file`
@@ -990,7 +972,7 @@ Data type: `Any`
The path where st2 config is stored
-Default value: $::st2::conf_file
+Default value: $st2::conf_file
##### `debug`
@@ -998,7 +980,7 @@ Data type: `Any`
Enable Debug (default: false)
-Default value: $::st2::auth_debug
+Default value: $st2::auth_debug
##### `mode`
@@ -1006,7 +988,7 @@ Data type: `Any`
Authentication mode, either 'standalone' or 'proxy' (default: standalone)
-Default value: $::st2::auth_mode
+Default value: $st2::auth_mode
##### `use_ssl`
@@ -1014,7 +996,7 @@ Data type: `Any`
Enable SSL (default: false)
-Default value: $::st2::use_ssl
+Default value: $st2::use_ssl
##### `ssl_cert`
@@ -1022,7 +1004,7 @@ Data type: `Any`
Path to SSL Certificate file (default: '/etc/ssl/st2/st2.crt')
-Default value: $::st2::ssl_cert
+Default value: $st2::ssl_cert
##### `ssl_key`
@@ -1030,7 +1012,7 @@ Data type: `Any`
Path to SSL Key file (default: '/etc/ssl/st2/st2.key')
-Default value: $::st2::ssl_key
+Default value: $st2::ssl_key
### st2::auth::flat_file
@@ -1067,7 +1049,7 @@ Data type: `Any`
CLI config - Auth Username
-Default value: $::st2::cli_username
+Default value: $st2::cli_username
##### `cli_password`
@@ -1075,7 +1057,7 @@ Data type: `Any`
CLI config - Auth Password
-Default value: $::st2::cli_password
+Default value: $st2::cli_password
##### `conf_file`
@@ -1083,7 +1065,7 @@ Data type: `Any`
The path where st2 config is stored
-Default value: $::st2::conf_file
+Default value: $st2::conf_file
##### `htpasswd_file`
@@ -1091,7 +1073,7 @@ Data type: `Any`
Path to htpasswd file (default: /etc/st2/htpasswd)
-Default value: $::st2::params::auth_htpasswd_file
+Default value: $st2::params::auth_htpasswd_file
### st2::auth::keystone
@@ -1131,7 +1113,7 @@ Data type: `Any`
The path where st2 config is stored
-Default value: $::st2::conf_file
+Default value: $st2::conf_file
##### `keystone_url`
@@ -1200,7 +1182,7 @@ Data type: `Any`
The path where st2 config is stored
-Default value: $::st2::conf_file
+Default value: $st2::conf_file
##### `ldap_uri`
@@ -1322,7 +1304,7 @@ Data type: `Any`
The path where st2 config is stored
-Default value: $::st2::conf_file
+Default value: $st2::conf_file
##### `db_host`
@@ -1330,7 +1312,7 @@ Data type: `Any`
Hostname for the MongoDB server (default: 127.0.0.1)
-Default value: $::st2::db_host
+Default value: $st2::db_host
##### `db_port`
@@ -1338,7 +1320,7 @@ Data type: `Any`
Port for the MongoDB server (default: 27017)
-Default value: $::st2::db_port
+Default value: $st2::db_port
##### `db_name`
@@ -1354,7 +1336,7 @@ Data type: `Any`
Enable authentication with MongoDB (required for MongoDB installs with auth enabled)
-Default value: $::st2::mongodb_auth
+Default value: $st2::mongodb_auth
##### `db_username`
@@ -1362,7 +1344,7 @@ Data type: `Any`
Username for MongoDB login (default: st2auth)
-Default value: $::st2::db_username
+Default value: $st2::db_username
##### `db_password`
@@ -1370,7 +1352,7 @@ Data type: `Any`
Password for MongoDB login (default: st2auth)
-Default value: $::st2::db_password
+Default value: $st2::db_password
### st2::auth::pam
@@ -1408,7 +1390,7 @@ Data type: `Any`
The path where st2 config is stored
-Default value: $::st2::conf_file
+Default value: $st2::conf_file
### st2::kvs
@@ -1493,7 +1475,7 @@ Data type: `Any`
-Default value: $::st2::packs
+Default value: $st2::packs
### st2::params
@@ -1553,7 +1535,7 @@ Default value: 'Ch@ngeMe'
Profile to install and configure chatops for st2
* **Note** This class doesn't need to be invoked directly, instead it's best to customize
-it through the main +::st2+ class
+it through the main +st2+ class
#### Examples
@@ -1592,7 +1574,7 @@ Data type: `Any`
Version of the st2chatops package to install
-Default value: $::st2::version
+Default value: $st2::version
##### `hubot_log_level`
@@ -1600,7 +1582,7 @@ Data type: `Any`
Hubot log level
-Default value: $::st2::chatops_hubot_log_level
+Default value: $st2::chatops_hubot_log_level
##### `hubot_express_port`
@@ -1608,7 +1590,7 @@ Data type: `Any`
Express port hubot listens to
-Default value: $::st2::chatops_hubot_express_port
+Default value: $st2::chatops_hubot_express_port
##### `tls_cert_reject_unauthorized`
@@ -1616,7 +1598,7 @@ Data type: `Any`
Set to 1 when using self signed certs
-Default value: $::st2::chatops_tls_cert_reject_unauthorized
+Default value: $st2::chatops_tls_cert_reject_unauthorized
##### `hubot_name`
@@ -1625,7 +1607,7 @@ Data type: `Any`
Name of the bot in chat. Should be properly quoted if it has special characters,
example: '"MyBot!"'
-Default value: $::st2::chatops_hubot_name
+Default value: $st2::chatops_hubot_name
##### `hubot_alias`
@@ -1634,7 +1616,7 @@ Data type: `Any`
Character to trigger the bot at the beginning of a message. Must be properly
quoted of it's a special character, example: "'!'"
-Default value: $::st2::chatops_hubot_alias
+Default value: $st2::chatops_hubot_alias
##### `npm_packages`
@@ -1642,7 +1624,7 @@ Data type: `Any`
NodeJS packages to be installed (usually a hubot adapter)
-Default value: $::st2::chatops_adapter
+Default value: $st2::chatops_adapter
##### `adapter_config`
@@ -1650,7 +1632,7 @@ Data type: `Any`
Configuration parameters for Hubot adapter (hash)
-Default value: $::st2::chatops_adapter_conf
+Default value: $st2::chatops_adapter_conf
##### `api_key`
@@ -1659,7 +1641,7 @@ Data type: `Any`
API key generated by st2 apikey create that hubot will use to post data back
to StackStorm.
-Default value: $::st2::chatops_api_key
+Default value: $st2::chatops_api_key
##### `st2_hostname`
@@ -1668,7 +1650,7 @@ Data type: `Any`
Hostname of the StackStorm instance that chatops will connect to for API and Auth.
If unspecified it will use the default in /opt/stackstorm/chatops/st2chatops.env
-Default value: $::st2::chatops_st2_hostname
+Default value: $st2::chatops_st2_hostname
##### `web_url`
@@ -1677,7 +1659,7 @@ Data type: `Any`
Public URL of StackStorm instance. Used by chatops to offer links to execution details in a chat.
If unspecified it will use the default in /opt/stackstorm/chatops/st2chatops.env
-Default value: $::st2::chatops_web_url
+Default value: $st2::chatops_web_url
##### `api_url`
@@ -1685,7 +1667,7 @@ Data type: `Any`
URL of the StackStorm API service
-Default value: $::st2::chatops_api_url
+Default value: $st2::chatops_api_url
##### `auth_url`
@@ -1693,7 +1675,7 @@ Data type: `Any`
URL of the StackStorm Auth service
-Default value: $::st2::chatops_auth_url
+Default value: $st2::chatops_auth_url
##### `auth_username`
@@ -1702,7 +1684,7 @@ Data type: `Any`
StackStorm auth Username for ChatOps to communicate back with StackStorm.
Used if +api_key+ is not specified (optional)
-Default value: $::st2::cli_username
+Default value: $st2::cli_username
##### `auth_password`
@@ -1711,7 +1693,7 @@ Data type: `Any`
StackStorm auth Password for ChatOps to communicate back with StackStorm.
Used if +api_key+ is not specified (optional)
-Default value: $::st2::cli_password
+Default value: $st2::cli_password
### st2::profile::client
@@ -1735,7 +1717,7 @@ Data type: `Any`
Is auth enabled or not.
-Default value: $::st2::auth
+Default value: $st2::auth
##### `api_url`
@@ -1743,7 +1725,7 @@ Data type: `Any`
URL of the StackStorm API service
-Default value: $::st2::cli_api_url
+Default value: $st2::cli_api_url
##### `auth_url`
@@ -1751,7 +1733,7 @@ Data type: `Any`
URL of the StackStorm Auth service
-Default value: $::st2::cli_auth_url
+Default value: $st2::cli_auth_url
##### `base_url`
@@ -1759,7 +1741,7 @@ Data type: `Any`
Base URL for other StackStorm services
-Default value: $::st2::cli_base_url
+Default value: $st2::cli_base_url
##### `username`
@@ -1767,7 +1749,7 @@ Data type: `Any`
Username for auth on the CLI
-Default value: $::st2::cli_username
+Default value: $st2::cli_username
##### `password`
@@ -1775,7 +1757,7 @@ Data type: `Any`
Password for auth on the CLI
-Default value: $::st2::cli_password
+Default value: $st2::cli_password
##### `api_version`
@@ -1783,7 +1765,7 @@ Data type: `Any`
Version of the StackStorm API
-Default value: $::st2::cli_api_version
+Default value: $st2::cli_api_version
##### `cacert`
@@ -1791,7 +1773,7 @@ Data type: `Any`
Path to the SSL CA certficate for the StackStorm services
-Default value: $::st2::cli_cacert
+Default value: $st2::cli_cacert
##### `debug`
@@ -1799,7 +1781,7 @@ Data type: `Any`
Enable debug mode
-Default value: $::st2::cli_debug
+Default value: $st2::cli_debug
##### `cache_token`
@@ -1807,7 +1789,7 @@ Data type: `Any`
Enable cacheing authentication tokens until they expire
-Default value: $::st2::cli_cache_token
+Default value: $st2::cli_cache_token
##### `silence_ssl_warnings`
@@ -1815,7 +1797,7 @@ Data type: `Any`
Enable silencing SSL warnings for self-signed certs
-Default value: $::st2::cli_silence_ssl_warnings
+Default value: $st2::cli_silence_ssl_warnings
### st2::profile::facter
@@ -1979,7 +1961,7 @@ Data type: `Any`
Set this to false when you have your own repository for nginx
-Default value: $::st2::nginx_manage_repo
+Default value: $st2::nginx_manage_repo
### st2::profile::nodejs
@@ -2013,15 +1995,15 @@ Data type: `Any`
Set this to false when you have your own repositories for NodeJS.
-Default value: $::st2::nodejs_manage_repo
+Default value: $st2::nodejs_manage_repo
##### `version`
Data type: `Any`
-Version of NodeJS to install. If not provided it will be auto-calcuated based on $::st2::version
+Version of NodeJS to install. If not provided it will be auto-calcuated based on $st2::version
-Default value: $::st2::nodejs_version
+Default value: $st2::nodejs_version
### st2::profile::python
@@ -2044,7 +2026,6 @@ $st2_python_version = $facts['os']['family'] ? {
}
class { 'st2':
python_version => $st2_python_version,
- python_enable_unsafe_repo => true,
}
```
@@ -2063,23 +2044,6 @@ To install Python 3.6 on Ubuntu 16.05 specify 'python3.6'.
Default value: $st2::python_version
-##### `enable_unsafe_repo`
-
-Data type: `Boolean`
-
-The python3.6 package is a required dependency for the StackStorm `st2` package
-but that is not installable from any of the default Ubuntu 16.04 repositories.
-We recommend switching to Ubuntu 18.04 LTS (Bionic) as a base OS. Support for
-Ubuntu 16.04 will be removed with future StackStorm versions.
-Alternatively the Puppet will try to add python3.6 from the 3rd party 'deadsnakes' repository: https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa.
-Only set to true, if you are aware of the support and security risks associated
-with using unofficial 3rd party PPA repository, and you understand that StackStorm
-does NOT provide ANY support for python3.6 packages on Ubuntu 16.04.
-The unsafe PPA `'ppa:deadsnakes/ppa'` https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa
-can be enabled if you specify `true` for this parameter. (default: `false`)
-
-Default value: $st2::python_enable_unsafe_repo
-
### st2::profile::rabbitmq
StackStorm compatable installation of RabbitMQ and dependencies.
@@ -2112,7 +2076,7 @@ Data type: `Any`
User to create within RabbitMQ for authentication.
-Default value: $::st2::rabbitmq_username
+Default value: $st2::rabbitmq_username
##### `password`
@@ -2120,7 +2084,7 @@ Data type: `Any`
Password of +username+ for RabbitMQ authentication.
-Default value: $::st2::rabbitmq_password
+Default value: $st2::rabbitmq_password
##### `port`
@@ -2128,7 +2092,7 @@ Data type: `Any`
Port to bind to for the RabbitMQ server
-Default value: $::st2::rabbitmq_port
+Default value: $st2::rabbitmq_port
##### `bind_ip`
@@ -2136,7 +2100,7 @@ Data type: `Any`
IP address to bind to for the RabbitMQ server
-Default value: $::st2::rabbitmq_bind_ip
+Default value: $st2::rabbitmq_bind_ip
##### `vhost`
@@ -2144,7 +2108,7 @@ Data type: `Any`
RabbitMQ virtual host to create for StackStorm
-Default value: $::st2::rabbitmq_vhost
+Default value: $st2::rabbitmq_vhost
### st2::profile::selinux
@@ -2180,7 +2144,7 @@ Data type: `Any`
Version of StackStorm to install
-Default value: $::st2::version
+Default value: $st2::version
##### `conf_dir`
@@ -2188,7 +2152,7 @@ Data type: `Any`
The directory where st2 configs are stored
-Default value: $::st2::conf_dir
+Default value: $st2::conf_dir
##### `conf_file`
@@ -2196,7 +2160,7 @@ Data type: `Any`
The path where st2 config is stored
-Default value: $::st2::conf_file
+Default value: $st2::conf_file
##### `auth`
@@ -2204,7 +2168,7 @@ Data type: `Any`
Toggle Auth
-Default value: $::st2::auth
+Default value: $st2::auth
##### `actionrunner_workers`
@@ -2212,7 +2176,7 @@ Data type: `Any`
Set the number of actionrunner processes to start
-Default value: $::st2::actionrunner_workers
+Default value: $st2::actionrunner_workers
##### `st2api_listen_ip`
@@ -2252,7 +2216,7 @@ Data type: `Any`
Routes all log messages to syslog
-Default value: $::st2::syslog
+Default value: $st2::syslog
##### `syslog_host`
@@ -2260,7 +2224,7 @@ Data type: `Any`
Syslog host.
-Default value: $::st2::syslog_host
+Default value: $st2::syslog_host
##### `syslog_protocol`
@@ -2268,7 +2232,7 @@ Data type: `Any`
Syslog protocol.
-Default value: $::st2::syslog_protocol
+Default value: $st2::syslog_protocol
##### `syslog_port`
@@ -2276,7 +2240,7 @@ Data type: `Any`
Syslog port.
-Default value: $::st2::syslog_port
+Default value: $st2::syslog_port
##### `syslog_facility`
@@ -2284,7 +2248,7 @@ Data type: `Any`
Syslog facility.
-Default value: $::st2::syslog_facility
+Default value: $st2::syslog_facility
##### `ssh_key_location`
@@ -2292,7 +2256,7 @@ Data type: `Any`
Location on filesystem of Admin SSH key for remote runner
-Default value: $::st2::ssh_key_location
+Default value: $st2::ssh_key_location
##### `db_username`
@@ -2300,7 +2264,7 @@ Data type: `Any`
Username to connect to MongoDB with (default: 'stackstorm')
-Default value: $::st2::db_username
+Default value: $st2::db_username
##### `db_password`
@@ -2308,7 +2272,7 @@ Data type: `Any`
Password for 'stackstorm' user in MongDB.
-Default value: $::st2::db_password
+Default value: $st2::db_password
##### `index_url`
@@ -2316,7 +2280,7 @@ Data type: `Any`
Url to the StackStorm Exchange index file. (default undef)
-Default value: $::st2::index_url
+Default value: $st2::index_url
##### `ng_init`
@@ -2324,7 +2288,7 @@ Data type: `Any`
-Default value: $::st2::ng_init
+Default value: $st2::ng_init
##### `rabbitmq_username`
@@ -2332,7 +2296,7 @@ Data type: `Any`
-Default value: $::st2::rabbitmq_username
+Default value: $st2::rabbitmq_username
##### `rabbitmq_password`
@@ -2340,7 +2304,7 @@ Data type: `Any`
-Default value: $::st2::rabbitmq_password
+Default value: $st2::rabbitmq_password
##### `rabbitmq_hostname`
@@ -2348,7 +2312,7 @@ Data type: `Any`
-Default value: $::st2::rabbitmq_hostname
+Default value: $st2::rabbitmq_hostname
##### `rabbitmq_port`
@@ -2356,7 +2320,7 @@ Data type: `Any`
-Default value: $::st2::rabbitmq_port
+Default value: $st2::rabbitmq_port
##### `rabbitmq_vhost`
@@ -2364,7 +2328,7 @@ Data type: `Any`
-Default value: $::st2::rabbitmq_vhost
+Default value: $st2::rabbitmq_vhost
##### `packs_group`
@@ -2372,7 +2336,7 @@ Data type: `Any`
-Default value: $::st2::packs_group_name
+Default value: $st2::packs_group_name
### st2::profile::web
@@ -2429,7 +2393,7 @@ Note: the defaults are setup to restrict to TLSv1.2 and TLSv1.3 secure ciphers o
(secure by default). The secure ciphers for each protocol were obtained via:
@see https://wiki.mozilla.org/Security/Server_Side_TLS
-Default value: $::st2::nginx_ssl_ciphers
+Default value: $st2::nginx_ssl_ciphers
##### `nginx_ssl_protocols`
@@ -2439,7 +2403,7 @@ String or list of strings of acceptable SSL protocols to configure nginx with.
@see http://nginx.org/en/docs/http/ngx_http_ssl_module.html
Note: the defaults are setup to restrict to TLSv1.2 and TLSv1.3 only (secure by default)
-Default value: $::st2::nginx_ssl_protocols
+Default value: $st2::nginx_ssl_protocols
##### `nginx_ssl_port`
@@ -2447,7 +2411,7 @@ Data type: `Stdlib::Port`
What port should nginx listen on publicly for new connections (default: 443)
-Default value: $::st2::nginx_ssl_port
+Default value: $st2::nginx_ssl_port
##### `nginx_client_max_body_size`
@@ -2458,7 +2422,7 @@ We default this to '0' to allow for large messages/payloads/inputs/results
to be passed through nginx as is normal in the StackStorm context.
@see http://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size
-Default value: $::st2::nginx_client_max_body_size
+Default value: $st2::nginx_client_max_body_size
##### `ssl_cert_manage`
@@ -2466,7 +2430,7 @@ Data type: `Boolean`
Boolean to determine if this module should manage the SSL certificate used by nginx.
-Default value: $::st2::ssl_cert_manage
+Default value: $st2::ssl_cert_manage
##### `ssl_dir`
@@ -2475,7 +2439,7 @@ Data type: `Stdlib::Absolutepath`
Directory where st2web will look for its SSL info.
(default: /etc/ssl/st2)
-Default value: $::st2::ssl_dir
+Default value: $st2::ssl_dir
##### `ssl_cert`
@@ -2484,7 +2448,7 @@ Data type: `String`
Path to the file where the StackStorm SSL cert will
be generated. (default: /etc/ssl/st2/st2.crt)
-Default value: $::st2::ssl_cert
+Default value: $st2::ssl_cert
##### `ssl_key`
@@ -2493,7 +2457,7 @@ Data type: `String`
Path to the file where the StackStorm SSL key will
be generated. (default: /etc/ssl/st2/st2.key)
-Default value: $::st2::ssl_key
+Default value: $st2::ssl_key
##### `version`
@@ -2501,7 +2465,7 @@ Data type: `String`
Version of StackStorm WebUI to install
-Default value: $::st2::version
+Default value: $st2::version
##### `web_root`
@@ -2509,7 +2473,7 @@ Data type: `String`
Directory where the StackStorm WebUI site lives on the filesystem
-Default value: $::st2::web_root
+Default value: $st2::web_root
### st2::repo
@@ -2596,7 +2560,7 @@ Data type: `Any`
How long (in seconds) to sleep between each action scheduler main loop run interval.
-Default value: $::st2::scheduler_sleep_interval
+Default value: $st2::scheduler_sleep_interval
##### `gc_interval`
@@ -2604,7 +2568,7 @@ Data type: `Any`
How often (in seconds) to look for zombie execution requests before rescheduling them.
-Default value: $::st2::scheduler_gc_interval
+Default value: $st2::scheduler_gc_interval
##### `pool_size`
@@ -2612,7 +2576,7 @@ Data type: `Any`
The size of the pool used by the scheduler for scheduling executions.
-Default value: $::st2::scheduler_pool_size
+Default value: $st2::scheduler_pool_size
### st2::server::datastore_keys
@@ -2645,7 +2609,7 @@ Data type: `Any`
The path where st2 config is stored
-Default value: $::st2::conf_file
+Default value: $st2::conf_file
##### `keys_dir`
@@ -2653,7 +2617,7 @@ Data type: `Any`
The directory where the datastore keys will be stored
-Default value: $::st2::datastore_keys_dir
+Default value: $st2::datastore_keys_dir
##### `key_path`
@@ -2661,7 +2625,7 @@ Data type: `Any`
Path to the key file
-Default value: $::st2::datastore_key_path
+Default value: $st2::datastore_key_path
### st2::stanley
@@ -2776,7 +2740,7 @@ Data type: `Any`
Specify to enable timer service.
-Default value: $::st2::timersengine_enabled
+Default value: $st2::timersengine_enabled
##### `timezone`
@@ -2784,7 +2748,7 @@ Data type: `Any`
Timezone pertaining to the location where st2 is run.
-Default value: $::st2::timersengine_timezone
+Default value: $st2::timersengine_timezone
### st2::workflowengine
@@ -2889,7 +2853,7 @@ Data type: `Any`
Is auth enabled or not.
-Default value: $::st2::auth
+Default value: $st2::auth
##### `api_url`
@@ -2897,7 +2861,7 @@ Data type: `Any`
URL of the StackStorm API service
-Default value: $::st2::cli_api_url
+Default value: $st2::cli_api_url
##### `auth_url`
@@ -2905,7 +2869,7 @@ Data type: `Any`
URL of the StackStorm Auth service
-Default value: $::st2::cli_auth_url
+Default value: $st2::cli_auth_url
##### `base_url`
@@ -2913,7 +2877,7 @@ Data type: `Any`
Base URL for other StackStorm services
-Default value: $::st2::cli_base_url
+Default value: $st2::cli_base_url
##### `username`
@@ -2921,7 +2885,7 @@ Data type: `Any`
Username for auth on the CLI
-Default value: $::st2::cli_username
+Default value: $st2::cli_username
##### `password`
@@ -2929,7 +2893,7 @@ Data type: `Any`
Password for auth on the CLI
-Default value: $::st2::cli_password
+Default value: $st2::cli_password
##### `disable_credentials`
@@ -2945,7 +2909,7 @@ Data type: `Any`
Version of the StackStorm API
-Default value: $::st2::cli_api_version
+Default value: $st2::cli_api_version
##### `cacert`
@@ -2953,7 +2917,7 @@ Data type: `Any`
Path to the SSL CA certficate for the StackStorm services
-Default value: $::st2::cli_cacert
+Default value: $st2::cli_cacert
##### `debug`
@@ -2961,7 +2925,7 @@ Data type: `Any`
Enable debug mode
-Default value: $::st2::cli_debug
+Default value: $st2::cli_debug
##### `cache_token`
@@ -2969,7 +2933,7 @@ Data type: `Any`
Enable cacheing authentication tokens until they expire
-Default value: $::st2::cli_cache_token
+Default value: $st2::cli_cache_token
##### `silence_ssl_warnings`
@@ -2977,7 +2941,7 @@ Data type: `Any`
Enable silencing SSL warnings for self-signed certs
-Default value: $::st2::cli_silence_ssl_warnings
+Default value: $st2::cli_silence_ssl_warnings
### st2::kv
@@ -3296,15 +3260,15 @@ Raw URL data to encode
Type: Puppet Language
Determines if the StackStorm version installed on the system $facts['st2_version']
-or the version requested by the user $::st2::version is greater than or equal
+or the version requested by the user $st2::version is greater than or equal
to $version.
This is used to determine if this Puppet module should enable features for managing
specific versions of StackStorm. Older versions of StackStorm will not have new features
and we don't want this module to try and manage them if they're not present on the system.
-Users who have old version of StackStorm installed may have $::st2::version = 'present'
-or $::st2::version = 'installed'. In this case, we don't want to assume the user
+Users who have old version of StackStorm installed may have $st2::version = 'present'
+or $st2::version = 'installed'. In this case, we don't want to assume the user
has a new version of StackStorm or wants to upgrade. Instead, we should assume that
this the installed version of StackStorm is the version we should be using to compare.
@@ -3321,19 +3285,19 @@ if st2::version_ge('2.4.0') {
#### `st2::version_ge(String $version)`
Determines if the StackStorm version installed on the system $facts['st2_version']
-or the version requested by the user $::st2::version is greater than or equal
+or the version requested by the user $st2::version is greater than or equal
to $version.
This is used to determine if this Puppet module should enable features for managing
specific versions of StackStorm. Older versions of StackStorm will not have new features
and we don't want this module to try and manage them if they're not present on the system.
-Users who have old version of StackStorm installed may have $::st2::version = 'present'
-or $::st2::version = 'installed'. In this case, we don't want to assume the user
+Users who have old version of StackStorm installed may have $st2::version = 'present'
+or $st2::version = 'installed'. In this case, we don't want to assume the user
has a new version of StackStorm or wants to upgrade. Instead, we should assume that
this the installed version of StackStorm is the version we should be using to compare.
-Returns: `Boolean` True if the StackStorm version on the system or $::st2::version is
+Returns: `Boolean` True if the StackStorm version on the system or $st2::version is
>= to the +version+ parameter.
##### Examples
diff --git a/Vagrantfile b/Vagrantfile
index 2ec2a855..66ccdac9 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -32,8 +32,8 @@
# # Python 3 testing
# # CentOS/RHEL
# echo -e "class { 'st2': python_version => '3.6' }\n include st2::profile::fullinstall" > apply.pp
-# # Ubuntu 16.04
-# echo -e "class { 'st2': python_version => 'python3.6', python_enable_unsafe_repo => true }\n include st2::profile::fullinstall" > apply.pp
+# # Ubuntu 18.04 +
+# echo -e "class { 'st2': python_version => 'python3.6' }\n include st2::profile::fullinstall" > apply.pp
#
# chmod 440 -R /etc/sudoers.d; puppet apply apply.pp; chmod 755 -R /etc/sudoers.d
#
@@ -45,6 +45,7 @@
# vagrant ssh
# sudo su -
# vi /etc/puppetlabs/code/modules/mongodb/manifests/repo.pp
+# '4.4' => '20691EEC35216C63CAF66CE1656408E390CFB1F5',
# '4.2' => 'E162F504A20CDF15827F718D4B7C549A058F8B6B',
# '4.0' => '9DA31620334BD75D9DCB49F368818C72E52529D4',
#
@@ -64,8 +65,8 @@ provider = provider.to_sym
box = ENV['BOX'] ? ENV['BOX'] : 'centos/7'
#box = ENV['BOX'] ? ENV['BOX'] : 'centos/8stream'
#box = ENV['BOX'] ? ENV['BOX'] : 'generic/centos8'
-#box = ENV['BOX'] ? ENV['BOX'] : 'generic/ubuntu1604'
#box = ENV['BOX'] ? ENV['BOX'] : 'generic/ubuntu1804'
+#box = ENV['BOX'] ? ENV['BOX'] : 'generic/ubuntu2004'
# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
VAGRANTFILE_API_VERSION = "2"
diff --git a/build/README.md b/build/README.md
index 9ff9c4ef..79bc6c00 100644
--- a/build/README.md
+++ b/build/README.md
@@ -1,6 +1,6 @@
# Build System
-The build system is based on Docker and is executed in two phases: unit testing
+The build system is based on Docker and is executed in two phases: unit testing
and integration testing.
Unit testing and integration testing occur in their own separate containers.
@@ -11,7 +11,6 @@ some component of the unit testing system that affects the integration testing
system. These types of conflicts plauged us previously and this new model
has made the testing system much more robust and less painful.
-
## Directory Structure
From the root of this repo:
@@ -19,40 +18,49 @@ From the root of this repo:
``` shell
.fixtures.yml # file contains modules for puppet_spec_helper used during unit testing
.kitchen.yml # test-kitchen file describing our integration testing setups
-.travis.yml # details our travis build matrix, this configures the "base" system
build/ # contains all build files
build/README.md # this file
build/kitchen # Files needed to setup the build environment for test-kitchen
build/kitchen/Gemfile # Gems that need to be installed for our test-kitchen build
build/scripts # directory containing scripts that execute the tests
+# below are the scripts used in our build environment
+build/scripts/ci_docker_clean_all.sh
+build/scripts/ci_docker_clean.sh
+build/scripts/ci_docker_integration.sh
build/scripts/ci_docker_unit.sh # Executes our unit tests and integration test in Docker
-build/centos6 # Files needed for the RHEL/CentOS 6 test environemnt
-build/centos7 # Files needed for the RHEL/CentOS 7 test environemnt
-build/puppet4 # Files needed for the Puppet 4 test environemnt
-build/puppet5 # Files needed for the Puppet 5 test environemnt
-build/ubuntu14 # Files needed for the Ubuntu 14.04 test environemnt
-build/ubuntu15 # Files needed for the Ubuntu 16.06 test environemnt
+build/scripts/ci_docker.sh
+build/scripts/ci_docs_generate.sh
+build/scripts/ci_install.sh
+build/scripts/ci_pdk_unit.sh
+build/scripts/ci.sh
+build/scripts/install_puppet.sh
+# below are the test environments we currently use
+build/centos7-puppet6 # Files needed for the RHEL/CentOS 7 test environemnt on puppet 6
+build/centos7-puppet7 # Files needed for the RHEL/CentOS 7 test environemnt on puppet 7
+build/ubuntu18-puppet6 # Files needed for the Ubuntu 18.04 test environemnt on puppet 6
+build/ubuntu18-puppet7 # Files needed for the Ubuntu 18.04 test environemnt on puppet 7
+build/ubuntu20-puppet6 # Files needed for the Ubuntu 20.04 test environemnt on puppet 6
+build/ubuntu20-puppet7 # Files needed for the Ubuntu 20.04 test environemnt on puppet 7
# below are files in each of the environments above
build//Dockerfile # Dockerfile for unit testing
build//Dockerfile,kitchen # Dockerfile for test-kitchen integration testing
-build//Gemfile # Gems to install in the Docker container for unit testing
-build//Gemfile.lock # Bundler Gemfile.lock of the last "known good" run
build//Puppetfile # Puppet modules to install for test-kitchen integration testing
```
-## Travis
+## Github Actions
-The travis build checks out the `puppet-st2` repo and reads the file `.travis.yml`.
+The current CI/CD pipeline is setup with Github Actions in `.github/workflows/build.yaml`
This file details how to setup the test machine (see `matrix` section) and
-which tests to run (see `script` section.
+which tests to run (see `script`) section.
We have two requirements for the testing environment:
- * Docker must be running, so we specify `services: docker`
- * Ruby must be installed so we can setup `test-kitchen`
-
-For each build in the matrix we tell Travis which version of Ruby to use.
+
+* Docker must be running, which is handled by Github Actions
+* Ruby must be installed on step "Setup Ruby" so we can setup `test-kitchen` - we use 2.5 for puppet 6 and 2.7 for other testing
+
+For each build in the matrix we tell CI which version of Ruby to use.
Since the unit testing is done in a container, we use the same version for all
-builds. We also specify a Gemfile and Travis is smart enough to take this
+builds. We also specify a Gemfile and CI is smart enough to take this
and use bundler to install all of the gems.
Even though our builds run in containers this Gemfile step is required because
@@ -61,21 +69,18 @@ machine.
After the machine is setup the `script:` is executed: `build/scripts/ci_docker_unit.sh`.
We have several commands we run for our testing. Instead of specify them in
-the list for `script:` in the `.travis.yml` we moved them into the shell script.
-We do this because Travis will not stop on failures if you specify more than
-one option in the `script:` list.
+the list for `script:` in the config file we moved them into the shell script.
Up next we'll detail what's going on in our build script.
-
## Build Script
The build script is pretty straight forward, performing the following steps:
- * Build the docker container using Dockerfile: `build//Dockerfile`
- * Run the docker container
- * Execute unit tests in the container
- * Execute integration tests in another container
+* Build the docker container using Dockerfile: `build//Dockerfile`
+* Run the docker container
+* Execute unit tests in the container
+* Execute integration tests in another container
## Unit Testing
@@ -84,44 +89,53 @@ This Dockerfile installs an isolated Ruby environment, gems from `build//Ge
along with Puppet from various sources depending on the environment.
After the environment is boot strapped we execute the following tests:
- * Validation of erb and metadata file using `puppet-lint` and `metadata-json-lint`
- * Linting of manifest files (*.pp) using `puppet-lint`
- * Unit testing using `rspec` and `puppet-rspec`
-All of these tests happen inside the container.
+* Validation of erb and metadata file using `puppet-lint` and `metadata-json-lint`
+* Linting of manifest files (*.pp) using `puppet-lint`
+* Unit testing using `rspec` and `puppet-rspec`
+
+Unit testing consists of the following steps currently
+
+* rubocop syntax lint metadata_lint checks (ruby 2.7 + puppet 7)
+* unit tests for puppet 6 (ruby 2.5 + puppet 6)
+* unit tests for puppet 7 (ruby 2.7 + puppet 7)
+* documentation check (ruby 2.7 + puppet 7)
+
+The environment (ruby and puppet) is defined the in matrix and setup in the build steps based on those values.
+All of these tests happen inside the runner container.
## Integration Testing
Integration testing is performed by the `test-kitchen` (aka `kitchen`) system.
The testing environment setup requirements are:
- * Install Ruby (we use 2.4)
- * Install the gems in `build/kitchen/Gemfile`
- * Install Docker and have the daemon running
+
+* Install Ruby (we use 2.7)
+* Install the gems in `build/kitchen/Gemfile`
+* Install Docker and have the daemon running
Once the environment is bootstrapped `kitchen` is executed from within the
`build/scripts/ci_docker_unit.sh` with the bundler command.
The `kitchen` configuration can be found in the `.kitchen.yml` file.
-`kitchen` has its own terminology (reference:
+`kitchen` has its own terminology (reference:
[https://docs.chef.io/config_yml_kitchen.html](https://docs.chef.io/config_yml_kitchen.html) ) :
- * `driver` : What will be used to create a resource to test in our case this
+* `driver` : What will be used to create a resource to test in our case this
is `docker` that creates a new Docker container.
- * `transport` : What method will be used to copy files into the resource
+* `transport` : What method will be used to copy files into the resource
created by the `driver`. In our case we use `sftp` (faster than default `transport`).
- * `provisioner` : This executes the test from within the `driver` resource. In our
- case this is the `puppet_apply` provisioner which executes `puppet apply` within
+* `provisioner` : This executes the test from within the `driver` resource. In our
+ case this is the `puppet_apply` provisioner which executes `puppet apply` within
the container.
- * `platforms` : This is the test matrix. It enumerates the different OS's we're
+* `platforms` : This is the test matrix. It enumerates the different OS's we're
going to test, what Dockerfile to use for each OS, along with which `Puppetfile`
to use for that OS. The `Puppetfile` is different for each OS because different
modules versions are required for different old versions of `puppet` and `ruby`.
- * `suites` : Our test suite. In our case this is just `default`
-
+* `suites` : Our test suite. In our case this is just `default`
## Testing environment setup
-The following will install ruby 2.4 for testing purposes, then execute
+The following will install ruby 2.7 for testing purposes, then execute
all of the unit tests (rspec), execution tests (kitchen) and integration tests
(InSpec).
@@ -138,8 +152,19 @@ mkdir -p "$(rbenv root)"/plugins
git clone https://github.com/rbenv/ruby-build.git "$(rbenv root)"/plugins/ruby-build
# install a modern version of ruby
-rbenv install 2.4.4
+rbenv install 2.7
# set the version of ruby in the current shell
-rbenv shell 2.4.4
+rbenv shell 2.7
+```
+
+## Running tests locally
+
+It is possible to run the kitchen test suite locally once all the dependencies have been installed.
+Please note that kitchen will require (sudo-less) access to docker to run the tests on your machine.
+
+```shell
+export BUNDLE_GEMFILE=build/kitchen/Gemfilebundle config --local path /tmp/puppet-st2/build/kitchen/vendor/cache
+bundle install
+bundle exec kitchen test --debug
```
diff --git a/build/kitchen/Gemfile b/build/kitchen/Gemfile
index 3bb16114..12b78c4b 100644
--- a/build/kitchen/Gemfile
+++ b/build/kitchen/Gemfile
@@ -14,7 +14,7 @@ gem 'mixlib-shellout'
gem 'nokogiri'
gem 'public_suffix'
gem 'puppet'
-gem 'r10k'
+gem 'r10k', '~> 3.9.0'
gem 'semverse'
gem 'test-kitchen'
# hard code to 3.2.0 because sudo bugs: https://github.com/inspec/train/issues/548
diff --git a/build/scripts/install_puppet.sh b/build/scripts/install_puppet.sh
index e3c4a8cc..53603f74 100755
--- a/build/scripts/install_puppet.sh
+++ b/build/scripts/install_puppet.sh
@@ -12,7 +12,7 @@ sudo yum -y install git
# Install puppet module dependencies
sudo -i bash -c "pushd /vagrant/build/centos7-puppet6 && /opt/puppetlabs/puppet/bin/librarian-puppet install --verbose --path=/etc/puppetlabs/code/modules"
-# Create symlink for the st2/ puppet module in the Pupept code directory.
+# Create symlink for the st2/ puppet module in the Puppet code directory.
# This allows us to make changes locally, outside of the VM then automatically available
# within the VM so you can run `puppet agent -t` and it will just work!
#
diff --git a/build/ubuntu18-puppet6/Dockerfile.kitchen b/build/ubuntu18-puppet6/Dockerfile.kitchen
index 967f0074..2d30e34c 100644
--- a/build/ubuntu18-puppet6/Dockerfile.kitchen
+++ b/build/ubuntu18-puppet6/Dockerfile.kitchen
@@ -18,6 +18,9 @@ RUN echo '<%= IO.read(@public_key).strip %>' >> /home/<%= @username %>/.ssh/auth
# update OS
RUN sudo apt-get -y update
+# Install utilities to add apt repos
+RUN sudo apt-get -y install software-properties-common
+
# install puppet
# https://puppet.com/docs/puppet/6.0/puppet_platform.html
RUN wget https://apt.puppetlabs.com/puppet6-release-bionic.deb
diff --git a/build/ubuntu18-puppet7/Dockerfile.kitchen b/build/ubuntu18-puppet7/Dockerfile.kitchen
index a21d7a71..19d914e7 100644
--- a/build/ubuntu18-puppet7/Dockerfile.kitchen
+++ b/build/ubuntu18-puppet7/Dockerfile.kitchen
@@ -18,6 +18,9 @@ RUN echo '<%= IO.read(@public_key).strip %>' >> /home/<%= @username %>/.ssh/auth
# update OS
RUN sudo apt-get -y update
+# Install utilities to add apt repos
+RUN sudo apt-get -y install software-properties-common
+
# install puppet
# https://puppet.com/docs/puppet/7.0/puppet_platform.html
RUN wget https://apt.puppetlabs.com/puppet7-release-bionic.deb
diff --git a/build/ubuntu16-puppet6/Dockerfile.kitchen b/build/ubuntu20-puppet6/Dockerfile.kitchen
similarity index 77%
rename from build/ubuntu16-puppet6/Dockerfile.kitchen
rename to build/ubuntu20-puppet6/Dockerfile.kitchen
index 18e3065d..d6f17795 100644
--- a/build/ubuntu16-puppet6/Dockerfile.kitchen
+++ b/build/ubuntu20-puppet6/Dockerfile.kitchen
@@ -1,7 +1,7 @@
# usage (from the root of the puppet-st2/ directory):
-# docker build -t stackstorm/puppet-st2-ubuntu16-puppet6 -f build/ubuntu16-puppet6/Dockerfile.kitchen .
+# docker build -t stackstorm/puppet-st2-ubuntu20-puppet6 -f build/ubuntu20-puppet6/Dockerfile.kitchen .
-FROM stackstorm/packagingtest:xenial-systemd
+FROM stackstorm/packagingtest:focal-systemd
# kitchen setup
RUN mkdir -p /var/run/sshd
@@ -18,10 +18,13 @@ RUN echo '<%= IO.read(@public_key).strip %>' >> /home/<%= @username %>/.ssh/auth
# update OS
RUN sudo apt-get -y update
+# Install utilities to add apt repos
+RUN sudo apt-get -y install software-properties-common
+
# install puppet
# https://puppet.com/docs/puppet/6.0/puppet_platform.html
-RUN wget https://apt.puppetlabs.com/puppet6-release-xenial.deb
-RUN sudo dpkg -i puppet6-release-xenial.deb
+RUN wget https://apt.puppetlabs.com/puppet6-release-focal.deb
+RUN sudo dpkg -i puppet6-release-focal.deb
RUN sudo apt-get -y update
RUN sudo apt-get -y install puppet-agent
diff --git a/build/ubuntu16-puppet6/Puppetfile b/build/ubuntu20-puppet6/Puppetfile
similarity index 100%
rename from build/ubuntu16-puppet6/Puppetfile
rename to build/ubuntu20-puppet6/Puppetfile
diff --git a/build/ubuntu16-puppet7/Dockerfile.kitchen b/build/ubuntu20-puppet7/Dockerfile.kitchen
similarity index 77%
rename from build/ubuntu16-puppet7/Dockerfile.kitchen
rename to build/ubuntu20-puppet7/Dockerfile.kitchen
index 3029d000..f397d089 100644
--- a/build/ubuntu16-puppet7/Dockerfile.kitchen
+++ b/build/ubuntu20-puppet7/Dockerfile.kitchen
@@ -1,7 +1,7 @@
# usage (from the root of the puppet-st2/ directory):
-# docker build -t stackstorm/puppet-st2-ubuntu16-puppet7 -f build/ubuntu16-puppet7/Dockerfile.kitchen .
+# docker build -t stackstorm/puppet-st2-ubuntu20-puppet7 -f build/ubuntu20-puppet7/Dockerfile.kitchen .
-FROM stackstorm/packagingtest:xenial-systemd
+FROM stackstorm/packagingtest:focal-systemd
# kitchen setup
RUN mkdir -p /var/run/sshd
@@ -18,10 +18,13 @@ RUN echo '<%= IO.read(@public_key).strip %>' >> /home/<%= @username %>/.ssh/auth
# update OS
RUN sudo apt-get -y update
+# Install utilities to add apt repos
+RUN sudo apt-get -y install software-properties-common
+
# install puppet
# https://puppet.com/docs/puppet/7.0/puppet_platform.html
-RUN wget https://apt.puppetlabs.com/puppet7-release-xenial.deb
-RUN sudo dpkg -i puppet7-release-xenial.deb
+RUN wget https://apt.puppetlabs.com/puppet7-release-focal.deb
+RUN sudo dpkg -i puppet7-release-focal.deb
RUN sudo apt-get -y update
RUN sudo apt-get -y install puppet-agent
diff --git a/build/ubuntu16-puppet7/Puppetfile b/build/ubuntu20-puppet7/Puppetfile
similarity index 100%
rename from build/ubuntu16-puppet7/Puppetfile
rename to build/ubuntu20-puppet7/Puppetfile
diff --git a/docs/TODO.md b/docs/TODO.md
index fd24e691..fc85dfb4 100644
--- a/docs/TODO.md
+++ b/docs/TODO.md
@@ -26,3 +26,4 @@
- Tasks for various CLI commands
- Proper provider implementation for key/value pairs
- StackStorm facts
+- Remove anchors: https://blog.mayflower.de/4573-The-Puppet-Anchor-Pattern-in-Practice.html
\ No newline at end of file
diff --git a/docs/dev_notes.md b/docs/dev_notes.md
index 638450c0..7acc85f8 100644
--- a/docs/dev_notes.md
+++ b/docs/dev_notes.md
@@ -13,26 +13,27 @@ The build system has been recently revamped. Please see details in the file
### Unit Testing (rspec, puppet-lint, etc)
-| OS | Ruby | Puppet |
-|--------------|-------|--------|
-| RHEL 6 | 1.8.7 | 3.8.7 |
-| RHEL 7 | 2.0.0 | 3.8.7 |
-| Ubuntu 14.04 | 1.9.3 | 3.8.7 |
-| Ubuntu 16.06 | 2.3.1 | 3.8.5 |
+| OS | Ruby | Puppet |
+|-------------- |-------|--------|
+| Ubuntu 20.04 | 2.5 | 6 |
+| Ubuntu 20.04 | 2.7 | 7 |
### Integration Testing (test-kitchen)
-Note: "Base" specs are for the Travis CI container that test-kitchen is
+Note: "Base" specs are for the Github Action container that test-kitchen is
being run on. All other columns are details about the guest OS that is
created by test-kitchen that puppet-st2 is run against.
-| Base OS (travis) | Base Ruby | Guest OS | Guest Ruby | Guest Puppet |
-|------------------|-----------|--------------|------------|--------------|
-| Ubuntu 14.04 | 2.4 | RHEL 6 | 1.8.7 | 3.8.7 |
-| Ubuntu 14.04 | 2.4 | RHEL 7 | 2.0.0 | 3.8.7 |
-| Ubuntu 14.04 | 2.4 | Ubuntu 14.04 | 1.9.3 | 3.8.7 |
-| Ubuntu 14.04 | 2.4 | Ubuntu 16.06 | 2.3.1 | 3.8.5 |
+| Base OS (Github) | Base Ruby | Guest OS | Guest Ruby | Guest Puppet | Guest Python |
+|------------------|-----------|--------------|------------|--------------|--------------|
+| Ubuntu 20.04 | 2.7 | RHEL 7 | 2.7 | 6 | system |
+| Ubuntu 20.04 | 2.7 | RHEL 7 | 2.7 | 7 | system |
+| Ubuntu 20.04 | 2.7 | RHEL 7 | 2.7 | 7 | 3.6 |
+| Ubuntu 20.04 | 2.7 | Ubuntu 18.04 | 2.7 | 6 | system |
+| Ubuntu 20.04 | 2.7 | Ubuntu 18.04 | 2.7 | 7 | system |
+| Ubuntu 20.04 | 2.7 | Ubuntu 20.04 | 2.7 | 6 | system |
+| Ubuntu 20.04 | 2.7 | Ubuntu 20.04 | 2.7 | 7 | system |
## Dev Notes
@@ -100,18 +101,10 @@ information from the build output, then updating the `build//Gemfile.lock`.
``` shell
gem install bundler
-# ruby 1.8.7
-PUPPET_VERSION="~> 3.0" TEST_KITCHEN_ENABLED=false R10K_VERSION="~> 1.0" PUPPETLABS_SPEC_HELPER_VERSION="~> 1.0" bundle package; mv Gemfile.lock .travis-gemfile/Gemfile.lock.rhel6
-# ruby 2.0.0
-PUPPET_VERSION="~> 3.0" bundle package; mv Gemfile.lock .travis-gemfile/Gemfile.lock.rhel7
-# ruby 1.9.3
-PUPPET_VERSION="~> 3.0" KITCHEN_SYNC_VERSION="2.1.0" bundle package; mv Gemfile.lock .travis-gemfile/Gemfile.lock.ubuntu14
-# ruby 2.3.1
-PUPPET_VERSION="~> 4.0" bundle package; mv Gemfile.lock .travis-gemfile/Gemfile.lock.ubuntu16
-# ruby 2.1.x
-PUPPET_VERSION="~> 4.0" TEST_KITCHEN_ENABLED=false bundle package; mv Gemfile.lock .travis-gemfile/Gemfile.lock.puppet4
-# ruby 2.4.x
-PUPPET_VERSION="~> 5.0" TEST_KITCHEN_ENABLED=false bundle package; mv Gemfile.lock .travis-gemfile/Gemfile.lock.puppet5
+# ruby 2.5.x
+PUPPET_VERSION="~> 6.0" TEST_KITCHEN_ENABLED=false bundle package; mv Gemfile.lock .travis-gemfile/Gemfile.lock.puppet5
+# ruby 2.7.x
+PUPPET_VERSION="~> 7.0" TEST_KITCHEN_ENABLED=false bundle package; mv Gemfile.lock .travis-gemfile/Gemfile.lock.puppet5
```
diff --git a/files/etc/st2/st2.conf.erb b/files/etc/st2/st2.conf.erb
deleted file mode 100644
index 64247fa5..00000000
--- a/files/etc/st2/st2.conf.erb
+++ /dev/null
@@ -1,108 +0,0 @@
-# System-wide configuration
-<%- api_url = env_st2_api_url || 'http://localhost:9101' -%>
-<%- conf_root = env_st2_conf_root || '/etc' -%>
-<%- debug = env_st2_debug || 'False' -%>
-<%- auth_use_ssl = env_st2_auth_use_ssl || 'False' %>
-<%- auth_enable = ['false', 'no', 'n', '0'].include?(env_st2_auth_enable.to_s.downcase) ? 'False' : 'True' -%>
-<%- rmq_host = env_st2_rmq_host || 'localhost' -%>
-<%- rmq_vhost = env_st2_rmq_vhost || nil -%>
-<%- rmq_username = env_st2_rmq_username || 'guest' -%>
-<%- rmq_password = env_st2_rmq_password || 'guest' -%>
-<%- rmq_port = env_st2_rmq_port || '5672' -%>
-<%- rmq_url = "amqp://#{rmq_username}:#{rmq_password}@#{rmq_host}:#{rmq_port}/#{rmq_vhost}" -%>
-<%- allow_origin = env_st2_api_allow_origin || '*' -%>
-<%- standalone_file_path = env_st2_auth_standalone_file || '/etc/st2/htpasswd' -%>
-<%- syslog_host = env_st2_syslog_host || 'localhost' -%>
-<%- syslog_port = env_st2_syslog_port || 514 -%>
-<%- syslog_facility = env_st2_syslog_facility || 'local7' -%>
-<%- syslog_protocol = env_st2_syslog_protocol || 'udp' -%>
-<%- system_user = env_st2_system_user || 'stanley' -%>
-<%- ssh_key_file = env_st2_ssh_key_file || '/home/stanley/.ssh/st2_stanley_key' -%>
-<%- db_host = env_st2_db_host || 'localhost' -%>
-<%- db_port = env_st2_db_port || 27017 -%>
-<%- db_name = env_st2_db_name || 'st2' -%>
-<%- db_username = env_st2_db_username || nil -%>
-<%- db_password = env_st2_db_password || nil -%>
-<%- mask_secrets = env_mask_secrets || 'True' -%>
-
-[api]
-# Host and port to bind the API server.
-host = 0.0.0.0
-port = 9101
-logging = <%= conf_root %>/st2api/conf/console.conf
-mask_secrets = <%= mask_secrets %>
-# allow_origin is required for handling CORS in st2 web UI.
-# allow_origin = http://myhost1.example.com:3000,http://myhost2.example.com:3000
-allow_origin = <%= allow_origin %>
-
-[sensorcontainer]
-logging = <%= conf_root %>/st2reactor/conf/console.conf
-
-[rulesengine]
-logging = <%= conf_root %>/st2reactor/conf/console.conf
-
-[actionrunner]
-logging = <%= conf_root %>/st2actions/conf/console.conf
-
-[auth]
-host = 0.0.0.0
-port = 9100
-use_ssl = <%= auth_use_ssl %>
-debug = <%= debug.include?('rue') ? 'True' : debug %>
-enable = <%= auth_enable %>
-logging = <%= conf_root %>/st2api/conf/console.conf
-
-mode = standalone
-# Note: Settings bellow are only used in "standalone" mode
-backend = flat_file
-backend_kwargs = {"file_path": "<%= standalone_file_path %>"}
-
-# Base URL to the API endpoint excluding the version (e.g. http://myhost.net:9101/)
-api_url = <%= api_url %>
-
-[system]
-base_path = /opt/stackstorm
-
-<%- if env_st2_syslog -%>
-[syslog]
-host = <%= syslog_host %>
-port = <%= syslog_port %>
-facility = <%= syslog_facility %>
-protocol = <%= syslog_protocol %>
-<%- end -%>
-
-[log]
-excludes = requests,paramiko
-redirect_stderr = False
-mask_secrets = <%= mask_secrets %>
-
-[system_user]
-user = <%= system_user %>
-ssh_key_file = <%= ssh_key_file %>
-
-[messaging]
-url = <%= rmq_url %>
-
-[ssh_runner]
-remote_dir = /tmp
-
-[action_sensor]
-triggers_base_url = <%= api_url %>/v1/triggertypes/
-
-[resultstracker]
-logging = <%= conf_root %>/st2actions/conf/console.conf
-
-[notifier]
-logging = <%= conf_root %>/st2actions/conf/console.conf
-
-[garbagecollector]
-logging = <%= conf_root %>/st2reactor/conf/console.conf
-
-[database]
-host = <%= db_host %>
-port = <%= db_port %>
-db_name = <%= db_name %>
-<%- if db_username and db_password -%>
-username = <%= db_username %>
-password = <%= db_password %>
-<%- end -%>
diff --git a/functions/version_ge.pp b/functions/version_ge.pp
index 723892c1..91fd2f28 100644
--- a/functions/version_ge.pp
+++ b/functions/version_ge.pp
@@ -2,22 +2,22 @@
# by the user is greater than or equal to $version.
#
# Determines if the StackStorm version installed on the system $facts['st2_version']
-# or the version requested by the user $::st2::version is greater than or equal
+# or the version requested by the user $st2::version is greater than or equal
# to $version.
#
# This is used to determine if this Puppet module should enable features for managing
# specific versions of StackStorm. Older versions of StackStorm will not have new features
# and we don't want this module to try and manage them if they're not present on the system.
#
-# Users who have old version of StackStorm installed may have $::st2::version = 'present'
-# or $::st2::version = 'installed'. In this case, we don't want to assume the user
+# Users who have old version of StackStorm installed may have $st2::version = 'present'
+# or $st2::version = 'installed'. In this case, we don't want to assume the user
# has a new version of StackStorm or wants to upgrade. Instead, we should assume that
# this the installed version of StackStorm is the version we should be using to compare.
#
# @param version
# Version string to compare against. This should be in SemVer format
#
-# @return [Boolean] True if the StackStorm version on the system or $::st2::version is
+# @return [Boolean] True if the StackStorm version on the system or $st2::version is
# >= to the +version+ parameter.
#
# @example Basic Usage
@@ -38,8 +38,8 @@ function st2::version_ge(String $version) >> Boolean {
# then the version is less (ie the user has installed an old version and we
# don't want to turn on features that may break their existing installation)
elsif (versioncmp($facts['st2_version'], $version) < 0 and
- ($::st2::version == 'present' or
- $::st2::version == 'installed')) {
+ ($st2::version == 'present' or
+ $st2::version == 'installed')) {
$ge = false
}
# if the user-requested StackStorm version is 'latest' or
@@ -47,10 +47,10 @@ function st2::version_ge(String $version) >> Boolean {
# then the version is greater than, return true (user wants to use new stuff and upgrade)
#
# FYI, do this comparison LAST because versioncmp('preset', '2.1.0') returns 1 (true)
- # ie. we need to compare against the known $::st2::versions before using versioncmp()
+ # ie. we need to compare against the known $st2::versions before using versioncmp()
# with that variable.
- elsif ($::st2::version == 'latest' or
- versioncmp($::st2::version, $version) >= 0) {
+ elsif ($st2::version == 'latest' or
+ versioncmp($st2::version, $version) >= 0) {
$ge = true
}
# otherwise version is less
diff --git a/manifests/auth.pp b/manifests/auth.pp
index b873dc6a..54b08481 100644
--- a/manifests/auth.pp
+++ b/manifests/auth.pp
@@ -57,13 +57,13 @@
# }
#
class st2::auth (
- $backend = $::st2::auth_backend,
- $backend_config = $::st2::auth_backend_config,
- $debug = $::st2::auth_debug,
- $mode = $::st2::auth_mode,
- $use_ssl = $::st2::use_ssl,
- $ssl_cert = $::st2::ssl_cert,
- $ssl_key = $::st2::ssl_key,
+ $backend = $st2::auth_backend,
+ $backend_config = $st2::auth_backend_config,
+ $debug = $st2::auth_debug,
+ $mode = $st2::auth_mode,
+ $use_ssl = $st2::use_ssl,
+ $ssl_cert = $st2::ssl_cert,
+ $ssl_key = $st2::ssl_key,
) inherits st2 {
if !defined(Class['st2::auth::common']) {
diff --git a/manifests/auth/common.pp b/manifests/auth/common.pp
index 69892ad1..7e693000 100644
--- a/manifests/auth/common.pp
+++ b/manifests/auth/common.pp
@@ -18,13 +18,13 @@
# Path to SSL Key file (default: '/etc/ssl/st2/st2.key')
#
class st2::auth::common (
- $api_url = $::st2::auth_api_url,
- $conf_file = $::st2::conf_file,
- $debug = $::st2::auth_debug,
- $mode = $::st2::auth_mode,
- $use_ssl = $::st2::use_ssl,
- $ssl_cert = $::st2::ssl_cert,
- $ssl_key = $::st2::ssl_key,
+ $api_url = $st2::auth_api_url,
+ $conf_file = $st2::conf_file,
+ $debug = $st2::auth_debug,
+ $mode = $st2::auth_mode,
+ $use_ssl = $st2::use_ssl,
+ $ssl_cert = $st2::ssl_cert,
+ $ssl_key = $st2::ssl_key,
) inherits st2 {
$_debug = $debug ? {
diff --git a/manifests/auth/flat_file.pp b/manifests/auth/flat_file.pp
index 44d09427..e363d6ef 100644
--- a/manifests/auth/flat_file.pp
+++ b/manifests/auth/flat_file.pp
@@ -23,10 +23,10 @@
# htpasswd_file: "/etc/something/htpasswd"
#
class st2::auth::flat_file(
- $cli_username = $::st2::cli_username,
- $cli_password = $::st2::cli_password,
- $conf_file = $::st2::conf_file,
- $htpasswd_file = $::st2::params::auth_htpasswd_file,
+ $cli_username = $st2::cli_username,
+ $cli_password = $st2::cli_password,
+ $conf_file = $st2::conf_file,
+ $htpasswd_file = $st2::params::auth_htpasswd_file,
) inherits st2 {
include st2::auth::common
diff --git a/manifests/auth/keystone.pp b/manifests/auth/keystone.pp
index 3eb57ee4..97b31ebb 100644
--- a/manifests/auth/keystone.pp
+++ b/manifests/auth/keystone.pp
@@ -26,7 +26,7 @@
# keystone_version: "3"
#
class st2::auth::keystone (
- $conf_file = $::st2::conf_file,
+ $conf_file = $st2::conf_file,
$keystone_url = 'http://127.0.0.1:5000',
$keystone_version = '2',
) inherits st2 {
diff --git a/manifests/auth/ldap.pp b/manifests/auth/ldap.pp
index 5e9ebbef..56f5d7b6 100644
--- a/manifests/auth/ldap.pp
+++ b/manifests/auth/ldap.pp
@@ -71,7 +71,7 @@
# account_pattern: "userPrincipalName={username}"
#
class st2::auth::ldap (
- $conf_file = $::st2::conf_file,
+ $conf_file = $st2::conf_file,
$host = '',
$use_tls = false,
$use_ssl = false,
diff --git a/manifests/auth/mongodb.pp b/manifests/auth/mongodb.pp
index 83845888..e330c83c 100644
--- a/manifests/auth/mongodb.pp
+++ b/manifests/auth/mongodb.pp
@@ -36,13 +36,13 @@
# db_name: "myauthdb"
#
class st2::auth::mongodb (
- $conf_file = $::st2::conf_file,
- $db_host = $::st2::db_host,
- $db_port = $::st2::db_port,
+ $conf_file = $st2::conf_file,
+ $db_host = $st2::db_host,
+ $db_port = $st2::db_port,
$db_name = 'st2auth',
- $db_auth = $::st2::mongodb_auth,
- $db_username = $::st2::db_username,
- $db_password = $::st2::db_password,
+ $db_auth = $st2::mongodb_auth,
+ $db_username = $st2::db_username,
+ $db_password = $st2::db_password,
) inherits st2 {
include st2::auth::common
diff --git a/manifests/auth/pam.pp b/manifests/auth/pam.pp
index 0fc209d7..da4f8d1c 100644
--- a/manifests/auth/pam.pp
+++ b/manifests/auth/pam.pp
@@ -18,7 +18,7 @@
# st2::auth_backend_config: {}
#
class st2::auth::pam(
- $conf_file = $::st2::conf_file,
+ $conf_file = $st2::conf_file,
) inherits st2 {
include st2::auth::common
diff --git a/manifests/auth_user.pp b/manifests/auth_user.pp
index b0649bf7..637e39d5 100644
--- a/manifests/auth_user.pp
+++ b/manifests/auth_user.pp
@@ -17,7 +17,7 @@
$password = undef,
) {
include st2::auth::flat_file
- $_htpasswd_file = $::st2::auth::flat_file::htpasswd_file
+ $_htpasswd_file = $st2::auth::flat_file::htpasswd_file
httpauth { $name:
ensure => $ensure,
diff --git a/manifests/client/settings.pp b/manifests/client/settings.pp
index b8fb0722..2f5bf45c 100644
--- a/manifests/client/settings.pp
+++ b/manifests/client/settings.pp
@@ -40,18 +40,18 @@
define st2::client::settings(
$user = $name,
$homedir = "/home/${name}",
- $auth = $::st2::auth,
- $api_url = $::st2::cli_api_url,
- $auth_url = $::st2::cli_auth_url,
- $base_url = $::st2::cli_base_url,
- $username = $::st2::cli_username,
- $password = $::st2::cli_password,
+ $auth = $st2::auth,
+ $api_url = $st2::cli_api_url,
+ $auth_url = $st2::cli_auth_url,
+ $base_url = $st2::cli_base_url,
+ $username = $st2::cli_username,
+ $password = $st2::cli_password,
$disable_credentials = false,
- $api_version = $::st2::cli_api_version,
- $cacert = $::st2::cli_cacert,
- $debug = $::st2::cli_debug,
- $cache_token = $::st2::cli_cache_token,
- $silence_ssl_warnings = $::st2::cli_silence_ssl_warnings,
+ $api_version = $st2::cli_api_version,
+ $cacert = $st2::cli_cacert,
+ $debug = $st2::cli_debug,
+ $cache_token = $st2::cli_cache_token,
+ $silence_ssl_warnings = $st2::cli_silence_ssl_warnings,
) {
Ini_setting {
ensure => present,
diff --git a/manifests/init.pp b/manifests/init.pp
index bebee6de..2191d7a8 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -11,18 +11,6 @@
# To install Python 3.6 on RHEL/CentOS 7 specify '3.6'.
# To install Python 3.6 on Ubuntu 16.05 specify 'python3.6'.
#
-# @param [Boolean] python_enable_unsafe_repo
-# The python3.6 package is a required dependency for the StackStorm `st2` package
-# but that is not installable from any of the default Ubuntu 16.04 repositories.
-# We recommend switching to Ubuntu 18.04 LTS (Bionic) as a base OS. Support for
-# Ubuntu 16.04 will be removed with future StackStorm versions.
-# Alternatively the Puppet will try to add python3.6 from the 3rd party 'deadsnakes' repository: https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa.
-# Only set to true, if you are aware of the support and security risks associated
-# with using unofficial 3rd party PPA repository, and you understand that StackStorm
-# does NOT provide ANY support for python3.6 packages on Ubuntu 16.04.
-# The unsafe PPA `'ppa:deadsnakes/ppa'` https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa
-# can be enabled if you specify `true` for this parameter. (default: `false`)
-#
# @param [St2::Repository] repository
# Release repository to enable. 'stable', 'unstable'
# (default = 'stable')
@@ -265,38 +253,36 @@
# }
# class { 'st2':
# python_version => $st2_python_version,
-# python_enable_unsafe_repo => true,
# }
class st2(
$version = 'present',
String $python_version = 'system',
- Boolean $python_enable_unsafe_repo = false,
- St2::Repository $repository = $::st2::params::repository,
- $conf_dir = $::st2::params::conf_dir,
- $conf_file = "${::st2::params::conf_dir}/st2.conf",
- $use_ssl = $::st2::params::use_ssl,
+ St2::Repository $repository = $st2::params::repository,
+ $conf_dir = $st2::params::conf_dir,
+ $conf_file = "${st2::params::conf_dir}/st2.conf",
+ $use_ssl = $st2::params::use_ssl,
$ssl_cert_manage = true,
- $ssl_dir = $::st2::params::ssl_dir,
- $ssl_cert = $::st2::params::ssl_cert,
- $ssl_key = $::st2::params::ssl_key,
+ $ssl_dir = $st2::params::ssl_dir,
+ $ssl_cert = $st2::params::ssl_cert,
+ $ssl_key = $st2::params::ssl_key,
$auth = true,
- $auth_api_url = "http://${::st2::params::hostname}:${::st2::params::api_port}",
+ $auth_api_url = "http://${st2::params::hostname}:${st2::params::api_port}",
$auth_debug = false,
- $auth_mode = $::st2::params::auth_mode,
- $auth_backend = $::st2::params::auth_backend,
- $auth_backend_config = $::st2::params::auth_backend_config,
- $cli_base_url = "http://${::st2::params::hostname}",
+ $auth_mode = $st2::params::auth_mode,
+ $auth_backend = $st2::params::auth_backend,
+ $auth_backend_config = $st2::params::auth_backend_config,
+ $cli_base_url = "http://${st2::params::hostname}",
$cli_api_version = 'v1',
$cli_debug = false,
$cli_cache_token = true,
$cli_silence_ssl_warnings = false,
- $cli_username = $::st2::params::admin_username,
- $cli_password = $::st2::params::admin_password,
- $cli_api_url = "http://${::st2::params::hostname}:${::st2::params::api_port}",
- $cli_auth_url = "http://${::st2::params::hostname}:${::st2::params::auth_port}",
- $actionrunner_workers = $::st2::params::actionrunner_workers,
+ $cli_username = $st2::params::admin_username,
+ $cli_password = $st2::params::admin_password,
+ $cli_api_url = "http://${st2::params::hostname}:${st2::params::api_port}",
+ $cli_auth_url = "http://${st2::params::hostname}:${st2::params::auth_port}",
+ $actionrunner_workers = $st2::params::actionrunner_workers,
$packs = {},
- $packs_group = $::st2::params::packs_group_name,
+ $packs_group = $st2::params::packs_group_name,
$index_url = undef,
$syslog = false,
$syslog_host = 'localhost',
@@ -304,56 +290,56 @@
$syslog_port = 514,
$syslog_facility = 'local7',
$ssh_key_location = '/home/stanley/.ssh/st2_stanley_key',
- $db_host = $::st2::params::hostname,
- $db_port = $::st2::params::mongodb_port,
- $db_bind_ips = $::st2::params::mongodb_bind_ips,
- $db_name = $::st2::params::mongodb_st2_db,
- $db_username = $::st2::params::mongodb_st2_username,
- $db_password = $::st2::params::admin_password,
+ $db_host = $st2::params::hostname,
+ $db_port = $st2::params::mongodb_port,
+ $db_bind_ips = $st2::params::mongodb_bind_ips,
+ $db_name = $st2::params::mongodb_st2_db,
+ $db_username = $st2::params::mongodb_st2_username,
+ $db_password = $st2::params::admin_password,
$mongodb_version = undef,
$mongodb_manage_repo = true,
$mongodb_auth = true,
$ng_init = true,
- $datastore_keys_dir = $::st2::params::datstore_keys_dir,
- $datastore_key_path = "${::st2::params::datstore_keys_dir}/datastore_key.json",
+ $datastore_keys_dir = $st2::params::datstore_keys_dir,
+ $datastore_key_path = "${st2::params::datstore_keys_dir}/datastore_key.json",
$nginx_manage_repo = true,
- $nginx_client_max_body_size = $::st2::params::nginx_client_max_body_size,
- $nginx_ssl_ciphers = $::st2::params::nginx_ssl_ciphers,
- $nginx_ssl_port = $::st2::params::nginx_ssl_port,
- $nginx_ssl_protocols = $::st2::params::nginx_ssl_protocols,
- $web_root = $::st2::params::web_root,
- $rabbitmq_username = $::st2::params::rabbitmq_username,
- $rabbitmq_password = $::st2::params::rabbitmq_password,
- $rabbitmq_hostname = $::st2::params::rabbitmq_hostname,
- $rabbitmq_port = $::st2::params::rabbitmq_port,
- $rabbitmq_bind_ip = $::st2::params::rabbitmq_bind_ip,
- $rabbitmq_vhost = $::st2::params::rabbitmq_vhost,
- $erlang_url = $::st2::params::erlang_url,
- $erlang_key = $::st2::params::erlang_key,
- $redis_bind_ip = $::st2::params::redis_bind_ip,
- $timersengine_enabled = $::st2::params::timersengine_enabled,
- $timersengine_timezone = $::st2::params::timersengine_timezone,
- $scheduler_sleep_interval = $::st2::params::scheduler_sleep_interval,
- $scheduler_gc_interval = $::st2::params::scheduler_gc_interval,
- $scheduler_pool_size = $::st2::params::scheduler_pool_size,
- $chatops_adapter = $::st2::params::chatops_adapter,
- $chatops_adapter_conf = $::st2::params::chatops_adapter_conf,
- $chatops_hubot_log_level = $::st2::params::hubot_log_level,
- $chatops_hubot_express_port = $::st2::params::hubot_express_port,
- $chatops_tls_cert_reject_unauthorized = $::st2::params::tls_cert_reject_unauthorized,
- $chatops_hubot_name = $::st2::params::hubot_name,
- $chatops_hubot_alias = $::st2::params::hubot_alias,
+ $nginx_client_max_body_size = $st2::params::nginx_client_max_body_size,
+ $nginx_ssl_ciphers = $st2::params::nginx_ssl_ciphers,
+ $nginx_ssl_port = $st2::params::nginx_ssl_port,
+ $nginx_ssl_protocols = $st2::params::nginx_ssl_protocols,
+ $web_root = $st2::params::web_root,
+ $rabbitmq_username = $st2::params::rabbitmq_username,
+ $rabbitmq_password = $st2::params::rabbitmq_password,
+ $rabbitmq_hostname = $st2::params::rabbitmq_hostname,
+ $rabbitmq_port = $st2::params::rabbitmq_port,
+ $rabbitmq_bind_ip = $st2::params::rabbitmq_bind_ip,
+ $rabbitmq_vhost = $st2::params::rabbitmq_vhost,
+ $erlang_url = $st2::params::erlang_url,
+ $erlang_key = $st2::params::erlang_key,
+ $redis_bind_ip = $st2::params::redis_bind_ip,
+ $timersengine_enabled = $st2::params::timersengine_enabled,
+ $timersengine_timezone = $st2::params::timersengine_timezone,
+ $scheduler_sleep_interval = $st2::params::scheduler_sleep_interval,
+ $scheduler_gc_interval = $st2::params::scheduler_gc_interval,
+ $scheduler_pool_size = $st2::params::scheduler_pool_size,
+ $chatops_adapter = $st2::params::chatops_adapter,
+ $chatops_adapter_conf = $st2::params::chatops_adapter_conf,
+ $chatops_hubot_log_level = $st2::params::hubot_log_level,
+ $chatops_hubot_express_port = $st2::params::hubot_express_port,
+ $chatops_tls_cert_reject_unauthorized = $st2::params::tls_cert_reject_unauthorized,
+ $chatops_hubot_name = $st2::params::hubot_name,
+ $chatops_hubot_alias = $st2::params::hubot_alias,
$chatops_api_key = undef,
- $chatops_st2_hostname = $::st2::params::hostname,
- $chatops_api_url = "https://${::st2::params::hostname}/api",
- $chatops_auth_url = "https://${::st2::params::hostname}/auth",
+ $chatops_st2_hostname = $st2::params::hostname,
+ $chatops_api_url = "https://${st2::params::hostname}/api",
+ $chatops_auth_url = "https://${st2::params::hostname}/auth",
$chatops_web_url = undef,
$nodejs_version = undef,
$nodejs_manage_repo = true,
- $workflowengine_num = $::st2::params::workflowengine_num,
- $scheduler_num = $::st2::params::scheduler_num,
- $rulesengine_num = $::st2::params::rulesengine_num,
- $notifier_num = $::st2::params::notifier_num,
+ $workflowengine_num = $st2::params::workflowengine_num,
+ $scheduler_num = $st2::params::scheduler_num,
+ $rulesengine_num = $st2::params::rulesengine_num,
+ $notifier_num = $st2::params::notifier_num,
) inherits st2::params {
########################################
diff --git a/manifests/notifier.pp b/manifests/notifier.pp
index 91276469..1a1bd0d2 100644
--- a/manifests/notifier.pp
+++ b/manifests/notifier.pp
@@ -20,7 +20,7 @@
$notifier_services = $st2::params::notifier_services,
) inherits st2 {
- $_logger_config = $::st2::syslog ? {
+ $_logger_config = $st2::syslog ? {
true => 'syslog',
default => 'logging',
}
diff --git a/manifests/pack.pp b/manifests/pack.pp
index 199474c8..9ba19e76 100644
--- a/manifests/pack.pp
+++ b/manifests/pack.pp
@@ -22,8 +22,8 @@
$config = undef,
) {
include st2
- $_cli_username = $::st2::cli_username
- $_cli_password = $::st2::cli_password
+ $_cli_username = $st2::cli_username
+ $_cli_password = $st2::cli_password
st2_pack { $pack:
ensure => $ensure,
diff --git a/manifests/packs.pp b/manifests/packs.pp
index ed095e58..8f4e5cf0 100644
--- a/manifests/packs.pp
+++ b/manifests/packs.pp
@@ -21,7 +21,7 @@
# server => 'influxdb.domain.tld'
#
class st2::packs (
- $packs = $::st2::packs,
+ $packs = $st2::packs,
) inherits st2 {
create_resources('st2::pack', $packs)
}
diff --git a/manifests/profile/chatops.pp b/manifests/profile/chatops.pp
index d344e20a..78b06a9d 100644
--- a/manifests/profile/chatops.pp
+++ b/manifests/profile/chatops.pp
@@ -1,7 +1,7 @@
# @summary Profile to install and configure chatops for st2
#
# @note This class doesn't need to be invoked directly, instead it's best to customize
-# it through the main +::st2+ class
+# it through the main +st2+ class
#
# @param version
# Version of the st2chatops package to install
@@ -64,26 +64,26 @@
# }
#
class st2::profile::chatops (
- $version = $::st2::version,
- $hubot_log_level = $::st2::chatops_hubot_log_level,
- $hubot_express_port = $::st2::chatops_hubot_express_port,
- $tls_cert_reject_unauthorized = $::st2::chatops_tls_cert_reject_unauthorized,
- $hubot_name = $::st2::chatops_hubot_name,
- $hubot_alias = $::st2::chatops_hubot_alias,
- $npm_packages = $::st2::chatops_adapter,
- $adapter_config = $::st2::chatops_adapter_conf,
- $api_key = $::st2::chatops_api_key,
- $st2_hostname = $::st2::chatops_st2_hostname,
- $web_url = $::st2::chatops_web_url,
- $api_url = $::st2::chatops_api_url,
- $auth_url = $::st2::chatops_auth_url,
- $auth_username = $::st2::cli_username,
- $auth_password = $::st2::cli_password,
+ $version = $st2::version,
+ $hubot_log_level = $st2::chatops_hubot_log_level,
+ $hubot_express_port = $st2::chatops_hubot_express_port,
+ $tls_cert_reject_unauthorized = $st2::chatops_tls_cert_reject_unauthorized,
+ $hubot_name = $st2::chatops_hubot_name,
+ $hubot_alias = $st2::chatops_hubot_alias,
+ $npm_packages = $st2::chatops_adapter,
+ $adapter_config = $st2::chatops_adapter_conf,
+ $api_key = $st2::chatops_api_key,
+ $st2_hostname = $st2::chatops_st2_hostname,
+ $web_url = $st2::chatops_web_url,
+ $api_url = $st2::chatops_api_url,
+ $auth_url = $st2::chatops_auth_url,
+ $auth_username = $st2::cli_username,
+ $auth_password = $st2::cli_password,
) inherits st2 {
include 'st2::params'
- $_chatops_packages = $::st2::params::st2_chatops_packages
- $_chatops_dir = $::st2::params::st2_chatops_dir
+ $_chatops_packages = $st2::params::st2_chatops_packages
+ $_chatops_dir = $st2::params::st2_chatops_dir
$_chatops_env_file = "${_chatops_dir}/st2chatops.env"
########################################
@@ -104,7 +104,7 @@
tag => 'st2::chatops::config',
}
- file { $::st2::params::st2_chatops_global_env_file:
+ file { $st2::params::st2_chatops_global_env_file:
ensure => file,
owner => 'root',
group => 'root',
@@ -113,7 +113,6 @@
tag => 'st2::chatops::config',
}
-
########################################
## Additional nodejs packages
include st2::profile::nodejs
@@ -129,7 +128,7 @@
########################################
## Services
- service { $::st2::params::st2_chatops_services:
+ service { $st2::params::st2_chatops_services:
ensure => 'running',
enable => true,
tag => 'st2::chatops::service',
diff --git a/manifests/profile/client.pp b/manifests/profile/client.pp
index 9982e702..07f05438 100644
--- a/manifests/profile/client.pp
+++ b/manifests/profile/client.pp
@@ -27,17 +27,17 @@
# include st2::profile::client
#
class st2::profile::client (
- $auth = $::st2::auth,
- $api_url = $::st2::cli_api_url,
- $auth_url = $::st2::cli_auth_url,
- $base_url = $::st2::cli_base_url,
- $username = $::st2::cli_username,
- $password = $::st2::cli_password,
- $api_version = $::st2::cli_api_version,
- $cacert = $::st2::cli_cacert,
- $debug = $::st2::cli_debug,
- $cache_token = $::st2::cli_cache_token,
- $silence_ssl_warnings = $::st2::cli_silence_ssl_warnings,
+ $auth = $st2::auth,
+ $api_url = $st2::cli_api_url,
+ $auth_url = $st2::cli_auth_url,
+ $base_url = $st2::cli_base_url,
+ $username = $st2::cli_username,
+ $password = $st2::cli_password,
+ $api_version = $st2::cli_api_version,
+ $cacert = $st2::cli_cacert,
+ $debug = $st2::cli_debug,
+ $cache_token = $st2::cli_cache_token,
+ $silence_ssl_warnings = $st2::cli_silence_ssl_warnings,
) inherits st2 {
# Setup st2client settings for Root user by default
diff --git a/manifests/profile/mongodb.pp b/manifests/profile/mongodb.pp
index 52d2b981..1300798b 100644
--- a/manifests/profile/mongodb.pp
+++ b/manifests/profile/mongodb.pp
@@ -39,10 +39,14 @@
$manage_repo = $st2::mongodb_manage_repo,
$auth = $st2::mongodb_auth,
) inherits st2 {
+ # if Ubuntu is 20.04 then MongoDB 4.4
# if the StackStorm version is > 3.3.0 then MongoDB 4.0
# if the StackStorm version is > 2.4.0 then MongoDB 3.4
# else use MongoDB 3.2
- if st2::version_ge('3.3.0') {
+ if $facts['os']['family'] == 'Debian' and $facts['os']['release']['major'] == '20.04' and st2::version_ge('3.3.0') {
+ $_mongodb_version_default = '4.4'
+ }
+ elsif st2::version_ge('3.3.0') {
$_mongodb_version_default = '4.0'
}
elsif st2::version_ge('2.4.0') {
@@ -76,7 +80,7 @@
auth => true,
create_admin => true,
store_creds => true,
- admin_username => $::st2::params::mongodb_admin_username,
+ admin_username => $st2::params::mongodb_admin_username,
admin_password => $db_password,
}
@@ -96,9 +100,9 @@
# unfortinately there is no way to synchronously force a service restart
# in Puppet, so we have to revert to exec... sorry
include mongodb::params
- $_mongodb_stop_cmd = "systemctl stop ${::mongodb::params::service_name}"
- $_mongodb_start_cmd = "systemctl start ${::mongodb::params::service_name}"
- $_mongodb_restart_cmd = "systemctl restart ${::mongodb::params::service_name}"
+ $_mongodb_stop_cmd = "systemctl stop ${mongodb::params::service_name}"
+ $_mongodb_start_cmd = "systemctl start ${mongodb::params::service_name}"
+ $_mongodb_restart_cmd = "systemctl restart ${mongodb::params::service_name}"
$_mongodb_exec_path = ['/usr/sbin', '/usr/bin', '/sbin', '/bin']
# stop mongodb; disable auth
diff --git a/manifests/profile/nginx.pp b/manifests/profile/nginx.pp
index 0e6b28b7..7097b4d1 100644
--- a/manifests/profile/nginx.pp
+++ b/manifests/profile/nginx.pp
@@ -12,7 +12,7 @@
# }
#
class st2::profile::nginx (
- $manage_repo = $::st2::nginx_manage_repo
+ $manage_repo = $st2::nginx_manage_repo
) inherits st2 {
class { 'nginx':
manage_repo => $manage_repo,
diff --git a/manifests/profile/nodejs.pp b/manifests/profile/nodejs.pp
index 923c3938..fdf40fda 100644
--- a/manifests/profile/nodejs.pp
+++ b/manifests/profile/nodejs.pp
@@ -15,17 +15,23 @@
# @param manage_repo
# Set this to false when you have your own repositories for NodeJS.
# @param version
-# Version of NodeJS to install. If not provided it will be auto-calcuated based on $::st2::version
+# Version of NodeJS to install. If not provided it will be auto-calcuated based on $st2::version
#
class st2::profile::nodejs(
- $manage_repo = $::st2::nodejs_manage_repo,
- $version = $::st2::nodejs_version,
+ $manage_repo = $st2::nodejs_manage_repo,
+ $version = $st2::nodejs_version,
) inherits st2 {
+ $use_rhel7_builtin = false
+
+ # if the StackStorm version is >= 3.5.0 then use NodeJS 14.x
# if the StackStorm version is >= 2.10.0 then use NodeJS 10.x
# if the StackStorm version is 2.10.0 < and >= 2.4.0 then use NodeJS 6.x
# else use NodeJS 4.x
- if st2::version_ge('2.10.0') {
+ if st2::version_ge('3.5.0') {
+ $nodejs_version_default = '14.x'
+ }
+ elsif st2::version_ge('2.10.0') {
$nodejs_version_default = '10.x'
}
elsif st2::version_ge('2.4.0') {
diff --git a/manifests/profile/python.pp b/manifests/profile/python.pp
index fa2b5314..95d84f55 100644
--- a/manifests/profile/python.pp
+++ b/manifests/profile/python.pp
@@ -6,18 +6,6 @@
# To install Python 3.6 on RHEL/CentOS 7 specify '3.6'.
# To install Python 3.6 on Ubuntu 16.05 specify 'python3.6'.
#
-# @param [Boolean] enable_unsafe_repo
-# The python3.6 package is a required dependency for the StackStorm `st2` package
-# but that is not installable from any of the default Ubuntu 16.04 repositories.
-# We recommend switching to Ubuntu 18.04 LTS (Bionic) as a base OS. Support for
-# Ubuntu 16.04 will be removed with future StackStorm versions.
-# Alternatively the Puppet will try to add python3.6 from the 3rd party 'deadsnakes' repository: https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa.
-# Only set to true, if you are aware of the support and security risks associated
-# with using unofficial 3rd party PPA repository, and you understand that StackStorm
-# does NOT provide ANY support for python3.6 packages on Ubuntu 16.04.
-# The unsafe PPA `'ppa:deadsnakes/ppa'` https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa
-# can be enabled if you specify `true` for this parameter. (default: `false`)
-#
# @example Basic Usage
# include st2::profile::python
#
@@ -28,25 +16,14 @@
# }
# class { 'st2':
# python_version => $st2_python_version,
-# python_enable_unsafe_repo => true,
# }
# include st2::profile::python
#
class st2::profile::python (
String $version = $st2::python_version,
- Boolean $enable_unsafe_repo = $st2::python_enable_unsafe_repo,
) inherits st2 {
notice("Python version: ${version}")
if !defined(Class['python']) {
- # if we're installing a custom version of Python on Ubuntu, then install the deadsnakes PPA
- # but only if the user explicitly specified st2::python_enable_unsafe_repo: true
- if $version != 'system' and $facts['os']['family'] == 'Debian' and $enable_unsafe_repo {
- # enable the PPA
- apt::ppa { 'ppa:deadsnakes/ppa':
- before => Class['python'],
- }
- }
-
# intall python and python-devel / python-dev
class { 'python':
version => $version,
diff --git a/manifests/profile/rabbitmq.pp b/manifests/profile/rabbitmq.pp
index 3cb2f6a1..a8ee86cc 100644
--- a/manifests/profile/rabbitmq.pp
+++ b/manifests/profile/rabbitmq.pp
@@ -22,13 +22,13 @@
# include st2::profile::rabbitmq
#
class st2::profile::rabbitmq (
- $username = $::st2::rabbitmq_username,
- $password = $::st2::rabbitmq_password,
- $port = $::st2::rabbitmq_port,
- $bind_ip = $::st2::rabbitmq_bind_ip,
- $vhost = $::st2::rabbitmq_vhost,
- $erlang_url = $::st2::erlang_url,
- $erlang_key = $::st2::erlang_key
+ $username = $st2::rabbitmq_username,
+ $password = $st2::rabbitmq_password,
+ $port = $st2::rabbitmq_port,
+ $bind_ip = $st2::rabbitmq_bind_ip,
+ $vhost = $st2::rabbitmq_vhost,
+ $erlang_url = $st2::erlang_url,
+ $erlang_key = $st2::erlang_key
) inherits st2 {
# RHEL 8 Requires another repo in addition to epel to be installed
@@ -59,8 +59,9 @@
delete_guest_user => true,
port => $port,
environment_variables => {
- 'RABBITMQ_NODE_IP_ADDRESS' => $::st2::rabbitmq_bind_ip,
+ 'RABBITMQ_NODE_IP_ADDRESS' => $st2::rabbitmq_bind_ip,
},
+ manage_python => false,
}
contain 'rabbitmq'
diff --git a/manifests/profile/selinux.pp b/manifests/profile/selinux.pp
index 8de4cfd8..061fe2e0 100644
--- a/manifests/profile/selinux.pp
+++ b/manifests/profile/selinux.pp
@@ -5,7 +5,7 @@
#
class st2::profile::selinux inherits st2::params {
# note: the selinux module downcases the mode in the fact
- if ($::osfamily == 'RedHat') and ($::selinux_current_mode == 'enforcing') {
+ if ( ($facts['os']['family'] == 'RedHat') and ($facts['os']['selinux']['current_mode'] == 'enforcing')) {
if !defined(Package['policycoreutils-python']) {
package { 'policycoreutils-python':
ensure => present,
diff --git a/manifests/profile/server.pp b/manifests/profile/server.pp
index 83075e68..e714d42c 100644
--- a/manifests/profile/server.pp
+++ b/manifests/profile/server.pp
@@ -41,31 +41,31 @@
# include st2::profile::server
#
class st2::profile::server (
- $version = $::st2::version,
- $conf_dir = $::st2::conf_dir,
- $conf_file = $::st2::conf_file,
- $auth = $::st2::auth,
- $actionrunner_workers = $::st2::actionrunner_workers,
- $syslog = $::st2::syslog,
- $syslog_host = $::st2::syslog_host,
- $syslog_port = $::st2::syslog_port,
- $syslog_facility = $::st2::syslog_facility,
- $syslog_protocol = $::st2::syslog_protocol,
+ $version = $st2::version,
+ $conf_dir = $st2::conf_dir,
+ $conf_file = $st2::conf_file,
+ $auth = $st2::auth,
+ $actionrunner_workers = $st2::actionrunner_workers,
+ $syslog = $st2::syslog,
+ $syslog_host = $st2::syslog_host,
+ $syslog_port = $st2::syslog_port,
+ $syslog_facility = $st2::syslog_facility,
+ $syslog_protocol = $st2::syslog_protocol,
$st2api_listen_ip = '0.0.0.0',
$st2api_listen_port = '9101',
$st2auth_listen_ip = '0.0.0.0',
$st2auth_listen_port = '9100',
- $ssh_key_location = $::st2::ssh_key_location,
- $ng_init = $::st2::ng_init,
- $db_username = $::st2::db_username,
- $db_password = $::st2::db_password,
- $rabbitmq_username = $::st2::rabbitmq_username,
- $rabbitmq_password = $::st2::rabbitmq_password,
- $rabbitmq_hostname = $::st2::rabbitmq_hostname,
- $rabbitmq_port = $::st2::rabbitmq_port,
- $rabbitmq_vhost = $::st2::rabbitmq_vhost,
- $index_url = $::st2::index_url,
- $packs_group = $::st2::packs_group_name,
+ $ssh_key_location = $st2::ssh_key_location,
+ $ng_init = $st2::ng_init,
+ $db_username = $st2::db_username,
+ $db_password = $st2::db_password,
+ $rabbitmq_username = $st2::rabbitmq_username,
+ $rabbitmq_password = $st2::rabbitmq_password,
+ $rabbitmq_hostname = $st2::rabbitmq_hostname,
+ $rabbitmq_port = $st2::rabbitmq_port,
+ $rabbitmq_vhost = $st2::rabbitmq_vhost,
+ $index_url = $st2::index_url,
+ $packs_group = $st2::packs_group_name,
) inherits st2 {
include st2::notices
include st2::params
@@ -81,7 +81,7 @@
########################################
## Packages
- package { $::st2::params::st2_server_packages:
+ package { $st2::params::st2_server_packages:
ensure => $version,
tag => ['st2::packages', 'st2::server::packages'],
}
@@ -160,7 +160,7 @@
tag => 'st2::config',
}
- file { $::st2::params::actionrunner_global_env_file:
+ file { $st2::params::actionrunner_global_env_file:
ensure => file,
owner => 'root',
group => 'root',
@@ -357,7 +357,7 @@
########################################
## Services
- service { $::st2::params::st2_services:
+ service { $st2::params::st2_services:
ensure => 'running',
enable => true,
tag => 'st2::service',
diff --git a/manifests/profile/web.pp b/manifests/profile/web.pp
index 191d9e75..aedb11d5 100644
--- a/manifests/profile/web.pp
+++ b/manifests/profile/web.pp
@@ -61,16 +61,16 @@
# }
#
class st2::profile::web(
- Variant[Array[String], String] $nginx_ssl_ciphers = $::st2::nginx_ssl_ciphers,
- Variant[Array[String], String] $nginx_ssl_protocols = $::st2::nginx_ssl_protocols,
- Stdlib::Port $nginx_ssl_port = $::st2::nginx_ssl_port,
- String $nginx_client_max_body_size = $::st2::nginx_client_max_body_size,
- Boolean $ssl_cert_manage = $::st2::ssl_cert_manage,
- Stdlib::Absolutepath $ssl_dir = $::st2::ssl_dir,
- String $ssl_cert = $::st2::ssl_cert,
- String $ssl_key = $::st2::ssl_key,
- String $version = $::st2::version,
- String $web_root = $::st2::web_root,
+ Variant[Array[String], String] $nginx_ssl_ciphers = $st2::nginx_ssl_ciphers,
+ Variant[Array[String], String] $nginx_ssl_protocols = $st2::nginx_ssl_protocols,
+ Stdlib::Port $nginx_ssl_port = $st2::nginx_ssl_port,
+ String $nginx_client_max_body_size = $st2::nginx_client_max_body_size,
+ Boolean $ssl_cert_manage = $st2::ssl_cert_manage,
+ Stdlib::Absolutepath $ssl_dir = $st2::ssl_dir,
+ String $ssl_cert = $st2::ssl_cert,
+ String $ssl_key = $st2::ssl_key,
+ String $version = $st2::version,
+ String $web_root = $st2::web_root,
) inherits st2 {
# include nginx here only
# if we include this in st2::profile::fullinstall Anchor['pre_reqs'] then
@@ -80,7 +80,7 @@
include st2::params
## Install the packages
- package { $::st2::params::st2_web_packages:
+ package { $st2::params::st2_web_packages:
ensure => $version,
tag => ['st2::packages', 'st2::web::packages'],
require => Package['nginx'],
@@ -94,8 +94,13 @@
## optionally manage the SSL certificate used by nginx
if $ssl_cert_manage {
+ # openssl only allows CNs with max length of 64, so we truncate to 64 chars
+ $_truncated_certname = $trusted['certname'].length > 64 ? {
+ true => $trusted['certname'][0,64],
+ default => $trusted['certname'],
+ }
+ $_ssl_subj = "/C=US/ST=California/L=Palo Alto/O=StackStorm/OU=Information Technology/CN=${_truncated_certname}"
## Generate SSL certificates
- $_ssl_subj = "/C=US/ST=California/L=Palo Alto/O=StackStorm/OU=Information Technology/CN=${$trusted['certname']}"
exec { "generate ssl cert ${ssl_cert}":
command => "openssl req -x509 -newkey rsa:2048 -keyout ${ssl_key} -out ${ssl_cert} -days 365 -nodes -subj \"${_ssl_subj}\"",
creates => $ssl_cert,
diff --git a/manifests/rulesengine.pp b/manifests/rulesengine.pp
index 4bcfb4d4..3c0e573a 100644
--- a/manifests/rulesengine.pp
+++ b/manifests/rulesengine.pp
@@ -20,7 +20,7 @@
$rulesengine_services = $st2::params::rulesengine_services,
) inherits st2 {
- $_logger_config = $::st2::syslog ? {
+ $_logger_config = $st2::syslog ? {
true => 'syslog',
default => 'logging',
}
diff --git a/manifests/scheduler.pp b/manifests/scheduler.pp
index 19aad99f..90cdde33 100644
--- a/manifests/scheduler.pp
+++ b/manifests/scheduler.pp
@@ -28,9 +28,9 @@
# Name of all the scheduler services.
#
class st2::scheduler (
- $sleep_interval = $::st2::scheduler_sleep_interval,
- $gc_interval = $::st2::scheduler_gc_interval,
- $pool_size = $::st2::scheduler_pool_size,
+ $sleep_interval = $st2::scheduler_sleep_interval,
+ $gc_interval = $st2::scheduler_gc_interval,
+ $pool_size = $st2::scheduler_pool_size,
$scheduler_num = $st2::scheduler_num,
$scheduler_services = $st2::params::scheduler_services
) inherits st2 {
@@ -38,7 +38,7 @@
# st2scheduler was introduced in 2.10.0
if st2::version_ge('2.10.0') {
- $_logger_config = $::st2::syslog ? {
+ $_logger_config = $st2::syslog ? {
true => 'syslog',
default => 'logging',
}
diff --git a/manifests/server/datastore_keys.pp b/manifests/server/datastore_keys.pp
index acf379a2..269ee225 100644
--- a/manifests/server/datastore_keys.pp
+++ b/manifests/server/datastore_keys.pp
@@ -17,9 +17,9 @@
# }
#
class st2::server::datastore_keys (
- $conf_file = $::st2::conf_file,
- $keys_dir = $::st2::datastore_keys_dir,
- $key_path = $::st2::datastore_key_path,
+ $conf_file = $st2::conf_file,
+ $keys_dir = $st2::datastore_keys_dir,
+ $key_path = $st2::datastore_key_path,
) inherits st2 {
## Directory
file { $keys_dir:
diff --git a/manifests/test/fullinstall_python36.pp b/manifests/test/fullinstall_python36.pp
index e223141f..e8fba26a 100644
--- a/manifests/test/fullinstall_python36.pp
+++ b/manifests/test/fullinstall_python36.pp
@@ -5,6 +5,5 @@
}
class { 'st2':
python_version => $st2_python_version,
- python_enable_unsafe_repo => true,
}
include st2::profile::fullinstall
diff --git a/manifests/test/fullinstall_unstable.pp b/manifests/test/fullinstall_unstable.pp
new file mode 100644
index 00000000..9a794f41
--- /dev/null
+++ b/manifests/test/fullinstall_unstable.pp
@@ -0,0 +1,5 @@
+
+class { 'st2':
+ repository => 'unstable',
+}
+include st2::profile::fullinstall
diff --git a/manifests/timersengine.pp b/manifests/timersengine.pp
index 9c988040..5808bafe 100644
--- a/manifests/timersengine.pp
+++ b/manifests/timersengine.pp
@@ -22,14 +22,14 @@
# Timezone pertaining to the location where st2 is run.
#
class st2::timersengine (
- $enabled = $::st2::timersengine_enabled,
- $timezone = $::st2::timersengine_timezone,
+ $enabled = $st2::timersengine_enabled,
+ $timezone = $st2::timersengine_timezone,
) inherits st2 {
# st2timersengine was introduced in 2.9.0
if st2::version_ge('2.9.0') {
- $_logger_config = $::st2::syslog ? {
+ $_logger_config = $st2::syslog ? {
true => 'syslog',
default => 'logging',
}
@@ -63,13 +63,13 @@
path => '/etc/st2/st2.conf',
section => 'timersengine',
setting => 'local_timezone',
- value => $::st2::timersengine_timezone,
+ value => $st2::timersengine_timezone,
tag => 'st2::config',
}
########################################
## Services
- service { $::st2::params::timersengine_services:
+ service { $st2::params::timersengine_services:
ensure => 'running',
enable => true,
tag => 'st2::service',
diff --git a/manifests/workflowengine.pp b/manifests/workflowengine.pp
index 926ec945..04444dc3 100644
--- a/manifests/workflowengine.pp
+++ b/manifests/workflowengine.pp
@@ -23,7 +23,7 @@
# st2workflowengine was introduced in 2.8.0
if st2::version_ge('2.8.0') {
- $_logger_config = $::st2::syslog ? {
+ $_logger_config = $st2::syslog ? {
true => 'syslog',
default => 'logging',
}
diff --git a/metadata.json b/metadata.json
index 70ad4f1e..b7621673 100644
--- a/metadata.json
+++ b/metadata.json
@@ -88,8 +88,8 @@
{
"operatingsystem": "Ubuntu",
"operatingsystemrelease": [
- "16.04",
- "18.04"
+ "18.04",
+ "20.04"
]
}
],
diff --git a/spec/classes/profile/mongodb_spec.rb b/spec/classes/profile/mongodb_spec.rb
index 1715ac8f..cf75da82 100644
--- a/spec/classes/profile/mongodb_spec.rb
+++ b/spec/classes/profile/mongodb_spec.rb
@@ -1,11 +1,16 @@
require 'spec_helper'
describe 'st2::profile::mongodb' do
- let(:latest_version) { '4.0' }
-
on_supported_os.each do |os, os_facts|
let(:facts) { os_facts }
+ if os == 'ubuntu-20.04-x86_64'
+ let(:latest_version) { '4.4' }
+
+ else
+ let(:latest_version) { '4.0' }
+
+ end
context "on #{os}" do
context 'with default options' do
it { is_expected.to compile.with_all_deps }
@@ -39,11 +44,19 @@
let(:facts) { os_facts.merge('st2_version' => '3.3.0') }
it do
- is_expected.to contain_class('mongodb::globals')
- .with('manage_package' => true,
- 'manage_package_repo' => true,
- 'version' => '4.0',
- 'manage_pidfile' => false)
+ if os == 'ubuntu-20.04-x86_64'
+ is_expected.to contain_class('mongodb::globals')
+ .with('manage_package' => true,
+ 'manage_package_repo' => true,
+ 'version' => '4.4',
+ 'manage_pidfile' => false)
+ else
+ is_expected.to contain_class('mongodb::globals')
+ .with('manage_package' => true,
+ 'manage_package_repo' => true,
+ 'version' => '4.0',
+ 'manage_pidfile' => false)
+ end
end
end
diff --git a/test/integration/stackstorm/inspec.yml b/test/integration/stackstorm/inspec.yml
index 45504851..aadb1f8c 100644
--- a/test/integration/stackstorm/inspec.yml
+++ b/test/integration/stackstorm/inspec.yml
@@ -12,7 +12,7 @@ version: 0.1.0
supports:
- os-name: centos
release: 7.*
- - os-name: ubuntu
- release: 16.04
- os-name: ubuntu
release: 18.04
+ - os-name: ubuntu
+ release: 20.04