voxpupuli · rnelson0 · Apr 19, 2017 · Apr 9, 2017 · Apr 9, 2017 · Apr 9, 2017
diff --git a/README.md b/README.md
@@ -550,6 +550,18 @@ class { '::r10k::webhook::config':
 }
 ```
 
+### Passing extra arguments to mco command
+
+You can pass some additional arguments to mco command like `--no-progress` or `--timeout 60` or any others by specifying them
+in the `r10k::webhook::config::mco_arguments` parameter as string:
+
+```puppet
+class { '::r10k::webhook::config':
+  . . .
+  mco_arguments  => '--no-progress'
+}
+```
+
 ## Reference
 
 ####Class: `r10k`

diff --git a/manifests/params.pp b/manifests/params.pp
@@ -147,6 +147,7 @@
   $webhook_configfile_group      = $root_group
   $webhook_configfile_mode       = '0644'
   $webhook_ignore_environments   = []
+  $webhook_mco_arguments         = undef
 
   # Service Settings for SystemD in EL7
   if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '7' {

diff --git a/manifests/webhook/config.pp b/manifests/webhook/config.pp
@@ -6,44 +6,45 @@
 #
 # Zack Smith <zack@puppetlabs.com>
 class r10k::webhook::config (
-  $ensure                     = true,
-  Variant[String, Hash] $hash = 'UNSET',
-  $certname                   = $r10k::params::webhook_certname,
-  $certpath                   = $r10k::params::webhook_certpath,
-  $user                       = $r10k::params::webhook_user,
-  $pass                       = $r10k::params::webhook_pass,
-  $bind_address               = $r10k::params::webhook_bind_address,
-  $port                       = $r10k::params::webhook_port,
-  $access_logfile             = $r10k::params::webhook_access_logfile,
-  $client_cfg                 = $r10k::params::webhook_client_cfg,
-  $use_mco_ruby               = $r10k::params::webhook_use_mco_ruby,
-  $protected                  = $r10k::params::webhook_protected,
-  $github_secret              = $r10k::params::webhook_github_secret,
-  $discovery_timeout          = $r10k::params::webhook_discovery_timeout,
-  $client_timeout             = $r10k::params::webhook_client_timeout,
-  $prefix                     = $r10k::params::webhook_prefix,
-  $prefix_command             = $r10k::params::webhook_prefix_command,
-  $server_software            = $r10k::params::webhook_server_software,
-  $enable_ssl                 = $r10k::params::webhook_enable_ssl,
-  $use_mcollective            = $r10k::params::webhook_use_mcollective,
-  $r10k_deploy_arguments      = $r10k::params::webhook_r10k_deploy_arguments,
-  $public_key_path            = $r10k::params::webhook_public_key_path,
-  $private_key_path           = $r10k::params::webhook_private_key_path,
-  $yaml_template              = $r10k::params::webhook_yaml_template,
-  $command_prefix             = $r10k::params::webhook_r10k_command_prefix,
-  $repository_events          = $r10k::params::webhook_repository_events,
-  $allow_uppercase            = $r10k::params::webhook_allow_uppercase,
-  $slack_webhook              = $r10k::params::webhook_slack_webhook,
-  $slack_channel              = $r10k::params::webhook_slack_channel,
-  $slack_username             = $r10k::params::webhook_slack_username,
-  $configfile_owner           = $r10k::params::webhook_configfile_owner,
-  $configfile_group           = $r10k::params::webhook_configfile_group,
-  $configfile_mode            = $r10k::params::webhook_configfile_mode,
-  $configfile                 = '/etc/webhook.yaml',
-  $manage_symlink             = false,
-  $configfile_symlink         = '/etc/webhook.yaml',
-  $enable_mutex_lock          = $r10k::params::webhook_enable_mutex_lock,
-  Array $ignore_environments  = $r10k::params::webhook_ignore_environments,
+  $ensure                         = true,
+  Variant[String, Hash] $hash     = 'UNSET',
+  $certname                       = $r10k::params::webhook_certname,
+  $certpath                       = $r10k::params::webhook_certpath,
+  $user                           = $r10k::params::webhook_user,
+  $pass                           = $r10k::params::webhook_pass,
+  $bind_address                   = $r10k::params::webhook_bind_address,
+  $port                           = $r10k::params::webhook_port,
+  $access_logfile                 = $r10k::params::webhook_access_logfile,
+  $client_cfg                     = $r10k::params::webhook_client_cfg,
+  $use_mco_ruby                   = $r10k::params::webhook_use_mco_ruby,
+  $protected                      = $r10k::params::webhook_protected,
+  $github_secret                  = $r10k::params::webhook_github_secret,
+  $discovery_timeout              = $r10k::params::webhook_discovery_timeout,
+  $client_timeout                 = $r10k::params::webhook_client_timeout,
+  $prefix                         = $r10k::params::webhook_prefix,
+  $prefix_command                 = $r10k::params::webhook_prefix_command,
+  $server_software                = $r10k::params::webhook_server_software,
+  $enable_ssl                     = $r10k::params::webhook_enable_ssl,
+  $use_mcollective                = $r10k::params::webhook_use_mcollective,
+  $r10k_deploy_arguments          = $r10k::params::webhook_r10k_deploy_arguments,
+  $public_key_path                = $r10k::params::webhook_public_key_path,
+  $private_key_path               = $r10k::params::webhook_private_key_path,
+  $yaml_template                  = $r10k::params::webhook_yaml_template,
+  $command_prefix                 = $r10k::params::webhook_r10k_command_prefix,
+  $repository_events              = $r10k::params::webhook_repository_events,
+  $allow_uppercase                = $r10k::params::webhook_allow_uppercase,
+  $slack_webhook                  = $r10k::params::webhook_slack_webhook,
+  $slack_channel                  = $r10k::params::webhook_slack_channel,
+  $slack_username                 = $r10k::params::webhook_slack_username,
+  $configfile_owner               = $r10k::params::webhook_configfile_owner,
+  $configfile_group               = $r10k::params::webhook_configfile_group,
+  $configfile_mode                = $r10k::params::webhook_configfile_mode,
+  $configfile                     = '/etc/webhook.yaml',
+  $manage_symlink                 = false,
+  $configfile_symlink             = '/etc/webhook.yaml',
+  $enable_mutex_lock              = $r10k::params::webhook_enable_mutex_lock,
+  Array $ignore_environments      = $r10k::params::webhook_ignore_environments,
+  Optional[String] $mco_arguments = $r10k::params::webhook_mco_arguments,
 ) inherits r10k::params {
 
   if $hash == 'UNSET' {
@@ -77,6 +78,7 @@
       'slack_channel'         => $slack_channel,
       'slack_username'        => $slack_username,
       'ignore_environments'   => $ignore_environments,
+      'mco_arguments'         => $mco_arguments,
     }
   } else {
     $webhook_hash = $hash

diff --git a/spec/classes/webhook/config_spec.rb b/spec/classes/webhook/config_spec.rb
@@ -331,6 +331,49 @@
           )
         end
       end
+
+      context 'FOSS with extra mco argument' do
+        let :params do
+          {
+            mco_arguments: '--no-progress'
+          }
+        end
+
+        it do
+          is_expected.to contain_file('webhook.yaml').with(
+            path:   '/etc/webhook.yaml',
+            ensure: 'file',
+            owner:  'root',
+            group:  'root',
+            mode:   '0644',
+            notify: 'Service[webhook]'
+          )
+        end
+        content = '---
+access_logfile: "/var/log/webhook/access.log"
+allow_uppercase: true
+bind_address: "0.0.0.0"
+client_cfg: "/var/lib/peadmin/.mcollective"
+client_timeout: "120"
+command_prefix: "umask 0022;"
+discovery_timeout: "10"
+enable_mutex_lock: false
+enable_ssl: true
+ignore_environments: []
+mco_arguments: "--no-progress"
+pass: "puppet"
+port: "8088"
+prefix: false
+prefix_command: "/bin/echo example"
+protected: true
+r10k_deploy_arguments: "-pv"
+server_software: "WebHook"
+use_mco_ruby: false
+use_mcollective: true
+user: "puppet"
+'
+        it { is_expected.to contain_file('webhook.yaml').with_content(content) }
+      end
     end
   end
 end
diff --git a/templates/webhook.bin.erb b/templates/webhook.bin.erb
@@ -73,10 +73,9 @@ $command_prefix = $config['command_prefix'] || ''
 class Server < Sinatra::Base
 
   set :static, false
-if $config['enable_mutex_lock'] then
-  set :lock,   true
-end
-
+  if $config['enable_mutex_lock'] then
+    set :lock,   true
+  end
 
   get '/' do
     raise Sinatra::NotFound
@@ -92,7 +91,6 @@ end
   # is used in the repository URL and is most useful for this webhook handler.
   post '/module' do
     protected! if $config['protected']
-    $logger.info("authenticated: #{$config['user']}")
     request.body.rewind  # in case someone already read it
 
     # Short circuit if we're ignoring this event
@@ -128,7 +126,6 @@ end
 
   post '/payload' do
     protected! if $config['protected']
-    $logger.info("authenticated: #{$config['user']}")
     request.body.rewind  # in case someone already read it
 
     # Short circuit if we're ignoring this event
@@ -290,7 +287,7 @@ end
     def deploy_module(module_name)
       begin
         if $config['use_mcollective']
-          command = "#{$command_prefix} mco r10k deploy_module #{module_name}"
+          command = "#{$command_prefix} mco r10k deploy_module #{module_name} #{$config['mco_arguments']}"
         else
           # If you don't use mcollective then this hook needs to be running as r10k's user i.e. root
           command = "#{$command_prefix} r10k deploy module #{module_name}"
@@ -320,7 +317,7 @@ end
           end
         else
           if $config['use_mcollective']
-              command = "#{$command_prefix} mco r10k deploy #{branch}"
+              command = "#{$command_prefix} mco r10k deploy #{branch} #{$config['mco_arguments']}"
           else
             # If you don't use mcollective then this hook needs to be running as r10k's user i.e. root
             command = "#{$command_prefix} r10k deploy environment #{branch} #{$config['r10k_deploy_arguments']}"
@@ -347,12 +344,15 @@ end
      client.discovery_timeout = $config['discovery_timeout']
      client.timeout           = $config['client_timeout']
      result = client.send('deploy',{:environment => branch})
-   end # end deploy()
+   end # end mco()
 
     def protected!
       unless authorized?
         response['WWW-Authenticate'] = %(Basic realm="Restricted Area")
+        $logger.error("Authentication failure from IP #{request.ip}")
         throw(:halt, [401, "Not authorized\n"])
+      else
+        $logger.info("Authenticated as user #{$config['user']} from IP #{request.ip}")
       end
     end  #end protected!