diff --git a/manifests/config.pp b/manifests/config.pp index b499d927..0124274e 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -81,4 +81,28 @@ mode => '0640', require => Exec['Create database symmetric key'], } + + if $pulpcore::use_pulp2_file_content_route { + $context = { + 'directories' => [ + { + 'provider' => 'location', + 'path' => '/pulp/isos', + 'proxy_pass' => [ + { + 'url' => $pulpcore::apache::content_url, + 'params' => $pulpcore::apache::content_proxy_params, + }, + ], + 'request_headers' => [ + 'unset X-CLIENT-CERT', + 'set X-CLIENT-CERT "%{SSL_CLIENT_CERT}s" env=SSL_CLIENT_CERT', + ], + }, + ], + } + $content = epp('pulpcore/apache-fragment.epp', $context) + } else { + $content = undef + } } diff --git a/manifests/init.pp b/manifests/init.pp index 25af6561..973799a7 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -197,6 +197,9 @@ # What percentage of available-workers will pulpcore use for import tasks at a time. # By default, pulpcore will use all available workers. # +# @param use_pulp2_file_content_route +# Whether to redirect the legacy (Pulp 2) URLs to the content server +# # @example Default configuration # include pulpcore # @@ -257,6 +260,7 @@ Optional[Boolean] $analytics = undef, Optional[Boolean] $hide_guarded_distributions = undef, Optional[Integer[1,100]] $import_workers_percent = undef, + Boolean $use_pulp2_file_content_route = false, ) { $settings_file = "${config_dir}/settings.py" $certs_dir = "${config_dir}/certs" diff --git a/manifests/plugin/certguard.pp b/manifests/plugin/certguard.pp deleted file mode 100644 index d009a1ad..00000000 --- a/manifests/plugin/certguard.pp +++ /dev/null @@ -1,5 +0,0 @@ -# @summary Pulp Certguard plugin -class pulpcore::plugin::certguard { - pulpcore::plugin { 'certguard': - } -} diff --git a/manifests/plugin/deb.pp b/manifests/plugin/deb.pp index cd5613e2..87f78fa9 100644 --- a/manifests/plugin/deb.pp +++ b/manifests/plugin/deb.pp @@ -1,14 +1,14 @@ # @summary Pulp Deb plugin -# @param use_pulp2_content_route +# @param use_pulp2_file_content_route # Whether to redirect the legacy (Pulp 2) URL, /pulp/deb/, to the content server # @param force_ignore_missing_package_indices # Wheter to set the FORCE_IGNORE_MISSING_PACKAGE_INDICES setting to True or # False in /etc/pulp/settings.py. class pulpcore::plugin::deb ( - Boolean $use_pulp2_content_route = false, + Boolean $use_pulp2_file_content_route = false, Boolean $force_ignore_missing_package_indices = true, ) { - if $use_pulp2_content_route { + if $use_pulp2_file_content_route { $context = { 'directories' => [ { diff --git a/manifests/plugin/file.pp b/manifests/plugin/file.pp deleted file mode 100644 index c3a884a3..00000000 --- a/manifests/plugin/file.pp +++ /dev/null @@ -1,35 +0,0 @@ -# @summary Pulp File plugin -# @param use_pulp2_content_route -# Whether to redirect the legacy (Pulp 2) URLs to the content server -class pulpcore::plugin::file ( - Boolean $use_pulp2_content_route = false, -) { - if $use_pulp2_content_route { - $context = { - 'directories' => [ - { - 'provider' => 'location', - 'path' => '/pulp/isos', - 'proxy_pass' => [ - { - 'url' => $pulpcore::apache::content_url, - 'params' => $pulpcore::apache::content_proxy_params, - }, - ], - 'request_headers' => [ - 'unset X-CLIENT-CERT', - 'set X-CLIENT-CERT "%{SSL_CLIENT_CERT}s" env=SSL_CLIENT_CERT', - ], - }, - ], - } - $content = epp('pulpcore/apache-fragment.epp', $context) - } else { - $content = undef - } - - pulpcore::plugin { 'file': - http_content => $content, - https_content => $content, - } -} diff --git a/manifests/repo.pp b/manifests/repo.pp index 0f94f5ff..ad374420 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -16,10 +16,10 @@ yumrepo { 'pulpcore': descr => "Pulpcore ${version}", - baseurl => pick($baseurl, "https://yum.theforeman.org/pulpcore/${version}/${dist_tag}/\$basearch"), + baseurl => pick($baseurl, "https://stagingyum.theforeman.org/pulpcore/${version}/${dist_tag}/\$basearch"), enabled => '1', gpgcheck => if $gpgkey == '' or $version == 'nightly' { '0' } else { '1' }, - gpgkey => pick($gpgkey, "https://yum.theforeman.org/pulpcore/${version}/GPG-RPM-KEY-pulpcore"), + gpgkey => pick($gpgkey, "https://stagingyum.theforeman.org/pulpcore/${version}/GPG-RPM-KEY-pulpcore"), notify => Anchor['pulpcore::repo'], } diff --git a/spec/acceptance/plugins_spec.rb b/spec/acceptance/plugins_spec.rb index e5e1fdf5..13f85fcc 100644 --- a/spec/acceptance/plugins_spec.rb +++ b/spec/acceptance/plugins_spec.rb @@ -6,10 +6,8 @@ <<-PUPPET include pulpcore include pulpcore::plugin::ansible - include pulpcore::plugin::certguard include pulpcore::plugin::container include pulpcore::plugin::deb - include pulpcore::plugin::file include pulpcore::plugin::ostree include pulpcore::plugin::python include pulpcore::plugin::rpm diff --git a/spec/acceptance/use_pulp2_content_route_spec.rb b/spec/acceptance/use_pulp2_file_content_route.rb similarity index 84% rename from spec/acceptance/use_pulp2_content_route_spec.rb rename to spec/acceptance/use_pulp2_file_content_route.rb index 6d39ade3..4d5932ef 100644 --- a/spec/acceptance/use_pulp2_content_route_spec.rb +++ b/spec/acceptance/use_pulp2_file_content_route.rb @@ -4,13 +4,12 @@ it_behaves_like 'an idempotent resource' do let(:manifest) do <<-PUPPET - include pulpcore + class { 'pulpcore': + use_pulp2_file_content_route => true, + } include pulpcore::plugin::certguard include pulpcore::plugin::container include pulpcore::plugin::deb - class { 'pulpcore::plugin::file': - use_pulp2_content_route => true, - } class { 'pulpcore::plugin::rpm': use_pulp2_content_route => true, } diff --git a/spec/classes/plugin_certguard_spec.rb b/spec/classes/plugin_certguard_spec.rb deleted file mode 100644 index f6f44e25..00000000 --- a/spec/classes/plugin_certguard_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'spec_helper' - -describe 'pulpcore::plugin::certguard' do - on_supported_os.each do |os, os_facts| - context "on #{os}" do - let(:facts) { os_facts } - - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_package('pulpcore-plugin(certguard)') } - it { is_expected.to contain_pulpcore__plugin('certguard') } - - context 'with pulpcore' do - let(:pre_condition) { 'include pulpcore' } - - it do - is_expected.to compile.with_all_deps - is_expected.to contain_pulpcore__plugin('certguard') - .that_subscribes_to('Class[Pulpcore::Install]') - .that_notifies(['Class[Pulpcore::Database]', 'Class[Pulpcore::Service]']) - end - end - end - end -end diff --git a/spec/classes/plugin_deb_spec.rb b/spec/classes/plugin_deb_spec.rb index 1c070bc0..f9c14339 100644 --- a/spec/classes/plugin_deb_spec.rb +++ b/spec/classes/plugin_deb_spec.rb @@ -32,7 +32,7 @@ end context 'with pulp2 content route' do - let(:params) { { use_pulp2_content_route: true } } + let(:params) { { use_pulp2_file_content_route: true } } it 'contains the Apache fragment' do is_expected.to compile.with_all_deps diff --git a/spec/classes/plugin_file_spec.rb b/spec/classes/plugin_file_spec.rb deleted file mode 100644 index 2e59f6e3..00000000 --- a/spec/classes/plugin_file_spec.rb +++ /dev/null @@ -1,57 +0,0 @@ -require 'spec_helper' - -describe 'pulpcore::plugin::file' do - on_supported_os.each do |os, os_facts| - context "on #{os}" do - let(:facts) { os_facts } - - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_package('pulpcore-plugin(file)') } - it { is_expected.to contain_pulpcore__plugin('file') } - - context 'with pulpcore' do - let(:pre_condition) { 'include pulpcore' } - - it do - is_expected.to compile.with_all_deps - is_expected.to contain_pulpcore__plugin('file') - .that_subscribes_to('Class[Pulpcore::Install]') - .that_notifies(['Class[Pulpcore::Database]', 'Class[Pulpcore::Service]']) - end - - context 'with pulp2 content route' do - let(:params) { { use_pulp2_content_route: true } } - - it 'contains the Apache fragment' do - is_expected.to compile.with_all_deps - is_expected.to contain_pulpcore__apache__fragment('plugin-file') - is_expected.to contain_apache__vhost__fragment('pulpcore-http-plugin-file') - .with_content( -< - RequestHeader unset X-CLIENT-CERT - RequestHeader set X-CLIENT-CERT "%{SSL_CLIENT_CERT}s" env=SSL_CLIENT_CERT - ProxyPass unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content disablereuse=on timeout=600 - ProxyPassReverse unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content - -CONTENT - ) - is_expected.to contain_apache__vhost__fragment('pulpcore-https-plugin-file') - .with_content( -< - RequestHeader unset X-CLIENT-CERT - RequestHeader set X-CLIENT-CERT "%{SSL_CLIENT_CERT}s" env=SSL_CLIENT_CERT - ProxyPass unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content disablereuse=on timeout=600 - ProxyPassReverse unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content - -CONTENT - ) - end - end - end - end - end -end diff --git a/spec/classes/pulpcore_spec.rb b/spec/classes/pulpcore_spec.rb index ef58af16..ff262825 100644 --- a/spec/classes/pulpcore_spec.rb +++ b/spec/classes/pulpcore_spec.rb @@ -656,6 +656,39 @@ is_expected.to contain_service("pulpcore-worker@#{i}.service") .with_ensure(true) .with_enable(true) + end + + context 'with pulp2 content route' do + let(:params) { { use_pulp2_file_content_route: true } } + + it 'contains the Apache fragment' do + is_expected.to compile.with_all_deps + is_expected.to contain_pulpcore__apache__fragment('plugin-file') + is_expected.to contain_apache__vhost__fragment('pulpcore-http-plugin-file') + .with_content( + < + RequestHeader unset X-CLIENT-CERT + RequestHeader set X-CLIENT-CERT "%{SSL_CLIENT_CERT}s" env=SSL_CLIENT_CERT + ProxyPass unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content disablereuse=on timeout=600 + ProxyPassReverse unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content + + CONTENT + ) + is_expected.to contain_apache__vhost__fragment('pulpcore-https-plugin-file') + .with_content( + < + RequestHeader unset X-CLIENT-CERT + RequestHeader set X-CLIENT-CERT "%{SSL_CLIENT_CERT}s" env=SSL_CLIENT_CERT + ProxyPass unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content disablereuse=on timeout=600 + ProxyPassReverse unix:///run/pulpcore-content.sock|http://pulpcore-content/pulp/content + + CONTENT + ) + end end end end