OSDN > Finden Software > Internet > WWW/HTTP > Indexing/Search > Meta Search > SCM > git > grid-chef-repo > Commit

Meta Search
Fork

grid-chef-repo: Commit

Grid環境構築用のChefリポジトリです。

includes the ssl_cert::server_key_pairs and ssl_cert::ca_certs recipes automatically.

--- a/cookbooks/concourse-ci/CHANGELOG.md

+++ b/cookbooks/concourse-ci/CHANGELOG.md

		@@ -1,6 +1,10 @@
1	1	concourse-ci CHANGELOG
2	2	======================
3	3
	4	+0.2.2
	5	+-----
	6	+- includes the `ssl_cert::server_key_pairs` and `ssl_cert::ca_certs` recipes automatically.
	7	+
4	8	0.2.1
5	9	-----
6	10	- refactoring.

--- a/cookbooks/concourse-ci/README.md

+++ b/cookbooks/concourse-ci/README.md

		@@ -37,7 +37,7 @@ This cookbook sets up a Concourse CI service by Docker Compose.
37	37
38	38	\|Key\|Type\|Description, example\|Default\|
39	39	\|:--\|:--\|:--\|:--\|
40		-\|`['concourse-ci']['fly']['version']`\|String\|\|`'2.7.0'`\|
	40	+\|`['concourse-ci']['fly']['version']`\|String\|\|`'3.3.4'`\|
41	41	\|`['concourse-ci']['fly']['release_url']`\|String\|\|`"https://github.com/concourse/concourse/releases/download/v#{node['concourse-ci']['fly']['version']}/fly_linux_amd64"`\|
42	42	\|`['concourse-ci']['fly']['release_checksum']`\|String\|\|`nil`\|
43	43	\|`['concourse-ci']['fly']['auto_upgrade']`\|Boolean\|\|`false`\|

		@@ -92,7 +92,7 @@ run_list(
92	92	'recipe[concourse-ci::docker-compose]',
93	93	)
94	94
95		-image = 'concourse/concourse:2.7.0'
	95	+image = 'concourse/concourse:latest'
96	96	port = '18080'
97	97
98	98	override_attributes(

		@@ -134,7 +134,7 @@ name 'concourse-with-ssl'
134	134	description 'Concourse with SSL'
135	135
136	136	run_list(
137		- 'recipe[ssl_cert::server_key_pairs]',
	137	+ #'recipe[ssl_cert::server_key_pairs]', # concourse-ci <= 0.2.1
138	138	'role[docker]',
139	139	'recipe[concourse-ci::docker-compose]',
140	140	)

		@@ -196,13 +196,13 @@ name 'concourse-with-oauth'
196	196	description 'Concourse with OAuth'
197	197
198	198	run_list(
199		- 'recipe[ssl_cert::ca_certs]',
	199	+ #'recipe[ssl_cert::ca_certs]', # concourse-ci <= 0.2.1
200	200	'recipe[ssl_cert::server_key_pairs]',
201	201	'role[docker]',
202	202	'recipe[concourse-ci::docker-compose]',
203	203	)
204	204
205		-image = 'concourse/concourse:2.7.0'
	205	+image = 'concourse/concourse:latest'
206	206	port = '18443'
207	207	ca_name = 'grid_ca'
208	208	cn = 'concourse.io.example.com'

		@@ -270,19 +270,19 @@ override_attributes(
270	270	- create vault items.
271	271
272	272	```text
273		-$ ruby -rjson -e 'puts JSON.generate({"private" => File.read("concourse_io_example_com.prod.key")})' \
274		-> > ~/tmp/concourse_io_example_com.prod.key.json
	273	+$ ruby -rjson -e 'puts JSON.generate({"private" => File.read("concourse.io.example.com.prod.key")})' \
	274	+> > ~/tmp/concourse.io.example.com.prod.key.json
275	275
276		-$ ruby -rjson -e 'puts JSON.generate({"public" => File.read("concourse_io_example_com.prod.crt")})' \
277		-> > ~/tmp/concourse_io_example_com.prod.crt.json
	276	+$ ruby -rjson -e 'puts JSON.generate({"public" => File.read("concourse.io.example.com.prod.crt")})' \
	277	+> > ~/tmp/concourse.io.example.com.prod.crt.json
278	278
279	279	$ cd $CHEF_REPO_PATH
280	280
281	281	$ knife vault create ssl_server_keys concourse.io.example.com.prod \
282		-> --json ~/tmp/concourse_io_example_com.prod.key.json
	282	+> --json ~/tmp/concourse.io.example.com.prod.key.json
283	283
284	284	$ knife vault create ssl_server_certs concourse.io.example.com.prod \
285		-> --json ~/tmp/concourse_io_example_com.prod.crt.json
	285	+> --json ~/tmp/concourse.io.example.com.prod.crt.json
286	286	```
287	287
288	288	- grant reference permission to the Concourse host

		@@ -296,7 +296,7 @@ $ knife vault update ssl_server_certs concourse.io.example.com.prod -S 'name:con
296	296
297	297	```ruby
298	298	run_list(
299		- 'recipe[ssl_cert::server_key_pairs]',
	299	+ #'recipe[ssl_cert::server_key_pairs]', # concourse-ci <= 0.2.1
300	300	'recipe[concourse-ci::docker-compose]',
301	301	)
302	302

--- a/cookbooks/concourse-ci/attributes/default.rb

+++ b/cookbooks/concourse-ci/attributes/default.rb

		@@ -17,7 +17,7 @@
17	17	# limitations under the License.
18	18	#
19	19
20		-default['concourse-ci']['fly']['version'] = '2.7.0'
	20	+default['concourse-ci']['fly']['version'] = '3.3.4'
21	21	default['concourse-ci']['fly']['release_url'] = "https://github.com/concourse/concourse/releases/download/v#{node['concourse-ci']['fly']['version']}/fly_linux_amd64"
22	22	default['concourse-ci']['fly']['release_checksum'] = nil
23	23	default['concourse-ci']['fly']['auto_upgrade'] = false

--- a/cookbooks/concourse-ci/concourse.yml

+++ b/cookbooks/concourse-ci/concourse.yml

		@@ -1,19 +1,8 @@
1	1	---
2	2	# $ fly -t target sp -p concourse-ci-cookbook -c concourse.yml -l fly-vars.yml -l ~/sec/credentials-prod.yml
3		-resource_types:
4		-- name: ya-git
5		- type: docker-image
6		- source:
7		- repository: whitestar/git-resource
8		- registry_mirror: https://((registry-mirror-domain))
9		- ca_certs:
10		- - domain: ((registry-mirror-domain))
11		- cert: ((docker-reg-ca-cert))
12		-
13	3	resources:
14	4	- name: src-git
15		- type: ya-git
16		- #type: git
	5	+ type: git
17	6	source:
18	7	uri: ((git-id-osdn))@git.osdn.net:/gitroot/metasearch/grid-chef-repo.git
19	8	branch: master

		@@ -106,5 +97,4 @@ jobs:
106	97	tag_prefix: ((cookbook-name))-
107	98	tag: src-git/cookbooks/((cookbook-name))/version
108	99	only_tag: true
109		- annotate: src-git/cookbooks/((cookbook-name))/version
110		- #annotate: # path to a file containing the annotation message.
	100	+ annotate: ../src-git/cookbooks/((cookbook-name))/version

--- a/cookbooks/concourse-ci/recipes/docker-compose.rb

+++ b/cookbooks/concourse-ci/recipes/docker-compose.rb

		@@ -17,8 +17,6 @@
17	17	# limitations under the License.
18	18	#
19	19
20		-::Chef::Recipe.send(:include, SSLCert::Helper)
21		-
22	20	require 'securerandom'
23	21
24	22	doc_url = 'https://concourse.ci/docker-repository.html'

		@@ -220,7 +218,9 @@ template "#{bin_dir}/concourse_up" do
220	218	end
221	219
222	220	if node['concourse-ci']['with_ssl_cert_cookbook']
	221	+ include_recipe 'ssl_cert::server_key_pairs'
223	222	::Chef::Recipe.send(:include, SSLCert::Helper)
	223	+
224	224	cn = node['concourse-ci']['ssl_cert']['common_name']
225	225	# Concourse web process owner is root.
226	226	web_vols.push("#{server_cert_path(cn)}:/root/server.crt:ro")

		@@ -235,7 +235,9 @@ worker_vols.push("#{node['concourse-ci']['docker-compose']['worker_keys_dir']}:/
235	235
236	236	# Common
237	237	if node['concourse-ci']['docker-compose']['import_ca']
	238	+ include_recipe 'ssl_cert::ca_certs'
238	239	::Chef::Recipe.send(:include, SSLCert::Helper)
	240	+
239	241	node['concourse-ci']['ssl_cert']['ca_names'].each {\|ca_name\|
240	242	ca_cert_vol = "#{ca_cert_path(ca_name)}:/usr/share/ca-certificates/#{ca_name}.crt:ro"
241	243	web_vols.push(ca_cert_vol)

--- a/cookbooks/concourse-ci/version

+++ b/cookbooks/concourse-ci/version