Merge ~jugmac00/launchpad-layers:split-out-turnip-layers into launchpad-layers:main
- Git
- lp:~jugmac00/launchpad-layers
- split-out-turnip-layers
- Merge into main
Proposed by
Jürgen Gmach
Status: | Merged |
---|---|
Merged at revision: | 010076b94e548088d1501a77eefaa93d142db983 |
Proposed branch: | ~jugmac00/launchpad-layers:split-out-turnip-layers |
Merge into: | launchpad-layers:main |
Diff against target: |
1785 lines (+1683/-0) 17 files modified
turnip-base/config.yaml (+93/-0) turnip-base/copyright (+676/-0) turnip-base/icon.svg (+159/-0) turnip-base/layer.yaml (+10/-0) turnip-base/lib/charms/turnip/base.py (+416/-0) turnip-base/metadata.yaml (+5/-0) turnip-base/reactive/turnip-base.py (+51/-0) turnip-base/scripts/nrpe/check_git_refs (+24/-0) turnip-base/templates/turnip-rsync.j2 (+8/-0) turnip-base/wheelhouse.txt (+2/-0) turnip-storage/config.yaml (+8/-0) turnip-storage/layer.yaml (+4/-0) turnip-storage/lib/charms/turnip/storage.py (+62/-0) turnip-storage/lxd-profile.yaml (+10/-0) turnip-storage/metadata.yaml (+4/-0) turnip-storage/reactive/turnip-storage.py (+141/-0) turnip-storage/templates/data.mount.j2 (+10/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Colin Watson (community) | Approve | ||
Review via email: mp+442958@code.launchpad.net |
Commit message
Split out turnip layers
Description of the change
To post a comment you must log in.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/turnip-base/config.yaml b/turnip-base/config.yaml |
2 | new file mode 100644 |
3 | index 0000000..1919b6d |
4 | --- /dev/null |
5 | +++ b/turnip-base/config.yaml |
6 | @@ -0,0 +1,93 @@ |
7 | +options: |
8 | + build_label: |
9 | + type: string |
10 | + default: "" |
11 | + description: Build label to run. |
12 | + nagios_context: |
13 | + default: "juju" |
14 | + type: string |
15 | + description: | |
16 | + Used by the nrpe-external-master subordinate charm. |
17 | + A string that will be prepended to instance name to set the host name |
18 | + in nagios. So for instance the hostname would be something like - |
19 | + juju-turnip-0 |
20 | + If you're running multiple environments with the same services in them |
21 | + this allows you to differentiate between them. |
22 | + base_dir: |
23 | + type: string |
24 | + default: '/srv/turnip' |
25 | + description: Root checkout/srv directory. |
26 | + user: |
27 | + type: string |
28 | + default: turnip |
29 | + description: The service will run as this user. |
30 | + user_id: |
31 | + type: int |
32 | + default: 1002 |
33 | + description: > |
34 | + The service user will be created with this ID. Fixing this value |
35 | + ensures that a storage volume can be used consistently across multiple |
36 | + units. |
37 | + group: |
38 | + type: string |
39 | + default: turnip |
40 | + description: The service will run under this group. |
41 | + group_id: |
42 | + type: int |
43 | + default: 1002 |
44 | + description: > |
45 | + The service group will be created with this ID. Fixing this value |
46 | + ensures that a storage volume can be used consistently across multiple |
47 | + units. |
48 | + log_hosts_allow: |
49 | + type: string |
50 | + default: "" |
51 | + description: > |
52 | + Hosts that should be allowed to rsync logs. Note that this relies on |
53 | + basenode. |
54 | + swift_username: |
55 | + type: string |
56 | + default: "" |
57 | + description: Username to use when accessing Swift. |
58 | + swift_password: |
59 | + type: string |
60 | + default: "" |
61 | + description: Password to use when accessing Swift. |
62 | + swift_auth_url: |
63 | + type: string |
64 | + default: "" |
65 | + description: URL for authenticating against Keystone. |
66 | + swift_storage_url: |
67 | + type: string |
68 | + default: "" |
69 | + description: URL for fetching from Swift (for anonymous access). |
70 | + swift_region_name: |
71 | + type: string |
72 | + default: "" |
73 | + description: Swift region. |
74 | + swift_tenant_name: |
75 | + type: string |
76 | + default: "" |
77 | + description: Entity that owns resources. |
78 | + swift_container_name: |
79 | + type: string |
80 | + default: "" |
81 | + description: Container to put objects in. |
82 | + haproxy_service_options: |
83 | + type: string |
84 | + description: HAProxy service options. |
85 | + default: | |
86 | + - mode tcp |
87 | + - option tcplog |
88 | + - balance leastconn |
89 | + haproxy_server_options: |
90 | + type: string |
91 | + description: HAProxy server options. |
92 | + default: check |
93 | + # layer-apt |
94 | + install_sources: |
95 | + default: | |
96 | + - ppa:launchpad/ppa |
97 | + install_keys: |
98 | + default: | |
99 | + - null # PPA keys securely added via Launchpad. |
100 | diff --git a/turnip-base/copyright b/turnip-base/copyright |
101 | new file mode 100644 |
102 | index 0000000..605c5df |
103 | --- /dev/null |
104 | +++ b/turnip-base/copyright |
105 | @@ -0,0 +1,676 @@ |
106 | +turnip is Copyright 2014-2018 Canonical Ltd. |
107 | + |
108 | +Canonical Ltd ("Canonical") distributes the turnip source code |
109 | +under the GNU Affero General Public License, version 3 ("AGPLv3"). |
110 | +The full text of this licence is given below. |
111 | + |
112 | +Third-party copyright in this distribution is noted where applicable. |
113 | + |
114 | +All rights not expressly granted are reserved. |
115 | + |
116 | +========================================================================= |
117 | + |
118 | + GNU AFFERO GENERAL PUBLIC LICENSE |
119 | + Version 3, 19 November 2007 |
120 | + (http://www.gnu.org/licenses/agpl.html) |
121 | + |
122 | + Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/> |
123 | + Everyone is permitted to copy and distribute verbatim copies |
124 | + of this license document, but changing it is not allowed. |
125 | + |
126 | + Preamble |
127 | + |
128 | + The GNU Affero General Public License is a free, copyleft license for |
129 | +software and other kinds of works, specifically designed to ensure |
130 | +cooperation with the community in the case of network server software. |
131 | + |
132 | + The licenses for most software and other practical works are designed |
133 | +to take away your freedom to share and change the works. By contrast, |
134 | +our General Public Licenses are intended to guarantee your freedom to |
135 | +share and change all versions of a program--to make sure it remains free |
136 | +software for all its users. |
137 | + |
138 | + When we speak of free software, we are referring to freedom, not |
139 | +price. Our General Public Licenses are designed to make sure that you |
140 | +have the freedom to distribute copies of free software (and charge for |
141 | +them if you wish), that you receive source code or can get it if you |
142 | +want it, that you can change the software or use pieces of it in new |
143 | +free programs, and that you know you can do these things. |
144 | + |
145 | + Developers that use our General Public Licenses protect your rights |
146 | +with two steps: (1) assert copyright on the software, and (2) offer |
147 | +you this License which gives you legal permission to copy, distribute |
148 | +and/or modify the software. |
149 | + |
150 | + A secondary benefit of defending all users' freedom is that |
151 | +improvements made in alternate versions of the program, if they |
152 | +receive widespread use, become available for other developers to |
153 | +incorporate. Many developers of free software are heartened and |
154 | +encouraged by the resulting cooperation. However, in the case of |
155 | +software used on network servers, this result may fail to come about. |
156 | +The GNU General Public License permits making a modified version and |
157 | +letting the public access it on a server without ever releasing its |
158 | +source code to the public. |
159 | + |
160 | + The GNU Affero General Public License is designed specifically to |
161 | +ensure that, in such cases, the modified source code becomes available |
162 | +to the community. It requires the operator of a network server to |
163 | +provide the source code of the modified version running there to the |
164 | +users of that server. Therefore, public use of a modified version, on |
165 | +a publicly accessible server, gives the public access to the source |
166 | +code of the modified version. |
167 | + |
168 | + An older license, called the Affero General Public License and |
169 | +published by Affero, was designed to accomplish similar goals. This is |
170 | +a different license, not a version of the Affero GPL, but Affero has |
171 | +released a new version of the Affero GPL which permits relicensing under |
172 | +this license. |
173 | + |
174 | + The precise terms and conditions for copying, distribution and |
175 | +modification follow. |
176 | + |
177 | + TERMS AND CONDITIONS |
178 | + |
179 | + 0. Definitions. |
180 | + |
181 | + "This License" refers to version 3 of the GNU Affero General Public License. |
182 | + |
183 | + "Copyright" also means copyright-like laws that apply to other kinds of |
184 | +works, such as semiconductor masks. |
185 | + |
186 | + "The Program" refers to any copyrightable work licensed under this |
187 | +License. Each licensee is addressed as "you". "Licensees" and |
188 | +"recipients" may be individuals or organizations. |
189 | + |
190 | + To "modify" a work means to copy from or adapt all or part of the work |
191 | +in a fashion requiring copyright permission, other than the making of an |
192 | +exact copy. The resulting work is called a "modified version" of the |
193 | +earlier work or a work "based on" the earlier work. |
194 | + |
195 | + A "covered work" means either the unmodified Program or a work based |
196 | +on the Program. |
197 | + |
198 | + To "propagate" a work means to do anything with it that, without |
199 | +permission, would make you directly or secondarily liable for |
200 | +infringement under applicable copyright law, except executing it on a |
201 | +computer or modifying a private copy. Propagation includes copying, |
202 | +distribution (with or without modification), making available to the |
203 | +public, and in some countries other activities as well. |
204 | + |
205 | + To "convey" a work means any kind of propagation that enables other |
206 | +parties to make or receive copies. Mere interaction with a user through |
207 | +a computer network, with no transfer of a copy, is not conveying. |
208 | + |
209 | + An interactive user interface displays "Appropriate Legal Notices" |
210 | +to the extent that it includes a convenient and prominently visible |
211 | +feature that (1) displays an appropriate copyright notice, and (2) |
212 | +tells the user that there is no warranty for the work (except to the |
213 | +extent that warranties are provided), that licensees may convey the |
214 | +work under this License, and how to view a copy of this License. If |
215 | +the interface presents a list of user commands or options, such as a |
216 | +menu, a prominent item in the list meets this criterion. |
217 | + |
218 | + 1. Source Code. |
219 | + |
220 | + The "source code" for a work means the preferred form of the work |
221 | +for making modifications to it. "Object code" means any non-source |
222 | +form of a work. |
223 | + |
224 | + A "Standard Interface" means an interface that either is an official |
225 | +standard defined by a recognized standards body, or, in the case of |
226 | +interfaces specified for a particular programming language, one that |
227 | +is widely used among developers working in that language. |
228 | + |
229 | + The "System Libraries" of an executable work include anything, other |
230 | +than the work as a whole, that (a) is included in the normal form of |
231 | +packaging a Major Component, but which is not part of that Major |
232 | +Component, and (b) serves only to enable use of the work with that |
233 | +Major Component, or to implement a Standard Interface for which an |
234 | +implementation is available to the public in source code form. A |
235 | +"Major Component", in this context, means a major essential component |
236 | +(kernel, window system, and so on) of the specific operating system |
237 | +(if any) on which the executable work runs, or a compiler used to |
238 | +produce the work, or an object code interpreter used to run it. |
239 | + |
240 | + The "Corresponding Source" for a work in object code form means all |
241 | +the source code needed to generate, install, and (for an executable |
242 | +work) run the object code and to modify the work, including scripts to |
243 | +control those activities. However, it does not include the work's |
244 | +System Libraries, or general-purpose tools or generally available free |
245 | +programs which are used unmodified in performing those activities but |
246 | +which are not part of the work. For example, Corresponding Source |
247 | +includes interface definition files associated with source files for |
248 | +the work, and the source code for shared libraries and dynamically |
249 | +linked subprograms that the work is specifically designed to require, |
250 | +such as by intimate data communication or control flow between those |
251 | +subprograms and other parts of the work. |
252 | + |
253 | + The Corresponding Source need not include anything that users |
254 | +can regenerate automatically from other parts of the Corresponding |
255 | +Source. |
256 | + |
257 | + The Corresponding Source for a work in source code form is that |
258 | +same work. |
259 | + |
260 | + 2. Basic Permissions. |
261 | + |
262 | + All rights granted under this License are granted for the term of |
263 | +copyright on the Program, and are irrevocable provided the stated |
264 | +conditions are met. This License explicitly affirms your unlimited |
265 | +permission to run the unmodified Program. The output from running a |
266 | +covered work is covered by this License only if the output, given its |
267 | +content, constitutes a covered work. This License acknowledges your |
268 | +rights of fair use or other equivalent, as provided by copyright law. |
269 | + |
270 | + You may make, run and propagate covered works that you do not |
271 | +convey, without conditions so long as your license otherwise remains |
272 | +in force. You may convey covered works to others for the sole purpose |
273 | +of having them make modifications exclusively for you, or provide you |
274 | +with facilities for running those works, provided that you comply with |
275 | +the terms of this License in conveying all material for which you do |
276 | +not control copyright. Those thus making or running the covered works |
277 | +for you must do so exclusively on your behalf, under your direction |
278 | +and control, on terms that prohibit them from making any copies of |
279 | +your copyrighted material outside their relationship with you. |
280 | + |
281 | + Conveying under any other circumstances is permitted solely under |
282 | +the conditions stated below. Sublicensing is not allowed; section 10 |
283 | +makes it unnecessary. |
284 | + |
285 | + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. |
286 | + |
287 | + No covered work shall be deemed part of an effective technological |
288 | +measure under any applicable law fulfilling obligations under article |
289 | +11 of the WIPO copyright treaty adopted on 20 December 1996, or |
290 | +similar laws prohibiting or restricting circumvention of such |
291 | +measures. |
292 | + |
293 | + When you convey a covered work, you waive any legal power to forbid |
294 | +circumvention of technological measures to the extent such circumvention |
295 | +is effected by exercising rights under this License with respect to |
296 | +the covered work, and you disclaim any intention to limit operation or |
297 | +modification of the work as a means of enforcing, against the work's |
298 | +users, your or third parties' legal rights to forbid circumvention of |
299 | +technological measures. |
300 | + |
301 | + 4. Conveying Verbatim Copies. |
302 | + |
303 | + You may convey verbatim copies of the Program's source code as you |
304 | +receive it, in any medium, provided that you conspicuously and |
305 | +appropriately publish on each copy an appropriate copyright notice; |
306 | +keep intact all notices stating that this License and any |
307 | +non-permissive terms added in accord with section 7 apply to the code; |
308 | +keep intact all notices of the absence of any warranty; and give all |
309 | +recipients a copy of this License along with the Program. |
310 | + |
311 | + You may charge any price or no price for each copy that you convey, |
312 | +and you may offer support or warranty protection for a fee. |
313 | + |
314 | + 5. Conveying Modified Source Versions. |
315 | + |
316 | + You may convey a work based on the Program, or the modifications to |
317 | +produce it from the Program, in the form of source code under the |
318 | +terms of section 4, provided that you also meet all of these conditions: |
319 | + |
320 | + a) The work must carry prominent notices stating that you modified |
321 | + it, and giving a relevant date. |
322 | + |
323 | + b) The work must carry prominent notices stating that it is |
324 | + released under this License and any conditions added under section |
325 | + 7. This requirement modifies the requirement in section 4 to |
326 | + "keep intact all notices". |
327 | + |
328 | + c) You must license the entire work, as a whole, under this |
329 | + License to anyone who comes into possession of a copy. This |
330 | + License will therefore apply, along with any applicable section 7 |
331 | + additional terms, to the whole of the work, and all its parts, |
332 | + regardless of how they are packaged. This License gives no |
333 | + permission to license the work in any other way, but it does not |
334 | + invalidate such permission if you have separately received it. |
335 | + |
336 | + d) If the work has interactive user interfaces, each must display |
337 | + Appropriate Legal Notices; however, if the Program has interactive |
338 | + interfaces that do not display Appropriate Legal Notices, your |
339 | + work need not make them do so. |
340 | + |
341 | + A compilation of a covered work with other separate and independent |
342 | +works, which are not by their nature extensions of the covered work, |
343 | +and which are not combined with it such as to form a larger program, |
344 | +in or on a volume of a storage or distribution medium, is called an |
345 | +"aggregate" if the compilation and its resulting copyright are not |
346 | +used to limit the access or legal rights of the compilation's users |
347 | +beyond what the individual works permit. Inclusion of a covered work |
348 | +in an aggregate does not cause this License to apply to the other |
349 | +parts of the aggregate. |
350 | + |
351 | + 6. Conveying Non-Source Forms. |
352 | + |
353 | + You may convey a covered work in object code form under the terms |
354 | +of sections 4 and 5, provided that you also convey the |
355 | +machine-readable Corresponding Source under the terms of this License, |
356 | +in one of these ways: |
357 | + |
358 | + a) Convey the object code in, or embodied in, a physical product |
359 | + (including a physical distribution medium), accompanied by the |
360 | + Corresponding Source fixed on a durable physical medium |
361 | + customarily used for software interchange. |
362 | + |
363 | + b) Convey the object code in, or embodied in, a physical product |
364 | + (including a physical distribution medium), accompanied by a |
365 | + written offer, valid for at least three years and valid for as |
366 | + long as you offer spare parts or customer support for that product |
367 | + model, to give anyone who possesses the object code either (1) a |
368 | + copy of the Corresponding Source for all the software in the |
369 | + product that is covered by this License, on a durable physical |
370 | + medium customarily used for software interchange, for a price no |
371 | + more than your reasonable cost of physically performing this |
372 | + conveying of source, or (2) access to copy the |
373 | + Corresponding Source from a network server at no charge. |
374 | + |
375 | + c) Convey individual copies of the object code with a copy of the |
376 | + written offer to provide the Corresponding Source. This |
377 | + alternative is allowed only occasionally and noncommercially, and |
378 | + only if you received the object code with such an offer, in accord |
379 | + with subsection 6b. |
380 | + |
381 | + d) Convey the object code by offering access from a designated |
382 | + place (gratis or for a charge), and offer equivalent access to the |
383 | + Corresponding Source in the same way through the same place at no |
384 | + further charge. You need not require recipients to copy the |
385 | + Corresponding Source along with the object code. If the place to |
386 | + copy the object code is a network server, the Corresponding Source |
387 | + may be on a different server (operated by you or a third party) |
388 | + that supports equivalent copying facilities, provided you maintain |
389 | + clear directions next to the object code saying where to find the |
390 | + Corresponding Source. Regardless of what server hosts the |
391 | + Corresponding Source, you remain obligated to ensure that it is |
392 | + available for as long as needed to satisfy these requirements. |
393 | + |
394 | + e) Convey the object code using peer-to-peer transmission, provided |
395 | + you inform other peers where the object code and Corresponding |
396 | + Source of the work are being offered to the general public at no |
397 | + charge under subsection 6d. |
398 | + |
399 | + A separable portion of the object code, whose source code is excluded |
400 | +from the Corresponding Source as a System Library, need not be |
401 | +included in conveying the object code work. |
402 | + |
403 | + A "User Product" is either (1) a "consumer product", which means any |
404 | +tangible personal property which is normally used for personal, family, |
405 | +or household purposes, or (2) anything designed or sold for incorporation |
406 | +into a dwelling. In determining whether a product is a consumer product, |
407 | +doubtful cases shall be resolved in favor of coverage. For a particular |
408 | +product received by a particular user, "normally used" refers to a |
409 | +typical or common use of that class of product, regardless of the status |
410 | +of the particular user or of the way in which the particular user |
411 | +actually uses, or expects or is expected to use, the product. A product |
412 | +is a consumer product regardless of whether the product has substantial |
413 | +commercial, industrial or non-consumer uses, unless such uses represent |
414 | +the only significant mode of use of the product. |
415 | + |
416 | + "Installation Information" for a User Product means any methods, |
417 | +procedures, authorization keys, or other information required to install |
418 | +and execute modified versions of a covered work in that User Product from |
419 | +a modified version of its Corresponding Source. The information must |
420 | +suffice to ensure that the continued functioning of the modified object |
421 | +code is in no case prevented or interfered with solely because |
422 | +modification has been made. |
423 | + |
424 | + If you convey an object code work under this section in, or with, or |
425 | +specifically for use in, a User Product, and the conveying occurs as |
426 | +part of a transaction in which the right of possession and use of the |
427 | +User Product is transferred to the recipient in perpetuity or for a |
428 | +fixed term (regardless of how the transaction is characterized), the |
429 | +Corresponding Source conveyed under this section must be accompanied |
430 | +by the Installation Information. But this requirement does not apply |
431 | +if neither you nor any third party retains the ability to install |
432 | +modified object code on the User Product (for example, the work has |
433 | +been installed in ROM). |
434 | + |
435 | + The requirement to provide Installation Information does not include a |
436 | +requirement to continue to provide support service, warranty, or updates |
437 | +for a work that has been modified or installed by the recipient, or for |
438 | +the User Product in which it has been modified or installed. Access to a |
439 | +network may be denied when the modification itself materially and |
440 | +adversely affects the operation of the network or violates the rules and |
441 | +protocols for communication across the network. |
442 | + |
443 | + Corresponding Source conveyed, and Installation Information provided, |
444 | +in accord with this section must be in a format that is publicly |
445 | +documented (and with an implementation available to the public in |
446 | +source code form), and must require no special password or key for |
447 | +unpacking, reading or copying. |
448 | + |
449 | + 7. Additional Terms. |
450 | + |
451 | + "Additional permissions" are terms that supplement the terms of this |
452 | +License by making exceptions from one or more of its conditions. |
453 | +Additional permissions that are applicable to the entire Program shall |
454 | +be treated as though they were included in this License, to the extent |
455 | +that they are valid under applicable law. If additional permissions |
456 | +apply only to part of the Program, that part may be used separately |
457 | +under those permissions, but the entire Program remains governed by |
458 | +this License without regard to the additional permissions. |
459 | + |
460 | + When you convey a copy of a covered work, you may at your option |
461 | +remove any additional permissions from that copy, or from any part of |
462 | +it. (Additional permissions may be written to require their own |
463 | +removal in certain cases when you modify the work.) You may place |
464 | +additional permissions on material, added by you to a covered work, |
465 | +for which you have or can give appropriate copyright permission. |
466 | + |
467 | + Notwithstanding any other provision of this License, for material you |
468 | +add to a covered work, you may (if authorized by the copyright holders of |
469 | +that material) supplement the terms of this License with terms: |
470 | + |
471 | + a) Disclaiming warranty or limiting liability differently from the |
472 | + terms of sections 15 and 16 of this License; or |
473 | + |
474 | + b) Requiring preservation of specified reasonable legal notices or |
475 | + author attributions in that material or in the Appropriate Legal |
476 | + Notices displayed by works containing it; or |
477 | + |
478 | + c) Prohibiting misrepresentation of the origin of that material, or |
479 | + requiring that modified versions of such material be marked in |
480 | + reasonable ways as different from the original version; or |
481 | + |
482 | + d) Limiting the use for publicity purposes of names of licensors or |
483 | + authors of the material; or |
484 | + |
485 | + e) Declining to grant rights under trademark law for use of some |
486 | + trade names, trademarks, or service marks; or |
487 | + |
488 | + f) Requiring indemnification of licensors and authors of that |
489 | + material by anyone who conveys the material (or modified versions of |
490 | + it) with contractual assumptions of liability to the recipient, for |
491 | + any liability that these contractual assumptions directly impose on |
492 | + those licensors and authors. |
493 | + |
494 | + All other non-permissive additional terms are considered "further |
495 | +restrictions" within the meaning of section 10. If the Program as you |
496 | +received it, or any part of it, contains a notice stating that it is |
497 | +governed by this License along with a term that is a further |
498 | +restriction, you may remove that term. If a license document contains |
499 | +a further restriction but permits relicensing or conveying under this |
500 | +License, you may add to a covered work material governed by the terms |
501 | +of that license document, provided that the further restriction does |
502 | +not survive such relicensing or conveying. |
503 | + |
504 | + If you add terms to a covered work in accord with this section, you |
505 | +must place, in the relevant source files, a statement of the |
506 | +additional terms that apply to those files, or a notice indicating |
507 | +where to find the applicable terms. |
508 | + |
509 | + Additional terms, permissive or non-permissive, may be stated in the |
510 | +form of a separately written license, or stated as exceptions; |
511 | +the above requirements apply either way. |
512 | + |
513 | + 8. Termination. |
514 | + |
515 | + You may not propagate or modify a covered work except as expressly |
516 | +provided under this License. Any attempt otherwise to propagate or |
517 | +modify it is void, and will automatically terminate your rights under |
518 | +this License (including any patent licenses granted under the third |
519 | +paragraph of section 11). |
520 | + |
521 | + However, if you cease all violation of this License, then your |
522 | +license from a particular copyright holder is reinstated (a) |
523 | +provisionally, unless and until the copyright holder explicitly and |
524 | +finally terminates your license, and (b) permanently, if the copyright |
525 | +holder fails to notify you of the violation by some reasonable means |
526 | +prior to 60 days after the cessation. |
527 | + |
528 | + Moreover, your license from a particular copyright holder is |
529 | +reinstated permanently if the copyright holder notifies you of the |
530 | +violation by some reasonable means, this is the first time you have |
531 | +received notice of violation of this License (for any work) from that |
532 | +copyright holder, and you cure the violation prior to 30 days after |
533 | +your receipt of the notice. |
534 | + |
535 | + Termination of your rights under this section does not terminate the |
536 | +licenses of parties who have received copies or rights from you under |
537 | +this License. If your rights have been terminated and not permanently |
538 | +reinstated, you do not qualify to receive new licenses for the same |
539 | +material under section 10. |
540 | + |
541 | + 9. Acceptance Not Required for Having Copies. |
542 | + |
543 | + You are not required to accept this License in order to receive or |
544 | +run a copy of the Program. Ancillary propagation of a covered work |
545 | +occurring solely as a consequence of using peer-to-peer transmission |
546 | +to receive a copy likewise does not require acceptance. However, |
547 | +nothing other than this License grants you permission to propagate or |
548 | +modify any covered work. These actions infringe copyright if you do |
549 | +not accept this License. Therefore, by modifying or propagating a |
550 | +covered work, you indicate your acceptance of this License to do so. |
551 | + |
552 | + 10. Automatic Licensing of Downstream Recipients. |
553 | + |
554 | + Each time you convey a covered work, the recipient automatically |
555 | +receives a license from the original licensors, to run, modify and |
556 | +propagate that work, subject to this License. You are not responsible |
557 | +for enforcing compliance by third parties with this License. |
558 | + |
559 | + An "entity transaction" is a transaction transferring control of an |
560 | +organization, or substantially all assets of one, or subdividing an |
561 | +organization, or merging organizations. If propagation of a covered |
562 | +work results from an entity transaction, each party to that |
563 | +transaction who receives a copy of the work also receives whatever |
564 | +licenses to the work the party's predecessor in interest had or could |
565 | +give under the previous paragraph, plus a right to possession of the |
566 | +Corresponding Source of the work from the predecessor in interest, if |
567 | +the predecessor has it or can get it with reasonable efforts. |
568 | + |
569 | + You may not impose any further restrictions on the exercise of the |
570 | +rights granted or affirmed under this License. For example, you may |
571 | +not impose a license fee, royalty, or other charge for exercise of |
572 | +rights granted under this License, and you may not initiate litigation |
573 | +(including a cross-claim or counterclaim in a lawsuit) alleging that |
574 | +any patent claim is infringed by making, using, selling, offering for |
575 | +sale, or importing the Program or any portion of it. |
576 | + |
577 | + 11. Patents. |
578 | + |
579 | + A "contributor" is a copyright holder who authorizes use under this |
580 | +License of the Program or a work on which the Program is based. The |
581 | +work thus licensed is called the contributor's "contributor version". |
582 | + |
583 | + A contributor's "essential patent claims" are all patent claims |
584 | +owned or controlled by the contributor, whether already acquired or |
585 | +hereafter acquired, that would be infringed by some manner, permitted |
586 | +by this License, of making, using, or selling its contributor version, |
587 | +but do not include claims that would be infringed only as a |
588 | +consequence of further modification of the contributor version. For |
589 | +purposes of this definition, "control" includes the right to grant |
590 | +patent sublicenses in a manner consistent with the requirements of |
591 | +this License. |
592 | + |
593 | + Each contributor grants you a non-exclusive, worldwide, royalty-free |
594 | +patent license under the contributor's essential patent claims, to |
595 | +make, use, sell, offer for sale, import and otherwise run, modify and |
596 | +propagate the contents of its contributor version. |
597 | + |
598 | + In the following three paragraphs, a "patent license" is any express |
599 | +agreement or commitment, however denominated, not to enforce a patent |
600 | +(such as an express permission to practice a patent or covenant not to |
601 | +sue for patent infringement). To "grant" such a patent license to a |
602 | +party means to make such an agreement or commitment not to enforce a |
603 | +patent against the party. |
604 | + |
605 | + If you convey a covered work, knowingly relying on a patent license, |
606 | +and the Corresponding Source of the work is not available for anyone |
607 | +to copy, free of charge and under the terms of this License, through a |
608 | +publicly available network server or other readily accessible means, |
609 | +then you must either (1) cause the Corresponding Source to be so |
610 | +available, or (2) arrange to deprive yourself of the benefit of the |
611 | +patent license for this particular work, or (3) arrange, in a manner |
612 | +consistent with the requirements of this License, to extend the patent |
613 | +license to downstream recipients. "Knowingly relying" means you have |
614 | +actual knowledge that, but for the patent license, your conveying the |
615 | +covered work in a country, or your recipient's use of the covered work |
616 | +in a country, would infringe one or more identifiable patents in that |
617 | +country that you have reason to believe are valid. |
618 | + |
619 | + If, pursuant to or in connection with a single transaction or |
620 | +arrangement, you convey, or propagate by procuring conveyance of, a |
621 | +covered work, and grant a patent license to some of the parties |
622 | +receiving the covered work authorizing them to use, propagate, modify |
623 | +or convey a specific copy of the covered work, then the patent license |
624 | +you grant is automatically extended to all recipients of the covered |
625 | +work and works based on it. |
626 | + |
627 | + A patent license is "discriminatory" if it does not include within |
628 | +the scope of its coverage, prohibits the exercise of, or is |
629 | +conditioned on the non-exercise of one or more of the rights that are |
630 | +specifically granted under this License. You may not convey a covered |
631 | +work if you are a party to an arrangement with a third party that is |
632 | +in the business of distributing software, under which you make payment |
633 | +to the third party based on the extent of your activity of conveying |
634 | +the work, and under which the third party grants, to any of the |
635 | +parties who would receive the covered work from you, a discriminatory |
636 | +patent license (a) in connection with copies of the covered work |
637 | +conveyed by you (or copies made from those copies), or (b) primarily |
638 | +for and in connection with specific products or compilations that |
639 | +contain the covered work, unless you entered into that arrangement, |
640 | +or that patent license was granted, prior to 28 March 2007. |
641 | + |
642 | + Nothing in this License shall be construed as excluding or limiting |
643 | +any implied license or other defenses to infringement that may |
644 | +otherwise be available to you under applicable patent law. |
645 | + |
646 | + 12. No Surrender of Others' Freedom. |
647 | + |
648 | + If conditions are imposed on you (whether by court order, agreement or |
649 | +otherwise) that contradict the conditions of this License, they do not |
650 | +excuse you from the conditions of this License. If you cannot convey a |
651 | +covered work so as to satisfy simultaneously your obligations under this |
652 | +License and any other pertinent obligations, then as a consequence you may |
653 | +not convey it at all. For example, if you agree to terms that obligate you |
654 | +to collect a royalty for further conveying from those to whom you convey |
655 | +the Program, the only way you could satisfy both those terms and this |
656 | +License would be to refrain entirely from conveying the Program. |
657 | + |
658 | + 13. Remote Network Interaction; Use with the GNU General Public License. |
659 | + |
660 | + Notwithstanding any other provision of this License, if you modify the |
661 | +Program, your modified version must prominently offer all users |
662 | +interacting with it remotely through a computer network (if your version |
663 | +supports such interaction) an opportunity to receive the Corresponding |
664 | +Source of your version by providing access to the Corresponding Source |
665 | +from a network server at no charge, through some standard or customary |
666 | +means of facilitating copying of software. This Corresponding Source |
667 | +shall include the Corresponding Source for any work covered by version 3 |
668 | +of the GNU General Public License that is incorporated pursuant to the |
669 | +following paragraph. |
670 | + |
671 | + Notwithstanding any other provision of this License, you have |
672 | +permission to link or combine any covered work with a work licensed |
673 | +under version 3 of the GNU General Public License into a single |
674 | +combined work, and to convey the resulting work. The terms of this |
675 | +License will continue to apply to the part which is the covered work, |
676 | +but the work with which it is combined will remain governed by version |
677 | +3 of the GNU General Public License. |
678 | + |
679 | + 14. Revised Versions of this License. |
680 | + |
681 | + The Free Software Foundation may publish revised and/or new versions of |
682 | +the GNU Affero General Public License from time to time. Such new versions |
683 | +will be similar in spirit to the present version, but may differ in detail to |
684 | +address new problems or concerns. |
685 | + |
686 | + Each version is given a distinguishing version number. If the |
687 | +Program specifies that a certain numbered version of the GNU Affero General |
688 | +Public License "or any later version" applies to it, you have the |
689 | +option of following the terms and conditions either of that numbered |
690 | +version or of any later version published by the Free Software |
691 | +Foundation. If the Program does not specify a version number of the |
692 | +GNU Affero General Public License, you may choose any version ever published |
693 | +by the Free Software Foundation. |
694 | + |
695 | + If the Program specifies that a proxy can decide which future |
696 | +versions of the GNU Affero General Public License can be used, that proxy's |
697 | +public statement of acceptance of a version permanently authorizes you |
698 | +to choose that version for the Program. |
699 | + |
700 | + Later license versions may give you additional or different |
701 | +permissions. However, no additional obligations are imposed on any |
702 | +author or copyright holder as a result of your choosing to follow a |
703 | +later version. |
704 | + |
705 | + 15. Disclaimer of Warranty. |
706 | + |
707 | + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY |
708 | +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT |
709 | +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY |
710 | +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, |
711 | +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
712 | +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM |
713 | +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF |
714 | +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. |
715 | + |
716 | + 16. Limitation of Liability. |
717 | + |
718 | + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING |
719 | +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS |
720 | +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY |
721 | +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE |
722 | +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF |
723 | +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD |
724 | +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), |
725 | +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF |
726 | +SUCH DAMAGES. |
727 | + |
728 | + 17. Interpretation of Sections 15 and 16. |
729 | + |
730 | + If the disclaimer of warranty and limitation of liability provided |
731 | +above cannot be given local legal effect according to their terms, |
732 | +reviewing courts shall apply local law that most closely approximates |
733 | +an absolute waiver of all civil liability in connection with the |
734 | +Program, unless a warranty or assumption of liability accompanies a |
735 | +copy of the Program in return for a fee. |
736 | + |
737 | + END OF TERMS AND CONDITIONS |
738 | + |
739 | + How to Apply These Terms to Your New Programs |
740 | + |
741 | + If you develop a new program, and you want it to be of the greatest |
742 | +possible use to the public, the best way to achieve this is to make it |
743 | +free software which everyone can redistribute and change under these terms. |
744 | + |
745 | + To do so, attach the following notices to the program. It is safest |
746 | +to attach them to the start of each source file to most effectively |
747 | +state the exclusion of warranty; and each file should have at least |
748 | +the "copyright" line and a pointer to where the full notice is found. |
749 | + |
750 | + <one line to give the program's name and a brief idea of what it does.> |
751 | + Copyright (C) <year> <name of author> |
752 | + |
753 | + This program is free software: you can redistribute it and/or modify |
754 | + it under the terms of the GNU Affero General Public License as published by |
755 | + the Free Software Foundation, either version 3 of the License, or |
756 | + (at your option) any later version. |
757 | + |
758 | + This program is distributed in the hope that it will be useful, |
759 | + but WITHOUT ANY WARRANTY; without even the implied warranty of |
760 | + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
761 | + GNU Affero General Public License for more details. |
762 | + |
763 | + You should have received a copy of the GNU Affero General Public License |
764 | + along with this program. If not, see <http://www.gnu.org/licenses/>. |
765 | + |
766 | +Also add information on how to contact you by electronic and paper mail. |
767 | + |
768 | + If your software can interact with users remotely through a computer |
769 | +network, you should also make sure that it provides a way for users to |
770 | +get its source. For example, if your program is a web application, its |
771 | +interface could display a "Source" link that leads users to an archive |
772 | +of the code. There are many ways you could offer source, and different |
773 | +solutions will be better for different programs; see section 13 for the |
774 | +specific requirements. |
775 | + |
776 | + You should also get your employer (if you work as a programmer) or school, |
777 | +if any, to sign a "copyright disclaimer" for the program, if necessary. |
778 | +For more information on this, and how to apply and follow the GNU AGPL, see |
779 | +<http://www.gnu.org/licenses/>. |
780 | + |
781 | +========================================================================= |
782 | diff --git a/turnip-base/icon.svg b/turnip-base/icon.svg |
783 | new file mode 100644 |
784 | index 0000000..b7920cc |
785 | --- /dev/null |
786 | +++ b/turnip-base/icon.svg |
787 | @@ -0,0 +1,159 @@ |
788 | +<?xml version="1.0" encoding="UTF-8" standalone="no"?> |
789 | +<svg |
790 | + xmlns:dc="http://purl.org/dc/elements/1.1/" |
791 | + xmlns:cc="http://creativecommons.org/ns#" |
792 | + xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" |
793 | + xmlns:svg="http://www.w3.org/2000/svg" |
794 | + xmlns="http://www.w3.org/2000/svg" |
795 | + xmlns:xlink="http://www.w3.org/1999/xlink" |
796 | + xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" |
797 | + xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" |
798 | + width="100px" |
799 | + height="100px" |
800 | + viewBox="0 0 100 100" |
801 | + version="1.1" |
802 | + id="svg18" |
803 | + sodipodi:docname="lp-charm-icon.svg" |
804 | + inkscape:version="0.92.3 (2405546, 2018-03-11)"> |
805 | + <metadata |
806 | + id="metadata22"> |
807 | + <rdf:RDF> |
808 | + <cc:Work |
809 | + rdf:about=""> |
810 | + <dc:format>image/svg+xml</dc:format> |
811 | + <dc:type |
812 | + rdf:resource="http://purl.org/dc/dcmitype/StillImage" /> |
813 | + <dc:title>eclispe-che</dc:title> |
814 | + </cc:Work> |
815 | + </rdf:RDF> |
816 | + </metadata> |
817 | + <sodipodi:namedview |
818 | + pagecolor="#ffffff" |
819 | + bordercolor="#666666" |
820 | + borderopacity="1" |
821 | + objecttolerance="10" |
822 | + gridtolerance="10" |
823 | + guidetolerance="10" |
824 | + inkscape:pageopacity="0" |
825 | + inkscape:pageshadow="2" |
826 | + inkscape:window-width="1920" |
827 | + inkscape:window-height="1016" |
828 | + id="namedview20" |
829 | + showgrid="false" |
830 | + inkscape:pagecheckerboard="true" |
831 | + inkscape:zoom="1.668772" |
832 | + inkscape:cx="29.156684" |
833 | + inkscape:cy="41.621867" |
834 | + inkscape:window-x="0" |
835 | + inkscape:window-y="27" |
836 | + inkscape:window-maximized="1" |
837 | + inkscape:current-layer="layer2" |
838 | + inkscape:snap-bbox="false" |
839 | + inkscape:snap-bbox-midpoints="true" |
840 | + inkscape:snap-object-midpoints="true" /> |
841 | + <!-- Generator: Sketch 45.2 (43514) - http://www.bohemiancoding.com/sketch --> |
842 | + <title |
843 | + id="title2">eclispe-che</title> |
844 | + <desc |
845 | + id="desc4">Created with Sketch.</desc> |
846 | + <defs |
847 | + id="defs7"> |
848 | + <path |
849 | + d="M50.0004412,4.04252804e-14 C22.3871247,4.04252804e-14 0,22.3848726 0,49.9995588 C0,77.6133626 22.3871247,100 50.0004412,100 C77.6137577,100 100,77.6133626 100,49.9995588 C100,22.3848726 77.6128753,3.55271368e-14 50.0004412,4.04252804e-14 Z" |
850 | + id="path-1" /> |
851 | + <style |
852 | + id="style6" |
853 | + type="text/css"> |
854 | + |
855 | + .fil0 {fill:#F8C300} |
856 | + .fil6 {fill:#3895BD} |
857 | + .fil3 {fill:#3941BF} |
858 | + .fil1 {fill:#8FB635} |
859 | + .fil4 {fill:#A02C35} |
860 | + .fil7 {fill:#BB3A84} |
861 | + .fil5 {fill:#D18C3B} |
862 | + .fil8 {fill:#72706F;fill-rule:nonzero} |
863 | + .fil9 {fill:#F8C300;fill-rule:nonzero} |
864 | + .fil2 {fill:white;fill-rule:nonzero} |
865 | + |
866 | + </style> |
867 | + </defs> |
868 | + <g |
869 | + inkscape:groupmode="layer" |
870 | + id="layer1" |
871 | + inkscape:label="BACKGROUND"> |
872 | + <g |
873 | + style="fill:#ffffff;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1;stroke-opacity:1" |
874 | + id="Page-1"> |
875 | + <g |
876 | + id="eclispe-che" |
877 | + style="fill:#ffffff;fill-opacity:1;stroke:none;stroke-opacity:1"> |
878 | + <g |
879 | + id="path3023-path" |
880 | + style="fill:#ffffff;fill-opacity:1;stroke:none;stroke-opacity:1"> |
881 | + <use |
882 | + xlink:href="#path-1" |
883 | + id="use9" |
884 | + style="fill:#ffffff;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-opacity:1" |
885 | + x="0" |
886 | + y="0" |
887 | + width="100%" |
888 | + height="100%" /> |
889 | + <path |
890 | + d="M 50.000441,0.5 C 22.662621,0.5 0.5,22.661661 0.5,49.999559 0.5,77.337051 22.663098,99.5 50.000441,99.5 77.337613,99.5 99.5,77.337222 99.5,49.999559 99.5,22.661796 77.337514,0.5 50.000441,0.5 Z" |
891 | + id="path11" |
892 | + style="fill:#ffffff;fill-opacity:1;stroke:none;stroke-width:1;stroke-opacity:1" |
893 | + inkscape:connector-curvature="0" /> |
894 | + </g> |
895 | + </g> |
896 | + </g> |
897 | + </g> |
898 | + <g |
899 | + inkscape:groupmode="layer" |
900 | + id="layer2" |
901 | + inkscape:label="PLACE LOGO HERE"> |
902 | + <g |
903 | + style="fill-rule:evenodd" |
904 | + id="g3473" |
905 | + transform="matrix(3.2292607,0,0,3.2292607,-486.24769,-600.53027)"> |
906 | + <g |
907 | + id="g3489"> |
908 | + <path |
909 | + inkscape:connector-curvature="0" |
910 | + style="fill:#3895bd;fill-opacity:1;fill-rule:evenodd" |
911 | + d="m 165.22326,188.53265 -9.92868,5.72521 4.76477,2.75658 5.15144,-2.96862 z" |
912 | + id="path3475" /> |
913 | + <path |
914 | + inkscape:connector-curvature="0" |
915 | + style="fill:#8fb635;fill-opacity:1;fill-rule:evenodd" |
916 | + d="m 166.90714,188.53265 v 5.51317 l 5.15144,2.96862 4.77724,-2.75658 z" |
917 | + id="path3477" /> |
918 | + <path |
919 | + inkscape:connector-curvature="0" |
920 | + style="fill:#f8c300;fill-rule:evenodd" |
921 | + d="m 166.05897,195.50518 -5.15144,2.96863 v 5.96219 l 5.15144,2.95616 5.15143,-2.95616 v -5.96219 z" |
922 | + id="path3479" /> |
923 | + <path |
924 | + inkscape:connector-curvature="0" |
925 | + style="fill:#d18c3b;fill-opacity:1;fill-rule:evenodd" |
926 | + d="m 177.67153,195.71723 -4.77724,2.76905 v 5.93725 l 4.77724,2.75658 z" |
927 | + id="path3481" /> |
928 | + <path |
929 | + inkscape:connector-curvature="0" |
930 | + style="fill:#3941bf;fill-opacity:1;fill-rule:evenodd" |
931 | + d="m 154.4464,195.7297 v 11.45041 l 4.77724,-2.75658 v -5.94972 z" |
932 | + id="path3483" /> |
933 | + <path |
934 | + inkscape:connector-curvature="0" |
935 | + style="fill:#bb3a84;fill-opacity:1;fill-rule:evenodd" |
936 | + d="m 160.05935,205.8829 -4.76477,2.75658 9.91621,5.73768 V 208.864 l -5.13897,-2.9811 z" |
937 | + id="path3485" /> |
938 | + <path |
939 | + inkscape:connector-curvature="0" |
940 | + style="fill:#a02c35;fill-opacity:1;fill-rule:evenodd" |
941 | + d="m 172.05858,205.89537 -5.15144,2.96863 v 5.51316 l 9.91621,-5.73768 z" |
942 | + id="path3487" /> |
943 | + </g> |
944 | + </g> |
945 | + </g> |
946 | +</svg> |
947 | diff --git a/turnip-base/layer.yaml b/turnip-base/layer.yaml |
948 | new file mode 100644 |
949 | index 0000000..52adc56 |
950 | --- /dev/null |
951 | +++ b/turnip-base/layer.yaml |
952 | @@ -0,0 +1,10 @@ |
953 | +includes: |
954 | + - layer:basic |
955 | + - layer:apt |
956 | + - layer:status |
957 | + - interface:http |
958 | + - interface:nrpe-external-master |
959 | +repo: https://git.launchpad.net/turnip |
960 | +options: |
961 | + basic: |
962 | + use_venv: true |
963 | diff --git a/turnip-base/lib/charms/turnip/base.py b/turnip-base/lib/charms/turnip/base.py |
964 | new file mode 100644 |
965 | index 0000000..cbb736f |
966 | --- /dev/null |
967 | +++ b/turnip-base/lib/charms/turnip/base.py |
968 | @@ -0,0 +1,416 @@ |
969 | +# Copyright 2018 Canonical Ltd. This software is licensed under the |
970 | +# GNU Affero General Public License version 3 (see the file LICENSE). |
971 | + |
972 | + |
973 | +import errno |
974 | +import os.path |
975 | +import shutil |
976 | +import subprocess |
977 | + |
978 | +import yaml |
979 | +from charmhelpers.core import hookenv, host, templating |
980 | +from charmhelpers.fetch import apt_install |
981 | +from charmhelpers.payload import archive |
982 | +from charms.layer import status |
983 | +from charms.reactive import endpoint_from_name |
984 | + |
985 | + |
986 | +def base_dir(): |
987 | + return hookenv.config()["base_dir"] |
988 | + |
989 | + |
990 | +def payloads_dir(): |
991 | + return os.path.join(base_dir(), hookenv.application_name(), "payloads") |
992 | + |
993 | + |
994 | +def code_dir(): |
995 | + return os.path.join(base_dir(), hookenv.application_name(), "code") |
996 | + |
997 | + |
998 | +def venv_dir(): |
999 | + return os.path.join(code_dir(), "env") |
1000 | + |
1001 | + |
1002 | +def logs_dir(): |
1003 | + return os.path.join(base_dir(), "logs") |
1004 | + |
1005 | + |
1006 | +def data_dir(): |
1007 | + return os.path.join(base_dir(), "data") |
1008 | + |
1009 | + |
1010 | +def run_dir(): |
1011 | + return os.path.join(base_dir(), hookenv.application_name(), "run") |
1012 | + |
1013 | + |
1014 | +@hookenv.cached |
1015 | +def data_mount_unit(): |
1016 | + return ( |
1017 | + subprocess.check_output( |
1018 | + ["systemd-escape", "--path", data_dir()], text=True |
1019 | + ).rstrip("\n") |
1020 | + + ".mount" |
1021 | + ) |
1022 | + |
1023 | + |
1024 | +def keys_dir(): |
1025 | + return os.path.join(base_dir(), "keys") |
1026 | + |
1027 | + |
1028 | +def nrpe_dir(): |
1029 | + return os.path.join(base_dir(), hookenv.application_name(), "nrpe") |
1030 | + |
1031 | + |
1032 | +def user(): |
1033 | + return hookenv.config()["user"] |
1034 | + |
1035 | + |
1036 | +def user_id(): |
1037 | + return hookenv.config()["user_id"] |
1038 | + |
1039 | + |
1040 | +def group(): |
1041 | + return hookenv.config()["group"] |
1042 | + |
1043 | + |
1044 | +def group_id(): |
1045 | + return hookenv.config()["group_id"] |
1046 | + |
1047 | + |
1048 | +def ensure_user(username, groupname, uid=None, gid=None): |
1049 | + if not host.user_exists(username): |
1050 | + hookenv.log(f"Creating {username} user and group") |
1051 | + password = host.pwgen() |
1052 | + if not host.group_exists(groupname): |
1053 | + host.add_group(groupname, gid=gid) |
1054 | + host.adduser(username, password, primary_group=groupname, uid=uid) |
1055 | + |
1056 | + |
1057 | +def ensure_directories(): |
1058 | + for dir in (base_dir(), payloads_dir()): |
1059 | + host.mkdir(dir, perms=0o755) |
1060 | + for dir in (logs_dir(), data_dir(), keys_dir(), run_dir()): |
1061 | + host.mkdir(dir, owner=user(), group=group(), perms=0o755) |
1062 | + |
1063 | + |
1064 | +def get_swift_creds(config): |
1065 | + return { |
1066 | + "user": config["swift_username"], |
1067 | + "project": config["swift_tenant_name"], |
1068 | + "password": config["swift_password"], |
1069 | + "authurl": config["swift_auth_url"], |
1070 | + "region": config["swift_region_name"], |
1071 | + "storageurl": config["swift_storage_url"], |
1072 | + } |
1073 | + |
1074 | + |
1075 | +def swift_base_cmd(**swift_creds): |
1076 | + return [ |
1077 | + "swift", |
1078 | + "--os-username=" + swift_creds["user"], |
1079 | + "--os-tenant-name=" + swift_creds["project"], |
1080 | + "--os-password=" + swift_creds["password"], |
1081 | + "--os-auth-url=" + swift_creds["authurl"], |
1082 | + "--os-region-name=" + swift_creds["region"], |
1083 | + ] |
1084 | + |
1085 | + |
1086 | +def swift_fetch(source, target, container=None, **swift_creds): |
1087 | + if swift_creds["user"]: |
1088 | + cmd = swift_base_cmd(**swift_creds) + [ |
1089 | + "download", |
1090 | + "--output=" + target, |
1091 | + container, |
1092 | + source, |
1093 | + ] |
1094 | + else: |
1095 | + storage_url = swift_creds["storageurl"] |
1096 | + assert storage_url |
1097 | + cmd = [ |
1098 | + "wget", |
1099 | + "-O", |
1100 | + target, |
1101 | + f"{storage_url}/{container}/{source}", |
1102 | + ] |
1103 | + subprocess.check_call(cmd) |
1104 | + |
1105 | + |
1106 | +def unlink_force(path): |
1107 | + """Unlink path, without worrying about whether it exists.""" |
1108 | + try: |
1109 | + os.unlink(path) |
1110 | + except OSError as e: |
1111 | + if e.errno != errno.ENOENT: |
1112 | + raise |
1113 | + |
1114 | + |
1115 | +def symlink_force(source, link_name): |
1116 | + """Create symlink link_name -> source, even if link_name exists.""" |
1117 | + unlink_force(link_name) |
1118 | + os.symlink(source, link_name) |
1119 | + |
1120 | + |
1121 | +def install_packages(): |
1122 | + if hookenv.config()["swift_username"]: |
1123 | + apt_install("python3-swiftclient", fatal=True) |
1124 | + |
1125 | + |
1126 | +def install_payload_packages(target_dir): |
1127 | + system_deps_path = os.path.join(target_dir, "system-dependencies.txt") |
1128 | + if not os.path.exists(system_deps_path): |
1129 | + return |
1130 | + hookenv.log("Installing system packages required by payload") |
1131 | + with open(system_deps_path) as system_deps_file: |
1132 | + system_deps = system_deps_file.read().split() |
1133 | + apt_install(system_deps, fatal=True) |
1134 | + |
1135 | + |
1136 | +def install_python_packages(target_dir): |
1137 | + hookenv.log("Installing Python dependencies") |
1138 | + subprocess.check_call( |
1139 | + [ |
1140 | + "sudo", |
1141 | + "make", |
1142 | + "-C", |
1143 | + target_dir, |
1144 | + "build", |
1145 | + "PIP_SOURCE_DIR=%s" % os.path.join(target_dir, "pip-cache"), |
1146 | + ] |
1147 | + ) |
1148 | + |
1149 | + |
1150 | +def prune_payloads(keep): |
1151 | + for entry in os.listdir(payloads_dir()): |
1152 | + if entry in keep: |
1153 | + continue |
1154 | + entry_path = os.path.join(payloads_dir(), entry) |
1155 | + if os.path.isdir(entry_path): |
1156 | + hookenv.log(f"Purging old build in {entry_path}") |
1157 | + shutil.rmtree(entry_path) |
1158 | + |
1159 | + |
1160 | +class PayloadError(Exception): |
1161 | + pass |
1162 | + |
1163 | + |
1164 | +def install_payload(): |
1165 | + config = hookenv.config() |
1166 | + current_build_label = None |
1167 | + if os.path.islink(code_dir()): |
1168 | + current_build_label = os.path.basename(os.path.realpath(code_dir())) |
1169 | + desired_build_label = config["build_label"] |
1170 | + if not desired_build_label: |
1171 | + raise PayloadError("Build label unset, so cannot deploy code") |
1172 | + if current_build_label == desired_build_label: |
1173 | + hookenv.log(f"Build {desired_build_label} already deployed") |
1174 | + return |
1175 | + hookenv.log(f"Deploying build {desired_build_label}...") |
1176 | + |
1177 | + # Copy source archive |
1178 | + archive_path = os.path.join( |
1179 | + payloads_dir(), desired_build_label + ".tar.gz" |
1180 | + ) |
1181 | + object_name = os.path.join(desired_build_label, "turnip.tar.gz") |
1182 | + |
1183 | + try: |
1184 | + if config["swift_container_name"]: |
1185 | + swift_creds = get_swift_creds(config) |
1186 | + swift_container = config["swift_container_name"] |
1187 | + swift_fetch( |
1188 | + os.path.join("turnip-builds", object_name), |
1189 | + archive_path, |
1190 | + container=swift_container, |
1191 | + **swift_creds, |
1192 | + ) |
1193 | + else: |
1194 | + resource_path = hookenv.resource_get("turnip") |
1195 | + if resource_path and os.path.getsize(resource_path): |
1196 | + with open(resource_path, "rb") as resource: |
1197 | + host.write_file(archive_path, resource.read(), perms=0o644) |
1198 | + else: |
1199 | + raise PayloadError("No build available, so cannot deploy code") |
1200 | + |
1201 | + # Unpack source |
1202 | + target_dir = os.path.join(payloads_dir(), desired_build_label) |
1203 | + if os.path.isdir(target_dir): |
1204 | + shutil.rmtree(target_dir) |
1205 | + archive.extract_tarfile(archive_path, target_dir) |
1206 | + os.chown(target_dir, 0, 0) |
1207 | + host.lchownr(target_dir, "root", "root") |
1208 | + |
1209 | + install_payload_packages(target_dir) |
1210 | + install_python_packages(target_dir) |
1211 | + |
1212 | + symlink_force( |
1213 | + os.path.relpath(target_dir, os.path.dirname(code_dir())), |
1214 | + code_dir(), |
1215 | + ) |
1216 | + prune_payloads([desired_build_label, current_build_label]) |
1217 | + finally: |
1218 | + unlink_force(archive_path) |
1219 | + |
1220 | + |
1221 | +def configure_rsync(): |
1222 | + config = hookenv.config() |
1223 | + if config["log_hosts_allow"]: |
1224 | + templating.render( |
1225 | + "turnip-rsync.j2", |
1226 | + "/etc/rsync-juju.d/010-turnip.conf", |
1227 | + config, |
1228 | + perms=0o644, |
1229 | + ) |
1230 | + if not host.service_restart("rsync"): |
1231 | + raise RuntimeError("Failed to restart rsync") |
1232 | + |
1233 | + |
1234 | +def install_services(): |
1235 | + install_payload() |
1236 | + version_info_path = os.path.join(code_dir(), "turnip", "version_info.py") |
1237 | + if os.path.exists(version_info_path): |
1238 | + version_info_locals = {} |
1239 | + with open(version_info_path) as version_info_file: |
1240 | + exec(version_info_file.read(), {}, version_info_locals) |
1241 | + revision_id = version_info_locals.get("version_info", {}).get( |
1242 | + "revision_id" |
1243 | + ) |
1244 | + if revision_id is not None: |
1245 | + hookenv.application_version_set(revision_id) |
1246 | + configure_rsync() |
1247 | + |
1248 | + |
1249 | +def configure_logrotate(config): |
1250 | + templating.render( |
1251 | + "logrotate.j2", |
1252 | + os.path.join("/etc/logrotate.d", hookenv.application_name()), |
1253 | + config, |
1254 | + perms=0o644, |
1255 | + ) |
1256 | + |
1257 | + |
1258 | +def reload_systemd(): |
1259 | + subprocess.check_call(["systemctl", "daemon-reload"]) |
1260 | + |
1261 | + |
1262 | +def configure_service(service_name=None): |
1263 | + config = hookenv.config() |
1264 | + if service_name is not None: |
1265 | + context = dict(config) |
1266 | + context["code_dir"] = code_dir() |
1267 | + context["data_dir"] = data_dir() |
1268 | + # XXX cjwatson 2019-02-11: data_mount_unit is only meaningful with |
1269 | + # layer:turnip-storage, but we include it here for simplicity. |
1270 | + context["data_mount_unit"] = data_mount_unit() |
1271 | + context["run_dir"] = run_dir() |
1272 | + context["venv_dir"] = venv_dir() |
1273 | + templating.render( |
1274 | + f"{service_name}.service.j2", |
1275 | + f"/lib/systemd/system/{service_name}.service", |
1276 | + context, |
1277 | + perms=0o644, |
1278 | + ) |
1279 | + reload_systemd() |
1280 | + if host.service_running(service_name): |
1281 | + host.service_stop(service_name) |
1282 | + if not host.service_resume(service_name): |
1283 | + raise RuntimeError(f"Failed to start {service_name}") |
1284 | + port = config.get("port") |
1285 | + if port is not None: |
1286 | + hookenv.open_port(port) |
1287 | + configure_logrotate(config) |
1288 | + |
1289 | + |
1290 | +def deconfigure_service(service_name): |
1291 | + host.service_pause(service_name) |
1292 | + |
1293 | + |
1294 | +def add_nagios_e2e_checks(nagios): |
1295 | + config = hookenv.config() |
1296 | + src = os.path.join(hookenv.charm_dir(), "scripts", "nrpe") |
1297 | + dst = nrpe_dir() |
1298 | + if not os.path.exists(dst): |
1299 | + os.makedirs(dst) |
1300 | + shutil.copy2( |
1301 | + os.path.join(src, "check_git_refs"), |
1302 | + os.path.join(dst, "check_git_refs"), |
1303 | + ) |
1304 | + nagios_logs_dir = "/var/log/nagios" |
1305 | + try: |
1306 | + if not os.path.exists(nagios_logs_dir): |
1307 | + host.mkdir( |
1308 | + nagios_logs_dir, owner="nagios", group="nagios", perms=0o755 |
1309 | + ) |
1310 | + except KeyError: |
1311 | + hookenv.log(f"nagios user not set up; {nagios_logs_dir} not created") |
1312 | + for i, url in enumerate(config["nagios_e2e_urls"].split()): |
1313 | + nagios.add_check( |
1314 | + [os.path.join(nrpe_dir(), "check_git_refs"), url], |
1315 | + name=f"check_turnip_git_refs_{i}", |
1316 | + description=( |
1317 | + "Git E2E {} - hint: check nfs-ganesha.service if all " |
1318 | + "appservers are bad, otherwise check " |
1319 | + "srv-turnip-data.mount" |
1320 | + ).format(url), |
1321 | + context=config["nagios_context"], |
1322 | + ) |
1323 | + |
1324 | + |
1325 | +def find_git_service(git_services, name): |
1326 | + for relation in git_services.relations: |
1327 | + for unit in relation.joined_units: |
1328 | + data = unit.received_raw |
1329 | + all_services = data.get("all_services") |
1330 | + if all_services is not None: |
1331 | + for service in yaml.safe_load(all_services): |
1332 | + if service["service_name"] == name: |
1333 | + return data["private-address"], service["service_port"] |
1334 | + return None, None |
1335 | + |
1336 | + |
1337 | +def publish_website(website, name, port): |
1338 | + config = hookenv.config() |
1339 | + server_name = hookenv.local_unit().replace("/", "-") |
1340 | + server_ip = str(hookenv.unit_private_ip()) |
1341 | + try: |
1342 | + service_options = yaml.safe_load(config.get("haproxy_service_options")) |
1343 | + except Exception: |
1344 | + status.blocked("bad haproxy_service_options YAML config") |
1345 | + return |
1346 | + server_options = config.get("haproxy_server_options") |
1347 | + haproxy_services = [ |
1348 | + { |
1349 | + "service_name": name, |
1350 | + "service_host": "0.0.0.0", |
1351 | + "service_port": port, |
1352 | + "service_options": service_options, |
1353 | + "servers": [[server_name, server_ip, port, server_options]], |
1354 | + } |
1355 | + ] |
1356 | + haproxy_services_yaml = yaml.dump(haproxy_services) |
1357 | + for relation in website.relations: |
1358 | + ingress_address = website.get_ingress_address(relation.relation_id) |
1359 | + relation.to_publish_raw.update( |
1360 | + { |
1361 | + "hostname": ingress_address, |
1362 | + "private-address": ingress_address, |
1363 | + "port": str(port), |
1364 | + "services": haproxy_services_yaml, |
1365 | + } |
1366 | + ) |
1367 | + |
1368 | + |
1369 | +def get_rabbitmq_url(): |
1370 | + """Get the RabbitMQ URL from relation data. |
1371 | + |
1372 | + The relation data is only accessible from an amqp relation hook, so the |
1373 | + caller is expected to store the result for use by other hooks. |
1374 | + """ |
1375 | + rabbitmq = endpoint_from_name("amqp") |
1376 | + |
1377 | + if not rabbitmq.username() or not rabbitmq.password(): |
1378 | + raise AssertionError( |
1379 | + "get_rabbitmq_url called when amqp relation data incomplete" |
1380 | + ) |
1381 | + |
1382 | + user = f"{rabbitmq.username()}:{rabbitmq.password()}" |
1383 | + vhost = rabbitmq.vhost() if rabbitmq.vhost() else "/" |
1384 | + return f"pyamqp://{user}@{rabbitmq.private_address()}/{vhost}" |
1385 | diff --git a/turnip-base/metadata.yaml b/turnip-base/metadata.yaml |
1386 | new file mode 100644 |
1387 | index 0000000..4913e81 |
1388 | --- /dev/null |
1389 | +++ b/turnip-base/metadata.yaml |
1390 | @@ -0,0 +1,5 @@ |
1391 | +resources: |
1392 | + turnip: |
1393 | + type: file |
1394 | + filename: turnip.tar.gz |
1395 | + description: Turnip code |
1396 | diff --git a/turnip-base/reactive/turnip-base.py b/turnip-base/reactive/turnip-base.py |
1397 | new file mode 100644 |
1398 | index 0000000..978d338 |
1399 | --- /dev/null |
1400 | +++ b/turnip-base/reactive/turnip-base.py |
1401 | @@ -0,0 +1,51 @@ |
1402 | +# Copyright 2018 Canonical Ltd. This software is licensed under the |
1403 | +# GNU Affero General Public License version 3 (see the file LICENSE). |
1404 | + |
1405 | + |
1406 | +from charms.layer import status |
1407 | +from charms.reactive import clear_flag, hook, set_flag, when, when_not |
1408 | +from charms.turnip.base import ( |
1409 | + PayloadError, |
1410 | + ensure_directories, |
1411 | + ensure_user, |
1412 | + group, |
1413 | + group_id, |
1414 | + install_services, |
1415 | + user, |
1416 | + user_id, |
1417 | +) |
1418 | + |
1419 | + |
1420 | +@when_not("turnip.created_user") |
1421 | +def install(): |
1422 | + ensure_user(user(), group(), uid=user_id(), gid=group_id()) |
1423 | + ensure_directories() |
1424 | + set_flag("turnip.created_user") |
1425 | + |
1426 | + |
1427 | +@when("turnip.created_user") |
1428 | +@when_not("turnip.installed") |
1429 | +def install_turnip(): |
1430 | + try: |
1431 | + install_services() |
1432 | + except PayloadError as e: |
1433 | + status.blocked(str(e)) |
1434 | + return |
1435 | + set_flag("turnip.installed") |
1436 | + clear_flag("turnip.configured") |
1437 | + status.maintenance("Service installed, but not configured") |
1438 | + |
1439 | + |
1440 | +@hook("upgrade-charm") |
1441 | +def upgrade_charm(): |
1442 | + clear_flag("turnip.installed") |
1443 | + |
1444 | + |
1445 | +@when("config.changed.build_label") |
1446 | +def build_label_changed(): |
1447 | + clear_flag("turnip.installed") |
1448 | + |
1449 | + |
1450 | +@when("config.changed") |
1451 | +def config_changed(): |
1452 | + clear_flag("turnip.configured") |
1453 | diff --git a/turnip-base/scripts/nrpe/check_git_refs b/turnip-base/scripts/nrpe/check_git_refs |
1454 | new file mode 100755 |
1455 | index 0000000..d5322fb |
1456 | --- /dev/null |
1457 | +++ b/turnip-base/scripts/nrpe/check_git_refs |
1458 | @@ -0,0 +1,24 @@ |
1459 | +#! /bin/sh |
1460 | +set -u |
1461 | + |
1462 | +. /usr/lib/nagios/plugins/utils.sh |
1463 | + |
1464 | +LOGFILE=/var/log/nagios/check_git_refs.log |
1465 | + |
1466 | +if [ -z "$1" ]; then |
1467 | + echo "Usage: check_git_refs REPOSITORY_URL" |
1468 | + exit $STATE_UNKNOWN |
1469 | +fi |
1470 | + |
1471 | +if ! BRANCHES="$(git ls-remote -h "$1" 2>$LOGFILE)"; then |
1472 | + echo "CRITICAL: Cannot list branches in $1" |
1473 | + exit $STATE_CRITICAL |
1474 | +fi |
1475 | + |
1476 | +if ! echo "$BRANCHES" | grep -q '[[:space:]]refs/heads/'; then |
1477 | + echo "CRITICAL: $1 has no heads" |
1478 | + exit $STATE_CRITICAL |
1479 | +fi |
1480 | + |
1481 | +echo "OK: Master branch found in $1" |
1482 | +exit $STATE_OK |
1483 | diff --git a/turnip-base/templates/turnip-rsync.j2 b/turnip-base/templates/turnip-rsync.j2 |
1484 | new file mode 100644 |
1485 | index 0000000..4ed2550 |
1486 | --- /dev/null |
1487 | +++ b/turnip-base/templates/turnip-rsync.j2 |
1488 | @@ -0,0 +1,8 @@ |
1489 | + |
1490 | +[turnip-logs] |
1491 | + path = {{ base_dir }}/logs |
1492 | + comment = Turnip Logs |
1493 | + list = false |
1494 | + read only = true |
1495 | + hosts allow = {{ log_hosts_allow }} |
1496 | + |
1497 | diff --git a/turnip-base/wheelhouse.txt b/turnip-base/wheelhouse.txt |
1498 | new file mode 100644 |
1499 | index 0000000..3392d2e |
1500 | --- /dev/null |
1501 | +++ b/turnip-base/wheelhouse.txt |
1502 | @@ -0,0 +1,2 @@ |
1503 | +PyYAML |
1504 | +six |
1505 | diff --git a/turnip-storage/config.yaml b/turnip-storage/config.yaml |
1506 | new file mode 100644 |
1507 | index 0000000..2d2464a |
1508 | --- /dev/null |
1509 | +++ b/turnip-storage/config.yaml |
1510 | @@ -0,0 +1,8 @@ |
1511 | +options: |
1512 | + nfs: |
1513 | + type: boolean |
1514 | + default: false |
1515 | + description: > |
1516 | + Use the NFS relation to provision repository storage. A file |
1517 | + system will be requested and mounted at ${base_dir}/data. The |
1518 | + service will not start until the file system is mounted. |
1519 | diff --git a/turnip-storage/layer.yaml b/turnip-storage/layer.yaml |
1520 | new file mode 100644 |
1521 | index 0000000..dd13414 |
1522 | --- /dev/null |
1523 | +++ b/turnip-storage/layer.yaml |
1524 | @@ -0,0 +1,4 @@ |
1525 | +includes: |
1526 | + - interface:mount |
1527 | + - layer:turnip-base |
1528 | +repo: https://git.launchpad.net/turnip |
1529 | diff --git a/turnip-storage/lib/charms/turnip/storage.py b/turnip-storage/lib/charms/turnip/storage.py |
1530 | new file mode 100644 |
1531 | index 0000000..6b3505d |
1532 | --- /dev/null |
1533 | +++ b/turnip-storage/lib/charms/turnip/storage.py |
1534 | @@ -0,0 +1,62 @@ |
1535 | +# Copyright 2018 Canonical Ltd. This software is licensed under the |
1536 | +# GNU Affero General Public License version 3 (see the file LICENSE). |
1537 | + |
1538 | + |
1539 | +import os |
1540 | +import subprocess |
1541 | + |
1542 | +from charmhelpers.core import host, templating |
1543 | +from charms.turnip.base import ( |
1544 | + data_dir, |
1545 | + data_mount_unit, |
1546 | + group_id, |
1547 | + reload_systemd, |
1548 | + user_id, |
1549 | +) |
1550 | + |
1551 | + |
1552 | +def ensure_mounted(): |
1553 | + # If the service is stopped, start it. Make sure it is also unmasked to |
1554 | + # avoid blocking other services that depends on the data mount. |
1555 | + data_mount = data_mount_unit() |
1556 | + host.service("unmask", data_mount) |
1557 | + reload_systemd() |
1558 | + if not host.service_running(data_mount): |
1559 | + host.service_resume(data_mount) |
1560 | + subprocess.check_call(["mountpoint", "-q", data_dir()]) |
1561 | + |
1562 | + |
1563 | +def mount_data(mount_info): |
1564 | + # We use a systemd.mount(5) unit rather than a line in /etc/fstab partly |
1565 | + # because it's easier to deal with a file we can completely overwrite, |
1566 | + # and partly because this lets us automatically stop and start services |
1567 | + # that require the mount. |
1568 | + data_mount = data_mount_unit() |
1569 | + data_mount_conf = f"/lib/systemd/system/{data_mount}" |
1570 | + context = dict(mount_info) |
1571 | + context["data_dir"] = data_dir() |
1572 | + templating.render("data.mount.j2", data_mount_conf, context, perms=0o644) |
1573 | + host.service("unmask", data_mount) |
1574 | + reload_systemd() |
1575 | + host.service_restart(data_mount) |
1576 | + # systemctl shouldn't return successfully unless the mount completed, |
1577 | + # but let's make sure. |
1578 | + subprocess.check_call(["mountpoint", "-q", data_dir()]) |
1579 | + |
1580 | + |
1581 | +def unmount_data(): |
1582 | + data_mount = data_mount_unit() |
1583 | + if host.service_running(data_mount): |
1584 | + host.service_stop(data_mount) |
1585 | + host.service("mask", data_mount) |
1586 | + reload_systemd() |
1587 | + |
1588 | + |
1589 | +def ensure_repo_store_writable(): |
1590 | + os.chown(data_dir(), user_id(), group_id()) |
1591 | + os.chmod(data_dir(), 0o755) |
1592 | + repo_store = os.path.join(data_dir(), "repos") |
1593 | + if not os.path.exists(repo_store): |
1594 | + os.makedirs(repo_store) |
1595 | + os.chown(repo_store, user_id(), group_id()) |
1596 | + os.chmod(repo_store, 0o755) |
1597 | diff --git a/turnip-storage/lxd-profile.yaml b/turnip-storage/lxd-profile.yaml |
1598 | new file mode 100644 |
1599 | index 0000000..52ba2e3 |
1600 | --- /dev/null |
1601 | +++ b/turnip-storage/lxd-profile.yaml |
1602 | @@ -0,0 +1,10 @@ |
1603 | +name: turnip-storage |
1604 | +config: |
1605 | + raw.apparmor: | |
1606 | + mount fstype=nfs, |
1607 | + mount fstype=nfs4, |
1608 | + mount fstype=nfsd, |
1609 | + mount fstype=rpc_pipefs, |
1610 | + security.privileged: true |
1611 | +description: "Allow NFS mounting for turnip storage" |
1612 | +devices: {} |
1613 | diff --git a/turnip-storage/metadata.yaml b/turnip-storage/metadata.yaml |
1614 | new file mode 100644 |
1615 | index 0000000..7024acd |
1616 | --- /dev/null |
1617 | +++ b/turnip-storage/metadata.yaml |
1618 | @@ -0,0 +1,4 @@ |
1619 | +requires: |
1620 | + nfs: |
1621 | + interface: mount |
1622 | + optional: true |
1623 | diff --git a/turnip-storage/reactive/turnip-storage.py b/turnip-storage/reactive/turnip-storage.py |
1624 | new file mode 100644 |
1625 | index 0000000..2c5bd4f |
1626 | --- /dev/null |
1627 | +++ b/turnip-storage/reactive/turnip-storage.py |
1628 | @@ -0,0 +1,141 @@ |
1629 | +# Copyright 2018 Canonical Ltd. This software is licensed under the |
1630 | +# GNU Affero General Public License version 3 (see the file LICENSE). |
1631 | + |
1632 | + |
1633 | +from charmhelpers.core import hookenv |
1634 | +from charmhelpers.fetch import apt_install |
1635 | +from charms.reactive import ( |
1636 | + any_flags_set, |
1637 | + clear_flag, |
1638 | + data_changed, |
1639 | + endpoint_from_flag, |
1640 | + set_flag, |
1641 | + toggle_flag, |
1642 | + when, |
1643 | + when_any, |
1644 | + when_not, |
1645 | +) |
1646 | +from charms.turnip.base import data_dir |
1647 | +from charms.turnip.storage import ( |
1648 | + ensure_mounted, |
1649 | + ensure_repo_store_writable, |
1650 | + mount_data, |
1651 | + unmount_data, |
1652 | +) |
1653 | + |
1654 | + |
1655 | +def update_storage_available(): |
1656 | + toggle_flag( |
1657 | + "turnip.storage.available", |
1658 | + any_flags_set("turnip.storage.internal", "turnip.storage.nfs"), |
1659 | + ) |
1660 | + |
1661 | + |
1662 | +@when("turnip.created_user") |
1663 | +@when_not("turnip.storage.initialised") |
1664 | +def initial_request(): |
1665 | + if hookenv.config()["nfs"]: |
1666 | + apt_install("nfs-common", fatal=True) |
1667 | + clear_flag("turnip.storage.internal") |
1668 | + else: |
1669 | + ensure_repo_store_writable() |
1670 | + set_flag("turnip.storage.internal") |
1671 | + clear_flag("turnip.storage.nfs") |
1672 | + set_flag("turnip.storage.initialised") |
1673 | + update_storage_available() |
1674 | + |
1675 | + |
1676 | +@when("nfs.joined") |
1677 | +@when_not("turnip.storage.nfs-requested") |
1678 | +def nfs_joined(): |
1679 | + if not hookenv.config()["nfs"]: |
1680 | + return |
1681 | + nfs = endpoint_from_flag("nfs.joined") |
1682 | + nfs.set_export_name("turnip") |
1683 | + set_flag("turnip.storage.nfs-requested") |
1684 | + |
1685 | + |
1686 | +@when("nfs.available") |
1687 | +def nfs_available(): |
1688 | + if not hookenv.config()["nfs"]: |
1689 | + return |
1690 | + nfs = endpoint_from_flag("nfs.available") |
1691 | + mount_info = None |
1692 | + for mount in nfs.mounts(): |
1693 | + if mount["mount_name"] != "turnip": |
1694 | + continue |
1695 | + if mount["mounts"]: |
1696 | + mount_info = mount["mounts"][0] |
1697 | + # We only handle one related NFS unit. |
1698 | + break |
1699 | + # Unmount and/or mount storage as necessary. Note that if we previously |
1700 | + # had valid mount information and now have different valid mount |
1701 | + # information then we need to do both operations. |
1702 | + if data_changed("turnip.storage.mount-info", mount_info): |
1703 | + unmount_data() |
1704 | + if mount_info is not None: |
1705 | + mount_data(mount_info) |
1706 | + ensure_repo_store_writable() |
1707 | + toggle_flag("turnip.storage.nfs", mount_info is not None) |
1708 | + update_storage_available() |
1709 | + # If mount-info didn't changed but is present, let's just make sure that |
1710 | + # the data storage is mounted. |
1711 | + elif mount_info is not None: |
1712 | + ensure_mounted() |
1713 | + ensure_repo_store_writable() |
1714 | + set_flag("turnip.storage.nfs") |
1715 | + update_storage_available() |
1716 | + |
1717 | + |
1718 | +@when_any("turnip.storage.nfs-requested", "turnip.storage.nfs") |
1719 | +@when_not("nfs.joined") |
1720 | +def nfs_departed(): |
1721 | + if data_changed("turnip.storage.mount-info", None): |
1722 | + unmount_data() |
1723 | + clear_flag("turnip.storage.nfs-requested") |
1724 | + clear_flag("turnip.storage.nfs") |
1725 | + update_storage_available() |
1726 | + |
1727 | + |
1728 | +@when("config.changed.nfs") |
1729 | +def nfs_config_changed(): |
1730 | + clear_flag("turnip.storage.internal") |
1731 | + clear_flag("turnip.storage.nfs") |
1732 | + clear_flag("turnip.storage.initialised") |
1733 | + clear_flag("turnip.storage.nfs-requested") |
1734 | + update_storage_available() |
1735 | + |
1736 | + |
1737 | +@when("nrpe-external-master.available", "turnip.configured") |
1738 | +@when_not("turnip.storage.nrpe-external-master.published") |
1739 | +def nrpe_available(): |
1740 | + nagios = endpoint_from_flag("nrpe-external-master.available") |
1741 | + config = hookenv.config() |
1742 | + # XXX cjwatson 2018-12-11: We perhaps don't need this check on every |
1743 | + # unit that consumes the same storage; perhaps it could live on the |
1744 | + # storage backend instead. However, this is easier to arrange for now. |
1745 | + nagios.add_check( |
1746 | + [ |
1747 | + "/usr/lib/nagios/plugins/check_disk", |
1748 | + "-u", |
1749 | + "GB", |
1750 | + "-w", |
1751 | + "10%", |
1752 | + "-c", |
1753 | + "5%", |
1754 | + "-K", |
1755 | + "5%", |
1756 | + "-p", |
1757 | + data_dir(), |
1758 | + ], |
1759 | + name="check_disk_data", |
1760 | + description=f"Disk space on {data_dir()}", |
1761 | + context=config["nagios_context"], |
1762 | + ) |
1763 | + set_flag("turnip.storage.nrpe-external-master.published") |
1764 | + |
1765 | + |
1766 | +@when("turnip.storage.nrpe-external-master.published") |
1767 | +@when_not("nrpe-external-master.available") |
1768 | +def nrpe_unavailable(): |
1769 | + clear_flag("turnip.storage.nrpe-external-master.published") |
1770 | diff --git a/turnip-storage/templates/data.mount.j2 b/turnip-storage/templates/data.mount.j2 |
1771 | new file mode 100644 |
1772 | index 0000000..b115460 |
1773 | --- /dev/null |
1774 | +++ b/turnip-storage/templates/data.mount.j2 |
1775 | @@ -0,0 +1,10 @@ |
1776 | +[Unit] |
1777 | +Description=Turnip data file system |
1778 | + |
1779 | +[Mount] |
1780 | +What={{ hostname }}:{{ mountpoint }} |
1781 | +Where={{ data_dir }} |
1782 | +Type={{ fstype }} |
1783 | +Options={{ options }} |
1784 | +LazyUnmount=true |
1785 | + |
Could you run `pre-commit run -a` over this as a separate commit (and make sure the results look sensible, of course)? turnip doesn't use autoformatting yet, so this will introduce a number of changes.
Otherwise LGTM.