Puppet Module: git
¶
The git
module for Puppet can manage central GIT repository hosts
along with the GIT repositories on that host, and can maintain clones of
GIT repositories.
Both these parts are used by the Puppet Module: puppet.
Creating a GIT Repository¶
Creating a repository is performed by the git::repository
resource
definition, with the following parameters:
description (false
)
A description for the GIT repository, which ends up in
.git/description
.If not set, or set to
false
, the.git/description
is left untouched.
group (root
)
The name of the (POSIX) group owner.
localtree (/srv/git/
)
The parent directory of the new GIT repository, with a default of/srv/git/
.
owner (root
)
The name of the (POSIX) owner.
prefix (false
)
Set a prefix to the actual GIT repository location, such that a the filesystem path to the repository is unique.
public (false
)
If the repository is public, the permissions are set such that the xinetd
git-daemon
running under the unprivilegednobody
account can read the contents of the repository.Set this to
false
to disallow thenobody
account to read any contents of the repository, therefore effectively disallowing anonymous access over thegit://
protocol.
real_name (false
)
Because resources can only be instantiated with unique names or titles, you can setreal_name
to a value that, if used as the name or title, would otherwise cause a duplicate definition.
recipients (false
)
A list of recipient email addresses, that should be notified when a commit is made.
If not set, or set to
false
, no notifications will be sent.
shared (false
)
A boolean value, this describes whether the GIT repository is shared (
true
) or private (false
).The net result of setting this to true is the equivalent of executing the following commands:
# find $localtree/$name/ -type d -exec chmod g+rws {} ; # find $localtree/$name/ -type f -exec chmod g+rw {} ;The xinetd
git-daemon
service runs under thenobody
account, and this boolean controls whether thenobody
account should be allowed read access to the GIT repository.
symlink_prefix (false
)
The symbolic link in/git/
, a flat directory hierarchy, should be prefixed with thesymlink_prefix
.
symbolic_link (true
)
Provide a symbolic link in/git/
to the new GIT repository (in$localtree
), so that users that use the SSH protocol do not have to use/srv/git/
to get to the repository.
Example GIT repository for libkolabxml:
git::repository { "libkolabxml.git":
localtree => "/srv/git/",
shared => true,
public => true,
owner => "vanmeeuwen",
group => "git-kolab.org-developers",
description => "libkolabxml",
recipients => [
"commits@lists.kolab.org"
]
}
Example set of GIT repositories for Puppet modules:
git::repository { [
"git",
"puppet",
"webserver",
"yum"
]:
localtree => "/srv/git/",
shared => true,
public => true,
owner => "vanmeeuwen",
group => "git-kolab.org-developers",
symlink_prefix => "puppet-module-",
prefix => "puppet-",
description => "Puppet Module",
recipients => [
"commits@lists.kolab.org"
]
}
Cloning a GIT Repository¶
To create a clone of a GIT repository, use the git::clone
resource
definition.
The following parameters are available:
source
define clone( $source,
$localtree = "/srv/git/",
$real_name = false,
$branch = false,
$mirror = false) {
git::clone { "modules/$branch/$real_name":
source => $url ? {
false => $base_url ? {
false => "$url",
default => $module_prefix ? {
false => $module_name ? {
false => "$base_url/$name",
default => "$base_url/$module_name"
},
default => $module_name ? {
false => "$base_url/$module_prefix-$name",
default => "$base_url/$module_prefix-$module_name"
}
}
},
default => $url
},
localtree => "/var/lib/puppet/environments/$branch/modules/",
real_name => "$real_name",
branch => $branch
}
git::pull { "modules/$branch/$real_name":
localtree => "/var/lib/puppet/environments/$branch/modules/",
real_name => $real_name,
require => Git::Clone["modules/$branch/$real_name"]
}