Commit 00a3deab authored by Your Name's avatar Your Name
Browse files

lint

parent 9bca6d4d
......@@ -6,21 +6,21 @@ define buildkernel::kernel (
String $config_version = 'latest',
String $kernel_name = $title,
String $kernel_type = 'source',
) {
require buildkernel::kernelprep
if ($kernel_type == 'debian') {
Exec { "generate initram for $name $kernel_version":
command => "/usr/local/bin/generate-debian-initramfs.sh",
user => root,
logoutput => true,
require => [
File['/usr/local/bin/generate-debian-initramfs.sh'],
Exec { "generate initram for ${name} ${kernel_version}":
command => '/usr/local/bin/generate-debian-initramfs.sh',
user => root,
logoutput => true,
require => [
File['/usr/local/bin/generate-debian-initramfs.sh'],
],
creates => "/etc/xen/boot/debian/initrd.img-${kernel_version}",
creates => "/etc/xen/boot/debian/initrd.img-${kernel_version}",
environment => ["WORKDIR=${kernel_workdir}",
"KERNELVERSION=${kernel_version}",
"KERNELCONFIG=${kernel_workdir}/config_${kernel_version}.kconf",
......@@ -33,26 +33,26 @@ define buildkernel::kernel (
if ($type == 'source'){
file { "$kernel_workdir/config_$kernel_version.kconf":
file { "${kernel_workdir}/config_${kernel_version}.kconf":
ensure => present,
owner => root,
group => $kbuser,
mode => '0740',
source => "puppet:///modules/$module_name/kconfig/${kernel_version}_${config_version}.kconf",
source => "puppet:///modules/${module_name}/kconfig/${kernel_version}_${config_version}.kconf",
}
Exec { "Check kernel $kernel_version with config $config_version":
command => "/usr/local/bin/check_kernel.sh",
user => $kbuser,
logoutput => true,
require => [
File['/usr/local/bin/build_kernel.sh'],
File['/usr/local/bin/check_kernel.sh'],
File[$kernel_workdir],
File[$kernel_kerneldir],
File["$kernel_workdir/config_$kernel_version.kconf"],
Exec { "Check kernel ${kernel_version} with config ${config_version}":
command => '/usr/local/bin/check_kernel.sh',
user => $kbuser,
logoutput => true,
require => [
File['/usr/local/bin/build_kernel.sh'],
File['/usr/local/bin/check_kernel.sh'],
File[$kernel_workdir],
File[$kernel_kerneldir],
File["${kernel_workdir}/config_${kernel_version}.kconf"],
],
# onlyif => "/usr/local/bin/check_kernel.sh",
......@@ -65,20 +65,20 @@ define buildkernel::kernel (
timeout => 0,
}
Exec { "Build kernel $kernel_version with config $config_version":
command => "/usr/local/bin/build_kernel.sh",
logoutput => true,
user => $kbuser,
require => [
File['/usr/local/bin/build_kernel.sh'],
File['/usr/local/bin/check_kernel.sh'],
File[$kernel_workdir],
File[$kernel_kerneldir],
File["$kernel_workdir/config_$kernel_version.kconf"],
Exec { "Build kernel ${kernel_version} with config ${config_version}":
command => '/usr/local/bin/build_kernel.sh',
logoutput => true,
user => $kbuser,
require => [
File['/usr/local/bin/build_kernel.sh'],
File['/usr/local/bin/check_kernel.sh'],
File[$kernel_workdir],
File[$kernel_kerneldir],
File["${kernel_workdir}/config_${kernel_version}.kconf"],
],
#subscribe => File["$kernel_workdir/config_$kernel_version.kconf"],
#refreshonly => true,
unless => "/usr/local/bin/check_kernel.sh",
unless => '/usr/local/bin/check_kernel.sh',
# onlyif => "/usr/local/bin/check_kernel.sh",
environment => ["WORKDIR=${kernel_workdir}",
......
......@@ -34,15 +34,15 @@ class buildkernel::kernelprep (
}
user { 'kernelbuilder':
gid => 'kernelbuilder',
system => true,
shell => "/usr/sbin/nologin",
managehome => "true",
gid => 'kernelbuilder',
system => true,
shell => '/usr/sbin/nologin',
managehome => 'true',
}
Exec { "/usr/bin/pip3 install git+https://github.com/a13xp0p0v/kconfig-hardened-check":
user => $kbuser,
Exec { '/usr/bin/pip3 install git+https://github.com/a13xp0p0v/kconfig-hardened-check':
user => $kbuser,
}
file { '/usr/local/bin/generate-debian-initramfs.sh':
......@@ -50,7 +50,7 @@ class buildkernel::kernelprep (
owner => root,
group => kernelbuilder,
mode => '0750',
source => "puppet:///modules/$module_name/scripts/generate-debian-initramfs.sh",
source => "puppet:///modules/${module_name}/scripts/generate-debian-initramfs.sh",
}
......@@ -59,34 +59,34 @@ class buildkernel::kernelprep (
owner => root,
group => kernelbuilder,
mode => '0750',
source => "puppet:///modules/$module_name/scripts/build_kernel.sh",
source => "puppet:///modules/${module_name}/scripts/build_kernel.sh",
}
$signingkeys.each |$fp| {
file { "$kernel_workdir/$fp.gpg":
file { "${kernel_workdir}/${fp}.gpg":
ensure => present,
owner => root,
group => kernelbuilder,
mode => '0740',
source => "puppet:///modules/$module_name/$fp.gpg",
source => "puppet:///modules/${module_name}/${fp}.gpg",
}
#Exec { "/usr/bin/gpg --recv $fp":
# user => $kbuser,
#}
}
Exec { "/usr/bin/gpg --import $kernel_workdir/$signingkey.gpg":
user => $kbuser,
require => [
File["$kernel_workdir/$signingkey.gpg"],
File['/usr/local/bin/build_kernel.sh'],
File['/usr/local/bin/check_kernel.sh'],
File[$kernel_workdir],
File[$kernel_kerneldir],
Exec { "/usr/bin/gpg --import ${kernel_workdir}/${signingkey}.gpg":
user => $kbuser,
require => [
File["${kernel_workdir}/${signingkey}.gpg"],
File['/usr/local/bin/build_kernel.sh'],
File['/usr/local/bin/check_kernel.sh'],
File[$kernel_workdir],
File[$kernel_kerneldir],
],
}
......@@ -97,7 +97,7 @@ class buildkernel::kernelprep (
owner => root,
group => kernelbuilder,
mode => '0750',
source => "puppet:///modules/$module_name/scripts/kernel_functions.sh",
source => "puppet:///modules/${module_name}/scripts/kernel_functions.sh",
}
file { '/usr/local/bin/check_kernel.sh':
......@@ -105,40 +105,40 @@ class buildkernel::kernelprep (
owner => root,
group => kernelbuilder,
mode => '0750',
source => "puppet:///modules/$module_name/scripts/check_kernel.sh",
source => "puppet:///modules/${module_name}/scripts/check_kernel.sh",
}
file { '/usr/local/bin/test_kernelscript.sh':
ensure => present,
owner => root,
group => kernelbuilder,
mode => '0750',
source => "puppet:///modules/$module_name/scripts/test_kernelscript.sh",
source => "puppet:///modules/${module_name}/scripts/test_kernelscript.sh",
}
#dirs
file { "/etc/xen":
file { '/etc/xen':
ensure => directory,
}
file { "$kernel_workdir":
file { $kernel_workdir:
ensure => directory,
owner => root,
mode => '0770',
group => kernelbuilder,
mode => '0770',
ensure => directory,
}
# this is because apparmor libvirt aa helper, has paths hardcoded in the binary
file { "/usr/share/qemu-efi":
file { '/usr/share/qemu-efi':
ensure => directory,
mode => 'a+rx',
mode => 'a+rx',
}
# normally /etc/xen/boot
file { "$kernel_kerneldir":
file { $kernel_kerneldir:
ensure => directory,
owner => root,
group => kernelbuilder,
mode => '0774',
mode => '0774',
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment