Operations grimoire/Operations repository: Difference between revisions

From Nasqueron Agora
(Created page with "Our configuration as code is stores in the operations (rOPS) repository. == Repository layout == {| class="wikitable sortable" |+ Content of rOPS |- ! Path !! Description |- | _modules || Custom execution modules |- | _states || Custom states modules |- | _tests || Unit tests for custom modules, scripts, tests for repo |- | config || ''Deprecated.'' Configuration files for other configurators |- | hotfixes || Fixes you need to run to solve a problem on the servers |- |...")
 
 
(8 intermediate revisions by the same user not shown)
Line 12: Line 12:
|-
|-
| _tests || Unit tests for custom modules, scripts, tests for repo
| _tests || Unit tests for custom modules, scripts, tests for repo
|-
| config || ''Deprecated.'' Configuration files for other configurators
|-
|-
| hotfixes || Fixes you need to run to solve a problem on the servers
| hotfixes || Fixes you need to run to solve a problem on the servers
Line 20: Line 18:
|-
|-
| roles || The states to deploy, divided in roles and then in units
| roles || The states to deploy, divided in roles and then in units
|-
| scripts || ''Deprecated.'' Scripts from before we used Salt
|-
|-
| utils || Helper scripts to maintain the repository
| utils || Helper scripts to maintain the repository
Line 51: Line 47:


=== Code conventions ===
=== Code conventions ===
''See also: [[Code conventions]]'''
''See also: [[Code conventions]].''


* Python code: run `black` before committing
* Python code: run `black` before committing
* YAML: indent with two spaces
* YAML: indent with two spaces, including list bullets
 
<syntaxhighlight lang="yaml">
id:
  method:
    - somekey: value
    - otherkey: value
</syntaxhighlight>
 
== Environment setup ==
 
Use of WindRiver is recommended if you wish to get an environment already installed for your contributions.
 
=== Everywhere setup ===
This section cover topics needed both on our development servers or in your laptop.
 
==== Python dependencies ====
 
Create a virtual environment, then install dependencies from {{Ops file|requirements.txt}}:
 
    mkdir -m $HOME/dev/python/ops
    python3 -m venv $HOME/dev/python/ops
    source $HOME/dev/python/ops/bin/activate
    pip install -r requirements.txt
 
==== Datacube ====
 
If you're in the ops group, you'll need sometimes to deploy from branches. As our deployment server Complector doesn't have PHP installed (so no arc), you need to exchange branches through our datacube.
 
On WindRiver:
 
    git remote add datacube /datacube/git/operations.git
 
Anywhere else:
 
    git remote add datacube ssh://windriver.nasqueron.org/datacube/git/operations.git
 
If you aren't in the ops groups, and have access to our devserver, you'll still be able to clone or pull from that directory, but not to write there (ie push branches).
 
=== Local computer setup ===
 
This section cover topics NOT needed on our development servers.
 
==== Arcanist ====
 
To use arc with the operations repository, our collection of patches is needed.
 
If arcanist isn't installed through Git repository, best is to do like on devserver role:
 
    mkdir /opt/phabricator && cd /opt/phabricator
    git clone https://github.com/nasqueron/arcanist.git
    (cd arcanist && git checkout production)
    ln -s /opt/phabricator/arcanist/bin/arc /usr/local/bin/
    git clone https://devcentral.nasqueron.org/source/shellcheck-linter.git
 
If you've already cloned Arcanist repository, switch to our branch production:
 
    git remote add nasqueron git@github.com:nasqueron/arcanist.git
    git fetch --all
    git checkout production
 
As of August 2024, there is no plan to make that repository available on DevCentral.
 
You'll also need shellcheck library-linter library, normally at the same level than your arcanist repository.
 
==== IDE configuration ====
[[File:PyCharm-TemplateLanguages.png|thumb|right|Screenshot of correctly configured template languages]]
The states .sls file are Jinja2 templates producing YAML files, or "jinja2+yaml". If this case can't be handled by your IDE, it works best to use YAML syntax highlighting.
 
If you use PyCharm or IntelliJ IDEA Ultimate, you can configure this scheme:
 
* Allow YAML files to be Jinja2 templates
** Go to Settings > Languages & Frameworks > Template Languages
** Select Jinja2 as template language
** Add YAML in the list
* Open SLS as YAML
 
== Linting ==
 
=== pre-commit ===
You can use '''pre-commit''' you can install with <code>make</code> to get a hook running Python code to lint the repository before a commit.
 
Beware if you use <code>arc diff</code> without a commit first: your message will be lost if pre-commit raises an error, always use <code>git commit</code> first.
 
On FreeBSD, there is an issue to build with clang 16+ the ruamel yaml clib library. You can build the FreeBSD port devel/py-ruamel.yaml.clib and copy the .whl to a stable path, then install it in your virtual environment.
 
On WindRiver, the .whl is available in /opt/python/py311, so you can:
 
    $ python3 -m venv /path/to/your/virtualenv
    $ source /path/to/your/virtualenv/bin/activate
    $ pip install /opt/python/py311/ruamel.yaml.clib-0.2.8-cp311-cp311-freebsd_14_0_release_p3_amd64.whl
    $ pip install pre-commit
    $ make
    pre-commit install
    pre-commit installed at .git/hooks/pre-commit
    $ rehash
    $ pre-commit
 
== Refactoring ==
 
=== Rename a lot of files ===
 
To move a directory and rename the ''Source file'' headers:
 
    git mv roles/webserver-legacy/nginx/files roles/webserver-alkane/nginx/
    cd roles/webserver-alkane/nginx/
    find . -type f -name '*.conf' | xargs gsed -i s/webserver-legacy/webserver-alkane/g
 
== See also ==
* [[How to contribute code]]
* [[Devserver reference]]

Latest revision as of 09:45, 4 August 2024

Our configuration as code is stores in the operations (rOPS) repository.

Repository layout

Content of rOPS
Path Description
_modules Custom execution modules
_states Custom states modules
_tests Unit tests for custom modules, scripts, tests for repo
hotfixes Fixes you need to run to solve a problem on the servers
pillar Configuration data structures to use in the states
roles The states to deploy, divided in roles and then in units
utils Helper scripts to maintain the repository
map.jinja As we deploy on several OS and distros, mapping of packages names or directories
top.sls topfile: what we deploy where?
PORTS Documentation of the ports used in the configuration
UIDs Documentation of the users used in the configuration
GIDs Documentation of the groups used in the configuration

Contributions howto

Repository source

You'll find the Operations repository at https://devcentral.nasqueron.org/source/operations/

If DevCentral isn't available, a mirror of the repository can be found at https://github.com/nasqueron/operations.

Workflow of contributions

We follow the general workflow is described at How to contribute code.

Before committing a change to the main branch, you can test a deployment on a server. In that case, merge in main immediately after the deployment as the repository is the source of truth for the server state.

Log what you do on #nasqueron-ops, so it will be included at https://infra.nasqueron.org/servers-log/

Code conventions

See also: Code conventions.

  • Python code: run `black` before committing
  • YAML: indent with two spaces, including list bullets
id:
  method:
    - somekey: value
    - otherkey: value

Environment setup

Use of WindRiver is recommended if you wish to get an environment already installed for your contributions.

Everywhere setup

This section cover topics needed both on our development servers or in your laptop.

Python dependencies

Create a virtual environment, then install dependencies from rOPS: requirements.txt:

   mkdir -m $HOME/dev/python/ops
   python3 -m venv $HOME/dev/python/ops
   source $HOME/dev/python/ops/bin/activate
   pip install -r requirements.txt

Datacube

If you're in the ops group, you'll need sometimes to deploy from branches. As our deployment server Complector doesn't have PHP installed (so no arc), you need to exchange branches through our datacube.

On WindRiver:

    git remote add datacube /datacube/git/operations.git

Anywhere else:

    git remote add datacube ssh://windriver.nasqueron.org/datacube/git/operations.git

If you aren't in the ops groups, and have access to our devserver, you'll still be able to clone or pull from that directory, but not to write there (ie push branches).

Local computer setup

This section cover topics NOT needed on our development servers.

Arcanist

To use arc with the operations repository, our collection of patches is needed.

If arcanist isn't installed through Git repository, best is to do like on devserver role:

   mkdir /opt/phabricator && cd /opt/phabricator
   git clone https://github.com/nasqueron/arcanist.git
   (cd arcanist && git checkout production)
   ln -s /opt/phabricator/arcanist/bin/arc /usr/local/bin/
   git clone https://devcentral.nasqueron.org/source/shellcheck-linter.git

If you've already cloned Arcanist repository, switch to our branch production:

   git remote add nasqueron git@github.com:nasqueron/arcanist.git
   git fetch --all
   git checkout production

As of August 2024, there is no plan to make that repository available on DevCentral.

You'll also need shellcheck library-linter library, normally at the same level than your arcanist repository.

IDE configuration

Screenshot of correctly configured template languages

The states .sls file are Jinja2 templates producing YAML files, or "jinja2+yaml". If this case can't be handled by your IDE, it works best to use YAML syntax highlighting.

If you use PyCharm or IntelliJ IDEA Ultimate, you can configure this scheme:

  • Allow YAML files to be Jinja2 templates
    • Go to Settings > Languages & Frameworks > Template Languages
    • Select Jinja2 as template language
    • Add YAML in the list
  • Open SLS as YAML

Linting

pre-commit

You can use pre-commit you can install with make to get a hook running Python code to lint the repository before a commit.

Beware if you use arc diff without a commit first: your message will be lost if pre-commit raises an error, always use git commit first.

On FreeBSD, there is an issue to build with clang 16+ the ruamel yaml clib library. You can build the FreeBSD port devel/py-ruamel.yaml.clib and copy the .whl to a stable path, then install it in your virtual environment.

On WindRiver, the .whl is available in /opt/python/py311, so you can:

   $ python3 -m venv /path/to/your/virtualenv
   $ source /path/to/your/virtualenv/bin/activate
   $ pip install /opt/python/py311/ruamel.yaml.clib-0.2.8-cp311-cp311-freebsd_14_0_release_p3_amd64.whl
   $ pip install pre-commit
   $ make
   pre-commit install
   pre-commit installed at .git/hooks/pre-commit
   $ rehash
   $ pre-commit

Refactoring

Rename a lot of files

To move a directory and rename the Source file headers:

   git mv roles/webserver-legacy/nginx/files roles/webserver-alkane/nginx/
   cd roles/webserver-alkane/nginx/
   find . -type f -name '*.conf' | xargs gsed -i s/webserver-legacy/webserver-alkane/g

See also