Merge branch 'develop' into dist/risotto/risotto-2.7.1/develop

db/gen/create_tables.sql

@@ -0,0 +1,151 @@
+-- Deployment
+CREATE TABLE Deployment (
+  DeploymentId SERIAL PRIMARY KEY,
+  ProviderType VARCHAR(255) NOT NULL,
+  TargetType VARCHAR(255) NOT NULL,
+  TargetName VARCHAR(255) NOT NULL,
+  FactoryCluster VARCHAR(255),
+  FactoryNodeName VARCHAR(255),
+  CPU INTEGER,
+  VCPU INTEGER,
+  Memory INTEGER,
+  Labels VARCHAR(255) [] DEFAULT '{}',
+  UNIQUE (TargetType, TargetName)
+);
+CREATE INDEX Deployment_FactoryNodeName_index ON Deployment(FactoryNodeName);
+
+-- Cluster
+CREATE TABLE FactoryCluster (
+  ClusterId SERIAL PRIMARY KEY,
+  ClusterName VARCHAR(255) NOT NULL UNIQUE,
+  ClusterDescription VARCHAR(255) NOT NULL,
+  VirtualIp VARCHAR(15) NOT NULL,
+  ZoneName VARCHAR(255) NOT NULL
+);
+
+-- Node in Cluster
+CREATE TABLE FactoryClusterNode (
+  ClusterNodeId SERIAL PRIMARY KEY,
+  ClusterId INTEGER NOT NULL,
+  ServerName VARCHAR(255) NOT NULL UNIQUE,
+  FOREIGN KEY (ClusterId) REFERENCES FactoryCluster(ClusterId)
+);
+CREATE INDEX FactoryClusterNode_ServerName_index ON FactoryClusterNode(ServerName);
+-- Site
+CREATE TABLE Site (
+  SiteId SERIAL PRIMARY KEY,
+  SiteName VARCHAR(255) NOT NULL UNIQUE,
+  SiteDescription VARCHAR(255) NOT NULL
+);
+
+-- Zone
+CREATE TABLE Zone (
+  ZoneId SERIAL PRIMARY KEY,
+  ZoneName VARCHAR(255) NOT NULL UNIQUE,
+  ZoneDescription VARCHAR(255) NOT NULL,
+  SitesName VARCHAR(255) [] NOT NULL
+);
+
+-- Server
+CREATE TABLE Server (
+  ServerId SERIAL PRIMARY KEY,
+  ServerName VARCHAR(255) NOT NULL UNIQUE,
+  ServerDescription VARCHAR(255) NOT NULL,
+  ServerServermodelName VARCHAR(255) NOT NULL,
+  ReleaseDistribution VARCHAR(255) NOT NULL,
+  SiteName VARCHAR(255) NOT NULL,
+  ZonesName VARCHAR(255) [] NOT NULL,
+  ZonesIP VARCHAR(255) [] NOT NULL
+);
+-- Source
+CREATE TABLE Source (
+  SourceId SERIAL PRIMARY KEY,
+  SourceName VARCHAR(255) NOT NULL UNIQUE,
+  SourceDirectory TEXT
+);
+
+-- Release
+CREATE TABLE Release (
+  ReleaseId SERIAL PRIMARY KEY,
+  ReleaseName VARCHAR(255) NOT NULL,
+  ReleaseSourceId INTEGER NOT NULL,
+  ReleaseDistribution VARCHAR(20) CONSTRAINT releasedistribution_choice CHECK (ReleaseDistribution IN ('last', 'n-1', 'n-2')),
+  UNIQUE (ReleaseName, ReleaseSourceId),
+  UNIQUE (ReleaseDistribution, ReleaseSourceId),
+  FOREIGN KEY (ReleaseSourceId) REFERENCES Source(SourceId)
+);
+
+-- Servermodel
+CREATE TABLE Servermodel (
+  ServermodelId SERIAL PRIMARY KEY,
+  ServermodelName VARCHAR(255) NOT NULL,
+  ServermodelDescription VARCHAR(255) NOT NULL,
+  Osname VARCHAR(255),
+  Osversion VARCHAR(255),
+  ISO VARCHAR(255),
+  ServermodelParents VARCHAR(255) [] DEFAULT '{}',
+  SourceName VARCHAR(255) NOT NULL,
+  ReleaseDistribution VARCHAR(255) NOT NULL,
+  ServermodelApplicationserviceId INTEGER NOT NULL,
+  UNIQUE (ServermodelName, SourceName, ReleaseDistribution)
+);
+CREATE INDEX ServermodelApplicationserviceId_index ON Servermodel (ServermodelApplicationserviceId);
+
+-- Applicationservice
+CREATE TABLE Applicationservice (
+  ApplicationserviceId SERIAL PRIMARY KEY,
+  ApplicationserviceName VARCHAR(255) NOT NULL,
+  ApplicationserviceDescription VARCHAR(255) NOT NULL,
+  ApplicationserviceReleaseId INTEGER NOT NULL,
+  --ApplicationserviceLVIS VARCHAR(255) NOT NULL,
+  --ApplicationserviceLVIP VARCHAR(255) NOT NULL,
+  --ApplicationserviceLVMP VARCHAR(255) NOT NULL,
+  OS JSON,
+  UNIQUE (ApplicationserviceName, ApplicationserviceReleaseId)
+);
+
+CREATE TABLE ApplicationserviceDependency (
+  ApplicationserviceId INTEGER NOT NULL,
+  ApplicationserviceDependencyId INTEGER NOT NULL,
+  UNIQUE(ApplicationserviceId, ApplicationserviceDependencyId),
+  FOREIGN KEY (ApplicationserviceId) REFERENCES Applicationservice(ApplicationserviceId),
+  FOREIGN KEY (ApplicationserviceDependencyId) REFERENCES Applicationservice(ApplicationserviceId)
+);
+
+-- Log
+CREATE TABLE log(
+  Msg VARCHAR(255) NOT NULL,
+  Level VARCHAR(10) NOT NULL,
+  Path VARCHAR(255),
+  Username VARCHAR(100) NOT NULL,
+  Data JSON,
+  Date timestamp DEFAULT current_timestamp
+);
+-- User, Role and ACL
+CREATE TABLE RisottoUser (
+  UserId SERIAL PRIMARY KEY,
+  UserLogin VARCHAR(100) NOT NULL UNIQUE,
+  UserName VARCHAR(100) NOT NULL,
+  UserSurname VARCHAR(100) NOT NULL
+);
+
+CREATE TABLE UserRole (
+  RoleId SERIAL PRIMARY KEY,
+  RoleUserId INTEGER NOT NULL,
+  RoleName VARCHAR(255) NOT NULL,
+  RoleAttribute VARCHAR(255),
+  RoleAttributeValue VARCHAR(255),
+  FOREIGN KEY (RoleUserId) REFERENCES RisottoUser(UserId)
+);
+
+CREATE TABLE URI (
+  URIId SERIAL PRIMARY KEY,
+  URIName VARCHAR(255) NOT NULL UNIQUE
+);
+
+CREATE TABLE RoleURI (
+  RoleName VARCHAR(255) NOT NULL,
+  URIId INTEGER NOT NULL,
+  FOREIGN KEY (URIId) REFERENCES URI(URIId),
+  PRIMARY KEY (RoleName, URIId)
+);

debian/compat

@@ -0,0 +1 @@
+11

debian/control

@@ -0,0 +1,33 @@
+Source: eole-risotto
+Section: admin
+Priority: optional
+Maintainer: Cadoles <contact@cadoles.com>
+Build-Depends: debhelper (>= 11)
+Standards-Version: 3.9.3 
+Homepage: https://forge.cadoles.com/Infra/risotto
+Vcs-Git: https://forge.cadoles.com/Infra/risotto
+Vcs-Browser: https://forge.cadoles.com/Infra/risotto
+
+Package: eole-risotto
+Architecture: any
+Depends: ${misc:Depends},
+ eole-db,
+ eole-postgresql,
+ python3-aiohttp,
+ risotto-user,
+ risotto-setting,
+ risotto-provider,
+ risotto-message,
+ risotto-infra,
+ cadoles-risotto-seed,
+ risotto,
+ tiramisu,
+ tiramisu-api,
+ rougail,
+ cucchiaiata,
+ tiramisu-cmdline-parser
+Description: configuration pour l’intégration de risotto dans EOLE
+ .
+ Pour toute information complémentaire, veuillez vous rendre sur le
+ site du projet.
+

debian/copyright

@@ -0,0 +1,44 @@
+Format: http://dep.debian.net/deps/dep5
+Upstream-Name: {PROJECT}
+Source: {URL}
+
+Files: *
+Copyright: YEAR {UPSTREAM} {AUTHOR} <{MAIL}>
+License: {UPSTREAM LICENSE}
+
+Files: debian/*
+Copyright: 2012 Équipe EOLE <eole@ac-dijon.fr>
+License: CeCILL-2
+
+License: {UPSTREAM LICENSE}
+ {TEXT OF THE LICENSE}
+
+License: CeCILL-2
+ This software is governed by the CeCILL-2 license under French law and
+ abiding by the rules of distribution of free software.  You can  use,
+ modify and or redistribute the software under the terms of the CeCILL-2
+ license as circulated by CEA, CNRS and INRIA at the following URL
+ "http://www.cecill.info";.
+ .
+ As a counterpart to the access to the source code and  rights to copy,
+ modify and redistribute granted by the license, users are provided only
+ with a limited warranty  and the software's author,  the holder of the
+ economic rights,  and the successive licensors  have only  limited
+ liability.
+ .
+ In this respect, the user's attention is drawn to the risks associated
+ with loading,  using,  modifying and/or developing or reproducing the
+ software by the user in light of its specific status of free software,
+ that may mean  that it is complicated to manipulate,  and  that  also
+ therefore means  that it is reserved for developers  and  experienced
+ professionals having in-depth computer knowledge. Users are therefore
+ encouraged to load and test the software's suitability as regards their
+ requirements in conditions enabling the security of their systems and/or
+ data to be ensured and,  more generally, to use and operate it in the
+ same conditions as regards security.
+ .
+ The fact that you are presently reading this means that you have had
+ knowledge of the CeCILL-2 license and that you accept its terms.
+ .
+ On Eole systems, the complete text of the CeCILL-2 License can be found
+ in '/usr/share/common-licenses/CeCILL-2-en'.

debian/eole-risotto.dirs

@@ -0,0 +1,5 @@
+/srv/risotto/configurations
+/srv/risotto/tmp
+/srv/risotto/seed
+/srv/factory
+/var/cache/risotto/servermodel

debian/rules

@@ -0,0 +1,11 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+%:
+	dh $@
+
+override_dh_installsystemd:
+	dh_installsystemd -peole-risotto --no-enable --no-start --no-stop-on-upgrade

debian/source/format

@@ -0,0 +1 @@
+3.0 (quilt)

dicos/20_partitioning_risotto.xml

@@ -1,26 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-
-<creole>
-    <variables>
-        <family name='système'>
-            <!-- We need to recalculate the variables -->
-            <variable name='eole_lv_names' redefine='True' remove_check='True' />
-            <variable name='eole_lv_standard_extends' redefine='True' remove_check='True' />
-        </family>
-    </variables>
-    <constraints>
-        <!-- Default AmonEcole* logical volumes -->
-        <auto name='calc_multi_val' target='eole_lv_names'>
-            <param>root</param>
-            <param>tmp</param>
-        </auto>
-        <auto name='calc_multi_val' target='eole_lv_standard_extends'>
-            <param type='number'>100</param>
-            <param type='number'>0</param>
-        </auto>
-    </constraints>
-    <help/>
-</creole>
-<!-- vim: ts=4 sw=4 expandtab
--->
-

dicos/50_risotto.xml

@@ -2,12 +2,10 @@
 <creole>
     <files>
         <service>risotto</service>
-        <service_access service='risotto'>
-            <port>8080</port>
-        </service_access>
-        <file name='/etc/risotto/risotto.conf' owner="risotto" mkdir='True' rm='True'/>
-        <file name='/etc/eole/eole-db.d/risotto.yml' mkdir='True' rm='True'/>
-        <file name='/etc/eole/eole-db.d/tiramisu.yml'/>
+        <file filelist='risotto' name='/etc/risotto/risotto.conf' mkdir='True' rm='True'/>
+        <file filelist='risotto' name='/etc/systemd/system/risotto.service' mkdir='True' rm='True'/>
+        <file filelist='risotto' name='/etc/eole/eole-db.d/risotto.yml' mkdir='True' rm='True'/>
+        <file filelist='risotto' name='/etc/eole/eole-db.d/tiramisu.yml' mkdir='True' rm='True'/>
     </files>
     <variables>
         <family name='risotto'>
@@ -36,17 +34,33 @@
                 <value>localhost</value>
             </variable>
             <variable name='risotto_messages_dir' type='filename' description='Emplacement des messages de l’API' hidden='True'>
-                <value>/usr/share/risotto-message/messages</value>
+                <value>/srv/risotto-message/messages</value>
             </variable>
             <variable name='risotto_cache_dir' type='filename' description='Emplacement du cache' hidden='True'>
-                <value>/srv/risotto/cache</value>
+                <value>/var/cache/risotto</value>
             </variable>
             <variable name='risotto_seed_dir' type='filename' description='Emplacement des descriptions de services' hidden='True'>
                 <value>/srv/risotto/seed</value>
             </variable>
-            <variable name='risotto_images_dir' type='filename' description='Emplacement des images disques' hidden='True'>
-                <value>/srv/risotto/images</value>
+            <variable name='risotto_factory_configuration_dir' type='filename' description='Emplacement de la configuration du provider factory' hidden='True'>
+                <value>/srv/factory/</value>
             </variable>
         </family>
     </variables>
+    <constraints>
+    </constraints>
+    <help>
+        <variable name='risotto_configuration_dir'>Aide pour la variable risotto_configuration_dir</variable>
+        <variable name='risotto_temp_dir'>Aide pour la variable risotto_temp_dir</variable>
+        <variable name='risotto_default_user'>Aide pour la variable risotto_default_user</variable>
+        <variable name='risotto_main_dbname'>Aide pour la variable risotto_main_dbname</variable>
+        <variable name='risotto_tiramisu_dbname'>Aide pour la variable risotto_tiramisu_dbname</variable>
+        <variable name='risotto_db_user'>Aide pour la variable risotto_db_user</variable>
+        <variable name='risotto_tiramisu_db_user'>Aide pour la variable risotto_tiramisu_db_user</variable>
+        <variable name='risotto_db_address'>Aide pour la variable risotto_db_address</variable>
+        <variable name='risotto_messages_dir'>Aide pour la variable risotto_messages_dir</variable>
+        <variable name='risotto_cache_dir'>Aide pour la variable risotto_cache_dir</variable>
+        <variable name='risotto_seed_dir'>Aide pour la variable risotto_seed_dir</variable>
+        <variable name='risotto_factory_configuration_dir'>Aide pour la variable risotto_factory_configuration_dir</variable>
+    </help>
 </creole>

posttemplate/20-directories

@@ -1,9 +0,0 @@
-#!/bin/bash
-
-for dir in risotto_cache_dir risotto_seed_dir risotto_temp_dir risotto_configuration_dir risotto_images_dir; do
-    dirname=$(CreoleGet $dir)
-    mkdir -p $dirname
-    chown risotto: $dirname
-done
-
-exit 0

tmpl/risotto.conf

@@ -1,40 +1,15 @@
-CONFIGURATION_DIR=%%risotto_configuration_dir
-TMP_DIR="%%risotto_temp_dir"
-IMAGE_PATH="%%risotto_images_dir"
-DEFAULT_USER="%%risotto_default_user"
-RISOTTO_DB_NAME="%%risotto_main_dbname"
-RISOTTO_DB_USER="%%risotto_db_user"
+CONFIGURATION_DIR=%%getVar('risotto_configuration_dir')
+PROVIDER_FACTORY_CONFIG_DIR=%%getVar('risotto_factory_configuration_dir')
+TMP_DIR=%%getVar('risotto_temp_dir')
+DEFAULT_USER=%%getVar('risotto_default_user')
+RISOTTO_DB_NAME=%%getVar('risotto_main_dbname')
+RISOTTO_DB_USER=%%getVar('risotto_db_user')
 RISOTTO_DB_PASSWORD=replace_me
-TIRAMISU_DB_NAME="%%risotto_tiramisu_dbname"
-TIRAMISU_DB_USER="%%risotto_tiramisu_db_user"
+TIRAMISU_DB_NAME=%%getVar('risotto_tiramisu_dbname')
+TIRAMISU_DB_USER=%%getVar('risotto_tiramisu_db_user')
 TIRAMISU_DB_PASSWORD=replace_me
-RISOTTO_URL="http://%%nom_domaine_machine:8080/"
-DB_ADDRESS="%%risotto_db_address"
-MESSAGE_PATH="%%risotto_messages_dir"
-CACHE_ROOT_PATH="%%risotto_cache_dir"
-SRV_SEED_PATH="%%risotto_seed_dir"
-%set %%var = %%getVar('celeryrisotto_db_user', None)
-%if not %%is_empty(%%var)
-CELERYRISOTTO_DB_NAME="%%celeryrisotto_main_dbname"
-CELERYRISOTTO_DB_USER="%%var"
-CELERYRISOTTO_DB_PASSWORD=replace_me
-%end if
-%set %%var = %%getVar('lemur_db_user', None)
-%if not %%is_empty(%%var)
-LEMUR_DB_NAME="%%lemur_db_name"
-LEMUR_DB_USER="%%var"
-LEMUR_DB_PASSWORD='replace_me'
-%end if
-%set %%var = %%getVar('password_admin_username', None)
-%if not %%is_empty(%%var)
-PASSWORD_ADMIN_USERNAME="%%password_admin_username"
-PASSWORD_ADMIN_EMAIL="%%password_admin_email"
-PASSWORD_ADMIN_PASSWORD="%%password_admin_password"
-PASSWORD_DEVICE_IDENTIFIER="%%password_device_identifier"
-PASSWORD_URL="https://%%nom_domaine_machine:8001/"
-PASSWORD_LENGTH=%%password_length
-%end if
-%if %%getVar('lemur_db_name', None)
-PKI_ADMIN_PASSWORD="%%lemur_admin_password"
-PKI_ADMIN_EMAIL="%%lemur_admin_email"
-%end if
+DB_ADDRESS=%%getVar('risotto_db_address')
+MESSAGE_PATH=%%getVar('risotto_messages_dir')
+CACHE_ROOT_PATH=%%getVar('risotto_cache_dir')
+SRV_SEED_PATH=%%getVar('risotto_seed_dir')
+PYTHONPATH="/usr/lib/python3.6/dist-packages:$PYTHONPATH"

tmpl/risotto.service

@@ -1,12 +1,9 @@
 [Unit]
 Description=risotto
-After=postgresql.service
 
 [Service]
-Type=notify
+EnvironmentFile=/etc/risotto/risotto.conf
 ExecStart=/usr/bin/risotto-server
-User=risotto
-Group=risotto
 
 [Install]
 WantedBy=multi-user.target

tmpl/risotto.yml

@@ -1,23 +1,17 @@
-%from os import listdir
-%set %%dbname = %%risotto_main_dbname
+%set %%dbname = %%getVar('risotto_main_dbname')
 ---
-dbuser: %%risotto_db_user
+dbuser: %%getVar('risotto_db_user')
 dbuser_options:
-  - LOGIN
+    - LOGIN
 privileges:
-  %%{dbname}.public.*: 'ALL'
-  %%{dbname}.public: 'ALL'
-  %%{dbname}: 'ALL'
-dbhost: %%risotto_db_address
+    %%{dbname}.public.*: 'ALL'
+    %%{dbname}.public: 'ALL'
+    %%{dbname}: 'ALL'
+dbhost: %%getVar('risotto_db_address')
 dbport: 5432
 dbtype: postgres
 dbname: %%dbname
 template: 'template0'
-sqlscripts:
-%for %%file in %%listdir('/usr/share/eole/db/eole-risotto/gen/')
- %if %%file.endswith('.sql')
-  - /usr/share/eole/db/eole-risotto/gen/%%file
- %end if
-%end for
+sqlscripts: ['/usr/share/eole/db/eole-risotto/gen/create_tables.sql']
 pwd_files:
-  - {'file': '/etc/risotto/risotto.conf', 'pattern': 'RISOTTO_DB_PASSWORD='}
+        - {'file': '/etc/risotto/risotto.conf', 'pattern': 'RISOTTO_DB_PASSWORD='}

tmpl/tiramisu.yml

@@ -1,16 +1,16 @@
-%set %%dbname = %%risotto_tiramisu_dbname
+%set %%dbname = %%getVar('risotto_tiramisu_dbname')
 ---
-dbuser: %%risotto_tiramisu_db_user
+dbuser: %%getVar('risotto_tiramisu_db_user')
 dbuser_options:
     - LOGIN
 privileges:
     %%{dbname}.public.*: 'ALL'
     %%{dbname}.public: 'ALL'
     %%{dbname}: 'ALL'
-dbhost: %%risotto_db_address
+dbhost: %%getVar('risotto_db_address')
 dbport: 5432
 dbtype: postgres
-dbname: %%risotto_tiramisu_dbname
+dbname: %%getVar('risotto_tiramisu_dbname')
 template: 'template0'
 pwd_files:
         - {'file': '/etc/risotto/risotto.conf', 'pattern': 'TIRAMISU_DB_PASSWORD='}