What I Touched This Week 2016-12-04

This is a post in series "What I Touched"

This week I setup servers using SaltStack and continue automate building and deployment using Gitlab CI.

Saltstack

  • Pillar cannot access data in another pillar file.
    • Reference pillar name instead, just like contents_pillar in file.managed.
  • mount.mounted does not format the disk, use blockdev.formatted first.
  • salt-call —id custom_id can overrides minion ID in command line, handful for test.

Hour to test Saltstack states

  • Create a docker image, install salt-minion and bats on it.
  • Configure minion to use local file client
  • Allow overriding pillar using an YAML file in test.
  • Use salt-call to apply states.
  • Use bats to verify.

A sample minion config:

file_client: local

file_roots:
  base:
    - /srv/states
    - /srv/test/states
    - /srv/formulas/users-formula

pillar_roots:
  base:
    - /srv/test/pillar
    - /srv/pillar
    
ext_pillar:
  - cmd_yaml: cat /srv/test/pillar.yml

Mount the project to /srv and run bats in docker.

Misc

  • In .gitlab-ci.yml, environment:url cannot contain invalid characters like { and }. Use $CI_BUILD_REF_NAME instead of ${CI_BUILD_REF_NAME} in URL .
  • Gitlab CI Runner on Mac sometimes stucks at fetching repository from gitlab because it asks to access login keychain and requires interactive password input.
  • Python3 version of curl

    python3 -c 'import urllib.request; print(urllib.request.urlopen("http://example.com”).read().decode("utf-8"))'
    

    and POST

    python3 -c 'import urllib.request; urllib.request.urlopen("https://gitlab.com/api/v3/projects/ID/trigger/builds", "token=TOKEN&ref=REF".encode("utf-8"));'
    
  • How to avoid Go gotchas · divan’s blog. Delve into details to avoid gotchas.

  • Python: 会打扮的装饰器 · FunHacks

  • Configure bundle gem mirror bundle config mirror.https://rubygems.org https://gems.ruby-china.org via gems.ruby-china.org

  • Use root to read file but authenticate using another user /usr/local/bin/rsync -e "sudo -H -u user ssh" -av file server:

comments powered by Disqus