voxpupuli · bastelfreak · Jan 9, 2025 · Jan 9, 2025 · Jan 9, 2025 · Jan 9, 2025
diff --git a/data/nodes/ci02.voxpupu.li.yaml b/data/nodes/ci02.voxpupu.li.yaml
@@ -7,8 +7,9 @@ profiles::github_runners::setup_docker: true
 profiles::github_runners::instances: ['first', 'second']
 profiles::github_runners::runner_group: 'Hetzner-ARM'
 profiles::github_runners::labels: ['self-hosted', 'hetzner-arm']
-
+profiles::github_runners::org_name: 'openvoxproject'
 classes:
   - profiles::github_runners
+  - profiles::ssh_keys::nmburgan
 
 github_actions_runner::personal_access_token: ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAV1E1ok8FbLt6IeeKsmdoazXV/ZI87iSiRpt29FUG1giIgrxPEscowQAzug7Q/wSjTAh36ZEVIpnq+uBxoWPRJ9hyyQDxbUB4K9AcjyZ4Ih7qWzhNCBx/PKStFw2Pa4O1Y1yyILfxmYg9SIpDxaCmuXCxlsT9BiIjOjWBHTtK8hOEClpF8w7SuzHIukhZ4CPvOGM0chVFNk6sjgSkyBNaAZmjprdmkkhj6gZewGgVctsQWhHalnDt5iAEsmZQ8gWd2PxQHhmCPUtO4feC3zaD8C88Aj9FaITnkitp+ZAwEvtMccJGMnrUtzd0yRQoo/V57/WHv3MszNvfeRcU1TLaYzBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDMNfPlQuSt2+pyCVZBlc2WgDDvB9RwoqrLzdksiVFAD+I2pP+FG+CUi+p7bHxiZZqc8CRrSB+VO+nSCvb8oyaP2nk=]
diff --git a/site/profiles/REFERENCE.md b/site/profiles/REFERENCE.md
@@ -25,7 +25,8 @@
 * [`profiles::puppetcode`](#profiles--puppetcode): some resources to manage puppete code
 * [`profiles::puppetmodule`](#profiles--puppetmodule): configures puppetmodule.info
 * [`profiles::ssh`](#profiles--ssh): ssh profile to manage sshd + ssh keys
-* [`profiles::ssh_keys`](#profiles--ssh_keys): configure keys from GitHubs in the authorized_keys file
+* [`profiles::ssh_keys::nmburgan`](#profiles--ssh_keys--nmburgan): configure key from nmburgan from GitHubs in the authorized_keys file
+* [`profiles::ssh_keys::pmc`](#profiles--ssh_keys--pmc): configure keys from GitHubs in the authorized_keys file
 * [`profiles::vpt`](#profiles--vpt): this profile will, in the future, instal Vox Pupuli Tasks
 
 #### Private Classes
@@ -36,6 +37,10 @@
 
 * [`profiles::certbot::nginx`](#profiles--certbot--nginx): configures location blocks for nginx
 
+### Functions
+
+* [`profiles::update_ssh_authorized_keys`](#profiles--update_ssh_authorized_keys): generate ssh_authorized_key root entries for a list of github users
+
 ## Classes
 
 ### <a name="profiles--base"></a>`profiles::base`
@@ -176,6 +181,7 @@ The following parameters are available in the `profiles::github_runners` class:
 * [`setup_docker`](#-profiles--github_runners--setup_docker)
 * [`setup_libvirt`](#-profiles--github_runners--setup_libvirt)
 * [`runner_group`](#-profiles--github_runners--runner_group)
+* [`org_name`](#-profiles--github_runners--org_name)
 
 ##### <a name="-profiles--github_runners--labels"></a>`labels`
 
@@ -207,7 +213,7 @@ Data type: `String[1]`
 
 version of the runner, matches their upstream github release names
 
-Default value: `'2.319.1'`
+Default value: `'2.321.0'`
 
 ##### <a name="-profiles--github_runners--instances"></a>`instances`
 
@@ -257,6 +263,14 @@ the group that we will assign to the runners. Needs to exist
 
 Default value: `undef`
 
+##### <a name="-profiles--github_runners--org_name"></a>`org_name`
+
+Data type: `Enum['voxpupuli', 'openvoxproject']`
+
+name of the github org
+
+Default value: `'voxpupuli'`
+
 ### <a name="profiles--grafana"></a>`profiles::grafana`
 
 installs grafana to display stats from dropsonde about Vox Pupuli modules
@@ -400,17 +414,35 @@ Default value: `'puppetmodule'`
 
 ssh profile to manage sshd + ssh keys
 
-### <a name="profiles--ssh_keys"></a>`profiles::ssh_keys`
+### <a name="profiles--ssh_keys--nmburgan"></a>`profiles::ssh_keys::nmburgan`
+
+configure key from nmburgan from GitHubs in the authorized_keys file
+
+#### Parameters
+
+The following parameters are available in the `profiles::ssh_keys::nmburgan` class:
+
+* [`github_users`](#-profiles--ssh_keys--nmburgan--github_users)
+
+##### <a name="-profiles--ssh_keys--nmburgan--github_users"></a>`github_users`
+
+Data type: `Array[String[1]]`
+
+list of github users, we will download their ssh keys
+
+Default value: `['nmburgan']`
+
+### <a name="profiles--ssh_keys--pmc"></a>`profiles::ssh_keys::pmc`
 
 configure keys from GitHubs in the authorized_keys file
 
 #### Parameters
 
-The following parameters are available in the `profiles::ssh_keys` class:
+The following parameters are available in the `profiles::ssh_keys::pmc` class:
 
-* [`github_users`](#-profiles--ssh_keys--github_users)
+* [`github_users`](#-profiles--ssh_keys--pmc--github_users)
 
-##### <a name="-profiles--ssh_keys--github_users"></a>`github_users`
+##### <a name="-profiles--ssh_keys--pmc--github_users"></a>`github_users`
 
 Data type: `Array[String[1]]`
 
@@ -477,3 +509,23 @@ the domain for the location blocks
 
 Default value: `$title`
 
+## Functions
+
+### <a name="profiles--update_ssh_authorized_keys"></a>`profiles::update_ssh_authorized_keys`
+
+Type: Puppet Language
+
+generate ssh_authorized_key root entries for a list of github users
+
+#### `profiles::update_ssh_authorized_keys(Array[String[1]] $github_users)`
+
+The profiles::update_ssh_authorized_keys function.
+
+Returns: `Any`
+
+##### `github_users`
+
+Data type: `Array[String[1]]`
+
+the list of users
+
diff --git a/site/profiles/manifests/ssh_keys.pp → ...s/functions/update_ssh_authorized_keys.pp b/site/profiles/manifests/ssh_keys.pp → ...s/functions/update_ssh_authorized_keys.pp
@@ -1,13 +1,11 @@
 #
-# @summary configure keys from GitHubs in the authorized_keys file
+# @summary generate ssh_authorized_key root entries for a list of github users
 #
-# @param github_users list of github users, we will download their ssh keys
+# @param github_users the list of users
 #
 # @author Tim Meusel <[email protected]>
 #
-class profiles::ssh_keys (
-  Array[String[1]] $github_users = ['bastelfreak', 'smortex', 'rwaffen', 'ekohl', 'sebastianrakel',],
-) {
+function profiles::update_ssh_authorized_keys(Array[String[1]] $github_users) {
   $github_users.each |$user| {
     $keys = extlib::read_url("https://github.com/${user}.keys")
     $keys.split("\n").each |$index, $key| {

diff --git a/site/profiles/manifests/base.pp b/site/profiles/manifests/base.pp
@@ -141,7 +141,7 @@
     type   => 'ssh-ed25519',
   }
   # fetches all keys from GitHub for PMC people
-  contain profiles::ssh_keys
+  contain profiles::ssh_keys::pmc
   # manage root so we can purge unknown keys
   user { 'root':
     ensure         => 'present',

diff --git a/site/profiles/manifests/github_runners.pp b/site/profiles/manifests/github_runners.pp
@@ -11,6 +11,7 @@
 # @param setup_docker installs docker for beaker jobs
 # @param setup_libvirt installs libvirt and adds the user to the group
 # @param runner_group the group that we will assign to the runners. Needs to exist
+# @param org_name name of the github org
 #
 # @see code provided by CERN
 #
@@ -20,13 +21,14 @@
   Array[String[1]] $labels = ['self-hosted',],
   String[1] $user = 'runner',
   String[1] $group = $user,
-  String[1] $version = '2.319.1',
+  String[1] $version = '2.321.0',
   Optional[String[1]] $repo_name = undef,
   Array[String[1]] $instances = [],
   Boolean $setup_ruby = false,
   Boolean $setup_docker = false,
   Boolean $setup_libvirt = false,
   Optional[String[1]] $runner_group = undef,
+  Enum['voxpupuli', 'openvoxproject'] $org_name = 'voxpupuli',
 ) {
   package { ['jq', 'libffi-dev', 'libyaml-dev', 'libreadline-dev', 'zlib1g-dev', 'libssl-dev',]:
     ensure => 'installed',
@@ -79,7 +81,7 @@
     base_dir_name  => "${home}/actions-runner",
     repository_url => 'https://github.com/actions/runner/releases/download',
     #personal_access_token => Deferred('teigi::get',['pat']),
-    org_name       => 'voxpupuli',
+    org_name       => $org_name,
     user           => $user,
     group          => $group,
     instances      => $_instances,

diff --git a/site/profiles/manifests/ssh_keys/nmburgan.pp b/site/profiles/manifests/ssh_keys/nmburgan.pp
@@ -0,0 +1,12 @@
+#
+# @summary configure key from nmburgan from GitHubs in the authorized_keys file
+#
+# @param github_users list of github users, we will download their ssh keys
+#
+# @author Tim Meusel <[email protected]>
+#
+class profiles::ssh_keys::nmburgan (
+  Array[String[1]] $github_users = ['nmburgan'],
+) {
+  profiles::update_ssh_authorized_keys($github_users)
+}
diff --git a/site/profiles/manifests/ssh_keys/pmc.pp b/site/profiles/manifests/ssh_keys/pmc.pp
@@ -0,0 +1,12 @@
+#
+# @summary configure keys from GitHubs in the authorized_keys file
+#
+# @param github_users list of github users, we will download their ssh keys
+#
+# @author Tim Meusel <[email protected]>
+#
+class profiles::ssh_keys::pmc (
+  Array[String[1]] $github_users = ['bastelfreak', 'smortex', 'rwaffen', 'ekohl', 'sebastianrakel',],
+) {
+  profiles::update_ssh_authorized_keys($github_users)
+}