diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
new file mode 100644
index 0000000..c2f88dc
--- /dev/null
+++ b/.github/workflows/lint.yaml
@@ -0,0 +1,71 @@
+---
+name: "Lint testing"
+
+on:
+ pull_request:
+ branches:
+ - "main"
+
+jobs:
+ setup_matrix:
+ name: "Setup Test Matrix"
+ runs-on: ubuntu-22.04
+ outputs:
+ matrix: ${{ steps.get-matrix.outputs.matrix }}
+
+ steps:
+ - name: Checkout Source
+ uses: actions/checkout@v3
+
+ - name: Activate Ruby 3.2
+ uses: ruby/setup-ruby@v1
+ with:
+ ruby-version: "3.2.3"
+ bundler-cache: true
+
+ - name: Print bundle environment
+ run: |
+ echo ::group::bundler environment
+ bundle env
+ echo ::endgroup::
+
+ - name: Setup Integration Test Matrix
+ id: get-matrix
+ run: |
+ echo "matrix=$(cat test_matrix.json | tr -s '\n' ' ')" >> $GITHUB_OUTPUT
+ cat $GITHUB_OUTPUT
+
+ lint:
+ name: "Lint tests (${{matrix.collection.agent_version}})"
+ needs:
+ - setup_matrix
+ if: ${{ needs.setup_matrix.outputs.matrix != '{}' }}
+
+ runs-on: ubuntu-22.04
+ strategy:
+ fail-fast: false
+ matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}}
+
+ env:
+ PUPPET_GEM_VERSION: ${{matrix.collection.gem_version}}
+ FACTER_GEM_VERSION: 'https://github.com/puppetlabs/facter#main' # why is this set?
+
+ steps:
+ - name: Checkout Source
+ uses: actions/checkout@v3
+
+ - name: Activate Ruby 3.2
+ uses: ruby/setup-ruby@v1
+ with:
+ ruby-version: "3.2.3"
+ bundler-cache: true
+
+ - name: Print bundle environment
+ run: |
+ echo ::group::bundler environment
+ bundle env
+ echo ::endgroup::
+
+ - name: "Run tests"
+ run: |
+ bundle exec rake validate
\ No newline at end of file
diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml
new file mode 100644
index 0000000..2e3fea2
--- /dev/null
+++ b/.github/workflows/unit_tests.yml
@@ -0,0 +1,71 @@
+---
+name: "Unit Testing"
+
+on:
+ pull_request:
+ branches:
+ - "main"
+
+jobs:
+ setup_matrix:
+ name: "Setup Test Matrix"
+ runs-on: ubuntu-22.04
+ outputs:
+ matrix: ${{ steps.get-matrix.outputs.matrix }}
+
+ steps:
+ - name: Checkout Source
+ uses: actions/checkout@v3
+
+ - name: Activate Ruby 3.2
+ uses: ruby/setup-ruby@v1
+ with:
+ ruby-version: "3.2.3"
+ bundler-cache: true
+
+ - name: Print bundle environment
+ run: |
+ echo ::group::bundler environment
+ bundle env
+ echo ::endgroup::
+
+ - name: Setup Integration Test Matrix
+ id: get-matrix
+ run: |
+ echo "matrix=$(cat test_matrix.json | tr -s '\n' ' ')" >> $GITHUB_OUTPUT
+ cat $GITHUB_OUTPUT
+
+ Unit:
+ name: "Unit tests (${{matrix.collection.agent_version}})"
+ needs:
+ - setup_matrix
+ if: ${{ needs.setup_matrix.outputs.matrix != '{}' }}
+
+ runs-on: ubuntu-22.04
+ strategy:
+ fail-fast: false
+ matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}}
+
+ env:
+ PUPPET_GEM_VERSION: ${{matrix.collection.gem_version}}
+ FACTER_GEM_VERSION: 'https://github.com/puppetlabs/facter#main' # why is this set?
+
+ steps:
+ - name: Checkout Source
+ uses: actions/checkout@v3
+
+ - name: Activate Ruby 3.2
+ uses: ruby/setup-ruby@v1
+ with:
+ ruby-version: "3.2.3"
+ bundler-cache: true
+
+ - name: Print bundle environment
+ run: |
+ echo ::group::bundler environment
+ bundle env
+ echo ::endgroup::
+
+ - name: "Run tests"
+ run: |
+ bundle exec rake parallel_spec
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index 988dcbb..45835b1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,6 +4,7 @@
.yardoc
.yardwarns
*.iml
+Gemfile.lock
/.bundle/
/.idea/
/.vagrant/
@@ -16,7 +17,7 @@
/log/
/pkg/
/spec/fixtures/manifests/
-/spec/fixtures/modules/
+/spec/fixtures/modules/*
/tmp/
/vendor/
/convert_report.txt
diff --git a/.pdkignore b/.pdkignore
index c538bea..862847a 100644
--- a/.pdkignore
+++ b/.pdkignore
@@ -16,7 +16,7 @@
/log/
/pkg/
/spec/fixtures/manifests/
-/spec/fixtures/modules/
+/spec/fixtures/modules/*
/tmp/
/vendor/
/convert_report.txt
@@ -26,20 +26,17 @@
.envrc
/inventory.yaml
/spec/fixtures/litmus_inventory.yaml
-/appveyor.yml
-/.editorconfig
/.fixtures.yml
/Gemfile
/.gitattributes
+/.github/
/.gitignore
-/.gitlab-ci.yml
/.pdkignore
/.puppet-lint.rc
/Rakefile
/rakelib/
/.rspec
-/.rubocop.yml
-/.travis.yml
+/..yml
/.yardopts
/spec/
/.vscode/
diff --git a/.rubocop.yml b/.rubocop.yml
index 31e8248..21b82b9 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -3,8 +3,9 @@ require:
- rubocop-performance
- rubocop-rspec
AllCops:
+ NewCops: enable
DisplayCopNames: true
- TargetRubyVersion: '2.5'
+ TargetRubyVersion: '2.6'
Include:
- "**/*.rb"
Exclude:
@@ -111,8 +112,14 @@ Style/MethodCalledOnDoEndBlock:
Enabled: true
Style/StringMethods:
Enabled: true
+Bundler/GemFilename:
+ Enabled: false
Bundler/InsecureProtocolSource:
Enabled: false
+Capybara/CurrentPathExpectation:
+ Enabled: false
+Capybara/VisibilityMatcher:
+ Enabled: false
Gemspec/DuplicatedAssignment:
Enabled: false
Gemspec/OrderedDependencies:
@@ -287,11 +294,9 @@ Performance/UriDefaultParser:
Enabled: false
RSpec/Be:
Enabled: false
-RSpec/Capybara/CurrentPathExpectation:
- Enabled: false
RSpec/Capybara/FeatureMethods:
Enabled: false
-RSpec/Capybara/VisibilityMatcher:
+RSpec/ContainExactly:
Enabled: false
RSpec/ContextMethod:
Enabled: false
@@ -331,6 +336,8 @@ RSpec/LeakyConstantDeclaration:
Enabled: false
RSpec/LetBeforeExamples:
Enabled: false
+RSpec/MatchArray:
+ Enabled: false
RSpec/MissingExampleGroupArgument:
Enabled: false
RSpec/MultipleExpectations:
@@ -373,8 +380,6 @@ Style/AccessModifierDeclarations:
Enabled: false
Style/AccessorGrouping:
Enabled: false
-Style/AsciiComments:
- Enabled: false
Style/BisectedAttrAccessor:
Enabled: false
Style/CaseLikeIf:
@@ -485,35 +490,241 @@ Style/TrailingMethodEndStatement:
Enabled: false
Style/UnpackFirst:
Enabled: false
+Capybara/MatchStyle:
+ Enabled: false
+Capybara/NegationMatcher:
+ Enabled: false
+Capybara/SpecificActions:
+ Enabled: false
+Capybara/SpecificFinders:
+ Enabled: false
+Capybara/SpecificMatcher:
+ Enabled: false
+Gemspec/DeprecatedAttributeAssignment:
+ Enabled: false
+Gemspec/DevelopmentDependencies:
+ Enabled: false
+Gemspec/RequireMFA:
+ Enabled: false
+Layout/LineContinuationLeadingSpace:
+ Enabled: false
+Layout/LineContinuationSpacing:
+ Enabled: false
+Layout/LineEndStringConcatenationIndentation:
+ Enabled: false
+Layout/SpaceBeforeBrackets:
+ Enabled: false
+Lint/AmbiguousAssignment:
+ Enabled: false
+Lint/AmbiguousOperatorPrecedence:
+ Enabled: false
+Lint/AmbiguousRange:
+ Enabled: false
+Lint/ConstantOverwrittenInRescue:
+ Enabled: false
+Lint/DeprecatedConstants:
+ Enabled: false
Lint/DuplicateBranch:
Enabled: false
+Lint/DuplicateMagicComment:
+ Enabled: false
+Lint/DuplicateMatchPattern:
+ Enabled: false
Lint/DuplicateRegexpCharacterClassElement:
Enabled: false
Lint/EmptyBlock:
Enabled: false
Lint/EmptyClass:
Enabled: false
+Lint/EmptyInPattern:
+ Enabled: false
+Lint/IncompatibleIoSelectWithFiberScheduler:
+ Enabled: false
+Lint/LambdaWithoutLiteralBlock:
+ Enabled: false
Lint/NoReturnInBeginEndBlocks:
Enabled: false
+Lint/NonAtomicFileOperation:
+ Enabled: false
+Lint/NumberedParameterAssignment:
+ Enabled: false
+Lint/OrAssignmentToConstant:
+ Enabled: false
+Lint/RedundantDirGlobSort:
+ Enabled: false
+Lint/RefinementImportMethods:
+ Enabled: false
+Lint/RequireRangeParentheses:
+ Enabled: false
+Lint/RequireRelativeSelfPath:
+ Enabled: false
+Lint/SymbolConversion:
+ Enabled: false
Lint/ToEnumArguments:
Enabled: false
+Lint/TripleQuotes:
+ Enabled: false
Lint/UnexpectedBlockArity:
Enabled: false
Lint/UnmodifiedReduceAccumulator:
Enabled: false
+Lint/UselessRescue:
+ Enabled: false
+Lint/UselessRuby2Keywords:
+ Enabled: false
+Metrics/CollectionLiteralLength:
+ Enabled: false
+Naming/BlockForwarding:
+ Enabled: false
Performance/CollectionLiteralInLoop:
Enabled: false
+Performance/ConcurrentMonotonicTime:
+ Enabled: false
+Performance/MapCompact:
+ Enabled: false
+Performance/RedundantEqualityComparisonBlock:
+ Enabled: false
+Performance/RedundantSplitRegexpArgument:
+ Enabled: false
+Performance/StringIdentifierArgument:
+ Enabled: false
+RSpec/BeEq:
+ Enabled: false
+RSpec/BeNil:
+ Enabled: false
+RSpec/ChangeByZero:
+ Enabled: false
+RSpec/ClassCheck:
+ Enabled: false
+RSpec/DuplicatedMetadata:
+ Enabled: false
+RSpec/ExcessiveDocstringSpacing:
+ Enabled: false
+RSpec/FactoryBot/ConsistentParenthesesStyle:
+ Enabled: false
+RSpec/FactoryBot/FactoryNameStyle:
+ Enabled: false
+RSpec/FactoryBot/SyntaxMethods:
+ Enabled: false
+RSpec/IdenticalEqualityAssertion:
+ Enabled: false
+RSpec/NoExpectationExample:
+ Enabled: false
+RSpec/PendingWithoutReason:
+ Enabled: false
+RSpec/Rails/AvoidSetupHook:
+ Enabled: false
+RSpec/Rails/HaveHttpStatus:
+ Enabled: false
+RSpec/Rails/InferredSpecType:
+ Enabled: false
+RSpec/Rails/MinitestAssertions:
+ Enabled: false
+RSpec/Rails/TravelAround:
+ Enabled: false
+RSpec/RedundantAround:
+ Enabled: false
+RSpec/SkipBlockInsideExample:
+ Enabled: false
+RSpec/SortMetadata:
+ Enabled: false
+RSpec/SubjectDeclaration:
+ Enabled: false
+RSpec/VerifiedDoubleReference:
+ Enabled: false
+Security/CompoundHash:
+ Enabled: false
+Security/IoMethods:
+ Enabled: false
Style/ArgumentsForwarding:
Enabled: false
+Style/ArrayIntersect:
+ Enabled: false
Style/CollectionCompact:
Enabled: false
+Style/ComparableClamp:
+ Enabled: false
+Style/ConcatArrayLiterals:
+ Enabled: false
+Style/DataInheritance:
+ Enabled: false
+Style/DirEmpty:
+ Enabled: false
Style/DocumentDynamicEvalDefinition:
Enabled: false
+Style/EmptyHeredoc:
+ Enabled: false
+Style/EndlessMethod:
+ Enabled: false
+Style/EnvHome:
+ Enabled: false
+Style/FetchEnvVar:
+ Enabled: false
+Style/FileEmpty:
+ Enabled: false
+Style/FileRead:
+ Enabled: false
+Style/FileWrite:
+ Enabled: false
+Style/HashConversion:
+ Enabled: false
+Style/HashExcept:
+ Enabled: false
+Style/IfWithBooleanLiteralBranches:
+ Enabled: false
+Style/InPatternThen:
+ Enabled: false
+Style/MagicCommentFormat:
+ Enabled: false
+Style/MapCompactWithConditionalBlock:
+ Enabled: false
+Style/MapToHash:
+ Enabled: false
+Style/MapToSet:
+ Enabled: false
+Style/MinMaxComparison:
+ Enabled: false
+Style/MultilineInPatternThen:
+ Enabled: false
Style/NegatedIfElseCondition:
Enabled: false
+Style/NestedFileDirname:
+ Enabled: false
Style/NilLambda:
Enabled: false
+Style/NumberedParameters:
+ Enabled: false
+Style/NumberedParametersLimit:
+ Enabled: false
+Style/ObjectThen:
+ Enabled: false
+Style/OpenStructUse:
+ Enabled: false
+Style/OperatorMethodCall:
+ Enabled: false
+Style/QuotedSymbols:
+ Enabled: false
Style/RedundantArgument:
Enabled: false
+Style/RedundantConstantBase:
+ Enabled: false
+Style/RedundantDoubleSplatHashBraces:
+ Enabled: false
+Style/RedundantEach:
+ Enabled: false
+Style/RedundantHeredocDelimiterQuotes:
+ Enabled: false
+Style/RedundantInitialize:
+ Enabled: false
+Style/RedundantLineContinuation:
+ Enabled: false
+Style/RedundantSelfAssignmentBranch:
+ Enabled: false
+Style/RedundantStringEscape:
+ Enabled: false
+Style/SelectByRegexp:
+ Enabled: false
+Style/StringChars:
+ Enabled: false
Style/SwapValues:
Enabled: false
diff --git a/.vscode/extensions.json b/.vscode/extensions.json
index 2f1e4f7..6da8d47 100644
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@@ -1,6 +1,6 @@
{
"recommendations": [
"puppet.puppet-vscode",
- "rebornix.Ruby"
+ "Shopify.ruby-lsp"
]
}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index cd0d5e1..9d85552 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,16 @@
All notable changes to this project will be documented in this file.
+## Release 2.0.0
+
+**Features**
+
+- Improve plan run time by using `enterprise_task::test_connect` to verify connectivity. Thanks chambersmp
+- Bumped PDK to version 3.2.0
+- Plan can now automatically detect the primary server thanks to the `pe_status_check_role` fact.
+- Minor lint fixes.
+- Added github actions lint and unit tests.
+
## Release 1.0.0
**Features**
diff --git a/Gemfile b/Gemfile
index 4ffa786..7a9ef2e 100644
--- a/Gemfile
+++ b/Gemfile
@@ -14,30 +14,35 @@ def location_for(place_or_version, fake_version = nil)
end
group :development do
- gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
- gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
- gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
- gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
- gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
- gem "voxpupuli-puppet-lint-plugins", '~> 3.1', require: false
- gem "facterdb", '~> 1.18', require: false
- gem "metadata-json-lint", '>= 2.0.2', '< 4.0.0', require: false
- gem "puppetlabs_spec_helper", '>= 3.0.0', '< 5.0.0', require: false
- gem "rspec-puppet-facts", '~> 2.0', require: false
- gem "codecov", '~> 0.2', require: false
- gem "dependency_checker", '~> 0.2', require: false
- gem "parallel_tests", '~> 3.4', require: false
- gem "pry", '~> 0.10', require: false
- gem "simplecov-console", '~> 0.5', require: false
- gem "puppet-debugger", '~> 1.0', require: false
- gem "rubocop", '= 1.6.1', require: false
- gem "rubocop-performance", '= 1.9.1', require: false
- gem "rubocop-rspec", '= 2.0.1', require: false
- gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+ gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "deep_merge", '~> 1.0', require: false
+ gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false
+ gem "facterdb", '~> 1.18', require: false
+ gem "metadata-json-lint", '~> 4.0', require: false
+ gem "rspec-puppet-facts", '~> 3.0', require: false
+ gem "dependency_checker", '~> 1.0.0', require: false
+ gem "parallel_tests", '= 3.12.1', require: false
+ gem "pry", '~> 0.10', require: false
+ gem "simplecov-console", '~> 0.9', require: false
+ gem "puppet-debugger", '~> 1.0', require: false
+ gem "rubocop", '~> 1.50.0', require: false
+ gem "rubocop-performance", '= 1.16.0', require: false
+ gem "rubocop-rspec", '= 2.19.0', require: false
+ gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+end
+group :development, :release_prep do
+ gem "puppet-strings", '~> 4.0', require: false
+ gem "puppetlabs_spec_helper", '~> 7.0', require: false
end
group :system_tests do
- gem "puppet_litmus", '< 1.0.0', require: false, platforms: [:ruby]
- gem "serverspec", '~> 2.41', require: false
+ gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw]
+ gem "CFPropertyList", '< 3.0.7', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+ gem "serverspec", '~> 2.41', require: false
end
puppet_version = ENV['PUPPET_GEM_VERSION']
diff --git a/Gemfile.lock b/Gemfile.lock
deleted file mode 100644
index 128590f..0000000
--- a/Gemfile.lock
+++ /dev/null
@@ -1,468 +0,0 @@
-GEM
- remote: https://rubygems.org/
- specs:
- CFPropertyList (2.3.6)
- addressable (2.8.4)
- public_suffix (>= 2.0.2, < 6.0)
- ansi (1.5.0)
- ast (2.4.2)
- awesome_print (1.9.2)
- aws-eventstream (1.2.0)
- aws-partitions (1.748.0)
- aws-sdk-core (3.171.0)
- aws-eventstream (~> 1, >= 1.0.2)
- aws-partitions (~> 1, >= 1.651.0)
- aws-sigv4 (~> 1.5)
- jmespath (~> 1, >= 1.6.1)
- aws-sdk-ec2 (1.375.0)
- aws-sdk-core (~> 3, >= 3.165.0)
- aws-sigv4 (~> 1.1)
- aws-sigv4 (1.5.2)
- aws-eventstream (~> 1, >= 1.0.2)
- bindata (2.4.15)
- bolt (3.26.2)
- CFPropertyList (~> 2.2)
- addressable (~> 2.5)
- aws-sdk-ec2 (~> 1)
- concurrent-ruby (~> 1.0)
- ffi (>= 1.9.25, < 2.0.0)
- hiera-eyaml (~> 3)
- jwt (~> 2.2)
- logging (~> 2.2)
- minitar (~> 0.6)
- net-scp (~> 1.2)
- net-ssh (>= 4.0, < 7.0)
- net-ssh-krb (~> 0.5)
- orchestrator_client (~> 0.5)
- puppet (>= 6.18.0)
- puppet-resource_api (>= 1.8.1)
- puppet-strings (>= 2.3.0, < 4.0)
- puppetfile-resolver (>= 0.6.2, < 1.0)
- r10k (~> 3.10)
- ruby_smb (~> 1.0)
- terminal-table (~> 3.0)
- winrm (~> 2.0)
- winrm-fs (~> 1.3)
- builder (3.2.4)
- codecov (0.6.0)
- simplecov (>= 0.15, < 0.22)
- coderay (1.1.3)
- colored2 (3.1.2)
- concurrent-ruby (1.1.10)
- connection_pool (2.4.0)
- cri (2.15.11)
- deep_merge (1.2.2)
- dependency_checker (0.3.0)
- parallel
- puppet_forge (>= 2.2, < 4.0)
- rake (~> 13.0)
- semantic_puppet (~> 1.0)
- diff-lcs (1.5.0)
- docile (1.4.0)
- docker-api (2.2.0)
- excon (>= 0.47.0)
- multi_json
- domain_name (0.5.20190701)
- unf (>= 0.0.5, < 1.0.0)
- erubi (1.12.0)
- excon (0.99.0)
- facter (4.3.1)
- hocon (~> 1.3)
- thor (>= 1.0.1, < 2.0)
- facterdb (1.21.0)
- facter (< 5.0.0)
- jgrep
- faraday (1.10.3)
- faraday-em_http (~> 1.0)
- faraday-em_synchrony (~> 1.0)
- faraday-excon (~> 1.1)
- faraday-httpclient (~> 1.0)
- faraday-multipart (~> 1.0)
- faraday-net_http (~> 1.0)
- faraday-net_http_persistent (~> 1.0)
- faraday-patron (~> 1.0)
- faraday-rack (~> 1.0)
- faraday-retry (~> 1.0)
- ruby2_keywords (>= 0.0.4)
- faraday-em_http (1.0.0)
- faraday-em_synchrony (1.0.0)
- faraday-excon (1.1.0)
- faraday-httpclient (1.0.1)
- faraday-multipart (1.0.4)
- multipart-post (~> 2)
- faraday-net_http (1.0.1)
- faraday-net_http_persistent (1.2.0)
- faraday-patron (1.0.0)
- faraday-rack (1.0.0)
- faraday-retry (1.0.3)
- faraday_middleware (1.2.0)
- faraday (~> 1.0)
- fast_gettext (2.3.0)
- ffi (1.15.5)
- ffi-compiler (1.0.1)
- ffi (>= 1.0.0)
- rake
- forwardable (1.3.3)
- gettext (3.4.3)
- erubi
- locale (>= 2.0.5)
- prime
- text (>= 1.3.0)
- gettext-setup (1.1.0)
- fast_gettext (~> 2.1)
- gettext (~> 3.4)
- locale
- gssapi (1.3.1)
- ffi (>= 1.0.1)
- gyoku (1.4.0)
- builder (>= 2.1.2)
- rexml (~> 3.0)
- hiera (3.12.0)
- hiera-eyaml (3.3.0)
- highline
- optimist
- highline (2.1.0)
- hocon (1.4.0)
- honeycomb-beeline (2.11.0)
- libhoney (>= 1.14.2)
- http (5.1.1)
- addressable (~> 2.8)
- http-cookie (~> 1.0)
- http-form_data (~> 2.2)
- llhttp-ffi (~> 0.4.0)
- http-cookie (1.0.5)
- domain_name (~> 0.5)
- http-form_data (2.3.0)
- httpclient (2.8.3)
- jgrep (1.5.4)
- jmespath (1.6.2)
- json (2.3.0)
- json-schema (3.0.0)
- addressable (>= 2.8)
- jwt (2.2.3)
- libhoney (2.2.0)
- addressable (~> 2.0)
- excon
- http (>= 2.0, < 6.0)
- little-plugger (1.1.4)
- llhttp-ffi (0.4.0)
- ffi-compiler (~> 1.0)
- rake (~> 13.0)
- locale (2.1.3)
- log4r (1.1.10)
- logging (2.3.1)
- little-plugger (~> 1.1)
- multi_json (~> 1.14)
- metadata-json-lint (3.0.2)
- json-schema (>= 2.8, < 4.0)
- spdx-licenses (~> 1.0)
- method_source (1.0.0)
- minitar (0.9)
- mocha (1.16.1)
- molinillo (0.8.0)
- multi_json (1.15.0)
- multipart-post (2.3.0)
- net-http-persistent (4.0.2)
- connection_pool (~> 2.2)
- net-scp (1.2.1)
- net-ssh (>= 2.6.5)
- net-ssh (6.1.0)
- net-ssh-krb (0.5.1)
- gssapi (~> 1.3.0)
- net-ssh (>= 2.0)
- net-telnet (0.1.1)
- nori (2.6.0)
- optimist (3.0.1)
- orchestrator_client (0.6.1)
- faraday (~> 1.4)
- net-http-persistent (~> 4.0)
- parallel (1.22.1)
- parallel_tests (3.13.0)
- parallel
- parser (3.2.2.0)
- ast (~> 2.4.1)
- pathspec (1.0.0)
- pluginator (1.5.0)
- prime (0.1.2)
- forwardable
- singleton
- pry (0.14.2)
- coderay (~> 1.1)
- method_source (~> 1.0)
- public_suffix (5.0.1)
- puppet (7.22.0)
- concurrent-ruby (~> 1.0, < 1.2.0)
- deep_merge (~> 1.0)
- facter (> 2.0.1, < 5)
- fast_gettext (>= 1.1, < 3)
- hiera (>= 3.2.1, < 4)
- locale (~> 2.1)
- multi_json (~> 1.10)
- puppet-resource_api (~> 1.5)
- scanf (~> 1.0)
- semantic_puppet (~> 1.0)
- puppet-debugger (1.3.0)
- awesome_print (~> 1.7)
- bundler
- facterdb (>= 0.4.0)
- pluginator (~> 1.5.0)
- puppet (>= 5.5)
- rb-readline (>= 0.5.5)
- table_print (>= 1.0.0)
- tty-pager (~> 0.13)
- puppet-lint (2.5.2)
- puppet-lint-absolute_classname-check (3.1.0)
- puppet-lint (>= 1.0, < 4)
- puppet-lint-anchor-check (1.1.0)
- puppet-lint (>= 1.1, < 4)
- puppet-lint-classes_and_types_beginning_with_digits-check (1.0.0)
- puppet-lint (>= 1.0, < 3.0)
- puppet-lint-file_ensure-check (1.1.0)
- puppet-lint (>= 1.0, < 4)
- puppet-lint-leading_zero-check (1.0.0)
- puppet-lint (>= 1.0, < 3.0)
- puppet-lint-legacy_facts-check (1.0.4)
- puppet-lint (~> 2.4)
- puppet-lint-lookup_in_parameter-check (1.0.0)
- puppet-lint (~> 2.0)
- puppet-lint-manifest_whitespace-check (0.2.9)
- puppet-lint (>= 1.0, < 4)
- puppet-lint-optional_default-check (1.1.0)
- puppet-lint (>= 2.1, < 4)
- puppet-lint-param-docs (1.7.6)
- puppet-lint (>= 1.1, < 4.0)
- puppet-lint-param-types (0.0.1)
- puppet-lint (>= 1.1, < 3.0)
- puppet-lint-params_empty_string-check (1.0.0)
- puppet-lint (~> 2.5)
- puppet-lint-resource_reference_syntax (1.2.0)
- puppet-lint (>= 1.0, < 4)
- puppet-lint-strict_indent-check (2.1.0)
- puppet-lint (>= 1.0, < 4)
- puppet-lint-top_scope_facts-check (1.0.1)
- puppet-lint (~> 2.0)
- puppet-lint-topscope-variable-check (1.1.0)
- puppet-lint (~> 2.0)
- puppet-lint-trailing_comma-check (1.0.0)
- puppet-lint (>= 1.0, < 4)
- puppet-lint-unquoted_string-check (2.2.0)
- puppet-lint (>= 2.1, < 4)
- puppet-lint-variable_contains_upcase (1.3.0)
- puppet-lint (>= 1.0, < 4)
- puppet-lint-version_comparison-check (1.1.0)
- puppet-lint (>= 1.0, < 4)
- puppet-modulebuilder (0.3.0)
- minitar (~> 0.9)
- pathspec (>= 0.2.1, < 2.0.0)
- puppet-resource_api (1.8.14)
- hocon (>= 1.0)
- puppet-strings (3.0.1)
- rgen (~> 0.9.0)
- yard (~> 0.9.5)
- puppet-syntax (3.3.0)
- puppet (>= 5)
- rake
- puppet_forge (3.2.0)
- faraday (~> 1.3)
- faraday_middleware (~> 1.0)
- minitar
- semantic_puppet (~> 1.0)
- puppet_litmus (0.34.4)
- bolt (~> 3.0)
- docker-api (>= 1.34, < 3.0.0)
- honeycomb-beeline
- parallel
- puppet-modulebuilder (>= 0.2.1, < 1.0.0)
- retryable (~> 3.0)
- rspec
- rspec_honeycomb_formatter
- tty-spinner (>= 0.5.0, < 1.0.0)
- puppetfile-resolver (0.6.2)
- molinillo (~> 0.6)
- semantic_puppet (~> 1.0)
- puppetlabs_spec_helper (4.0.1)
- mocha (~> 1.0)
- pathspec (>= 0.2.1, < 1.1.0)
- puppet-lint (~> 2.0)
- puppet-syntax (>= 2.0, < 4)
- rspec-puppet (~> 2.0)
- r10k (3.15.4)
- colored2 (= 3.1.2)
- cri (>= 2.15.10)
- fast_gettext (>= 1.1.0, < 3.0.0)
- gettext (>= 3.0.2, < 4.0.0)
- gettext-setup (>= 0.24, < 2.0.0)
- jwt (~> 2.2.3)
- log4r (= 1.1.10)
- minitar (~> 0.9)
- multi_json (~> 1.10)
- puppet_forge (>= 2.3.0, < 4.0.0)
- rainbow (3.1.1)
- rake (13.0.6)
- rb-readline (0.5.5)
- regexp_parser (2.7.0)
- retryable (3.0.5)
- rexml (3.2.5)
- rgen (0.9.1)
- rspec (3.12.0)
- rspec-core (~> 3.12.0)
- rspec-expectations (~> 3.12.0)
- rspec-mocks (~> 3.12.0)
- rspec-core (3.12.1)
- rspec-support (~> 3.12.0)
- rspec-expectations (3.12.2)
- diff-lcs (>= 1.2.0, < 2.0)
- rspec-support (~> 3.12.0)
- rspec-its (1.3.0)
- rspec-core (>= 3.0.0)
- rspec-expectations (>= 3.0.0)
- rspec-mocks (3.12.5)
- diff-lcs (>= 1.2.0, < 2.0)
- rspec-support (~> 3.12.0)
- rspec-puppet (2.12.0)
- rspec
- rspec-puppet-facts (2.0.5)
- facter
- facterdb (>= 0.5.0)
- puppet
- rspec-support (3.12.0)
- rspec_honeycomb_formatter (0.2.1)
- honeycomb-beeline
- rspec-core (~> 3.0)
- rubocop (1.6.1)
- parallel (~> 1.10)
- parser (>= 2.7.1.5)
- rainbow (>= 2.2.2, < 4.0)
- regexp_parser (>= 1.8, < 3.0)
- rexml
- rubocop-ast (>= 1.2.0, < 2.0)
- ruby-progressbar (~> 1.7)
- unicode-display_width (>= 1.4.0, < 2.0)
- rubocop-ast (1.28.0)
- parser (>= 3.2.1.0)
- rubocop-performance (1.9.1)
- rubocop (>= 0.90.0, < 2.0)
- rubocop-ast (>= 0.4.0)
- rubocop-rspec (2.0.1)
- rubocop (~> 1.0)
- rubocop-ast (>= 1.1.0)
- ruby-progressbar (1.13.0)
- ruby2_keywords (0.0.5)
- ruby_smb (1.1.0)
- bindata
- rubyntlm
- windows_error
- rubyntlm (0.6.3)
- rubyzip (2.3.2)
- scanf (1.0.0)
- semantic_puppet (1.1.0)
- serverspec (2.42.2)
- multi_json
- rspec (~> 3.0)
- rspec-its
- specinfra (~> 2.72)
- sfl (2.3)
- simplecov (0.21.2)
- docile (~> 1.1)
- simplecov-html (~> 0.11)
- simplecov_json_formatter (~> 0.1)
- simplecov-console (0.9.1)
- ansi
- simplecov
- terminal-table
- simplecov-html (0.12.3)
- simplecov_json_formatter (0.1.4)
- singleton (0.1.1)
- spdx-licenses (1.3.0)
- specinfra (2.84.0)
- net-scp
- net-ssh (>= 2.7)
- net-telnet (= 0.1.1)
- sfl
- strings (0.2.1)
- strings-ansi (~> 0.2)
- unicode-display_width (>= 1.5, < 3.0)
- unicode_utils (~> 1.4)
- strings-ansi (0.2.0)
- table_print (1.5.7)
- terminal-table (3.0.2)
- unicode-display_width (>= 1.1.1, < 3)
- text (1.3.1)
- thor (1.2.1)
- tty-cursor (0.7.1)
- tty-pager (0.14.0)
- strings (~> 0.2.0)
- tty-screen (~> 0.8)
- tty-screen (0.8.1)
- tty-spinner (0.9.3)
- tty-cursor (~> 0.7)
- unf (0.1.4)
- unf_ext
- unf_ext (0.0.8.2)
- unicode-display_width (1.8.0)
- unicode_utils (1.4.0)
- voxpupuli-puppet-lint-plugins (3.1.0)
- puppet-lint (>= 2.5.0)
- puppet-lint-absolute_classname-check (~> 3.1)
- puppet-lint-anchor-check (~> 1.1)
- puppet-lint-classes_and_types_beginning_with_digits-check (~> 1.0)
- puppet-lint-file_ensure-check (~> 1.1)
- puppet-lint-leading_zero-check (~> 1.0)
- puppet-lint-legacy_facts-check (>= 1.0.4, < 2.0.0)
- puppet-lint-lookup_in_parameter-check (~> 1.0)
- puppet-lint-manifest_whitespace-check (~> 0.2.7, < 1.0.0)
- puppet-lint-optional_default-check (~> 1.1)
- puppet-lint-param-docs (>= 1.7.6, < 2.0.0)
- puppet-lint-param-types (~> 0.0)
- puppet-lint-params_empty_string-check (~> 1.0)
- puppet-lint-resource_reference_syntax (~> 1.1)
- puppet-lint-strict_indent-check (~> 2.1)
- puppet-lint-top_scope_facts-check (>= 1.0.1, < 2.0.0)
- puppet-lint-topscope-variable-check (~> 1.1)
- puppet-lint-trailing_comma-check (~> 1.0)
- puppet-lint-unquoted_string-check (~> 2.2)
- puppet-lint-variable_contains_upcase (~> 1.2)
- puppet-lint-version_comparison-check (~> 1.1)
- windows_error (0.1.5)
- winrm (2.3.6)
- builder (>= 2.1.2)
- erubi (~> 1.8)
- gssapi (~> 1.2)
- gyoku (~> 1.0)
- httpclient (~> 2.2, >= 2.2.0.2)
- logging (>= 1.6.1, < 3.0)
- nori (~> 2.0)
- rubyntlm (~> 0.6.0, >= 0.6.3)
- winrm-fs (1.3.5)
- erubi (~> 1.8)
- logging (>= 1.6.1, < 3.0)
- rubyzip (~> 2.0)
- winrm (~> 2.0)
- yard (0.9.34)
-
-PLATFORMS
- ruby
-
-DEPENDENCIES
- codecov (~> 0.2)
- dependency_checker (~> 0.2)
- facterdb (~> 1.18)
- json (= 2.3.0)
- metadata-json-lint (>= 2.0.2, < 4.0.0)
- parallel_tests (~> 3.4)
- pry (~> 0.10)
- puppet (= 7.22.0)
- puppet-debugger (~> 1.0)
- puppet_litmus (< 1.0.0)
- puppetlabs_spec_helper (>= 3.0.0, < 5.0.0)
- rb-readline (= 0.5.5)
- rspec-puppet-facts (~> 2.0)
- rubocop (= 1.6.1)
- rubocop-performance (= 1.9.1)
- rubocop-rspec (= 2.0.1)
- serverspec (~> 2.41)
- simplecov-console (~> 0.5)
- voxpupuli-puppet-lint-plugins (~> 3.1)
-
-BUNDLED WITH
- 2.1.4
diff --git a/README.md b/README.md
index 5c2089b..51b6c2c 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
# update_trusted_facts
-Module containing a plan to update trusted facts on nodes via the Puppet Enterprise console.
+Module containing a plan to update [trusted facts][2] on nodes via the Puppet Enterprise console.
## Table of Contents
@@ -40,12 +40,12 @@ Run the plan **update_trusted_facts::update_trusted_facts** from the Puppet Ente
**Note:** If you restrict access to plans via RBAC and only grant users permission to run this plan; you will also need to grant users access to *enterprise_tasks::agent_cert_regen* plan.
**Required parameters**
-- pe_primary_server (FQDN)
- targets (TargetSpec - [see here](https://www.puppet.com/docs/bolt/latest/bolt_types_reference.html#targetspec))
Targets can be specified as a comma separated list to run the plan on multiple host at a time.
**Optional parameters**
+- pe_primary_server (FQDN) - Update_trusted_facts will automatically attempt to resolve the primary using the pe_status_check_role fact. Setting this parameter will override that behaviour.
- preserve_existing_facts (Boolean - whether to keep existing facts. If set to false all existing facts will be wiped and replace with those set in the plan)
- ignore_infra_status_error (Boolean - Ignore errors from *puppet infrastructure status* command. May allow the plan to operate if some Puppet infrastructure components are failing)
- noop (Boolean - Run the plan in noop. csr_attributes.yaml will still generated however certificates will not be resigned.)
@@ -95,4 +95,5 @@ To support legacy version of Puppet Enterprise (Before changing naming standard
If you find any issues with this module, please log them in the issues register of the GitHub project. [Issues][1]
-[1]: https://github.com/benjamin-robertson/update_trusted_facts/issues
\ No newline at end of file
+[1]: https://github.com/benjamin-robertson/update_trusted_facts/issues
+[2]: https://www.puppet.com/docs/puppet/latest/ssl_attributes_extensions.html#puppet_registered_ids
\ No newline at end of file
diff --git a/REFERENCE.md b/REFERENCE.md
index dedd43a..1417763 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -6,7 +6,7 @@
### Functions
-* [`update_trusted_facts::trusted_fact_names`](#update_trusted_factstrusted_fact_names): Returns an array of trusted facts lint:ignore:140chars
+* [`update_trusted_facts::trusted_fact_names`](#update_trusted_facts--trusted_fact_names): Returns an array of trusted facts lint:ignore:140chars
### Tasks
@@ -15,11 +15,11 @@
### Plans
-* [`update_trusted_facts::update_trusted_facts`](#update_trusted_factsupdate_trusted_facts): PE plan to update trusted facts on a certificate via Puppet enterprise console, while preserving existing trusted facts.
+* [`update_trusted_facts::update_trusted_facts`](#update_trusted_facts--update_trusted_facts): PE plan to update trusted facts on a certificate via Puppet enterprise console, while preserving existing trusted facts.
## Functions
-### `update_trusted_facts::trusted_fact_names`
+### `update_trusted_facts::trusted_fact_names`
Type: Puppet Language
@@ -31,7 +31,7 @@ lint:ignore:140chars
Returns an array of trusted facts
lint:ignore:140chars
-Returns: `Array`
+Returns: `Array` of trusted facts
## Tasks
@@ -77,7 +77,7 @@ Preserve existing trusted facts
## Plans
-### `update_trusted_facts::update_trusted_facts`
+### `update_trusted_facts::update_trusted_facts`
lint:ignore:140chars lint:ignore:strict_indent
@@ -93,279 +93,281 @@ To learn more about Puppet plans, see documentation:
The following parameters are available in the `update_trusted_facts::update_trusted_facts` plan:
-* [`targets`](#targets)
-* [`pe_primary_server`](#pe_primary_server)
-* [`preserve_existing_facts`](#preserve_existing_facts)
-* [`ignore_infra_status_error`](#ignore_infra_status_error)
-* [`noop`](#noop)
-* [`support_legacy_pe`](#support_legacy_pe)
-* [`pp_role`](#pp_role)
-* [`pp_uuid`](#pp_uuid)
-* [`pp_environment`](#pp_environment)
-* [`pp_apptier`](#pp_apptier)
-* [`pp_department`](#pp_department)
-* [`pp_datacenter`](#pp_datacenter)
-* [`pp_instance_id`](#pp_instance_id)
-* [`pp_image_name`](#pp_image_name)
-* [`pp_preshared_key`](#pp_preshared_key)
-* [`pp_cost_center`](#pp_cost_center)
-* [`pp_product`](#pp_product)
-* [`pp_project`](#pp_project)
-* [`pp_application`](#pp_application)
-* [`pp_service`](#pp_service)
-* [`pp_employee`](#pp_employee)
-* [`pp_created_by`](#pp_created_by)
-* [`pp_software_version`](#pp_software_version)
-* [`pp_cluster`](#pp_cluster)
-* [`pp_provisioner`](#pp_provisioner)
-* [`pp_region`](#pp_region)
-* [`pp_zone`](#pp_zone)
-* [`pp_network`](#pp_network)
-* [`pp_securitypolicy`](#pp_securitypolicy)
-* [`pp_cloudplatform`](#pp_cloudplatform)
-* [`pp_hostname`](#pp_hostname)
-
-##### `targets`
+* [`targets`](#-update_trusted_facts--update_trusted_facts--targets)
+* [`pe_primary_server`](#-update_trusted_facts--update_trusted_facts--pe_primary_server)
+* [`preserve_existing_facts`](#-update_trusted_facts--update_trusted_facts--preserve_existing_facts)
+* [`ignore_infra_status_error`](#-update_trusted_facts--update_trusted_facts--ignore_infra_status_error)
+* [`noop`](#-update_trusted_facts--update_trusted_facts--noop)
+* [`support_legacy_pe`](#-update_trusted_facts--update_trusted_facts--support_legacy_pe)
+* [`pp_role`](#-update_trusted_facts--update_trusted_facts--pp_role)
+* [`pp_uuid`](#-update_trusted_facts--update_trusted_facts--pp_uuid)
+* [`pp_environment`](#-update_trusted_facts--update_trusted_facts--pp_environment)
+* [`pp_apptier`](#-update_trusted_facts--update_trusted_facts--pp_apptier)
+* [`pp_department`](#-update_trusted_facts--update_trusted_facts--pp_department)
+* [`pp_datacenter`](#-update_trusted_facts--update_trusted_facts--pp_datacenter)
+* [`pp_instance_id`](#-update_trusted_facts--update_trusted_facts--pp_instance_id)
+* [`pp_image_name`](#-update_trusted_facts--update_trusted_facts--pp_image_name)
+* [`pp_preshared_key`](#-update_trusted_facts--update_trusted_facts--pp_preshared_key)
+* [`pp_cost_center`](#-update_trusted_facts--update_trusted_facts--pp_cost_center)
+* [`pp_product`](#-update_trusted_facts--update_trusted_facts--pp_product)
+* [`pp_project`](#-update_trusted_facts--update_trusted_facts--pp_project)
+* [`pp_application`](#-update_trusted_facts--update_trusted_facts--pp_application)
+* [`pp_service`](#-update_trusted_facts--update_trusted_facts--pp_service)
+* [`pp_employee`](#-update_trusted_facts--update_trusted_facts--pp_employee)
+* [`pp_created_by`](#-update_trusted_facts--update_trusted_facts--pp_created_by)
+* [`pp_software_version`](#-update_trusted_facts--update_trusted_facts--pp_software_version)
+* [`pp_cluster`](#-update_trusted_facts--update_trusted_facts--pp_cluster)
+* [`pp_provisioner`](#-update_trusted_facts--update_trusted_facts--pp_provisioner)
+* [`pp_region`](#-update_trusted_facts--update_trusted_facts--pp_region)
+* [`pp_zone`](#-update_trusted_facts--update_trusted_facts--pp_zone)
+* [`pp_network`](#-update_trusted_facts--update_trusted_facts--pp_network)
+* [`pp_securitypolicy`](#-update_trusted_facts--update_trusted_facts--pp_securitypolicy)
+* [`pp_cloudplatform`](#-update_trusted_facts--update_trusted_facts--pp_cloudplatform)
+* [`pp_hostname`](#-update_trusted_facts--update_trusted_facts--pp_hostname)
+
+##### `targets`
Data type: `TargetSpec`
The targets to run on (note this must match the certnames used by Puppet / shown in PE console).
-##### `pe_primary_server`
+##### `pe_primary_server`
-Data type: `Stdlib::Fqdn`
+Data type: `Optional[Stdlib::Fqdn]`
-The Puppet Enterprise primary server in your PE installation you are running the plan from.
+The Puppet Enterprise primary server in your PE installation you are running the plan from. Update_trusted_facts will automatically attempt to resolve the primary using the pe_status_check_role fact. Setting this parameter will override that behaviour.
-##### `preserve_existing_facts`
+Default value: `undef`
+
+##### `preserve_existing_facts`
Data type: `Boolean`
Whether to preserve existing facts from the nodes. If set to false all existing facts will be wiped and replaced with those set in the plan. Default: true
-Default value: ``true``
+Default value: `true`
-##### `ignore_infra_status_error`
+##### `ignore_infra_status_error`
Data type: `Boolean`
Ignore errors from 'puppet infrastructure status' command. This is used to verify the primary server. Can be used to allow the plan the run when some PE components are unavaliable. Default: false
-Default value: ``false``
+Default value: `false`
-##### `noop`
+##### `noop`
Data type: `Boolean`
Run the plan in noop. csr_attributes.yaml will still generated, however certificates will not be resigned. Default: false
-Default value: ``false``
+Default value: `false`
-##### `support_legacy_pe`
+##### `support_legacy_pe`
Data type: `Boolean`
Attempt to support legacy PE. Default: false
-Default value: ``false``
+Default value: `false`
-##### `pp_role`
+##### `pp_role`
Data type: `Optional[String]`
Set the pp_role trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_uuid`
+##### `pp_uuid`
Data type: `Optional[String]`
Set the pp_uuid trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_environment`
+##### `pp_environment`
Data type: `Optional[String]`
Set the pp_environment trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_apptier`
+##### `pp_apptier`
Data type: `Optional[String]`
Set the pp_apptier trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_department`
+##### `pp_department`
Data type: `Optional[String]`
Set the pp_department trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_datacenter`
+##### `pp_datacenter`
Data type: `Optional[String]`
Set the pp_datacenter trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_instance_id`
+##### `pp_instance_id`
Data type: `Optional[String]`
Set the pp_instance_id trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_image_name`
+##### `pp_image_name`
Data type: `Optional[String]`
Set the pp_image_name trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_preshared_key`
+##### `pp_preshared_key`
Data type: `Optional[String]`
Set the pp_preshared_key trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_cost_center`
+##### `pp_cost_center`
Data type: `Optional[String]`
Set the pp_cost_center trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_product`
+##### `pp_product`
Data type: `Optional[String]`
Set the pp_product trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_project`
+##### `pp_project`
Data type: `Optional[String]`
Set the pp_project trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_application`
+##### `pp_application`
Data type: `Optional[String]`
Set the pp_application trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_service`
+##### `pp_service`
Data type: `Optional[String]`
Set the pp_service trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_employee`
+##### `pp_employee`
Data type: `Optional[String]`
Set the pp_employee trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_created_by`
+##### `pp_created_by`
Data type: `Optional[String]`
Set the pp_created_by trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_software_version`
+##### `pp_software_version`
Data type: `Optional[String]`
Set the pp_software_version trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_cluster`
+##### `pp_cluster`
Data type: `Optional[String]`
Set the pp_cluster trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_provisioner`
+##### `pp_provisioner`
Data type: `Optional[String]`
Set the pp_provisioner trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_region`
+##### `pp_region`
Data type: `Optional[String]`
Set the pp_region trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_zone`
+##### `pp_zone`
Data type: `Optional[String]`
Set the pp_zone trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_network`
+##### `pp_network`
Data type: `Optional[String]`
Set the pp_network trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_securitypolicy`
+##### `pp_securitypolicy`
Data type: `Optional[String]`
Set the pp_securitypolicy trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_cloudplatform`
+##### `pp_cloudplatform`
Data type: `Optional[String]`
Set the pp_cloudplatform trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
-##### `pp_hostname`
+##### `pp_hostname`
Data type: `Optional[String]`
Set the pp_hostname trusted fact. Default: undef
-Default value: ``undef``
+Default value: `undef`
diff --git a/Rakefile b/Rakefile
index 0f8754e..77590fe 100644
--- a/Rakefile
+++ b/Rakefile
@@ -1,89 +1,9 @@
# frozen_string_literal: true
require 'bundler'
-require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any?
+require 'puppet_litmus/rake_tasks' if Gem.loaded_specs.key? 'puppet_litmus'
require 'puppetlabs_spec_helper/rake_tasks'
require 'puppet-syntax/tasks/puppet-syntax'
-require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any?
-require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any?
-require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any?
-
-def changelog_user
- return unless Rake.application.top_level_tasks.include? "changelog"
- returnVal = nil || JSON.load(File.read('metadata.json'))['author']
- raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil?
- puts "GitHubChangelogGenerator user:#{returnVal}"
- returnVal
-end
-
-def changelog_project
- return unless Rake.application.top_level_tasks.include? "changelog"
-
- returnVal = nil
- returnVal ||= begin
- metadata_source = JSON.load(File.read('metadata.json'))['source']
- metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z})
-
- metadata_source_match && metadata_source_match[1]
- end
-
- raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil?
-
- puts "GitHubChangelogGenerator project:#{returnVal}"
- returnVal
-end
-
-def changelog_future_release
- return unless Rake.application.top_level_tasks.include? "changelog"
- returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version']
- raise "unable to find the future_release (version) in metadata.json" if returnVal.nil?
- puts "GitHubChangelogGenerator future_release:#{returnVal}"
- returnVal
-end
+require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings'
PuppetLint.configuration.send('disable_relative')
-
-
-if Bundler.rubygems.find_name('github_changelog_generator').any?
- GitHubChangelogGenerator::RakeTask.new :changelog do |config|
- raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil?
- config.user = "#{changelog_user}"
- config.project = "#{changelog_project}"
- config.future_release = "#{changelog_future_release}"
- config.exclude_labels = ['maintenance']
- config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)."
- config.add_pr_wo_labels = true
- config.issues = false
- config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB"
- config.configure_sections = {
- "Changed" => {
- "prefix" => "### Changed",
- "labels" => ["backwards-incompatible"],
- },
- "Added" => {
- "prefix" => "### Added",
- "labels" => ["enhancement", "feature"],
- },
- "Fixed" => {
- "prefix" => "### Fixed",
- "labels" => ["bug", "documentation", "bugfix"],
- },
- }
- end
-else
- desc 'Generate a Changelog from GitHub'
- task :changelog do
- raise < 1.15'
- condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')"
-EOM
- end
-end
-
diff --git a/functions/trusted_fact_names.pp b/functions/trusted_fact_names.pp
index 4b671b1..f6cc41e 100644
--- a/functions/trusted_fact_names.pp
+++ b/functions/trusted_fact_names.pp
@@ -1,5 +1,6 @@
# Returns an array of trusted facts
# lint:ignore:140chars
+# @return of trusted facts
function update_trusted_facts::trusted_fact_names() >> Array {
$array = ['pp_role','pp_uuid','pp_environment','pp_apptier','pp_department','pp_datacenter','pp_instance_id','pp_image_name','pp_preshared_key','pp_cost_center','pp_product','pp_project','pp_application','pp_service','pp_employee','pp_created_by','pp_software_version','pp_provisioner','pp_cluster','pp_region','pp_zone','pp_network','pp_securitypolicy','pp_cloudplatform','pp_hostname']
}
diff --git a/metadata.json b/metadata.json
index 3052e53..8b24af7 100644
--- a/metadata.json
+++ b/metadata.json
@@ -1,6 +1,6 @@
{
"name": "benjaminrobertson-update_trusted_facts",
- "version": "1.0.0",
+ "version": "2.0.0",
"author": "benjaminrobertson",
"summary": "Plan for Puppet enterprise to update trusted facts on nodes.",
"license": "Apache-2.0",
@@ -9,7 +9,7 @@
"dependencies": [
{
"name": "puppetlabs/stdlib",
- "version_requirement": ">= 5.2.0 < 9.0.0"
+ "version_requirement": ">= 5.2.0 < 10.0.0"
}
],
"operatingsystem_support": [
@@ -59,7 +59,8 @@
"operatingsystemrelease": [
"18.04",
"20.04",
- "22.04"
+ "22.04",
+ "24.04"
]
},
{
@@ -80,7 +81,7 @@
"version_requirement": ">= 6.0.0 < 9.0.0"
}
],
- "pdk-version": "2.6.1",
- "template-url": "pdk-default#2.7.1",
- "template-ref": "tags/2.7.1-0-g9a16c87"
+ "pdk-version": "3.2.0",
+ "template-url": "pdk-default#3.2.0",
+ "template-ref": "tags/3.2.0-0-gb257ef1"
}
diff --git a/plans/update_trusted_facts.pp b/plans/update_trusted_facts.pp
index 7cdc9b3..af9619d 100644
--- a/plans/update_trusted_facts.pp
+++ b/plans/update_trusted_facts.pp
@@ -11,7 +11,7 @@
# - https://www.puppet.com/docs/pe/2021.7/plans_limitations.html
#
# @param targets The targets to run on (note this must match the certnames used by Puppet / shown in PE console).
-# @param pe_primary_server The Puppet Enterprise primary server in your PE installation you are running the plan from.
+# @param pe_primary_server The Puppet Enterprise primary server in your PE installation you are running the plan from. Update_trusted_facts will automatically attempt to resolve the primary using the pe_status_check_role fact. Setting this parameter will override that behaviour.
# @param preserve_existing_facts Whether to preserve existing facts from the nodes. If set to false all existing facts will be wiped and replaced with those set in the plan. Default: true
# @param ignore_infra_status_error Ignore errors from 'puppet infrastructure status' command. This is used to verify the primary server. Can be used to allow the plan the run when some PE components are unavaliable. Default: false
# @param noop Run the plan in noop. csr_attributes.yaml will still generated, however certificates will not be resigned. Default: false
@@ -43,37 +43,37 @@
# @param pp_hostname Set the pp_hostname trusted fact. Default: undef
#
plan update_trusted_facts::update_trusted_facts (
- TargetSpec $targets,
- Stdlib::Fqdn $pe_primary_server,
- Boolean $preserve_existing_facts = true,
- Boolean $ignore_infra_status_error = false,
- Boolean $noop = false,
- Boolean $support_legacy_pe = false,
- Optional[String] $pp_role = undef,
- Optional[String] $pp_uuid = undef,
- Optional[String] $pp_environment = undef,
- Optional[String] $pp_apptier = undef,
- Optional[String] $pp_department = undef,
- Optional[String] $pp_datacenter = undef,
- Optional[String] $pp_instance_id = undef,
- Optional[String] $pp_image_name = undef,
- Optional[String] $pp_preshared_key = undef,
- Optional[String] $pp_cost_center = undef,
- Optional[String] $pp_product = undef,
- Optional[String] $pp_project = undef,
- Optional[String] $pp_application = undef,
- Optional[String] $pp_service = undef,
- Optional[String] $pp_employee = undef,
- Optional[String] $pp_created_by = undef,
- Optional[String] $pp_software_version = undef,
- Optional[String] $pp_cluster = undef,
- Optional[String] $pp_provisioner = undef,
- Optional[String] $pp_region = undef,
- Optional[String] $pp_zone = undef,
- Optional[String] $pp_network = undef,
- Optional[String] $pp_securitypolicy = undef,
- Optional[String] $pp_cloudplatform = undef,
- Optional[String] $pp_hostname = undef,
+ TargetSpec $targets,
+ Optional[Stdlib::Fqdn] $pe_primary_server = undef,
+ Boolean $preserve_existing_facts = true,
+ Boolean $ignore_infra_status_error = false,
+ Boolean $noop = false,
+ Boolean $support_legacy_pe = false,
+ Optional[String] $pp_role = undef,
+ Optional[String] $pp_uuid = undef,
+ Optional[String] $pp_environment = undef,
+ Optional[String] $pp_apptier = undef,
+ Optional[String] $pp_department = undef,
+ Optional[String] $pp_datacenter = undef,
+ Optional[String] $pp_instance_id = undef,
+ Optional[String] $pp_image_name = undef,
+ Optional[String] $pp_preshared_key = undef,
+ Optional[String] $pp_cost_center = undef,
+ Optional[String] $pp_product = undef,
+ Optional[String] $pp_project = undef,
+ Optional[String] $pp_application = undef,
+ Optional[String] $pp_service = undef,
+ Optional[String] $pp_employee = undef,
+ Optional[String] $pp_created_by = undef,
+ Optional[String] $pp_software_version = undef,
+ Optional[String] $pp_cluster = undef,
+ Optional[String] $pp_provisioner = undef,
+ Optional[String] $pp_region = undef,
+ Optional[String] $pp_zone = undef,
+ Optional[String] $pp_network = undef,
+ Optional[String] $pp_securitypolicy = undef,
+ Optional[String] $pp_cloudplatform = undef,
+ Optional[String] $pp_hostname = undef,
) {
# get targets
$full_list = get_targets($targets)
@@ -83,9 +83,8 @@
unless $full_list.empty {
# Check connection to hosts. run_plan does not exit cleanly if there is a host which doesnt exist or isnt connected, We use this task
- # to check if hosts are valid and have a valid connection to PE. This can be switched to a faster running task to speed up plan
- # execution as we do not actually use the results from this task.
- $factresults = run_task(facts, $full_list, _catch_errors => true)
+ # to check if hosts are valid and have a valid connection to PE.
+ $factresults = run_task(enterprise_tasks::test_connect, $full_list, _catch_errors => true)
$full_list_failed = $factresults.error_set.names
$full_list_success = $factresults.ok_set.names
@@ -106,7 +105,21 @@
out::message("Supported targets are ${remove_any_pe_targets}")
- $pe_server_target = get_target($pe_primary_server)
+ # Get primary server
+ if $pe_primary_server == undef {
+ $pe_status_results = puppetdb_query('inventory[certname] { facts.pe_status_check_role = "primary" }')
+ if $pe_status_results.length != 1 {
+ fail("Could not identify the primary server. Confirm pe_status_check_role fact is working correctly. Alternatively the priamry server can be set via the pe_primary_server parameter. Results: ${pe_role_results}")
+ } else {
+ # We found a single primary server :)
+ $pe_target_certname = $pe_status_results.map | Hash $node | { $node['certname'] }
+ $pe_server_target = get_target($pe_target_certname)
+ }
+ } else {
+ $pe_server_target = get_target($pe_primary_server)
+ }
+
+ out::message("Primary server is ${pe_server_target}")
# Confirm the pe_primary_server is the primary server. This can only be run on the primary server.
$confirm_pe_primary_server_results = run_task('update_trusted_facts::confirm_primary_server', $pe_server_target,
@@ -158,7 +171,7 @@
if $nodes_to_regen_cert != undef {
if $noop != true {
run_plan('enterprise_tasks::agent_cert_regen',
- $am_i_primary => $pe_primary_server,
+ $am_i_primary => $pe_server_target,
'agent' => $nodes_to_regen_cert)
}
}
diff --git a/provision.yaml b/provision.yaml
new file mode 100644
index 0000000..3fde78e
--- /dev/null
+++ b/provision.yaml
@@ -0,0 +1,8 @@
+---
+docker:
+ provisioner: docker
+ images: ['litmusimage/centos:stream8', 'litmusimage/ubuntu:22.04', 'litmusimage/centos:stream9']
+ # removed 'litmusimage/ubuntu:20.04' as it failed in github action pipeline
+vagrant:
+ provisioner: vagrant
+ images: ['centos/stream8', 'generic/ubuntu2204', 'generic/ubuntu2004']
\ No newline at end of file
diff --git a/spec/default_facts.yml b/spec/default_facts.yml
index f777abf..3346c39 100644
--- a/spec/default_facts.yml
+++ b/spec/default_facts.yml
@@ -2,7 +2,8 @@
#
# Facts specified here will override the values provided by rspec-puppet-facts.
---
-ipaddress: "172.16.254.254"
-ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA"
+networking:
+ ip: "172.16.254.254"
+ ip6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA"
+ mac: "AA:AA:AA:AA:AA:AA"
is_pe: false
-macaddress: "AA:AA:AA:AA:AA:AA"
diff --git a/spec/functions/trusted_fact_names_spec.rb b/spec/functions/trusted_fact_names_spec.rb
index 923fdf2..f06b186 100644
--- a/spec/functions/trusted_fact_names_spec.rb
+++ b/spec/functions/trusted_fact_names_spec.rb
@@ -6,5 +6,11 @@
# please note that these tests are examples only
# you will need to replace the params and return value
# with your expectations
- it { is_expected.to run.and_return(['pp_role', 'pp_uuid', 'pp_environment', 'pp_apptier', 'pp_department', 'pp_datacenter', 'pp_instance_id', 'pp_image_name', 'pp_preshared_key', 'pp_cost_center', 'pp_product', 'pp_project', 'pp_application', 'pp_service', 'pp_employee', 'pp_created_by', 'pp_software_version', 'pp_provisioner', 'pp_cluster', 'pp_region', 'pp_zone', 'pp_network', 'pp_securitypolicy', 'pp_cloudplatform', 'pp_hostname']) }
+ it {
+ is_expected.to run.and_return(['pp_role', 'pp_uuid', 'pp_environment', 'pp_apptier', 'pp_department',
+ 'pp_datacenter', 'pp_instance_id', 'pp_image_name', 'pp_preshared_key', 'pp_cost_center',
+ 'pp_product', 'pp_project', 'pp_application', 'pp_service', 'pp_employee',
+ 'pp_created_by', 'pp_software_version', 'pp_provisioner', 'pp_cluster', 'pp_region',
+ 'pp_zone', 'pp_network', 'pp_securitypolicy', 'pp_cloudplatform', 'pp_hostname'])
+ }
end
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 9b1fa6f..ae7c1f6 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -25,15 +25,16 @@
next unless File.exist?(f) && File.readable?(f) && File.size?(f)
begin
- default_facts.merge!(YAML.safe_load(File.read(f), [], [], true))
- rescue => e
+ require 'deep_merge'
+ default_facts.deep_merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true))
+ rescue StandardError => e
RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}"
end
end
# read default_facts and merge them over what is provided by facterdb
default_facts.each do |fact, value|
- add_custom_fact fact, value
+ add_custom_fact fact, value, merge_facts: true
end
RSpec.configure do |c|
@@ -46,6 +47,7 @@
end
c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT']
c.after(:suite) do
+ RSpec::Puppet::Coverage.report!(0)
end
# Filter backtrace noise
diff --git a/tasks/confirm_primary_server.rb b/tasks/confirm_primary_server.rb
index 992d248..2daed53 100755
--- a/tasks/confirm_primary_server.rb
+++ b/tasks/confirm_primary_server.rb
@@ -15,11 +15,11 @@ def get_primary_hostname(ignore_infra_status_error)
end
end
output.each_line do |line|
- if line.match(/^Primary: /)
- primary = line.gsub(/^Primary: /, '').lstrip.rstrip
+ if line.match?(%r{^Primary: })
+ primary = line.gsub(%r{^Primary: }, '').lstrip.rstrip
return [ primary, 'Primary' ]
- elsif line.match(/^Master: /)
- master = line.gsub(/^Master: /, '').lstrip.rstrip
+ elsif line.match?(%r{^Master: })
+ master = line.gsub(%r{^Master: }, '').lstrip.rstrip
return [ master, 'Master' ]
end
end
diff --git a/tasks/set_csr_attributes.rb b/tasks/set_csr_attributes.rb
index e37cfc0..de9fb94 100755
--- a/tasks/set_csr_attributes.rb
+++ b/tasks/set_csr_attributes.rb
@@ -11,11 +11,11 @@
require 'json'
def get_cert_location
- if Gem.win_platform?
- command = "'C:\\Program Files\\Puppet Labs\\Puppet\\bin\\puppet.bat' config print hostcert"
- else
- command = '/opt/puppetlabs/bin/puppet config print hostcert'
- end
+ command = if Gem.win_platform?
+ "'C:\\Program Files\\Puppet Labs\\Puppet\\bin\\puppet.bat' config print hostcert"
+ else
+ '/opt/puppetlabs/bin/puppet config print hostcert'
+ end
output, status = Open3.capture2(command)
if status.exitstatus != 0
puts "failed to get cert location from puppet config command #{status}"
@@ -31,8 +31,8 @@ def read_trusted_facts(cert_location, trusted_facts_oid)
certificate = OpenSSL::X509::Certificate.new cert_data
certificate.extensions.each do |element|
trusted_facts_oid.each do |name, oid|
- if element.oid == name or element.oid == oid
- trusted_fact_results[name] = element.value.to_s.gsub(/^\.\n/, '').gsub(/^\../, '')
+ if element.oid == name || element.oid == oid
+ trusted_fact_results[name] = element.value.to_s.gsub(%r{^\.\n}, '').gsub(%r{^\..}, '')
end
end
end
@@ -40,7 +40,31 @@ def read_trusted_facts(cert_location, trusted_facts_oid)
end
# set all known trusted facts
-trusted_facts_oid = { 'pp_uuid' => '1.3.6.1.4.1.34380.1.1.1', 'pp_instance_id' => '1.3.6.1.4.1.34380.1.1.2', 'pp_image_name' => '1.3.6.1.4.1.34380.1.1.3', 'pp_preshared_key' => '1.3.6.1.4.1.34380.1.1.4', 'pp_cost_center' => '1.3.6.1.4.1.34380.1.1.5', 'pp_product' => '1.3.6.1.4.1.34380.1.1.6', 'pp_project' => '1.3.6.1.4.1.34380.1.1.7', 'pp_application' => '1.3.6.1.4.1.34380.1.1.8', 'pp_service' => '1.3.6.1.4.1.34380.1.1.9', 'pp_employee' => '1.3.6.1.4.1.34380.1.1.10', 'pp_created_by' => '1.3.6.1.4.1.34380.1.1.11', 'pp_environment' => '1.3.6.1.4.1.34380.1.1.12', 'pp_role' => '1.3.6.1.4.1.34380.1.1.13', 'pp_software_version' => '1.3.6.1.4.1.34380.1.1.14', 'pp_department' => '1.3.6.1.4.1.34380.1.1.15', 'pp_cluster' => '1.3.6.1.4.1.34380.1.1.16', 'pp_provisioner' => '1.3.6.1.4.1.34380.1.1.17', 'pp_region' => '1.3.6.1.4.1.34380.1.1.18', 'pp_datacenter' => '1.3.6.1.4.1.34380.1.1.19', 'pp_zone' => '1.3.6.1.4.1.34380.1.1.20', 'pp_network' => '1.3.6.1.4.1.34380.1.1.21', 'pp_securitypolicy' => '1.3.6.1.4.1.34380.1.1.22', 'pp_cloudplatform' => '1.3.6.1.4.1.34380.1.1.23', 'pp_apptier' => '1.3.6.1.4.1.34380.1.1.24', 'pp_hostname' => '1.3.6.1.4.1.34380.1.1.25' }
+trusted_facts_oid = { 'pp_uuid' => '1.3.6.1.4.1.34380.1.1.1',
+ 'pp_instance_id' => '1.3.6.1.4.1.34380.1.1.2',
+ 'pp_image_name' => '1.3.6.1.4.1.34380.1.1.3',
+ 'pp_preshared_key' => '1.3.6.1.4.1.34380.1.1.4',
+ 'pp_cost_center' => '1.3.6.1.4.1.34380.1.1.5',
+ 'pp_product' => '1.3.6.1.4.1.34380.1.1.6',
+ 'pp_project' => '1.3.6.1.4.1.34380.1.1.7',
+ 'pp_application' => '1.3.6.1.4.1.34380.1.1.8',
+ 'pp_service' => '1.3.6.1.4.1.34380.1.1.9',
+ 'pp_employee' => '1.3.6.1.4.1.34380.1.1.10',
+ 'pp_created_by' => '1.3.6.1.4.1.34380.1.1.11',
+ 'pp_environment' => '1.3.6.1.4.1.34380.1.1.12',
+ 'pp_role' => '1.3.6.1.4.1.34380.1.1.13',
+ 'pp_software_version' => '1.3.6.1.4.1.34380.1.1.14',
+ 'pp_department' => '1.3.6.1.4.1.34380.1.1.15',
+ 'pp_cluster' => '1.3.6.1.4.1.34380.1.1.16',
+ 'pp_provisioner' => '1.3.6.1.4.1.34380.1.1.17',
+ 'pp_region' => '1.3.6.1.4.1.34380.1.1.18',
+ 'pp_datacenter' => '1.3.6.1.4.1.34380.1.1.19',
+ 'pp_zone' => '1.3.6.1.4.1.34380.1.1.20',
+ 'pp_network' => '1.3.6.1.4.1.34380.1.1.21',
+ 'pp_securitypolicy' => '1.3.6.1.4.1.34380.1.1.22',
+ 'pp_cloudplatform' => '1.3.6.1.4.1.34380.1.1.23',
+ 'pp_apptier' => '1.3.6.1.4.1.34380.1.1.24',
+ 'pp_hostname' => '1.3.6.1.4.1.34380.1.1.25' }
def csr_attribute_location
if Gem.win_platform?
@@ -53,8 +77,8 @@ def csr_attribute_location
def get_existing_csr(csr_attr_file_location)
if File.exist?(csr_attr_file_location)
begin
- data = YAML.safe_load(File.read(csr_attr_file_location))
- rescue => exception
+ YAML.safe_load(File.read(csr_attr_file_location))
+ rescue
nil
end
else
@@ -63,16 +87,12 @@ def get_existing_csr(csr_attr_file_location)
end
def merge_facts(existing_csr, new_trusted_facts)
- if existing_csr.keys.include?('extension_requests')
- combined_facts = existing_csr['extension_requests'].merge(new_trusted_facts)
- existing_csr['extension_requests'] = combined_facts
- existing_csr
- else
+ unless existing_csr.keys.include?('extension_requests')
existing_csr['extension_requests'] = {}
- combined_facts = existing_csr['extension_requests'].merge(new_trusted_facts)
- existing_csr['extension_requests'] = combined_facts
- existing_csr
end
+ combined_facts = existing_csr['extension_requests'].merge(new_trusted_facts)
+ existing_csr['extension_requests'] = combined_facts
+ existing_csr
end
# Get certificate location
@@ -88,7 +108,7 @@ def merge_facts(existing_csr, new_trusted_facts)
existing_csr = get_existing_csr(csr_attr_file_location)
# set existing facts, if csr attributes is nil. Create an new hash otherwise add to existing
-if existing_csr == nil
+if existing_csr.nil?
existing_csr = { 'extension_requests' => existing_facts }
else
existing_csr['extension_requests'] = existing_facts
@@ -103,11 +123,11 @@ def merge_facts(existing_csr, new_trusted_facts)
puts "New facts are #{new_trusted_facts}"
# Merge the hash
-if existing_csr == nil or preserve_existing_facts == false
- merged_csr = { 'extension_requests' => new_trusted_facts }
-else
- merged_csr = merge_facts(existing_csr, new_trusted_facts)
-end
+merged_csr = if existing_csr.nil? || preserve_existing_facts == false
+ { 'extension_requests' => new_trusted_facts }
+ else
+ merge_facts(existing_csr, new_trusted_facts)
+ end
puts "Combined hash is #{merged_csr}"
diff --git a/test_matrix.json b/test_matrix.json
new file mode 100644
index 0000000..3df0627
--- /dev/null
+++ b/test_matrix.json
@@ -0,0 +1,12 @@
+{
+ "collection": [
+ {
+ "agent_version": "puppet7",
+ "gem_version": "~> 7.31"
+ },
+ {
+ "agent_version": "puppet8",
+ "gem_version": "~> 8.7"
+ }
+ ]
+}