RubyGems - beaker-pe - Versions diffs - 2.10.11 → 2.11.0 - Mend

beaker-pe 2.10.11 → 2.11.0

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/beaker-pe/install/pe_utils.rb +81 -32
data/lib/beaker-pe/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: adf82ae7e4bf51c772f578cbbabf4bbe961b7511
-  data.tar.gz: 9edefcdcc41d93490132af330f2d49af2243c1ea
+  metadata.gz: d489d0aec55279c22ee7c655f3becf5d1dd8b04c
+  data.tar.gz: 0097776b4d29049f559cbc7812e052c7c902c6c2
 SHA512:
-  metadata.gz: 8a95b3ab8e19123bd7de1e556f3889043ec458f916e28b578ced9ede22531445e501509cd4d29ccf1be01e68af315b8be956e4ff101423434c404b5a187de45d
-  data.tar.gz: 3bfecf1145cee30a170c4496c9752102aaadadc29142698fd0b333cf3aba0439eb69737a02272a18a7dabbfd1677dfb821c189a6c9be8a12a0788df03622c0b8
+  metadata.gz: 13203aa9ab9d23a07434ce414696c35aa4e513a0488a10eb0a0a842fedb554e6fe1f6dc2c67c56bd204396a8a2604aa1fc192a9f2f0fddba3eee74680810ff08
+  data.tar.gz: cfa8218a3cf30dbeff6c2e41ae9601505e709604451ab447a47816ff036d6a9ad6132eea0bc1e3abba6de10926d637f98d61c0ee164c598786b82bb3d609bc20

data/lib/beaker-pe/install/pe_utils.rb CHANGED

@@ -291,7 +291,8 @@ module Beaker
             if opts[:fetch_local_then_push_to_host]
               fetch_and_push_pe(host, path, filename, extension)
             else
-              on host, "cd #{host['working_dir']}; curl -O #{path}/#{filename}#{extension}"
+              curlopts = opts[:use_proxy] ? " --proxy #{opts[:proxy_hostname]}:3128" : ""
+              on host, "cd #{host['working_dir']}; curl -O #{path}/#{filename}#{extension}#{curlopts}"
             end
           end
         end
@@ -326,7 +327,8 @@ module Beaker
               fetch_and_push_pe(host, path, filename, extension)
               on host, "cd #{host['working_dir']}; chmod 644 #{filename}#{extension}"
             elsif host.is_cygwin?
-              on host, "cd #{host['working_dir']}; curl -O #{path}/#{filename}#{extension}"
+              curlopts = opts[:use_proxy] ? " --proxy #{opts[:proxy_hostname]}:3128" : ""
+              on host, "cd #{host['working_dir']}; curl -O #{path}/#{filename}#{extension}#{curlopts}"
             else
               on host, powershell("$webclient = New-Object System.Net.WebClient;  $webclient.DownloadFile('#{path}/#{filename}#{extension}','#{host['working_dir']}\\#{filename}#{extension}')")
             end
@@ -378,7 +380,8 @@ module Beaker
                 fetch_and_push_pe(host, path, filename, extension)
                 command_file_push = 'cat '
               else
-                command_file_push = "curl #{path}/"
+                curlopts = opts[:use_proxy] ? "--proxy #{opts[:proxy_hostname]}:3128 " : ""
+                command_file_push = "curl #{curlopts}#{path}/"
               end
               on host, "cd #{host['working_dir']}; #{command_file_push}#{filename}#{extension} | #{unpack}"
@@ -572,7 +575,7 @@ module Beaker
           verify_network_resources(hosts, options[:net_diag_hosts])
           verify_vm_resources(hosts)
           if opts[:use_proxy]
-            config_master_for_proxy_access
+            config_hosts_for_proxy_access(hosts - hosts_as('proxy'))
           end
           case install_type
           when :pe_managed_postgres
@@ -682,34 +685,80 @@ module Beaker
         # Configure the master to use a proxy and drop unproxied connections
-        def config_master_for_proxy_access
-          step "configuring master to use proxy" do
-            @osmirror_host = "osmirror.delivery.puppetlabs.net"
-            @osmirror_host_ip = IPSocket.getaddress(@osmirror_host)
-            @delivery_host = "enterprise.delivery.puppetlabs.net"
-            @delivery_host_ip = IPSocket.getaddress(@delivery_host)
-            @proxy_ip = @options[:proxy_ip]
-            @proxy_hostname = @options[:proxy_hostname]
-            @master_ip = on master, "hostname -I | tr '\n' ' '"
-            on master, "echo \"#{@proxy_ip}  #{@proxy_hostname}\" >> /etc/hosts"
-            on master, "echo \"#{@master_ip.stdout}  #{master.connection.vmhostname}\" >> /etc/hosts"
-            on master, "echo \"#{@osmirror_host_ip}    #{@osmirror_host}\" >> /etc/hosts"
-            on master, "echo \"#{@delivery_host_ip}    #{@delivery_host}\" >> /etc/hosts"
-            on master, "iptables -A OUTPUT -p tcp -d #{master.connection.vmhostname} -j ACCEPT"
-            # the next two lines clear the internal puppet lan
-            on master, "iptables -A OUTPUT -p tcp -d 10.16.0.0/16 -j ACCEPT"
-            on master, "iptables -A OUTPUT -p tcp -d 10.32.0.0/16 -j ACCEPT"
-            on master, "iptables -A OUTPUT -p tcp --dport 3128 -d #{@proxy_hostname} -j ACCEPT"
-            on master, "iptables -A OUTPUT -p tcp -d #{@osmirror_host_ip} -j DROP"
-            on master, "iptables -A OUTPUT -p tcp -d #{@delivery_host_ip} -j DROP"
-            on master, "iptables -P OUTPUT DROP"
-            on master, "curl --proxy #{@proxy_hostname}:3128 http://#{@osmirror_host}", :acceptable_exit_codes => [0]
-            on master, "curl -k https://#{@osmirror_host}", :acceptable_exit_codes => [1,7]
-            if master.host_hash[:platform].include?("ubuntu")
-              on master, "echo 'Acquire::http::Proxy \"http://'#{@proxy_hostname}':3128/\";' >> /etc/apt/apt.conf"
-              on master, "echo 'Acquire::https::Proxy \"http://'#{@proxy_hostname}':3128/\";' >> /etc/apt/apt.conf"
-            else
-              on master, "echo \"proxy=http://#{@proxy_hostname}:3128\" >> /etc/yum.conf"
+        def config_hosts_for_proxy_access hosts
+          hosts.each do |host|
+            step "Configuring #{host} to use proxy" do
+              @osmirror_host = "osmirror.delivery.puppetlabs.net"
+              @osmirror_host_ip = IPSocket.getaddress(@osmirror_host)
+              @delivery_host = "enterprise.delivery.puppetlabs.net"
+              @delivery_host_ip = IPSocket.getaddress(@delivery_host)
+              @test_forge_host = "api-forge-aio02-petest.puppet.com"
+              @test_forge_host_ip = IPSocket.getaddress(@test_forge_host)
+              @github_host = "github.com"
+              @github_host_ip = IPSocket.getaddress(@github_host)
+              @proxy_ip = @options[:proxy_ip]
+              @proxy_hostname = @options[:proxy_hostname]
+              #sles does not support the -I all-ip-addresses flag
+              hostname_flag = host.host_hash[:platform].include?("sles") ? '-i' : '-I'
+              @master_ip = on master, "hostname #{hostname_flag} | tr '\n' ' '"
+              on host, "echo \"#{@proxy_ip}  #{@proxy_hostname}\" >> /etc/hosts"
+              on host, "echo \"#{@master_ip.stdout}  #{master.connection.vmhostname}\" >> /etc/hosts"
+              on host, "echo \"#{@osmirror_host_ip}    #{@osmirror_host}\" >> /etc/hosts"
+              on host, "echo \"#{@delivery_host_ip}    #{@delivery_host}\" >> /etc/hosts"
+              on host, "echo \"#{@test_forge_host_ip}    #{@test_forge_host}\" >> /etc/hosts"
+              on host, "echo \"#{@github_host_ip}    #{@github_host}\" >> /etc/hosts"
+              on host, "iptables -A OUTPUT -p tcp -d #{master.connection.vmhostname} -j ACCEPT"
+              # Treat these hosts as if they were outside the puppet lan
+              on host, "iptables -A OUTPUT -p tcp -d #{@osmirror_host_ip} -j DROP"
+              on host, "iptables -A OUTPUT -p tcp -d #{@delivery_host_ip} -j DROP"
+              on host, "iptables -A OUTPUT -p tcp -d #{@test_forge_host_ip} -j DROP"
+              # The next two lines clear the rest of the internal puppet lan
+              on host, "iptables -A OUTPUT -p tcp -d 10.16.0.0/16 -j ACCEPT"
+              on host, "iptables -A OUTPUT -p tcp -d 10.32.0.0/16 -j ACCEPT"
+              # This allows udp on a port bundler requires
+              on host, 'iptables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT'
+              # Next two lines allow host to access itself via localhost or 127.0.0.1
+              on host, 'iptables -A INPUT -i lo -j ACCEPT'
+              on host, 'iptables -A OUTPUT -o lo -j ACCEPT'
+              #Opens up port that git uses
+              on host, "iptables -A OUTPUT -p tcp -d #{@github_host_ip} -j ACCEPT"
+              on host, "iptables -A INPUT -p tcp -d #{@github_host_ip} --dport 9143 -j ACCEPT"
+              #Platform9
+              on host, "iptables -A OUTPUT -p tcp -d 10.234.0.0/16 -j ACCEPT"
+              #enterprise.delivery.puppetlabs.net network, required if running from your work laptop over the network
+              on host, "iptables -A OUTPUT -p tcp -d 10.0.25.0/16 -j ACCEPT"
+              on host, "iptables -A OUTPUT -p tcp --dport 3128 -d #{@proxy_hostname} -j ACCEPT"
+              on host, "iptables -P OUTPUT DROP"
+              # Verify we can reach osmirror via the proxy
+              on host, "curl --proxy #{@proxy_hostname}:3128 http://#{@osmirror_host}", :acceptable_exit_codes => [0]
+              # Verify we can't reach it without the proxy
+              on host, "curl -k http://#{@osmirror_host} -m 5", :acceptable_exit_codes => [28]
+              if host.host_hash[:platform].include?("ubuntu")
+                on host, "echo 'Acquire::http::Proxy \"http://'#{@proxy_hostname}':3128/\";' >> /etc/apt/apt.conf"
+                on host, "echo 'Acquire::https::Proxy \"http://'#{@proxy_hostname}':3128/\";' >> /etc/apt/apt.conf"
+              elsif host.host_hash[:platform].include?("sles")
+                on host, 'rm /etc/sysconfig/proxy'
+                on host, 'echo "PROXY_ENABLED=\"yes\"" >> /etc/sysconfig/proxy'
+                on host, "echo 'HTTP_PROXY=\"http://#{@proxy_hostname}:3128\"' >> /etc/sysconfig/proxy"
+                on host, "echo 'HTTPS_PROXY=\"http://#{@proxy_hostname}:3128\"' >> /etc/sysconfig/proxy"
+                #Needs to not use proxy on the host itself, and master (in order to download the agent)
+                no_proxy_list="localhost,127.0.0.1,#{host.hostname},#{master.hostname}"
+                if any_hosts_as?('compile_master')
+                  no_proxy_list.concat(",#{compile_master}")
+                end
+                on host, "echo \"NO_PROXY='#{no_proxy_list}'\" >> /etc/sysconfig/proxy"
+              else
+                #Hacky work around until we configure puppet_enteprise::repo::config to set proxy=_none_ in the puppet_enteprrise.repo
+                repo_list = on(host, "ls /etc/yum.repos.d/").output.strip.split("\n")
+                repo_list.each do |repo|
+                  on host, "echo \"proxy=http://#{@proxy_hostname}:3128\" >> /etc/yum.repos.d/#{repo}"
+                end
+              end
             end
           end
         end

data/lib/beaker-pe/version.rb CHANGED

@@ -3,7 +3,7 @@ module Beaker
     module PE
       module Version
-        STRING = '2.10.11'
+        STRING = '2.11.0'
       end
     end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: beaker-pe
 version: !ruby/object:Gem::Version
-  version: 2.10.11
+  version: 2.11.0
 platform: ruby
 authors:
 - Puppetlabs
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-10-23 00:00:00.000000000 Z
+date: 2019-11-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec