beaker-pe 2.11.14 → 2.11.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/snyk_merge.yaml +30 -0
  3. data/CODEOWNERS +1 -1
  4. data/lib/beaker-pe/install/pe_utils.rb +68 -4
  5. data/lib/beaker-pe/version.rb +1 -1
  6. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8e9b569e250c94eb451c24254d071bb6fef6894f8a88c2935ce971fff81fe67b
4
- data.tar.gz: abcf48ef49c6ce13258c4228ffc01ec4b53edac71a05617f5e35da6f0c3d28fe
3
+ metadata.gz: c2f1158ec22a1984b9cc1169e67201c868534857f11c243ae59a1d337e2abfb5
4
+ data.tar.gz: abc9ef3725fe4a305a3edbb503a5c48d28934b2539ac1c2cf32a95538059589f
5
5
  SHA512:
6
- metadata.gz: edd113d5a18fadcba0f7eb2a9e01bd4bd3335973cc2eca1a649e32cf52e1e7936c76430d8b5b27dda0b1ab2d0122d4d97baa4ed1869f902515e4e9f68b07f433
7
- data.tar.gz: 7074073427dc6118f5e706eaf600dc8d72b15b8488cb12cc8515e4f52da20a1431fc7b8e7b314e2015e286c7c3d867ea28b7b25e2a3c8de3a25833b9945a7412
6
+ metadata.gz: 2700a7024284981d6697b97c40b9885ae76616a310ad080eb22e108c9115da6ffd4205071524044023e15bc3cc3ceecc06d2025df5de061c26168a529dfbf2ce
7
+ data.tar.gz: 782e10c4809d2f81438f06fc653dd94d420f1c6f34a9a00e9cce1c4ad453ba521e79a49574111fbd3585083e7461c97f2c3476f707b4f84388c5285bc1a940b2
data/.github/workflows/snyk_merge.yaml ADDED
@@ -0,0 +1,30 @@
1
+ ---
2
+ name: Snyk Scan
3
+ on: push
4
+
5
+ # Note: if your workflow involves working from branches
6
+ # on the puppetlabs repos directly rather from a fork
7
+ # you will probably want to use the below for events to
8
+ # reduce the reporting noise.
9
+ # on:
10
+ # push:
11
+ # branches:
12
+ # - main
13
+
14
+ jobs:
15
+ security:
16
+ runs-on: ubuntu-latest
17
+ steps:
18
+ - uses: actions/checkout@master
19
+ - name: setup ruby
20
+ uses: ruby/setup-ruby@v1
21
+ with:
22
+ ruby-version: 2.7
23
+ - name: create lock
24
+ run: bundle lock
25
+ - name: Run Snyk to check for vulnerabilities
26
+ uses: snyk/actions/ruby@master
27
+ env:
28
+ SNYK_TOKEN: ${{ secrets.SNYK_FOSS_KEY }}
29
+ with:
30
+ command: monitor
data/CODEOWNERS CHANGED
@@ -1,5 +1,5 @@
1
1
  #This Repository is maintained by both the beaker, installer, and Night's Watch teams, depending on the location of the changes
2
- * @puppetlabs/beaker
2
+ * @puppetlabs/dio
3
3
  /lib/beaker-pe/install @puppetlabs/installer-and-management
4
4
  /lib/beaker-pe/pe-client-tools @puppetlabs/night-s-watch
5
5
  /spec/beaker-pe/install @puppetlabs/installer-and-management
data/lib/beaker-pe/install/pe_utils.rb CHANGED
@@ -422,12 +422,12 @@ module Beaker
422
422
  end
423
423
 
424
424
  if (host['roles'].include?('master') || host['roles'].include?('pe_postgres')) && version_is_less(host[:pe_ver], '2019.8.5') && hosts.any? {|agent| agent['platform'] =~ /(debian)|(ubuntu)|(sles)/}
425
- on(master, "rm -f #{path_to_gpg_key}")
426
- on(master, "curl #{gpg_url} --output #{path_to_gpg_key}")
425
+ on(host, "rm -f #{path_to_gpg_key}")
426
+ on(host, "curl #{gpg_url} --output #{path_to_gpg_key}")
427
427
  if location == 'pe_repo'
428
428
  gpg_key_overwrite(host, 'pe_repo_env')
429
429
  elsif location == 'pe_repo_env'
430
- on master, puppet('agent -t'), :acceptable_exit_codes => [0,2]
430
+ on host, puppet('agent -t'), :acceptable_exit_codes => [0,2]
431
431
  end
432
432
  end
433
433
  end
@@ -884,6 +884,7 @@ module Beaker
884
884
  end
885
885
 
886
886
  install_hosts.each do |host|
887
+ solaris_key_chain_fix
887
888
 
888
889
  if agent_only_check_needed && hosts_agent_only.include?(host) || install_via_msi?(host)
889
890
  host['type'] = 'aio'
@@ -1332,6 +1333,60 @@ module Beaker
1332
1333
  answers
1333
1334
  end
1334
1335
 
1336
+ # If installing older versions of solaris, make sure the DigiCert cert is added to the keychain
1337
+ def solaris_key_chain_fix
1338
+ digicert = <<-EOM
1339
+ -----BEGIN CERTIFICATE-----
1340
+ MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi
1341
+ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
1342
+ d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg
1343
+ RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV
1344
+ UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu
1345
+ Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG
1346
+ SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y
1347
+ ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If
1348
+ xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV
1349
+ ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO
1350
+ DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ
1351
+ jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/
1352
+ CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi
1353
+ EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM
1354
+ fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY
1355
+ uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK
1356
+ chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t
1357
+ 9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
1358
+ hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD
1359
+ ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2
1360
+ SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd
1361
+ +SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc
1362
+ fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa
1363
+ sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N
1364
+ cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N
1365
+ 0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie
1366
+ 4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI
1367
+ r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1
1368
+ /YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm
1369
+ gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+
1370
+ -----END CERTIFICATE-----
1371
+ EOM
1372
+ hosts.each do |host|
1373
+ if host.platform=~ /solaris-11(\.2)?-(i386|sparc)/
1374
+ create_remote_file(host, "DigiCertTrustedRootG4.crt.pem", digicert)
1375
+ on(host, 'chmod a+r /root/DigiCertTrustedRootG4.crt.pem')
1376
+ on(host, 'cp -p /root/DigiCertTrustedRootG4.crt.pem /etc/certs/CA/')
1377
+ on(host, 'rm /root/DigiCertTrustedRootG4.crt.pem')
1378
+ on(host, '/usr/sbin/svcadm restart /system/ca-certificates')
1379
+ timeout = 60
1380
+ counter = 0
1381
+ while on(host, 'svcs -x ca-certificates').output !~ /State: online/ do
1382
+ raise 'ca-certificates services failed start up' if counter > timeout
1383
+ sleep 5
1384
+ counter = counter + 5
1385
+ end
1386
+ end
1387
+ end
1388
+ end
1389
+
1335
1390
  # Builds the agent_only and not_agent_only arrays needed for installation.
1336
1391
  #
1337
1392
  # @param [Array<Host>] hosts hosts to split up into the arrays
@@ -2016,6 +2071,7 @@ module Beaker
2016
2071
  # @param [Array] agent only nodes from Beaker hosts
2017
2072
  # @param [Hash] opts The Beaker options hash
2018
2073
  def install_agents_only_on(agent_nodes, opts)
2074
+ solaris_key_chain_fix
2019
2075
  unless agent_nodes.empty?
2020
2076
  configure_type_defaults_on(agent_nodes)
2021
2077
 
@@ -2029,7 +2085,15 @@ module Beaker
2029
2085
  end
2030
2086
  end
2031
2087
 
2032
- gpg_key_overwrite(master, 'pe_repo')
2088
+ # pe_postgres node needs new gpg key
2089
+ if hosts.any? {|host| host['roles'].include?('pe_postgres')}
2090
+ gpg_key_overwrite(pe_postgres, 'pe_repo')
2091
+ end
2092
+
2093
+ # pe_repo needs updated with gpg key if sles/ubuntu/debian agent will be used
2094
+ if hosts.any? {|host| host['platform'] =~ /(sles)|(ubuntu)|(debian)/}
2095
+ gpg_key_overwrite(master, 'pe_repo')
2096
+ end
2033
2097
 
2034
2098
  step "Install agents" do
2035
2099
  block_on(agent_nodes, {:run_in_parallel => true}) do |host|
data/lib/beaker-pe/version.rb CHANGED
@@ -3,7 +3,7 @@ module Beaker
3
3
  module PE
4
4
 
5
5
  module Version
6
- STRING = '2.11.14'
6
+ STRING = '2.11.17'
7
7
  end
8
8
 
9
9
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: beaker-pe
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.11.14
4
+ version: 2.11.17
5
5
  platform: ruby
6
6
  authors:
7
7
  - Puppetlabs
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-08-20 00:00:00.000000000 Z
11
+ date: 2022-03-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec
@@ -249,6 +249,7 @@ extensions: []
249
249
  extra_rdoc_files: []
250
250
  files:
251
251
  - ".github/dependabot.yml"
252
+ - ".github/workflows/snyk_merge.yaml"
252
253
  - ".gitignore"
253
254
  - ".rspec"
254
255
  - ".simplecov"
@@ -307,7 +308,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
307
308
  - !ruby/object:Gem::Version
308
309
  version: '0'
309
310
  requirements: []
310
- rubygems_version: 3.0.8
311
+ rubygems_version: 3.0.9
311
312
  signing_key:
312
313
  specification_version: 4
313
314
  summary: Beaker PE DSL Helpers!