beaker-pe 2.11.14 → 2.11.17

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8e9b569e250c94eb451c24254d071bb6fef6894f8a88c2935ce971fff81fe67b
4
- data.tar.gz: abcf48ef49c6ce13258c4228ffc01ec4b53edac71a05617f5e35da6f0c3d28fe
3
+ metadata.gz: c2f1158ec22a1984b9cc1169e67201c868534857f11c243ae59a1d337e2abfb5
4
+ data.tar.gz: abc9ef3725fe4a305a3edbb503a5c48d28934b2539ac1c2cf32a95538059589f
5
5
  SHA512:
6
- metadata.gz: edd113d5a18fadcba0f7eb2a9e01bd4bd3335973cc2eca1a649e32cf52e1e7936c76430d8b5b27dda0b1ab2d0122d4d97baa4ed1869f902515e4e9f68b07f433
7
- data.tar.gz: 7074073427dc6118f5e706eaf600dc8d72b15b8488cb12cc8515e4f52da20a1431fc7b8e7b314e2015e286c7c3d867ea28b7b25e2a3c8de3a25833b9945a7412
6
+ metadata.gz: 2700a7024284981d6697b97c40b9885ae76616a310ad080eb22e108c9115da6ffd4205071524044023e15bc3cc3ceecc06d2025df5de061c26168a529dfbf2ce
7
+ data.tar.gz: 782e10c4809d2f81438f06fc653dd94d420f1c6f34a9a00e9cce1c4ad453ba521e79a49574111fbd3585083e7461c97f2c3476f707b4f84388c5285bc1a940b2
@@ -0,0 +1,30 @@
1
+ ---
2
+ name: Snyk Scan
3
+ on: push
4
+
5
+ # Note: if your workflow involves working from branches
6
+ # on the puppetlabs repos directly rather from a fork
7
+ # you will probably want to use the below for events to
8
+ # reduce the reporting noise.
9
+ # on:
10
+ # push:
11
+ # branches:
12
+ # - main
13
+
14
+ jobs:
15
+ security:
16
+ runs-on: ubuntu-latest
17
+ steps:
18
+ - uses: actions/checkout@master
19
+ - name: setup ruby
20
+ uses: ruby/setup-ruby@v1
21
+ with:
22
+ ruby-version: 2.7
23
+ - name: create lock
24
+ run: bundle lock
25
+ - name: Run Snyk to check for vulnerabilities
26
+ uses: snyk/actions/ruby@master
27
+ env:
28
+ SNYK_TOKEN: ${{ secrets.SNYK_FOSS_KEY }}
29
+ with:
30
+ command: monitor
data/CODEOWNERS CHANGED
@@ -1,5 +1,5 @@
1
1
  #This Repository is maintained by both the beaker, installer, and Night's Watch teams, depending on the location of the changes
2
- * @puppetlabs/beaker
2
+ * @puppetlabs/dio
3
3
  /lib/beaker-pe/install @puppetlabs/installer-and-management
4
4
  /lib/beaker-pe/pe-client-tools @puppetlabs/night-s-watch
5
5
  /spec/beaker-pe/install @puppetlabs/installer-and-management
@@ -422,12 +422,12 @@ module Beaker
422
422
  end
423
423
 
424
424
  if (host['roles'].include?('master') || host['roles'].include?('pe_postgres')) && version_is_less(host[:pe_ver], '2019.8.5') && hosts.any? {|agent| agent['platform'] =~ /(debian)|(ubuntu)|(sles)/}
425
- on(master, "rm -f #{path_to_gpg_key}")
426
- on(master, "curl #{gpg_url} --output #{path_to_gpg_key}")
425
+ on(host, "rm -f #{path_to_gpg_key}")
426
+ on(host, "curl #{gpg_url} --output #{path_to_gpg_key}")
427
427
  if location == 'pe_repo'
428
428
  gpg_key_overwrite(host, 'pe_repo_env')
429
429
  elsif location == 'pe_repo_env'
430
- on master, puppet('agent -t'), :acceptable_exit_codes => [0,2]
430
+ on host, puppet('agent -t'), :acceptable_exit_codes => [0,2]
431
431
  end
432
432
  end
433
433
  end
@@ -884,6 +884,7 @@ module Beaker
884
884
  end
885
885
 
886
886
  install_hosts.each do |host|
887
+ solaris_key_chain_fix
887
888
 
888
889
  if agent_only_check_needed && hosts_agent_only.include?(host) || install_via_msi?(host)
889
890
  host['type'] = 'aio'
@@ -1332,6 +1333,60 @@ module Beaker
1332
1333
  answers
1333
1334
  end
1334
1335
 
1336
+ # If installing older versions of solaris, make sure the DigiCert cert is added to the keychain
1337
+ def solaris_key_chain_fix
1338
+ digicert = <<-EOM
1339
+ -----BEGIN CERTIFICATE-----
1340
+ MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi
1341
+ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
1342
+ d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg
1343
+ RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV
1344
+ UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu
1345
+ Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG
1346
+ SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y
1347
+ ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If
1348
+ xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV
1349
+ ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO
1350
+ DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ
1351
+ jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/
1352
+ CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi
1353
+ EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM
1354
+ fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY
1355
+ uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK
1356
+ chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t
1357
+ 9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
1358
+ hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD
1359
+ ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2
1360
+ SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd
1361
+ +SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc
1362
+ fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa
1363
+ sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N
1364
+ cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N
1365
+ 0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie
1366
+ 4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI
1367
+ r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1
1368
+ /YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm
1369
+ gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+
1370
+ -----END CERTIFICATE-----
1371
+ EOM
1372
+ hosts.each do |host|
1373
+ if host.platform=~ /solaris-11(\.2)?-(i386|sparc)/
1374
+ create_remote_file(host, "DigiCertTrustedRootG4.crt.pem", digicert)
1375
+ on(host, 'chmod a+r /root/DigiCertTrustedRootG4.crt.pem')
1376
+ on(host, 'cp -p /root/DigiCertTrustedRootG4.crt.pem /etc/certs/CA/')
1377
+ on(host, 'rm /root/DigiCertTrustedRootG4.crt.pem')
1378
+ on(host, '/usr/sbin/svcadm restart /system/ca-certificates')
1379
+ timeout = 60
1380
+ counter = 0
1381
+ while on(host, 'svcs -x ca-certificates').output !~ /State: online/ do
1382
+ raise 'ca-certificates services failed start up' if counter > timeout
1383
+ sleep 5
1384
+ counter = counter + 5
1385
+ end
1386
+ end
1387
+ end
1388
+ end
1389
+
1335
1390
  # Builds the agent_only and not_agent_only arrays needed for installation.
1336
1391
  #
1337
1392
  # @param [Array<Host>] hosts hosts to split up into the arrays
@@ -2016,6 +2071,7 @@ module Beaker
2016
2071
  # @param [Array] agent only nodes from Beaker hosts
2017
2072
  # @param [Hash] opts The Beaker options hash
2018
2073
  def install_agents_only_on(agent_nodes, opts)
2074
+ solaris_key_chain_fix
2019
2075
  unless agent_nodes.empty?
2020
2076
  configure_type_defaults_on(agent_nodes)
2021
2077
 
@@ -2029,7 +2085,15 @@ module Beaker
2029
2085
  end
2030
2086
  end
2031
2087
 
2032
- gpg_key_overwrite(master, 'pe_repo')
2088
+ # pe_postgres node needs new gpg key
2089
+ if hosts.any? {|host| host['roles'].include?('pe_postgres')}
2090
+ gpg_key_overwrite(pe_postgres, 'pe_repo')
2091
+ end
2092
+
2093
+ # pe_repo needs updated with gpg key if sles/ubuntu/debian agent will be used
2094
+ if hosts.any? {|host| host['platform'] =~ /(sles)|(ubuntu)|(debian)/}
2095
+ gpg_key_overwrite(master, 'pe_repo')
2096
+ end
2033
2097
 
2034
2098
  step "Install agents" do
2035
2099
  block_on(agent_nodes, {:run_in_parallel => true}) do |host|
@@ -3,7 +3,7 @@ module Beaker
3
3
  module PE
4
4
 
5
5
  module Version
6
- STRING = '2.11.14'
6
+ STRING = '2.11.17'
7
7
  end
8
8
 
9
9
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: beaker-pe
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.11.14
4
+ version: 2.11.17
5
5
  platform: ruby
6
6
  authors:
7
7
  - Puppetlabs
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-08-20 00:00:00.000000000 Z
11
+ date: 2022-03-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec
@@ -249,6 +249,7 @@ extensions: []
249
249
  extra_rdoc_files: []
250
250
  files:
251
251
  - ".github/dependabot.yml"
252
+ - ".github/workflows/snyk_merge.yaml"
252
253
  - ".gitignore"
253
254
  - ".rspec"
254
255
  - ".simplecov"
@@ -307,7 +308,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
307
308
  - !ruby/object:Gem::Version
308
309
  version: '0'
309
310
  requirements: []
310
- rubygems_version: 3.0.8
311
+ rubygems_version: 3.0.9
311
312
  signing_key:
312
313
  specification_version: 4
313
314
  summary: Beaker PE DSL Helpers!