octocatalog-diff 2.1.0 → 2.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 07e53efa197ece3d868ab453f200b49d6fc0718fcd40e8201ab92d04e4787871
4
- data.tar.gz: e60db7eb374631ec5a4f430b58b16f57772e081aeea3b12d7576e3265df4ae6b
3
+ metadata.gz: 27f9f4a1e03865d74c4fbc3bc3e06a2431d1346f177c515abf6c5e27b44102c5
4
+ data.tar.gz: a8ebc11ab363214bd9802e0c6f72f2d5f6c6633b5eb14152da0f9e38f2dd100b
5
5
  SHA512:
6
- metadata.gz: 2b6ce06f9d1d91f8bfeb12f731a8b8d901b794396dd34a6b3e2d29b8e4e7e59d02ceb1f1bdce89ac73d6d3ad14beb2883188810c778ed6ccb431a30b05a9d7b3
7
- data.tar.gz: 2f712011fd71e32caf2bf3e453ce16cae41c2be79a6bdfa12ed0d3bdc1ce62751e86c6f4eea500d243f8a69adf6642f1009250c88b5b85cb1af2ddee67e3a7a0
6
+ metadata.gz: 459315e4f4db1610c4b16d26b1476aff00385692a98ebb1f8328cbec062197ba67be0fb84e92e92a22434b77e28d96dd0b198e54110383222d15b268e67b589e
7
+ data.tar.gz: 770fe20daffa95e8e2938fa0eebd604d20ef0577ce42722f8d0c0d4527e5838f90a4917d6fc8d9e41402062cc8ac37414abbd3896ad5ea1fe76bfb0d6f331ec9
data/.version CHANGED
@@ -1 +1 @@
1
- 2.1.0
1
+ 2.3.0
data/doc/CHANGELOG.md CHANGED
@@ -11,7 +11,7 @@
11
11
  <tr valign=top>
12
12
  <td>2.1.0</td>
13
13
  <td>2020-02-18</td>
14
-
14
+ <td>
15
15
  <li><a href="https://github.com/github/octocatalog-diff/pull/240">#240</a>: (Enhancement) Run CI against Puppet 7 and Ruby 3</li>
16
16
  <li><a href="https://github.com/github/octocatalog-diff/pull/241">#241</a>: (Bug Fix) Fix indent and numbering in several docs</li>
17
17
  <li><a href="https://github.com/github/octocatalog-diff/pull/242">#242</a>: (Enhancement) Handle JSON facts structured as name/values</li>
@@ -22,6 +22,7 @@
22
22
  <tr valign=top>
23
23
  <td>2.0.0</td>
24
24
  <td>2020-01-12</td>
25
+ <td>
25
26
  <li><a href="https://github.com/github/octocatalog-diff/pull/226">#226</a>: (Enhancement) Add Puppet 6 support</li>
26
27
  <li><a href="https://github.com/github/octocatalog-diff/pull/228">#228</a>: (Enhancement) Add Puppetserver catalog v4 API support</li>
27
28
  <li><a href="https://github.com/github/octocatalog-diff/pull/229">#229</a>: (Enhancement) Add support for PE package inventory facts</li>
@@ -32,6 +33,7 @@
32
33
  <tr valign=top>
33
34
  <td>1.6.0</td>
34
35
  <td>2019-10-31</td>
36
+ <td>
35
37
  <li><a href="https://github.com/github/octocatalog-diff/pull/216">#216</a>: (Enhancement) Hide sensitive parameters</li>
36
38
  <li><a href="https://github.com/github/octocatalog-diff/pull/204">#204</a>: (Enhancement) Add glob support for modulepath</li>
37
39
  <li><a href="https://github.com/github/octocatalog-diff/pull/206">#206</a>: (Bug Fix) Fix multi-node list with parallel mode</li>
@@ -21,6 +21,7 @@ However, since applying the catalog could change the content of a file on the ta
21
21
  This feature is available only when the catalogs are being compiled from local code. This feature is not available, and will be automatically disabled, when pulling catalogs from PuppetDB or a Puppet server.
22
22
 
23
23
  Note: In Puppet >= 4.4 there is an option in Puppet itself called "static catalogs" which if enabled will cause the checksum of the file to be included in the catalog. However, the `octocatalog-diff` feature described here is still useful because it can be used to display a "diff" of the change rather than just displaying a "diff" of a checksum.
24
+
24
25
  ## Command line options
25
26
 
26
27
  ### `--compare-file-text` and `--no-compare-file-text`
@@ -39,6 +40,12 @@ If this feature is disabled by default in a configuration file, add `--compare-f
39
40
 
40
41
  Note that the feature will be automatically disabled, regardless of configuration or command line options, if catalogs are being pulled from PuppetDB or a Puppet server.
41
42
 
43
+ ### `--compare-file-text=force`
44
+
45
+ To force the option to be on even in situations when it would be auto-disabled, set the command line argument `--compare-file-text=force`. When the Puppet source code is available, e.g. when compiling a catalog with `--catalog-only`, this will adjust the resulting catalog.
46
+
47
+ If the Puppet source code is not available, forcing the feature on anyway may end up causing an exception. Use this option at your own risk.
48
+
42
49
  ### `--compare-file-text-ignore-tags`
43
50
 
44
51
  To disable this feature for specific `file` resources, set a tag on the resources for which the comparison is undesired. For example:
@@ -24,7 +24,7 @@ Here is the list of available filters and an explanation of each:
24
24
 
25
25
  #### Description
26
26
 
27
- When the `AbsentFile` filter is enabled, if any file is `ensure => absent` in the *new* catalog, then changes to any other parameters will be suppressed.
27
+ When the `AbsentFile` filter is enabled, if any file is `ensure => absent` in the _new_ catalog, then changes to any other parameters will be suppressed.
28
28
 
29
29
  Consider that a file resource is declared as follows in two catalogs:
30
30
 
@@ -71,6 +71,25 @@ Wouldn't it be nice if the meaningless information didn't appear, and all you sa
71
71
  + absent
72
72
  ```
73
73
 
74
+ ## Equivalent Array (not considering datatypes)
75
+
76
+ #### Usage
77
+
78
+ ```
79
+ --filters EquivalentArrayNoDatatypes
80
+ ```
81
+
82
+ #### Description
83
+
84
+ In an array, ignore changes where the old and new arrays are "equivalent" as described below. This is useful when octocatalog-diff is comparing changes between a catalog with stringified values and a catalog with non-stringified values.
85
+
86
+ The following are considered equivalent when this filter is engaged:
87
+
88
+ - Stringified integers (`[0, 1]` and `['0', '1']`)
89
+ - Stringified floats (`[0.0, 1.0]` and `['0.0', '1.0']`)
90
+ - Numerically-equal integers and floats (`[0, 1]` and `[0.0, 1.0]`)
91
+ - Symbols and corresponding strings (`[:foo, :bar]` and `[':foo', ':bar']`)
92
+
74
93
  ## JSON
75
94
 
76
95
  #### Usage
@@ -105,7 +124,7 @@ New: { "notify": [ "Service[foo]" ] }
105
124
  This filter will suppress differences for the value of a parameter when:
106
125
 
107
126
  - The value in one catalog is an object, AND
108
- - The value in the other catalog is an array containing *only* that same object
127
+ - The value in the other catalog is an array containing _only_ that same object
109
128
 
110
129
  ## YAML
111
130
 
@@ -32,6 +32,7 @@ The following settings can be used in a [configuration file](/doc/configuration.
32
32
  | --- | --- |
33
33
  | `settings[:puppetdb_url]` | PuppetDB URL settings. If this is a string, it will set a single PuppetDB URL. If it is an array, it will set multiple URLs, which will be tried in a random order until one responds. |
34
34
  | `settings[:puppetdb_ssl_ca]` | Path to the certificate of the CA that signed PuppetDB's certificate. This file should contain only the public certificate, so it is safe to distribute to developer workstations or CI environments. |
35
+ | `settings[:puppetdb_ssl_crl]` | Path to the Certificate Revocation List provided by Puppetserver.
35
36
  | `settings[:puppetdb_ssl_client_cert]` | TEXT of the certificate of the client SSL keypair used to authenticate to PuppetDB. Note: This variable is not set to a file path, which means you will likely want to use `File.read(...)` if you are configuring this to be read from a file. |
36
37
  | `settings[:puppetdb_ssl_client_key]` | TEXT of the private key of the client SSL keypair used to authenticate to PuppetDB. Note: This variable is not set to a file path, which means you will likely want to use means you will likely want to use `File.read(...)` if you are configuring this to be read from a file. |
37
38
  | `settings[:puppetdb_ssl_client_pem]` | Concatenation of the text of `puppetdb_ssl_client_key` and `puppetdb_ssl_client_cert` as previously described. This is a good alternative if your certificate chain is complex and it's easier just to put everything in a single place. Note: this option is second in precedence; if `settings[:puppetdb_ssl_client_cert]` and `settings[:puppetdb_ssl_client_key]` are both set, this will be ignored. |
@@ -46,6 +47,7 @@ The following arguments can be used on the command line.
46
47
  | --- | --- |
47
48
  | --puppetdb-url https://puppetdb.example.net:8081 | PuppetDB URL. The argument should match the `server_urls` configuration setting as described previously. Please note that only one URL is supported via the command line method, so if you have multiple `server_urls` URLs specified, you can only choose one. To use multiple URLs for failover purposes, please configure via configuration files. |
48
49
  | --puppetdb-ssl-ca FILENAME | Path to the certificate of the CA that signed PuppetDB's certificate. This file should contain only the public certificate, so it is safe to distribute to developer workstations or CI environments. |
50
+ | --puppetdb-ssl-crl FILENAME | Path to the Certificate Revocation List of the CA that signed PuppetDB's certificate. |
49
51
  | --puppetdb-ssl-client-cert FILENAME | Path to the certificate of the client SSL keypair. |
50
52
  | --puppetdb-ssl-client-key FILENAME | Path to the private key of the client SSL keypair. |
51
53
  | --puppetdb-ssl-client-password PASSWORD_STRING | Plain text string containing the password to unlock the private key. For keys generated by the Puppet Master CA, this is not required. |
data/doc/limitations.md CHANGED
@@ -6,7 +6,7 @@ Testing of Puppet catalogs is faster than running the agent, but you need to be
6
6
 
7
7
  octocatalog-diff by default uses the facts reported from a node's more recent Puppet run. If you have made changes to custom facts, catalog testing will **NOT** be an adequate test of whether your custom facts worked. (You can still use octocatalog-diff to help predict changes to nodes based on changes to facts, by overriding facts on the command line.)
8
8
 
9
- 1. Agents handle depenency ordering and implementation details
9
+ 1. Agents handle dependency ordering and implementation details
10
10
 
11
11
  The catalog defines the state of the system, but it's up to the agent to determine how to bring the system to a point that matches the catalog. The agent is responsible for order of operations and actually making the change.
12
12
 
data/doc/optionsref.md CHANGED
@@ -66,7 +66,10 @@ Usage: octocatalog-diff [command line options]
66
66
  --[no-]display-source Show source file and line for each difference
67
67
  --[no-]validate-references "before,require,subscribe,notify"
68
68
  References to validate
69
- --[no-]compare-file-text Compare text, not source location, of file resources
69
+ --[no-]compare-file-text[=force]
70
+ Compare text, not source location, of file resources
71
+ --storeconfigs-backend TERMINUS
72
+ Set the terminus used for storeconfigs
70
73
  --[no-]storeconfigs Enable integration with puppetdb for collected resources
71
74
  --retry-failed-catalog N Retry building a failed catalog N times
72
75
  --no-enc Disable ENC
@@ -106,6 +109,7 @@ Usage: octocatalog-diff [command line options]
106
109
  --puppetdb-token-file PATH Path containing token for PuppetDB API, relative or absolute
107
110
  --puppetdb-url URL PuppetDB base URL
108
111
  --puppetdb-ssl-ca FILENAME CA certificate that signed the PuppetDB certificate
112
+ --puppetdb-ssl-crl FILENAME Certificate Revocation List provided by the Puppetserver
109
113
  --puppetdb-ssl-client-cert FILENAME
110
114
  SSL client certificate to connect to PuppetDB
111
115
  --puppetdb-ssl-client-key FILENAME
@@ -372,7 +376,14 @@ diffing activity. The catalog will be printed to STDOUT or written to the output
372
376
  When a file is specified with `source => 'puppet:///modules/something/foo.txt'`, remove
373
377
  the 'source' attribute and populate the 'content' attribute with the text of the file.
374
378
  This allows for a diff of the content, rather than a diff of the location, which is
375
- what is most often desired. (<a href="../lib/octocatalog-diff/cli/options/compare_file_text.rb">compare_file_text.rb</a>)
379
+ what is most often desired.
380
+ This has historically been a binary option, so --compare-file-text with no argument will
381
+ set this to `true` and --no-compare-file-text will set this to `false`. Note that
382
+ --no-compare-file-text does not accept an argument.
383
+ File text comparison will be auto-disabled in circumstances other than compiling and
384
+ comparing two catalogs. To force file text comparison to be enabled at other times,
385
+ set --compare-file-text=force. This allows the content of the file to be substituted
386
+ in to --catalog-only compilations, for example. (<a href="../lib/octocatalog-diff/cli/options/compare_file_text.rb">compare_file_text.rb</a>)
376
387
  </td>
377
388
  </tr>
378
389
 
@@ -387,7 +398,14 @@ what is most often desired. (<a href="../lib/octocatalog-diff/cli/options/compar
387
398
  When a file is specified with `source => 'puppet:///modules/something/foo.txt'`, remove
388
399
  the 'source' attribute and populate the 'content' attribute with the text of the file.
389
400
  This allows for a diff of the content, rather than a diff of the location, which is
390
- what is most often desired. (<a href="../lib/octocatalog-diff/cli/options/compare_file_text.rb">compare_file_text.rb</a>)
401
+ what is most often desired.
402
+ This has historically been a binary option, so --compare-file-text with no argument will
403
+ set this to `true` and --no-compare-file-text will set this to `false`. Note that
404
+ --no-compare-file-text does not accept an argument.
405
+ File text comparison will be auto-disabled in circumstances other than compiling and
406
+ comparing two catalogs. To force file text comparison to be enabled at other times,
407
+ set --compare-file-text=force. This allows the content of the file to be substituted
408
+ in to --catalog-only compilations, for example. (<a href="../lib/octocatalog-diff/cli/options/compare_file_text.rb">compare_file_text.rb</a>)
391
409
  </td>
392
410
  </tr>
393
411
 
@@ -1492,6 +1510,18 @@ the text of the password won't appear in the process list. (<a href="../lib/octo
1492
1510
  </td>
1493
1511
  </tr>
1494
1512
 
1513
+ <tr>
1514
+ <td valign=top>
1515
+ <pre><code>--puppetdb-ssl-crl FILENAME</code></pre>
1516
+ </td>
1517
+ <td valign=top>
1518
+ Certificate Revocation List provided by the Puppetserver
1519
+ </td>
1520
+ <td valign=top>
1521
+ Specify the Certificate Revocation List for PuppetDB SSL. (<a href="../lib/octocatalog-diff/cli/options/puppetdb_ssl_crl.rb">puppetdb_ssl_crl.rb</a>)
1522
+ </td>
1523
+ </tr>
1524
+
1495
1525
  <tr>
1496
1526
  <td valign=top>
1497
1527
  <pre><code>--puppetdb-token TOKEN</code></pre>
@@ -1600,6 +1630,18 @@ cached directory). (<a href="../lib/octocatalog-diff/cli/options/safe_to_delete_
1600
1630
  </td>
1601
1631
  </tr>
1602
1632
 
1633
+ <tr>
1634
+ <td valign=top>
1635
+ <pre><code>--storeconfigs-backend TERMINUS</code></pre>
1636
+ </td>
1637
+ <td valign=top>
1638
+ Set the terminus used for storeconfigs
1639
+ </td>
1640
+ <td valign=top>
1641
+ Set storeconfigs (integration with PuppetDB for collected resources) (<a href="../lib/octocatalog-diff/cli/options/storeconfigs_backend.rb">storeconfigs_backend.rb</a>)
1642
+ </td>
1643
+ </tr>
1644
+
1603
1645
  <tr>
1604
1646
  <td valign=top>
1605
1647
  <pre><code>--suppress-absent-file-details
@@ -74,7 +74,7 @@ module OctocatalogDiff
74
74
  return value if datatype == 'string'
75
75
  return parse_json(value) if datatype == 'json'
76
76
  return nil if datatype == 'nil'
77
- if datatype == 'fixnum' || datatype == 'integer'
77
+ if ['fixnum', 'integer'].include? datatype
78
78
  return Regexp.last_match(1).to_i if value =~ /^(-?\d+)$/
79
79
  raise ArgumentError, "Illegal integer '#{value}'"
80
80
  end
@@ -262,7 +262,7 @@ module OctocatalogDiff
262
262
  # Process each attribute in the resource
263
263
  resource.each do |k, v|
264
264
  # Title was pre-processed
265
- next if k == 'title' || k == 'type'
265
+ next if ['title', 'type'].include? k
266
266
 
267
267
  # Handle parameters
268
268
  if k == 'parameters'
@@ -272,7 +272,7 @@ module OctocatalogDiff
272
272
  # The order of tags is unimportant. Sort this array to avoid false diffs if order changes.
273
273
  # Also if tags is empty, don't add.
274
274
  hsh[k] = v.sort if v.is_a?(Array) && v.any?
275
- elsif k == 'file' || k == 'line'
275
+ elsif ['file', 'line'].include? k
276
276
  # We don't care, for the purposes of catalog-diff, from which manifest and line this resource originated.
277
277
  # However, we may report this to the user, so we will keep it in here for now.
278
278
  hsh[k] = v
@@ -354,7 +354,7 @@ module OctocatalogDiff
354
354
  elsif operator == '=->'
355
355
  # String equality test only of the old value
356
356
  matcher = ->(x, _y) { x == value }
357
- elsif operator == '=~>' || operator == '=&>'
357
+ elsif ['=~>', '=&>'].include? operator
358
358
  begin
359
359
  my_regex = Regexp.new(value, Regexp::IGNORECASE)
360
360
  rescue RegexpError => exc
@@ -558,7 +558,7 @@ module OctocatalogDiff
558
558
 
559
559
  # Added a new key that points to some kind of data structure that we know how
560
560
  # to handle.
561
- classes = [String, Integer, Float, TrueClass, FalseClass, Array, Hash]
561
+ classes = [String, Integer, Float, TrueClass, FalseClass, Array, Hash, NilClass]
562
562
  if obj[1] =~ /^(.+)\f([^\f]+)$/ && OctocatalogDiff::Util::Util.object_is_any_of?(obj[2], classes)
563
563
  hashdiff_add_remove.add(obj[1])
564
564
  next
@@ -307,7 +307,7 @@ module OctocatalogDiff
307
307
  # @param string_in [String] Input string, which might contain trailing whitespace
308
308
  # @return [String] Modified string
309
309
  def self.make_trailing_whitespace_visible(string_in)
310
- return string_in unless string_in =~ /\A((?:.|\n)*?)(\s+)(\e\[0m)?\Z/
310
+ return string_in unless string_in =~ /\A((?:.|\n){1,1000}?)(\s+)(\e\[0m)?\Z/
311
311
  beginning = Regexp.last_match(1)
312
312
  trailing_space = Regexp.last_match(2)
313
313
  end_escape = Regexp.last_match(3)
@@ -457,7 +457,7 @@ module OctocatalogDiff
457
457
  def self.stringify_for_diffy(obj)
458
458
  return JSON.pretty_generate(obj) if OctocatalogDiff::Util::Util.object_is_any_of?(obj, [Hash, Array])
459
459
  return '""' if obj.is_a?(String) && obj == ''
460
- return obj if OctocatalogDiff::Util::Util.object_is_any_of?(obj, [String, Fixnum, Integer, Float])
460
+ return obj if OctocatalogDiff::Util::Util.object_is_any_of?(obj, [String, Integer, Float])
461
461
  "#{class_name_for_diffy(obj.class)}: #{obj.inspect}"
462
462
  end
463
463
 
@@ -0,0 +1,64 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative '../filter'
4
+
5
+ module OctocatalogDiff
6
+ module CatalogDiff
7
+ class Filter
8
+ # Filter out changes in parameters where the elements of an array are the
9
+ # same values but different data types. For example, this would filter out
10
+ # the following diffs:
11
+ # Exec[some command] =>
12
+ # parameters =>
13
+ # returns =>
14
+ # - ["0", "1"]
15
+ # + [0, 1]
16
+ class EquivalentArrayNoDatatypes < OctocatalogDiff::CatalogDiff::Filter
17
+ # Public: Implement the filter for arrays that have the same elements
18
+ # but possibly different data types.
19
+ #
20
+ # @param diff [OctocatalogDiff::API::V1::Diff] Difference
21
+ # @param _options [Hash] Additional options (there are none for this filter)
22
+ # @return [Boolean] true if this should be filtered out, false otherwise
23
+ def filtered?(diff, _options = {})
24
+ # Skip additions or removals - focus only on changes
25
+ return false unless diff.change?
26
+ old_value = diff.old_value
27
+ new_value = diff.new_value
28
+
29
+ # Skip unless both the old and new values are arrays.
30
+ return false unless old_value.is_a?(Array) && new_value.is_a?(Array)
31
+
32
+ # Avoid generating comparable values if the arrays are a different
33
+ # size, because there's no possible way that they are equivalent.
34
+ return false unless old_value.size == new_value.size
35
+
36
+ # Generate and then compare the comparable arrays.
37
+ old_value.map { |x| comparable_value(x) } == new_value.map { |x| comparable_value(x) }
38
+ end
39
+
40
+ # Private: Get a more easily comparable value for an array element.
41
+ # Integers, floats, and strings that look like integers or floats become
42
+ # floats, and symbols are converted to string representation.
43
+ #
44
+ # @param input [any] Value to convert
45
+ # @return [any] "Comparable" value
46
+ def comparable_value(input)
47
+ # Any string that looks like a number is converted to a float.
48
+ if input.is_a?(String) && input =~ /\A-?(([0-9]*\.[0-9]+)|([0-9]+))\z/
49
+ return input.to_f
50
+ end
51
+
52
+ # Any number is converted to a float
53
+ return input.to_f if input.is_a?(Integer) || input.is_a?(Float)
54
+
55
+ # Symbols are converted to ":xxx" strings.
56
+ return ":#{input}" if input.is_a?(Symbol)
57
+
58
+ # Everything else is unconverted.
59
+ input
60
+ end
61
+ end
62
+ end
63
+ end
64
+ end
@@ -1,6 +1,7 @@
1
1
  require_relative '../api/v1/diff'
2
2
  require_relative 'filter/absent_file'
3
3
  require_relative 'filter/compilation_dir'
4
+ require_relative 'filter/equivalent_array_no_datatypes'
4
5
  require_relative 'filter/json'
5
6
  require_relative 'filter/single_item_array'
6
7
  require_relative 'filter/yaml'
@@ -14,7 +15,7 @@ module OctocatalogDiff
14
15
  attr_accessor :logger
15
16
 
16
17
  # List the available filters here (by class name) for use in the validator method.
17
- AVAILABLE_FILTERS = %w(AbsentFile CompilationDir JSON SingleItemArray YAML).freeze
18
+ AVAILABLE_FILTERS = %w(AbsentFile CompilationDir EquivalentArrayNoDatatypes JSON SingleItemArray YAML).freeze
18
19
 
19
20
  # Public: Determine whether a particular filter exists. This can be used to validate
20
21
  # a user-submitted filter.
@@ -33,6 +33,7 @@ module OctocatalogDiff
33
33
  # :hiera_path [String] relative path to hiera data files (mutually exclusive with :hiera_path_strip)
34
34
  # :hiera_path_strip [String] string to strip off the beginning of :datadir
35
35
  # :puppetdb_ssl_ca [String] Path to SSL CA certificate
36
+ # :puppetdb_ssl_crl [String] Path to Certificate Revocation List
36
37
  # :puppetdb_ssl_client_key [String] String representation of SSL client key
37
38
  # :puppetdb_ssl_client_cert [String] String representation of SSL client certificate
38
39
  # :puppetdb_ssl_client_password [String] Password to unlock SSL private key
@@ -154,7 +155,7 @@ module OctocatalogDiff
154
155
  elsif options[:fact_file]
155
156
  raise Errno::ENOENT, "Fact file #{options[:fact_file]} does not exist" unless File.file?(options[:fact_file])
156
157
  fact_file_opts = { fact_file_string: File.read(options[:fact_file]) }
157
- fact_file_opts[:backend] = Regexp.last_match(1).to_sym if options[:fact_file] =~ /.*\.(\w+)$/
158
+ fact_file_opts[:backend] = Regexp.last_match(1).to_sym if options[:fact_file] =~ /.{1,1000}\.(\w+)$/
158
159
  OctocatalogDiff::Facts.new(fact_file_opts)
159
160
  else
160
161
  raise ArgumentError, 'No facts passed to "install_fact_file" method'
@@ -207,7 +208,7 @@ module OctocatalogDiff
207
208
  enc_path = File.join(@tempdir, 'enc.sh')
208
209
  File.open(enc_path, 'w') do |f|
209
210
  f.write "#!/bin/sh\n"
210
- f.write "cat <<-EOF\n"
211
+ f.write "cat <<-'EOF'\n"
211
212
  f.write enc_obj.content
212
213
  f.write "\nEOF\n"
213
214
  end
@@ -273,6 +274,9 @@ module OctocatalogDiff
273
274
 
274
275
  # SSL CA provided?
275
276
  install_ssl_ca(logger, options) if options[:puppetdb_ssl_ca]
277
+
278
+ # SSL CRL provided?
279
+ install_ssl_crl(logger, options) if options[:puppetdb_ssl_crl]
276
280
  end
277
281
 
278
282
  private
@@ -360,6 +364,18 @@ module OctocatalogDiff
360
364
  logger.debug "Installed CA certificate in #{ca_outfile}"
361
365
  end
362
366
 
367
+ # Install SSL Certificate Revocation List
368
+ # @param logger [Logger] Logger object
369
+ # @param options [Hash] Options hash
370
+ def install_ssl_crl(logger, options)
371
+ crl_file = options[:puppetdb_ssl_crl]
372
+ raise Errno::ENOENT, 'SSL CRL file does not exist' unless File.file?(crl_file)
373
+ crl_content = File.read(crl_file)
374
+ crl_outfile = File.join(@tempdir, 'var', 'ssl', 'crl.pem')
375
+ File.open(crl_outfile, 'w') { |f| f.write(crl_content) }
376
+ logger.debug "Installed Certificate Revocation List in #{crl_outfile}"
377
+ end
378
+
363
379
  # Install SSL keypair for client certificate authentication
364
380
  # @param logger [Logger] Logger object
365
381
  # @param options [Hash] Options hash
@@ -72,7 +72,12 @@ module OctocatalogDiff
72
72
 
73
73
  # storeconfigs?
74
74
  if @options[:storeconfigs]
75
- cmdline.concat %w(--storeconfigs --storeconfigs_backend=puppetdb)
75
+ if @options[:storeconfigs_backend]
76
+ cmdline << '--storeconfigs'
77
+ cmdline << "--storeconfigs_backend=#{Shellwords.escape(@options[:storeconfigs_backend])}"
78
+ else
79
+ cmdline.concat %w(--storeconfigs --storeconfigs_backend=puppetdb)
80
+ end
76
81
  else
77
82
  cmdline << '--no-storeconfigs'
78
83
  end
@@ -91,7 +96,7 @@ module OctocatalogDiff
91
96
  facts_terminus = @options.fetch(:facts_terminus, 'yaml')
92
97
  if facts_terminus == 'yaml'
93
98
  cmdline << "--factpath=#{Shellwords.escape(File.join(@compilation_dir, 'var', 'yaml', 'facts'))}"
94
- if @options[:fact_file].is_a?(String) && @options[:fact_file] =~ /.*\.(\w+)$/
99
+ if @options[:fact_file].is_a?(String) && @options[:fact_file] =~ /.*{1,1000}\.(\w+)$/
95
100
  fact_file = File.join(@compilation_dir, 'var', 'yaml', 'facts', "#{@node}.#{Regexp.last_match(1)}")
96
101
  FileUtils.cp @options[:fact_file], fact_file unless File.file?(fact_file) || @options[:fact_file] == fact_file
97
102
  end
@@ -4,14 +4,30 @@
4
4
  # the 'source' attribute and populate the 'content' attribute with the text of the file.
5
5
  # This allows for a diff of the content, rather than a diff of the location, which is
6
6
  # what is most often desired.
7
+ #
8
+ # This has historically been a binary option, so --compare-file-text with no argument will
9
+ # set this to `true` and --no-compare-file-text will set this to `false`. Note that
10
+ # --no-compare-file-text does not accept an argument.
11
+ #
12
+ # File text comparison will be auto-disabled in circumstances other than compiling and
13
+ # comparing two catalogs. To force file text comparison to be enabled at other times,
14
+ # set --compare-file-text=force. This allows the content of the file to be substituted
15
+ # in to --catalog-only compilations, for example.
16
+ #
7
17
  # @param parser [OptionParser object] The OptionParser argument
8
18
  # @param options [Hash] Options hash being constructed; this is modified in this method.
9
19
  OctocatalogDiff::Cli::Options::Option.newoption(:compare_file_text) do
10
20
  has_weight 210
11
21
 
12
22
  def parse(parser, options)
13
- parser.on('--[no-]compare-file-text', 'Compare text, not source location, of file resources') do |x|
14
- options[:compare_file_text] = x
23
+ parser.on('--[no-]compare-file-text[=force]', 'Compare text, not source location, of file resources') do |x|
24
+ if x == 'force'
25
+ options[:compare_file_text] = :force
26
+ elsif [true, false].include? x
27
+ options[:compare_file_text] = x
28
+ else
29
+ raise OptionParser::NeedlessArgument("needless argument: --compare-file-text=#{x}")
30
+ end
15
31
  end
16
32
  end
17
33
  end
@@ -0,0 +1,16 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Specify the Certificate Revocation List for PuppetDB SSL.
4
+ # @param parser [OptionParser object] The OptionParser argument
5
+ # @param options [Hash] Options hash being constructed; this is modified in this method.
6
+ OctocatalogDiff::Cli::Options::Option.newoption(:puppetdb_ssl_crl) do
7
+ has_weight 310
8
+ order_within_weight 11
9
+
10
+ def parse(parser, options)
11
+ parser.on('--puppetdb-ssl-crl FILENAME', 'Certificate Revocation List provided by the Puppetserver') do |x|
12
+ raise Errno::ENOENT, "--puppetdb-ssl-crl #{x} does not point to a valid file" unless File.file?(x)
13
+ options[:puppetdb_ssl_crl] = x
14
+ end
15
+ end
16
+ end
@@ -0,0 +1,14 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Set storeconfigs (integration with PuppetDB for collected resources)
4
+ # @param parser [OptionParser object] The OptionParser argument
5
+ # @param options [Hash] Options hash being constructed; this is modified in this method.
6
+ OctocatalogDiff::Cli::Options::Option.newoption(:storeconfigs) do
7
+ has_weight 220
8
+
9
+ def parse(parser, options)
10
+ parser.on('--storeconfigs-backend TERMINUS', 'Set the terminus used for storeconfigs') do |x|
11
+ options[:storeconfigs_backend] = x
12
+ end
13
+ end
14
+ end
@@ -99,7 +99,7 @@ module OctocatalogDiff
99
99
  # option will populate any of the 'to' and 'from' variants that are missing.
100
100
  # @param :datatype [?] Expected data type
101
101
  def self.option_globally_or_per_branch(opts = {})
102
- opts[:filename] = caller[0].split(':').first
102
+ opts[:filename] = opts[:filename] = caller[0].split(':').first
103
103
  datatype = opts.fetch(:datatype, '')
104
104
  return option_globally_or_per_branch_string(opts) if datatype.is_a?(String)
105
105
  return option_globally_or_per_branch_array(opts) if datatype.is_a?(Array)
@@ -43,6 +43,7 @@ module OctocatalogDiff
43
43
  compare_file_text: true,
44
44
  display_datatype_changes: true,
45
45
  parallel: true,
46
+ storeconfigs_backend: 'puppetdb',
46
47
  suppress_absent_file_details: true,
47
48
  hiera_path: 'hieradata',
48
49
  use_lcs: true
@@ -37,6 +37,7 @@ module OctocatalogDiff
37
37
  # @param :puppetdb_port [Integer] Port number, defaults to 8080 (non-SSL) or 8081 (SSL)
38
38
  # @param :puppetdb_ssl [Boolean] defaults to true, because you should use SSL
39
39
  # @param :puppetdb_ssl_ca [String] Path to file containing CA certificate
40
+ # @param :puppetdb_ssl_crl [String] Path to file containing CRL file
40
41
  # @param :puppetdb_ssl_verify [Boolean] Override the CA verification setting guessed from parameters
41
42
  # @param :puppetdb_ssl_client_pem [String] PEM-encoded client key and certificate
42
43
  # @param :puppetdb_ssl_client_p12 [String] pkcs12-encoded client key and certificate
@@ -71,6 +71,12 @@ module OctocatalogDiff
71
71
  if @options.fetch(:compare_file_text, false)
72
72
  result.each do |_key, builder_obj|
73
73
  next if builder_obj.convert_file_resources(true)
74
+
75
+ if @options[:compare_file_text] == :force
76
+ @logger.debug "--compare-file-text is force-enabled even though it is not supported by #{builder_obj.builder}"
77
+ next
78
+ end
79
+
74
80
  @logger.debug "Disabling --compare-file-text; not supported by #{builder_obj.builder}"
75
81
  @options[:compare_file_text] = false
76
82
  catalog_tasks.map! do |x|
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: octocatalog-diff
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.0
4
+ version: 2.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - GitHub, Inc.
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2021-02-18 00:00:00.000000000 Z
12
+ date: 2024-09-17 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: diffy
@@ -31,14 +31,14 @@ dependencies:
31
31
  requirements:
32
32
  - - ">="
33
33
  - !ruby/object:Gem::Version
34
- version: 0.11.0
34
+ version: 0.21.0
35
35
  type: :runtime
36
36
  prerelease: false
37
37
  version_requirements: !ruby/object:Gem::Requirement
38
38
  requirements:
39
39
  - - ">="
40
40
  - !ruby/object:Gem::Version
41
- version: 0.11.0
41
+ version: 0.21.0
42
42
  - !ruby/object:Gem::Dependency
43
43
  name: hashdiff
44
44
  requirement: !ruby/object:Gem::Requirement
@@ -81,6 +81,34 @@ dependencies:
81
81
  - - ">="
82
82
  - !ruby/object:Gem::Version
83
83
  version: 0.25.0b2
84
+ - !ruby/object:Gem::Dependency
85
+ name: puppet
86
+ requirement: !ruby/object:Gem::Requirement
87
+ requirements:
88
+ - - '='
89
+ - !ruby/object:Gem::Version
90
+ version: 5.5.22
91
+ type: :runtime
92
+ prerelease: false
93
+ version_requirements: !ruby/object:Gem::Requirement
94
+ requirements:
95
+ - - '='
96
+ - !ruby/object:Gem::Version
97
+ version: 5.5.22
98
+ - !ruby/object:Gem::Dependency
99
+ name: puppet
100
+ requirement: !ruby/object:Gem::Requirement
101
+ requirements:
102
+ - - '='
103
+ - !ruby/object:Gem::Version
104
+ version: 5.5.22
105
+ type: :development
106
+ prerelease: false
107
+ version_requirements: !ruby/object:Gem::Requirement
108
+ requirements:
109
+ - - '='
110
+ - !ruby/object:Gem::Version
111
+ version: 5.5.22
84
112
  - !ruby/object:Gem::Dependency
85
113
  name: rspec
86
114
  requirement: !ruby/object:Gem::Requirement
@@ -101,14 +129,14 @@ dependencies:
101
129
  requirements:
102
130
  - - '='
103
131
  - !ruby/object:Gem::Version
104
- version: 12.3.1
132
+ version: 12.3.3
105
133
  type: :development
106
134
  prerelease: false
107
135
  version_requirements: !ruby/object:Gem::Requirement
108
136
  requirements:
109
137
  - - '='
110
138
  - !ruby/object:Gem::Version
111
- version: 12.3.1
139
+ version: 12.3.3
112
140
  - !ruby/object:Gem::Dependency
113
141
  name: parallel_tests
114
142
  requirement: !ruby/object:Gem::Requirement
@@ -143,14 +171,14 @@ dependencies:
143
171
  requirements:
144
172
  - - '='
145
173
  - !ruby/object:Gem::Version
146
- version: 0.48.1
174
+ version: 0.49.0
147
175
  type: :development
148
176
  prerelease: false
149
177
  version_requirements: !ruby/object:Gem::Requirement
150
178
  requirements:
151
179
  - - '='
152
180
  - !ruby/object:Gem::Version
153
- version: 0.48.1
181
+ version: 0.49.0
154
182
  - !ruby/object:Gem::Dependency
155
183
  name: simplecov
156
184
  requirement: !ruby/object:Gem::Requirement
@@ -179,25 +207,11 @@ dependencies:
179
207
  - - "~>"
180
208
  - !ruby/object:Gem::Version
181
209
  version: 0.1.1
182
- - !ruby/object:Gem::Dependency
183
- name: puppet
184
- requirement: !ruby/object:Gem::Requirement
185
- requirements:
186
- - - "~>"
187
- - !ruby/object:Gem::Version
188
- version: 5.5.8
189
- type: :development
190
- prerelease: false
191
- version_requirements: !ruby/object:Gem::Requirement
192
- requirements:
193
- - - "~>"
194
- - !ruby/object:Gem::Version
195
- version: 5.5.8
196
- description: |
197
- Octocatalog-Diff assists with Puppet development and testing by enabling the user to
198
- compile 2 Puppet catalogs and compare them. It is possible to compare different
199
- branches, different versions, and different fact values. This is intended to be run
200
- from a local development environment or in CI.
210
+ description: |2
211
+ Octocatalog-Diff assists with Puppet development and testing by enabling the user to
212
+ compile 2 Puppet catalogs and compare them. It is possible to compare different
213
+ branches, different versions, and different fact values. This is intended to be run
214
+ from a local development environment or in CI.
201
215
  email: opensource+octocatalog-diff@github.com
202
216
  executables:
203
217
  - octocatalog-diff
@@ -279,6 +293,7 @@ files:
279
293
  - lib/octocatalog-diff/catalog-diff/filter.rb
280
294
  - lib/octocatalog-diff/catalog-diff/filter/absent_file.rb
281
295
  - lib/octocatalog-diff/catalog-diff/filter/compilation_dir.rb
296
+ - lib/octocatalog-diff/catalog-diff/filter/equivalent_array_no_datatypes.rb
282
297
  - lib/octocatalog-diff/catalog-diff/filter/json.rb
283
298
  - lib/octocatalog-diff/catalog-diff/filter/single_item_array.rb
284
299
  - lib/octocatalog-diff/catalog-diff/filter/yaml.rb
@@ -370,6 +385,7 @@ files:
370
385
  - lib/octocatalog-diff/cli/options/puppetdb_ssl_client_key.rb
371
386
  - lib/octocatalog-diff/cli/options/puppetdb_ssl_client_password.rb
372
387
  - lib/octocatalog-diff/cli/options/puppetdb_ssl_client_password_file.rb
388
+ - lib/octocatalog-diff/cli/options/puppetdb_ssl_crl.rb
373
389
  - lib/octocatalog-diff/cli/options/puppetdb_token.rb
374
390
  - lib/octocatalog-diff/cli/options/puppetdb_token_file.rb
375
391
  - lib/octocatalog-diff/cli/options/puppetdb_url.rb
@@ -378,6 +394,7 @@ files:
378
394
  - lib/octocatalog-diff/cli/options/safe_to_delete_cached_master_dir.rb
379
395
  - lib/octocatalog-diff/cli/options/save_catalog.rb
380
396
  - lib/octocatalog-diff/cli/options/storeconfigs.rb
397
+ - lib/octocatalog-diff/cli/options/storeconfigs_backend.rb
381
398
  - lib/octocatalog-diff/cli/options/suppress_absent_file_details.rb
382
399
  - lib/octocatalog-diff/cli/options/to_from_branch.rb
383
400
  - lib/octocatalog-diff/cli/options/truncate_details.rb
@@ -420,14 +437,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
420
437
  requirements:
421
438
  - - ">="
422
439
  - !ruby/object:Gem::Version
423
- version: 2.0.0
440
+ version: 2.6.0
424
441
  required_rubygems_version: !ruby/object:Gem::Requirement
425
442
  requirements:
426
443
  - - ">="
427
444
  - !ruby/object:Gem::Version
428
445
  version: '0'
429
446
  requirements: []
430
- rubygems_version: 3.0.3
447
+ rubygems_version: 3.5.7
431
448
  signing_key:
432
449
  specification_version: 4
433
450
  summary: Compile Puppet catalogs from 2 branches, versions, etc., and compare them.