octocatalog-diff 0.5.1 → 0.5.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.version +1 -1
- data/doc/CHANGELOG.md +7 -0
- data/doc/configuration-puppet.md +36 -0
- data/doc/configuration-puppetdb.md +5 -2
- data/doc/configuration.md +1 -0
- data/lib/octocatalog-diff/catalog-util/builddir.rb +5 -4
- data/lib/octocatalog-diff/catalog/computed.rb +7 -4
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1d03d7df9d9a9ef8658b7c698fa39462ed377d96
|
4
|
+
data.tar.gz: 47549febe31a305cafe0cef9e6db6aba4ae33e0d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3f5c02689fd13a050b1458f64ebb53512a96c200346407e2c2de3dfab010c7cd0aa64cea4100b96c4009dd06a78e67c8d98f7d3b0d3f5c1ed95939f955e58ef2
|
7
|
+
data.tar.gz: e6f91d1779758f485dda6c11c104f75ca5484c53af4840dd01a7d6f46cf40f084fb517c3f5389024c9615a8085a7a640c90640fcb2ac3090ab5945fbdd93b2d5
|
data/.version
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.5.
|
1
|
+
0.5.3
|
data/doc/CHANGELOG.md
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
# octocatalog-diff change log
|
2
|
+
|
3
|
+
| Version | Date | Description / Changes |
|
4
|
+
| ------- | ---- | ----------- |
|
5
|
+
| 0.5.3 | 2016-10-31 | https://github.com/github/octocatalog-diff/pull/10: facts terminus optimization |
|
6
|
+
| 0.5.2 | - | Unreleased internal version |
|
7
|
+
| 0.5.1 | 2016-10-20 | Initial release |
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# Configuring octocatalog-diff to use Puppet
|
2
|
+
|
3
|
+
The most common use of `octocatalog-diff` is to use `puppet` locally to compile catalogs.
|
4
|
+
|
5
|
+
In order to successfully use Puppet to compile catalogs:
|
6
|
+
|
7
|
+
0. Puppet must be installed on the system.
|
8
|
+
|
9
|
+
It is the goal of `octocatalog-diff` to support Puppet version 3.8 and higher, installed via any means supported by Puppet. This includes the [All-In-One agent package](https://docs.puppet.com/puppet/4.0/reference/release_notes.html#all-in-one-packaging) or installed as a Ruby gem.
|
10
|
+
|
11
|
+
By default, `octocatalog-diff` will look for the Puppet binary in several common system locations.
|
12
|
+
|
13
|
+
For maximum reliability, you can specify the full path to the Puppet binary in the configuration file. For example:
|
14
|
+
|
15
|
+
```
|
16
|
+
##############################################################################################
|
17
|
+
# puppet_binary
|
18
|
+
# This is the full path to the puppet binary on your system. If you don't specify this,
|
19
|
+
# the tool will just run 'puppet' and hope to find it in your path.
|
20
|
+
##############################################################################################
|
21
|
+
|
22
|
+
# settings[:puppet_binary] = '/usr/bin/puppet'
|
23
|
+
settings[:puppet_binary] = '/opt/puppetlabs/puppet/bin/puppet'
|
24
|
+
```
|
25
|
+
|
26
|
+
0. Applies if you are using [exported resources](https://docs.puppet.com/puppet/latest/reference/lang_exported.html) from PuppetDB (i.e., the octocatalog-diff `--storeconfigs` option enabled):
|
27
|
+
|
28
|
+
Your Puppet installation must have the `puppetdb-termini` feature available. This feature may not be included by default with the Puppet agent package.
|
29
|
+
|
30
|
+
Consult the [Connecting Puppet masters to PuppetDB](https://docs.puppet.com/puppetdb/latest/connect_puppet_master.html#step-1-install-plug-ins) documentation for instructions on installing the `puppetdb-termini` gem.
|
31
|
+
|
32
|
+
:warning: Attention Mac OS users: the [documentation](https://docs.puppet.com/puppet/latest/reference/puppet_collections.html#os-x-systems) states:
|
33
|
+
|
34
|
+
> While the puppet-agent package is the only component of a Puppet Collection available on OS X, you can still use Puppet Collections to ensure the version of package-agent you install is compatible with the Puppet Collection powering your infrastructure.
|
35
|
+
|
36
|
+
Unfortunately this means that you won't be able to enable `--storeconfigs` with the All-In-One Puppet Agent on Mac OS X, unless you manually install a gem-packaged version of `puppetdb-terminus`. The procedure for this is beyond the scope of this documentation.
|
@@ -16,6 +16,8 @@ For this to work, you will need to configure or provide information about your P
|
|
16
16
|
|
17
17
|
- **SSL Authentication Information**: Whether your PuppetDB instance requires clients to authenticate via SSL certificates. Unless you have made a special effort to configure your PuppetDB instance not to require client certificates, it is likely that client certificate authentication is required.
|
18
18
|
|
19
|
+
NOTE: In certain situations, you may need to define or alter the `certificate-whitelist` setting in your PuppetDB configuration to whitelist the certificate used by octocatalog-diff. Please see [Configuring PuppetDB](https://docs.puppet.com/puppetdb/latest/configure.html#certificate-whitelist) in the Puppet documentation for additional information.
|
20
|
+
|
19
21
|
## Supplying necessary information via configuration files
|
20
22
|
|
21
23
|
The following settings can be used in a [configuration file](/doc/configuration.md).
|
@@ -24,8 +26,9 @@ The following settings can be used in a [configuration file](/doc/configuration.
|
|
24
26
|
| --- | --- |
|
25
27
|
| `settings[:puppetdb_url]` | PuppetDB URL settings. If this is a string, it will set a single PuppetDB URL. If it is an array, it will set multiple URLs, which will be tried in a random order until one responds. |
|
26
28
|
| `settings[:puppetdb_ssl_ca]` | Path to the certificate of the CA that signed PuppetDB's certificate. This file is typically found in `/etc/puppetlabs/puppetdb/ssl/ca.pem` on your PuppetDB server. This file should contain only the public certificate, so it is safe to distribute to developer workstations or CI environments. |
|
27
|
-
| `settings[:puppetdb_ssl_client_cert]` |
|
28
|
-
| `settings[:puppetdb_ssl_client_key]` | Path to the private key of the client SSL keypair. You should generate a keypair specifically for this client (or if you are running this on a machine managed by Puppet, you may be able to use the keypair for the client machine). You should **NOT** copy the private key from your PuppetDB server itself. |
|
29
|
+
| `settings[:puppetdb_ssl_client_cert]` | TEXT of the certificate of the client SSL keypair. You should generate a keypair specifically for this client (or if you are running this on a machine managed by Puppet, you may be able to use the keypair for the client machine). You should **NOT** copy the certificate from your PuppetDB server itself. Note: This variable needs to be set to the TEXT of the certificate, and not the file path. This means you will likely want to use `File.read(...)` if you are configuring this to be read from a file. |
|
30
|
+
| `settings[:puppetdb_ssl_client_key]` | Path to the private key of the client SSL keypair. You should generate a keypair specifically for this client (or if you are running this on a machine managed by Puppet, you may be able to use the keypair for the client machine). You should **NOT** copy the private key from your PuppetDB server itself. Note: This variable needs to be set to the TEXT of the key, and not the file path. This means you will likely want to use `File.read(...)` if you are configuring this to be read from a file. |
|
31
|
+
| `settings[:puppetdb_ssl_client_pem]` | Concatenation of the text of `puppetdb_ssl_client_key` and `puppetdb_ssl_client_cert` as previously described. This is a good alternative if your certificate chain is complex and it's easier just to put everything in a single place. Note: this option is second in precedence; if `settings[:puppetdb_ssl_client_cert]` and `settings[:puppetdb_ssl_client_key]` are both set, this will be ignored. |
|
29
32
|
| `settings[:puppetdb_ssl_client_password]` | Plain text string containing the password to unlock the private key. For keys generated by the Puppet Master CA, this is not required and should be left undefined. |
|
30
33
|
|
31
34
|
## Supplying necessary information via the command line
|
data/doc/configuration.md
CHANGED
@@ -39,6 +39,7 @@
|
|
39
39
|
- [Configuring octocatalog-diff to use Hiera](/doc/configuration-hiera.md)
|
40
40
|
- [Configuring octocatalog-diff to use ENC](/doc/configuration-enc.md)
|
41
41
|
- [Configuring octocatalog-diff to use PuppetDB](/doc/configuration-puppetdb.md)
|
42
|
+
- [Configuring octocatalog-diff to use Puppet](/doc/configuration-puppet.md)
|
42
43
|
|
43
44
|
0. Test the configuration, which will indicate the location of the configuration file and validate the contents thereof.
|
44
45
|
|
@@ -42,6 +42,7 @@ module OctocatalogDiff
|
|
42
42
|
@enc = nil
|
43
43
|
@fact_file = nil
|
44
44
|
@node = options[:node]
|
45
|
+
@facts_terminus = options.fetch(:facts_terminus, 'yaml')
|
45
46
|
|
46
47
|
create_structure
|
47
48
|
install_directory_symlink(logger, options[:basedir])
|
@@ -54,7 +55,7 @@ module OctocatalogDiff
|
|
54
55
|
unless options[:hiera_config].nil?
|
55
56
|
install_hiera_config(logger, options[:hiera_config], options[:hiera_path_strip])
|
56
57
|
end
|
57
|
-
@fact_file = install_fact_file(logger, options)
|
58
|
+
@fact_file = install_fact_file(logger, options) if @facts_terminus == 'yaml'
|
58
59
|
@enc = install_enc(logger) unless options[:enc].nil? && options[:pe_enc_url].nil?
|
59
60
|
install_ssl(logger, options) if options[:puppetdb_ssl_ca] || options[:puppetdb_ssl_client_cert]
|
60
61
|
end
|
@@ -98,7 +99,7 @@ module OctocatalogDiff
|
|
98
99
|
routes_hash = {
|
99
100
|
'master' => {
|
100
101
|
'facts' => {
|
101
|
-
'terminus' =>
|
102
|
+
'terminus' => @facts_terminus,
|
102
103
|
'cache' => 'yaml'
|
103
104
|
},
|
104
105
|
'catalog' => {
|
@@ -113,8 +114,8 @@ module OctocatalogDiff
|
|
113
114
|
# Install the fact file in temporary directory
|
114
115
|
# @param options [Hash] Options
|
115
116
|
def install_fact_file(logger, options)
|
116
|
-
unless
|
117
|
-
raise ArgumentError, "Called install_fact_file but :facts_terminus = #{
|
117
|
+
unless @facts_terminus == 'yaml'
|
118
|
+
raise ArgumentError, "Called install_fact_file but :facts_terminus = #{@facts_terminus}"
|
118
119
|
end
|
119
120
|
unless options[:node].is_a?(String) && !options[:node].empty?
|
120
121
|
raise ArgumentError, 'Called install_fact_file without node, or with an empty node'
|
@@ -44,6 +44,7 @@ module OctocatalogDiff
|
|
44
44
|
@puppet_command = options[:puppet_command]
|
45
45
|
@retries = nil
|
46
46
|
@builddir = nil
|
47
|
+
@facts_terminus = options.fetch(:facts_terminus, 'yaml')
|
47
48
|
|
48
49
|
# Pass through the input for other access
|
49
50
|
@opts = options
|
@@ -52,10 +53,12 @@ module OctocatalogDiff
|
|
52
53
|
|
53
54
|
# Actually build the catalog (populate @error_message, @catalog, @catalog_json)
|
54
55
|
def build(logger = Logger.new(StringIO.new))
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
56
|
+
if @facts_terminus != 'facter'
|
57
|
+
facts_obj = OctocatalogDiff::CatalogUtil::Facts.new(@opts, logger)
|
58
|
+
logger.debug "Start retrieving facts for #{@node} from #{self.class}"
|
59
|
+
@opts[:facts] = facts_obj.facts
|
60
|
+
logger.debug "Success retrieving facts for #{@node} from #{self.class}"
|
61
|
+
end
|
59
62
|
build_catalog(logger)
|
60
63
|
end
|
61
64
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: octocatalog-diff
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- GitHub, Inc.
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2016-
|
12
|
+
date: 2016-11-02 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: diffy
|
@@ -222,6 +222,7 @@ files:
|
|
222
222
|
- LICENSE
|
223
223
|
- README.md
|
224
224
|
- bin/octocatalog-diff
|
225
|
+
- doc/CHANGELOG.md
|
225
226
|
- doc/advanced-bootstrap.md
|
226
227
|
- doc/advanced-cache-dir.md
|
227
228
|
- doc/advanced-catalog-only.md
|
@@ -241,6 +242,7 @@ files:
|
|
241
242
|
- doc/basic.md
|
242
243
|
- doc/configuration-enc.md
|
243
244
|
- doc/configuration-hiera.md
|
245
|
+
- doc/configuration-puppet.md
|
244
246
|
- doc/configuration-puppetdb.md
|
245
247
|
- doc/configuration.md
|
246
248
|
- doc/dev/README.md
|