pupistry 1.5.0 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +1 -1
  3. data/lib/pupistry/agent.rb +1 -1
  4. data/lib/pupistry/hieracrypt.rb +18 -9
  5. data/lib/pupistry/version.rb +1 -1
  6. data/resources/bootstrap/amazon-any.erb +8 -1
  7. data/resources/bootstrap/centos-7.erb +4 -1
  8. data/resources/bootstrap/{debian-7.erb → debian-9.erb} +2 -6
  9. data/resources/bootstrap/ubuntu-14.04.erb +5 -1
  10. metadata +35 -36
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3592a1a26670a659f59808e3cee82a64852e43bf
4
- data.tar.gz: 2c38660daaa902a4f82353405ef3cc06be17297a
3
+ metadata.gz: 92a533360e87db209954b0c212aa56862914db90
4
+ data.tar.gz: 5d5ff68604cc1d47e2715544e7510612f57e5a39
5
5
  SHA512:
6
- metadata.gz: 696c60d351a9aa13e736301286fdc4f8d7411fe079b73944ebb4a8ed8519716ada4031b9efa3ebb18159160743e6e70fb4277e35e652f7aca34338fe77f28cb3
7
- data.tar.gz: 375d678d998288c046c3fe8fbc429a8ffc11a649a5000bc1ba2246382b011e6c292e773434e467bc7d3027840bf7b2aea06bccb74aefbd40f77edc9b857e4b80
6
+ metadata.gz: 191e49701551cd306abd2068c2a4f38c7932bcaff25a16b11a2428ead11d8748153a5d2e84ea813af73569bd17c2108f2da7223a2d1cb9fff0674a30dd1ef5f2
7
+ data.tar.gz: e9128168c9e4cb2b677bff3c5a8506aaca43471b63313732061f28fdf2d449ba892007ab9f218a08fe8cf8b3ee2105ac2f302624c7a44150c1a521a111e95ad9
data/README.md CHANGED
@@ -127,7 +127,7 @@ nice easy life, Pupistry can generate you a bootstrap script for your platform.
127
127
  gpg_disable: true
128
128
  gpg_signing_key: XYZXYZ
129
129
  agent:
130
- puppetcode: /etc/puppet/environents/
130
+ puppetcode: /etc/puppet/environments/
131
131
  access_key_id:
132
132
  secret_access_key:
133
133
  region: ap-southeast-2
data/lib/pupistry/agent.rb CHANGED
@@ -142,7 +142,7 @@ module Pupistry
142
142
  puppet_cmd += " --environmentpath #{$config['agent']['puppetcode']}"
143
143
  puppet_cmd += " --modulepath #{build_modulepath(environment)}"
144
144
  puppet_cmd += " --hiera_config #{$config['agent']['puppetcode']}/#{environment}/hiera.yaml"
145
- puppet_cmd += " #{$config['agent']['puppetcode']}/#{environment}/manifests/site.pp"
145
+ puppet_cmd += " #{$config['agent']['puppetcode']}/#{environment}/manifests/"
146
146
 
147
147
  $logger.info 'Executing Puppet...'
148
148
  $logger.debug "With: #{puppet_cmd}"
data/lib/pupistry/hieracrypt.rb CHANGED
@@ -52,7 +52,7 @@ module Pupistry
52
52
  unless is_enabled?
53
53
  return false
54
54
  end
55
-
55
+
56
56
  $logger.info "Encrypting Hieradata (HieraCrypt Feature)..."
57
57
 
58
58
 
@@ -64,7 +64,7 @@ module Pupistry
64
64
  #
65
65
  puppetcode = $config['general']['app_cache'] + '/puppetcode'
66
66
 
67
-
67
+
68
68
  # Run through each environment.
69
69
  for env in Dir.glob(puppetcode +'/*')
70
70
  env = File.basename(env)
@@ -99,7 +99,7 @@ module Pupistry
99
99
  $logger.warn "No hieracrypt/nodes directory could be found for branch #{env}, no encryption can take place there."
100
100
  break
101
101
  end
102
-
102
+
103
103
  unless Dir.exists?('hieracrypt/encrypted')
104
104
  # We place the encrypted data files in here.
105
105
  Dir.mkdir('hieracrypt/encrypted')
@@ -108,6 +108,10 @@ module Pupistry
108
108
  nodes = Dir.glob('hieracrypt/nodes/*')
109
109
 
110
110
  if nodes
111
+ # Track if we end up with facts referenced in hiera.yaml that are
112
+ # not in the Hieracrypt data for nodes.
113
+ missing_facts = 0
114
+
111
115
  for node in nodes
112
116
  node = File.basename(node)
113
117
 
@@ -157,7 +161,6 @@ module Pupistry
157
161
  puppet_facts['environment'] = env
158
162
  end
159
163
  end
160
-
161
164
 
162
165
  # Apply the Hiera rules to the directory and get back a list of
163
166
  # files that would be matched by Hiera. The way we do this, is
@@ -176,9 +179,10 @@ module Pupistry
176
179
  # Match syntax of %{::some_kinda_fact}
177
180
  line.scan(/%{::([[:word:]]*)}/) do |match|
178
181
  # Replace fact variable with actual value
179
- unless defined? puppet_facts[match[0]]
180
- $logger.warn "hiera.yaml references fact #{match[0]} but this fact doesn't exist in #{node}'s hieracrypt/node/#{node} JSON."
181
- $logger.warn "Possibly out of date data, re-run `pupistry hieracrypt --generate` on the node"
182
+ unless puppet_facts.key?(match[0])
183
+ missing_facts += 1
184
+ $logger.debug "hiera.yaml references fact #{match[0]} but this fact doesn't exist in #{node}'s hieracrypt/node/#{node} JSON."
185
+ $logger.debug "Possibly out of date data, re-run `pupistry hieracrypt --generate` on the node"
182
186
  else
183
187
  line = line.sub("%{::#{match[0]}}", puppet_facts[match[0]])
184
188
  end
@@ -241,6 +245,11 @@ module Pupistry
241
245
  FileUtils.rm_r "hieracrypt.#{node}.tar.gz"
242
246
  FileUtils.rm_r "hieracrypt.#{node}"
243
247
  end
248
+
249
+ # Alert if we found missing facts
250
+ if missing_facts > 0
251
+ $logger.warn "Not all the values in hiera.yaml exist in the Hieracrypt data for #{missing_facts} node(s). Run with --verbose for more info"
252
+ end
244
253
  else
245
254
  $logger.warn "No nodes could be found for branch #{env}, no encryption can take place there."
246
255
  break
@@ -266,7 +275,7 @@ module Pupistry
266
275
  #
267
276
  def self.decrypt_hieradata puppetcode
268
277
  $logger.debug "Decrypting Hieracrypt..."
269
-
278
+
270
279
  hostname = get_hostname # Facter hostname value
271
280
  ssh_host_rsa_key = get_ssh_rsa_private_key # We generate the SSL cert using the SSH RSA Host key
272
281
 
@@ -364,7 +373,7 @@ module Pupistry
364
373
 
365
374
  def self.facts_for_hiera(path)
366
375
  $logger.debug "Searching for facts specified in Hiera rules..."
367
-
376
+
368
377
  puppet_facts = []
369
378
 
370
379
  for env in Dir.entries(path)
data/lib/pupistry/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Pupistry
2
- VERSION = '1.5.0'
2
+ VERSION = '2.0.0'
3
3
  end
data/resources/bootstrap/amazon-any.erb CHANGED
@@ -12,7 +12,14 @@ exec 1> >(logger -s -t user-data) 2>&1
12
12
  export PATH=$PATH:/usr/local/bin
13
13
 
14
14
  yum update --assumeyes
15
- yum install --assumeyes puppet3 ruby-devel rubygems gcc zlib-devel libxml2-devel patch gnupg2
15
+
16
+ # Need to install a modern Ruby as the default to support current generation of
17
+ # Pupistry and other common dependencies.
18
+ yum install -y ruby24 ruby24-devel rubygems24
19
+ alternatives --set ruby /usr/bin/ruby2.4
20
+ alternatives --set gem /usr/bin/gem2.4
21
+
22
+ yum install --assumeyes puppet3 gcc zlib-devel libxml2-devel patch gnupg2
16
23
 
17
24
  # Not sure why this doesn't get pulled down properly, maybe it's core and
18
25
  # Amazon didn't package it properly? Need it for Thor which is used by Pupistry
data/resources/bootstrap/centos-7.erb CHANGED
@@ -14,7 +14,10 @@ rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
14
14
  yum update --assumeyes
15
15
  yum install --assumeyes puppet ruby-devel rubygems gcc zlib-devel libxml2-devel patch gnupg2
16
16
 
17
- gem install pupistry --no-ri --no-rdoc
17
+ # Pinned to old (and possibly insecure?) versions due to old version of Ruby being shipped
18
+ gem install nokogiri --version 1.6.8.1
19
+ gem install pupistry --no-ri --no-rdoc --version 1.5.0
20
+
18
21
  mkdir -p /etc/pupistry
19
22
  mkdir -p <%= puppetcode %>
20
23
  cat > /etc/pupistry/settings.yaml << "EOF"
data/resources/bootstrap/{debian-7.erb → debian-9.erb} RENAMED
@@ -1,13 +1,9 @@
1
1
  #!/bin/bash -x
2
- # Bootstrap for Debian 7 stable (Wheezy)
3
- # It will *probably* work with other Debian versions supported by Puppetlabs.
4
- # It *might* work with other Debian or Ubuntu derived systems.
2
+ # Bootstrap for Debian 9 stable (stretch)
3
+ # Uses distribution-supplied Puppet version (4.8.x)
5
4
  (
6
5
  exec 1> >(logger -s -t user-data) 2>&1
7
6
 
8
- wget -O /tmp/puppetlabs-release.deb https://apt.puppetlabs.com/puppetlabs-release-`lsb_release -sc`.deb
9
- dpkg -i /tmp/puppetlabs-release.deb
10
-
11
7
  export DEBIAN_FRONTEND=noninteractive
12
8
 
13
9
  apt-get update
data/resources/bootstrap/ubuntu-14.04.erb CHANGED
@@ -15,7 +15,11 @@ apt-get -y upgrade
15
15
 
16
16
  apt-get install -y puppet ruby ruby-dev zlib1g-dev libxml2-dev gcc make patch gnupg2
17
17
 
18
- gem install pupistry --no-ri --no-rdoc
18
+ # Pinned to old (and possibly insecure?) versions due to old version of Ruby being shipped
19
+ gem install nokogiri --version 1.6.8.1
20
+ gem install pupistry --no-ri --no-rdoc --version 1.5.0
21
+
22
+
19
23
  mkdir -p /etc/pupistry
20
24
  mkdir -p <%= puppetcode %>
21
25
  cat > /etc/pupistry/settings.yaml << "EOF"
metadata CHANGED
@@ -1,181 +1,181 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pupistry
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.5.0
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jethro Carr
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2016-09-18 00:00:00.000000000 Z
11
+ date: 2018-05-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - ~>
17
+ - - "~>"
18
18
  - !ruby/object:Gem::Version
19
19
  version: '1.9'
20
20
  type: :development
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - ~>
24
+ - - "~>"
25
25
  - !ruby/object:Gem::Version
26
26
  version: '1.9'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rake
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - ~>
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
33
  version: '10.0'
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - ~>
38
+ - - "~>"
39
39
  - !ruby/object:Gem::Version
40
40
  version: '10.0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: minitest
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - ~>
45
+ - - "~>"
46
46
  - !ruby/object:Gem::Version
47
47
  version: '5.6'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - ~>
52
+ - - "~>"
53
53
  - !ruby/object:Gem::Version
54
54
  version: '5.6'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: simplecov
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - ~>
59
+ - - "~>"
60
60
  - !ruby/object:Gem::Version
61
61
  version: '0.10'
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
- - - ~>
66
+ - - "~>"
67
67
  - !ruby/object:Gem::Version
68
68
  version: '0.10'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: rubocop
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
- - - '>='
73
+ - - ">="
74
74
  - !ruby/object:Gem::Version
75
75
  version: '0'
76
76
  type: :development
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
- - - '>='
80
+ - - ">="
81
81
  - !ruby/object:Gem::Version
82
82
  version: '0'
83
83
  - !ruby/object:Gem::Dependency
84
84
  name: aws-sdk-v1
85
85
  requirement: !ruby/object:Gem::Requirement
86
86
  requirements:
87
- - - '>='
87
+ - - ">="
88
88
  - !ruby/object:Gem::Version
89
89
  version: '0'
90
90
  type: :runtime
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
- - - '>='
94
+ - - ">="
95
95
  - !ruby/object:Gem::Version
96
96
  version: '0'
97
97
  - !ruby/object:Gem::Dependency
98
98
  name: thor
99
99
  requirement: !ruby/object:Gem::Requirement
100
100
  requirements:
101
- - - '>='
101
+ - - ">="
102
102
  - !ruby/object:Gem::Version
103
103
  version: '0'
104
104
  type: :runtime
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
- - - '>='
108
+ - - ">="
109
109
  - !ruby/object:Gem::Version
110
110
  version: '0'
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: whichr
113
113
  requirement: !ruby/object:Gem::Requirement
114
114
  requirements:
115
- - - '>='
115
+ - - ">="
116
116
  - !ruby/object:Gem::Version
117
117
  version: '0'
118
118
  type: :runtime
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
- - - '>='
122
+ - - ">="
123
123
  - !ruby/object:Gem::Version
124
124
  version: '0'
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: erubis
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
- - - '>='
129
+ - - ">="
130
130
  - !ruby/object:Gem::Version
131
131
  version: '0'
132
132
  type: :runtime
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
- - - '>='
136
+ - - ">="
137
137
  - !ruby/object:Gem::Version
138
138
  version: '0'
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: safe_yaml
141
141
  requirement: !ruby/object:Gem::Requirement
142
142
  requirements:
143
- - - '>='
143
+ - - ">="
144
144
  - !ruby/object:Gem::Version
145
145
  version: '0'
146
146
  type: :runtime
147
147
  prerelease: false
148
148
  version_requirements: !ruby/object:Gem::Requirement
149
149
  requirements:
150
- - - '>='
150
+ - - ">="
151
151
  - !ruby/object:Gem::Version
152
152
  version: '0'
153
153
  - !ruby/object:Gem::Dependency
154
154
  name: rufus-scheduler
155
155
  requirement: !ruby/object:Gem::Requirement
156
156
  requirements:
157
- - - ~>
157
+ - - "~>"
158
158
  - !ruby/object:Gem::Version
159
159
  version: '3'
160
160
  type: :runtime
161
161
  prerelease: false
162
162
  version_requirements: !ruby/object:Gem::Requirement
163
163
  requirements:
164
- - - ~>
164
+ - - "~>"
165
165
  - !ruby/object:Gem::Version
166
166
  version: '3'
167
167
  - !ruby/object:Gem::Dependency
168
168
  name: r10k
169
169
  requirement: !ruby/object:Gem::Requirement
170
170
  requirements:
171
- - - '>='
171
+ - - ">="
172
172
  - !ruby/object:Gem::Version
173
173
  version: '0'
174
174
  type: :runtime
175
175
  prerelease: false
176
176
  version_requirements: !ruby/object:Gem::Requirement
177
177
  requirements:
178
- - - '>='
178
+ - - ">="
179
179
  - !ruby/object:Gem::Version
180
180
  version: '0'
181
181
  description: Provides security, reliability and consistency to Puppet masterless environments
@@ -185,7 +185,9 @@ executables:
185
185
  extensions: []
186
186
  extra_rdoc_files: []
187
187
  files:
188
+ - README.md
188
189
  - exe/pupistry
190
+ - lib/pupistry.rb
189
191
  - lib/pupistry/agent.rb
190
192
  - lib/pupistry/artifact.rb
191
193
  - lib/pupistry/bootstrap.rb
@@ -195,25 +197,23 @@ files:
195
197
  - lib/pupistry/packer.rb
196
198
  - lib/pupistry/storage_aws.rb
197
199
  - lib/pupistry/version.rb
198
- - lib/pupistry.rb
199
- - resources/aws/cfn_pupistry_bucket_and_iam.template
200
200
  - resources/aws/README_AWS.md
201
- - resources/bootstrap/amazon-any.erb
201
+ - resources/aws/cfn_pupistry_bucket_and_iam.template
202
202
  - resources/bootstrap/BOOTSTRAP_NOTES.md
203
+ - resources/bootstrap/amazon-any.erb
203
204
  - resources/bootstrap/centos-7.erb
204
- - resources/bootstrap/debian-7.erb
205
205
  - resources/bootstrap/debian-8.erb
206
+ - resources/bootstrap/debian-9.erb
206
207
  - resources/bootstrap/fedora-any.erb
207
208
  - resources/bootstrap/freebsd-10.erb
208
209
  - resources/bootstrap/openbsd-6.0.erb
209
210
  - resources/bootstrap/ubuntu-14.04.erb
210
211
  - resources/bootstrap/ubuntu-16.04-puppet4.erb
211
212
  - resources/bootstrap/ubuntu-16.04.erb
213
+ - resources/packer/PACKER_NOTES.md
212
214
  - resources/packer/aws_amazon-any.json.erb
213
215
  - resources/packer/aws_freebsd-10.json.erb
214
216
  - resources/packer/aws_ubuntu-14.04.json.erb
215
- - resources/packer/PACKER_NOTES.md
216
- - README.md
217
217
  - settings.example.yaml
218
218
  homepage: https://github.com/jethrocarr/pupistry
219
219
  licenses:
@@ -225,19 +225,18 @@ require_paths:
225
225
  - lib
226
226
  required_ruby_version: !ruby/object:Gem::Requirement
227
227
  requirements:
228
- - - '>='
228
+ - - ">="
229
229
  - !ruby/object:Gem::Version
230
230
  version: '0'
231
231
  required_rubygems_version: !ruby/object:Gem::Requirement
232
232
  requirements:
233
- - - '>='
233
+ - - ">="
234
234
  - !ruby/object:Gem::Version
235
235
  version: '0'
236
236
  requirements: []
237
237
  rubyforge_project:
238
- rubygems_version: 2.0.14.1
238
+ rubygems_version: 2.5.2
239
239
  signing_key:
240
240
  specification_version: 4
241
241
  summary: A workflow tool for Puppet Masterless Deployments
242
242
  test_files: []
243
- has_rdoc: