pupistry 1.5.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3592a1a26670a659f59808e3cee82a64852e43bf
-  data.tar.gz: 2c38660daaa902a4f82353405ef3cc06be17297a
+  metadata.gz: 92a533360e87db209954b0c212aa56862914db90
+  data.tar.gz: 5d5ff68604cc1d47e2715544e7510612f57e5a39
 SHA512:
-  metadata.gz: 696c60d351a9aa13e736301286fdc4f8d7411fe079b73944ebb4a8ed8519716ada4031b9efa3ebb18159160743e6e70fb4277e35e652f7aca34338fe77f28cb3
-  data.tar.gz: 375d678d998288c046c3fe8fbc429a8ffc11a649a5000bc1ba2246382b011e6c292e773434e467bc7d3027840bf7b2aea06bccb74aefbd40f77edc9b857e4b80
+  metadata.gz: 191e49701551cd306abd2068c2a4f38c7932bcaff25a16b11a2428ead11d8748153a5d2e84ea813af73569bd17c2108f2da7223a2d1cb9fff0674a30dd1ef5f2
+  data.tar.gz: e9128168c9e4cb2b677bff3c5a8506aaca43471b63313732061f28fdf2d449ba892007ab9f218a08fe8cf8b3ee2105ac2f302624c7a44150c1a521a111e95ad9

data/README.md

@@ -127,7 +127,7 @@ nice easy life, Pupistry can generate you a bootstrap script for your platform.
       gpg_disable: true
       gpg_signing_key: XYZXYZ
     agent:
-      puppetcode: /etc/puppet/environents/
+      puppetcode: /etc/puppet/environments/
       access_key_id: 
       secret_access_key: 
       region: ap-southeast-2

data/lib/pupistry/agent.rb

@@ -142,7 +142,7 @@ module Pupistry
       puppet_cmd += " --environmentpath #{$config['agent']['puppetcode']}"
       puppet_cmd += " --modulepath #{build_modulepath(environment)}"
       puppet_cmd += " --hiera_config #{$config['agent']['puppetcode']}/#{environment}/hiera.yaml"
-      puppet_cmd += " #{$config['agent']['puppetcode']}/#{environment}/manifests/site.pp"
+      puppet_cmd += " #{$config['agent']['puppetcode']}/#{environment}/manifests/"
 
       $logger.info 'Executing Puppet...'
       $logger.debug "With: #{puppet_cmd}"

data/lib/pupistry/hieracrypt.rb

@@ -52,7 +52,7 @@ module Pupistry
       unless is_enabled?
         return false
       end
-      
+
       $logger.info "Encrypting Hieradata (HieraCrypt Feature)..."
 
 
@@ -64,7 +64,7 @@ module Pupistry
       #
       puppetcode = $config['general']['app_cache'] + '/puppetcode'
 
-      
+
       # Run through each environment.
       for env in Dir.glob(puppetcode +'/*')
         env = File.basename(env)
@@ -99,7 +99,7 @@ module Pupistry
               $logger.warn "No hieracrypt/nodes directory could be found for branch #{env}, no encryption can take place there."
               break
             end
-            
+
             unless Dir.exists?('hieracrypt/encrypted')
               # We place the encrypted data files in here.
               Dir.mkdir('hieracrypt/encrypted')
@@ -108,6 +108,10 @@ module Pupistry
             nodes = Dir.glob('hieracrypt/nodes/*')
 
             if nodes
+              # Track if we end up with facts referenced in hiera.yaml that are
+              # not in the Hieracrypt data for nodes.
+              missing_facts = 0
+
               for node in nodes
                 node = File.basename(node)
 
@@ -157,7 +161,6 @@ module Pupistry
                     puppet_facts['environment'] = env
                   end
                 end
-
                 
                 # Apply the Hiera rules to the directory and get back a list of
                 # files that would be matched by Hiera. The way we do this, is
@@ -176,9 +179,10 @@ module Pupistry
                       # Match syntax of %{::some_kinda_fact}
                       line.scan(/%{::([[:word:]]*)}/) do |match|
                         # Replace fact variable with actual value
-                        unless defined? puppet_facts[match[0]]
-                          $logger.warn "hiera.yaml references fact #{match[0]} but this fact doesn't exist in #{node}'s hieracrypt/node/#{node} JSON."
-                          $logger.warn "Possibly out of date data, re-run `pupistry hieracrypt --generate` on the node"
+                        unless puppet_facts.key?(match[0])
+                          missing_facts += 1
+                          $logger.debug "hiera.yaml references fact #{match[0]} but this fact doesn't exist in #{node}'s hieracrypt/node/#{node} JSON."
+                          $logger.debug "Possibly out of date data, re-run `pupistry hieracrypt --generate` on the node"
                         else
                           line = line.sub("%{::#{match[0]}}", puppet_facts[match[0]])
                         end
@@ -241,6 +245,11 @@ module Pupistry
                 FileUtils.rm_r "hieracrypt.#{node}.tar.gz"
                 FileUtils.rm_r "hieracrypt.#{node}"
               end
+
+              # Alert if we found missing facts
+              if missing_facts > 0
+                $logger.warn "Not all the values in hiera.yaml exist in the Hieracrypt data for #{missing_facts} node(s). Run with --verbose for more info"
+              end
             else
               $logger.warn "No nodes could be found for branch #{env}, no encryption can take place there."
               break
@@ -266,7 +275,7 @@ module Pupistry
     #
     def self.decrypt_hieradata puppetcode
       $logger.debug "Decrypting Hieracrypt..."
-      
+
       hostname         = get_hostname             # Facter hostname value
       ssh_host_rsa_key = get_ssh_rsa_private_key  # We generate the SSL cert using the SSH RSA Host key
 
@@ -364,7 +373,7 @@ module Pupistry
 
     def self.facts_for_hiera(path)
       $logger.debug "Searching for facts specified in Hiera rules..."
-            
+
       puppet_facts = []
 
       for env in Dir.entries(path)

data/lib/pupistry/version.rb

@@ -1,3 +1,3 @@
 module Pupistry
-  VERSION = '1.5.0'
+  VERSION = '2.0.0'
 end

data/resources/bootstrap/amazon-any.erb

@@ -12,7 +12,14 @@ exec 1> >(logger -s -t user-data) 2>&1
 export PATH=$PATH:/usr/local/bin
 
 yum update --assumeyes
-yum install --assumeyes puppet3 ruby-devel rubygems gcc zlib-devel libxml2-devel patch gnupg2
+
+# Need to install a modern Ruby as the default to support current generation of
+# Pupistry and other common dependencies.
+yum install -y ruby24 ruby24-devel rubygems24
+alternatives --set ruby /usr/bin/ruby2.4
+alternatives --set gem /usr/bin/gem2.4
+
+yum install --assumeyes puppet3 gcc zlib-devel libxml2-devel patch gnupg2
 
 # Not sure why this doesn't get pulled down properly, maybe it's core and
 # Amazon didn't package it properly? Need it for Thor which is used by Pupistry

data/resources/bootstrap/centos-7.erb

@@ -14,7 +14,10 @@ rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
 yum update --assumeyes
 yum install --assumeyes puppet ruby-devel rubygems gcc zlib-devel libxml2-devel patch gnupg2
 
-gem install pupistry --no-ri --no-rdoc
+# Pinned to old (and possibly insecure?) versions due to old version of Ruby being shipped
+gem install nokogiri --version 1.6.8.1
+gem install pupistry --no-ri --no-rdoc --version 1.5.0
+
 mkdir -p /etc/pupistry
 mkdir -p <%= puppetcode %>
 cat > /etc/pupistry/settings.yaml << "EOF"

data/resources/bootstrap/{debian-7.erb → debian-9.erb}

@@ -1,13 +1,9 @@
 #!/bin/bash -x
-# Bootstrap for Debian 7 stable (Wheezy)
-# It will *probably* work with other Debian versions supported by Puppetlabs.
-# It *might* work with other Debian or Ubuntu derived systems.
+# Bootstrap for Debian 9 stable (stretch)
+# Uses distribution-supplied Puppet version (4.8.x)
 (
 exec 1> >(logger -s -t user-data) 2>&1
 
-wget -O /tmp/puppetlabs-release.deb https://apt.puppetlabs.com/puppetlabs-release-`lsb_release -sc`.deb
-dpkg -i /tmp/puppetlabs-release.deb
-
 export DEBIAN_FRONTEND=noninteractive
 
 apt-get update

data/resources/bootstrap/ubuntu-14.04.erb

@@ -15,7 +15,11 @@ apt-get -y upgrade
 
 apt-get install -y puppet ruby ruby-dev zlib1g-dev libxml2-dev gcc make patch gnupg2
 
-gem install pupistry --no-ri --no-rdoc
+# Pinned to old (and possibly insecure?) versions due to old version of Ruby being shipped
+gem install nokogiri --version 1.6.8.1
+gem install pupistry --no-ri --no-rdoc --version 1.5.0
+
+
 mkdir -p /etc/pupistry
 mkdir -p <%= puppetcode %>
 cat > /etc/pupistry/settings.yaml << "EOF"

metadata

@@ -1,181 +1,181 @@
 --- !ruby/object:Gem::Specification
 name: pupistry
 version: !ruby/object:Gem::Version
-  version: 1.5.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Jethro Carr
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-09-18 00:00:00.000000000 Z
+date: 2018-05-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.9'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.9'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '5.6'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '5.6'
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0.10'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0.10'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: aws-sdk-v1
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: whichr
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: erubis
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: safe_yaml
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rufus-scheduler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '3'
 - !ruby/object:Gem::Dependency
   name: r10k
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 description: Provides security, reliability and consistency to Puppet masterless environments
@@ -185,7 +185,9 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- README.md
 - exe/pupistry
+- lib/pupistry.rb
 - lib/pupistry/agent.rb
 - lib/pupistry/artifact.rb
 - lib/pupistry/bootstrap.rb
@@ -195,25 +197,23 @@ files:
 - lib/pupistry/packer.rb
 - lib/pupistry/storage_aws.rb
 - lib/pupistry/version.rb
-- lib/pupistry.rb
-- resources/aws/cfn_pupistry_bucket_and_iam.template
 - resources/aws/README_AWS.md
-- resources/bootstrap/amazon-any.erb
+- resources/aws/cfn_pupistry_bucket_and_iam.template
 - resources/bootstrap/BOOTSTRAP_NOTES.md
+- resources/bootstrap/amazon-any.erb
 - resources/bootstrap/centos-7.erb
-- resources/bootstrap/debian-7.erb
 - resources/bootstrap/debian-8.erb
+- resources/bootstrap/debian-9.erb
 - resources/bootstrap/fedora-any.erb
 - resources/bootstrap/freebsd-10.erb
 - resources/bootstrap/openbsd-6.0.erb
 - resources/bootstrap/ubuntu-14.04.erb
 - resources/bootstrap/ubuntu-16.04-puppet4.erb
 - resources/bootstrap/ubuntu-16.04.erb
+- resources/packer/PACKER_NOTES.md
 - resources/packer/aws_amazon-any.json.erb
 - resources/packer/aws_freebsd-10.json.erb
 - resources/packer/aws_ubuntu-14.04.json.erb
-- resources/packer/PACKER_NOTES.md
-- README.md
 - settings.example.yaml
 homepage: https://github.com/jethrocarr/pupistry
 licenses:
@@ -225,19 +225,18 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.14.1
+rubygems_version: 2.5.2
 signing_key: 
 specification_version: 4
 summary: A workflow tool for Puppet Masterless Deployments
 test_files: []
-has_rdoc: