puppetdb_cli 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +27 -0
- data/.rspec +3 -0
- data/.rubocop.yml +21 -0
- data/.travis.yml +25 -0
- data/CHANGELOG.md +54 -0
- data/CONTRIBUTING.md +9 -0
- data/Gemfile +8 -0
- data/LICENSE +13 -0
- data/MAINTAINERS +28 -0
- data/README.md +121 -0
- data/Rakefile +11 -0
- data/acceptance/Gemfile +27 -0
- data/acceptance/Rakefile +99 -0
- data/acceptance/config/vcloud-ubuntu1604-64mda.cfg +18 -0
- data/acceptance/foss/setup/pre_suite/00_setup_env.rb +80 -0
- data/acceptance/foss/tests/basic.rb +14 -0
- data/acceptance/pe/setup/pre_suite/00_setup_env.rb +65 -0
- data/acceptance/pe/tests/basic.rb +20 -0
- data/appveyor.yml +57 -0
- data/bin/console +15 -0
- data/bin/setup +8 -0
- data/exe/puppet-db +11 -0
- data/exe/puppet-query +11 -0
- data/lib/puppetdb_cli.rb +54 -0
- data/lib/puppetdb_cli/db.rb +25 -0
- data/lib/puppetdb_cli/db/export.rb +49 -0
- data/lib/puppetdb_cli/db/import.rb +32 -0
- data/lib/puppetdb_cli/db/status.rb +25 -0
- data/lib/puppetdb_cli/logger.rb +35 -0
- data/lib/puppetdb_cli/query.rb +38 -0
- data/lib/puppetdb_cli/utils.rb +50 -0
- data/lib/puppetdb_cli/version.rb +6 -0
- data/man/puppet-db.pod +127 -0
- data/man/puppet-query.pod +83 -0
- data/man/puppetdb_conf.pod +87 -0
- data/pod2man.sh +28 -0
- data/puppetdb_cli.gemspec +33 -0
- metadata +186 -0
@@ -0,0 +1,18 @@
|
|
1
|
+
HOSTS:
|
2
|
+
ubuntu-16.04-amd64.vm:
|
3
|
+
roles:
|
4
|
+
- master
|
5
|
+
- agent
|
6
|
+
- dashboard
|
7
|
+
- database
|
8
|
+
platform: ubuntu-16.04-amd64
|
9
|
+
template: ubuntu-1604-x86_64
|
10
|
+
hypervisor: vcloud
|
11
|
+
|
12
|
+
CONFIG:
|
13
|
+
nfs_server: none
|
14
|
+
consoleport: 443
|
15
|
+
datastore: instance0
|
16
|
+
resourcepool: Delivery/Quality Assurance/FOSS/Dynamic
|
17
|
+
folder: delivery/Quality Assurance/FOSS/Dynamic
|
18
|
+
pooling_api: http://vmpooler.delivery.puppetlabs.net/
|
@@ -0,0 +1,80 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'beaker'
|
4
|
+
require 'beaker-puppet'
|
5
|
+
|
6
|
+
step 'Install puppet-agent.' do
|
7
|
+
install_puppet_agent_on(hosts, puppet_collection: 'puppet6')
|
8
|
+
end
|
9
|
+
|
10
|
+
step 'Install puppetserver.' do
|
11
|
+
host = master
|
12
|
+
install_package(host, 'puppetserver')
|
13
|
+
on(host, 'export PATH=/opt/puppetlabs/bin:$PATH && \
|
14
|
+
puppet config set certname $(facter fqdn) --section master && \
|
15
|
+
puppet config set server $(facter fqdn) --section main &&\
|
16
|
+
puppet config set autosign true --section main &&\
|
17
|
+
puppetserver ca setup')
|
18
|
+
on(host, 'service puppetserver start')
|
19
|
+
on(host, '/opt/puppetlabs/bin/puppet agent -t')
|
20
|
+
end
|
21
|
+
|
22
|
+
step 'Install puppetdb.' do
|
23
|
+
host = database
|
24
|
+
on(host, '/opt/puppetlabs/bin/puppet module install puppetlabs/puppetdb')
|
25
|
+
manifest_content = <<~MANIFEST
|
26
|
+
class { 'puppetdb': }
|
27
|
+
class { 'puppetdb::master::config': }
|
28
|
+
MANIFEST
|
29
|
+
|
30
|
+
manifest_path = host.tmpfile('puppetdb_manifest.pp')
|
31
|
+
create_remote_file(host, manifest_path, manifest_content)
|
32
|
+
on(host, puppet_apply("--detailed-exitcodes #{manifest_path}"), acceptable_exit_codes: [0, 2])
|
33
|
+
on(host, '/opt/puppetlabs/bin/puppet agent -t')
|
34
|
+
end
|
35
|
+
|
36
|
+
step 'Run an agent to create the SSL certs' do
|
37
|
+
host = master
|
38
|
+
on(host, "puppet config set server #{master}")
|
39
|
+
on(host, '/opt/puppetlabs/bin/puppet agent -t')
|
40
|
+
end
|
41
|
+
|
42
|
+
def git_ref_to_test
|
43
|
+
ENV['SHA'] || 'master'
|
44
|
+
end
|
45
|
+
|
46
|
+
step 'Install the puppetdb cli gem from source' do
|
47
|
+
host = master
|
48
|
+
git_dir = '/opt/pdb-cli-git'
|
49
|
+
pr_remote = <<~PR_REMOTE_CONFIG
|
50
|
+
[remote "pr"]
|
51
|
+
url = https://github.com/puppetlabs/puppetdb-cli.git
|
52
|
+
fetch = +refs/pull/*/head:refs/remotes/pr/*
|
53
|
+
PR_REMOTE_CONFIG
|
54
|
+
install_package(host, 'ruby')
|
55
|
+
install_package(host, 'git-core')
|
56
|
+
on(host, 'gem install bundler')
|
57
|
+
on(host, "git clone https://github.com/puppetlabs/puppetdb-cli.git #{git_dir}")
|
58
|
+
on(host, "echo '#{pr_remote}' >> #{git_dir}/.git/config; cat #{git_dir}/.git/config;")
|
59
|
+
on(host, "cd #{git_dir}; git fetch pr; git checkout #{git_ref_to_test}")
|
60
|
+
on(host, "cd #{git_dir}; bundle install --path vendor; bundle exec rake build")
|
61
|
+
on(host, "cd #{git_dir}; gem install --bindir /opt/puppetlabs/bin pkg/puppetdb_cli-*.gem")
|
62
|
+
end
|
63
|
+
|
64
|
+
step 'Write a config file' do
|
65
|
+
host = master
|
66
|
+
conf = <<~CONF
|
67
|
+
{
|
68
|
+
"puppetdb": {
|
69
|
+
"server_urls": "https://#{database}:8081",
|
70
|
+
"cacert": "/etc/puppetlabs/puppet/ssl/certs/ca.pem",
|
71
|
+
"cert": "/etc/puppetlabs/puppet/ssl/certs/#{host}.pem",
|
72
|
+
"key": "/etc/puppetlabs/puppet/ssl/private_keys/#{host}.pem"
|
73
|
+
}
|
74
|
+
}
|
75
|
+
CONF
|
76
|
+
puts conf
|
77
|
+
client_tools_dir = '/etc/puppetlabs/client-tools'
|
78
|
+
on(host, "mkdir -p #{client_tools_dir}")
|
79
|
+
on(host, "echo '#{conf}' > #{client_tools_dir}/puppetdb.conf")
|
80
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
test_name 'basic validation of puppetdb-cli subcommands' do
|
4
|
+
host = master
|
5
|
+
on(host, '/opt/puppetlabs/bin/puppet-query --help')
|
6
|
+
on(host, '/opt/puppetlabs/bin/puppet-db --help')
|
7
|
+
|
8
|
+
on(host, "/opt/puppetlabs/bin/puppet-query 'nodes{}'")
|
9
|
+
on(host, '/opt/puppetlabs/bin/puppet-db status')
|
10
|
+
|
11
|
+
dir = create_tmpdir_on(host)
|
12
|
+
on(host, "/opt/puppetlabs/bin/puppet-db export #{dir}/pdb_archive.tgz")
|
13
|
+
on(host, "/opt/puppetlabs/bin/puppet-db import #{dir}/pdb_archive.tgz")
|
14
|
+
end
|
@@ -0,0 +1,65 @@
|
|
1
|
+
require 'json'
|
2
|
+
require 'beaker-pe'
|
3
|
+
|
4
|
+
# Copies puppet ca from master to host
|
5
|
+
#
|
6
|
+
# === Returns
|
7
|
+
#
|
8
|
+
# +string+ - path of ca file or nil on fail
|
9
|
+
def copy_ca_from_master_to(host)
|
10
|
+
ca_pem_contents = on(master, 'cat /etc/puppetlabs/puppet/ssl/certs/ca.pem').stdout.chomp
|
11
|
+
path_seperator = (host.platform =~ /win/) ? '\\' : '/'
|
12
|
+
ca_pem_location = host.system_temp_path << path_seperator << 'ca.pem'
|
13
|
+
create_remote_file(host, ca_pem_location, ca_pem_contents)
|
14
|
+
ca_pem_location
|
15
|
+
end
|
16
|
+
|
17
|
+
step "Install Puppet Enterprise." do
|
18
|
+
install_pe
|
19
|
+
end
|
20
|
+
|
21
|
+
step 'copy ca.pem from master to client node' do
|
22
|
+
client = find_only_one('client')
|
23
|
+
$ca_pem_location = copy_ca_from_master_to(client)
|
24
|
+
end
|
25
|
+
|
26
|
+
step 'create puppet-db/query config file on client node' do
|
27
|
+
client = find_only_one('client')
|
28
|
+
|
29
|
+
conf = {
|
30
|
+
'puppetdb' => {
|
31
|
+
'server_urls' => ["https://#{master.hostname}:8081"],
|
32
|
+
'cacert' => $ca_pem_location
|
33
|
+
}
|
34
|
+
}
|
35
|
+
write_client_tool_config_on(client, 'global', 'db', conf.to_json)
|
36
|
+
end
|
37
|
+
|
38
|
+
step 'create puppet-access config file on client node' do
|
39
|
+
client = find_only_one('client')
|
40
|
+
|
41
|
+
conf = {
|
42
|
+
'service-url' => "https://#{master.hostname}:4433/rbac-api",
|
43
|
+
'certificate-file' => $ca_pem_location
|
44
|
+
}
|
45
|
+
|
46
|
+
write_client_tool_config_on(client, 'global', 'access', conf.to_json)
|
47
|
+
end
|
48
|
+
|
49
|
+
step "Install PE Client Tools" do
|
50
|
+
# Remove this hack once made in beaker-pe.
|
51
|
+
variant, version, arch, codename = client['platform'].to_array
|
52
|
+
if variant == 'ubuntu' && version.split('.').first.to_i >= 18
|
53
|
+
on client, "echo 'Acquire::AllowInsecureRepositories \"true\";' > /etc/apt/apt.conf.d/90insecure"
|
54
|
+
end
|
55
|
+
|
56
|
+
opts = {
|
57
|
+
:puppet_collection => 'PC1',
|
58
|
+
:pe_client_tools_sha => ENV['SHA'],
|
59
|
+
:pe_client_tools_version => ENV['SUITE_VERSION'] || ENV['SHA']
|
60
|
+
}
|
61
|
+
|
62
|
+
client = find_only_one('client')
|
63
|
+
|
64
|
+
install_pe_client_tools_on(client, opts)
|
65
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
require 'scooter'
|
2
|
+
|
3
|
+
test_name "basic validation of puppetdb-cli subcommands" do
|
4
|
+
puppet_query_on(client, "--help")
|
5
|
+
puppet_db_on(client, "--help")
|
6
|
+
|
7
|
+
step 'setup user and get token with puppet-access' do
|
8
|
+
console_dispatcher = Scooter::HttpDispatchers::ConsoleDispatcher.new(master)
|
9
|
+
administrator_role = console_dispatcher.get_role_by_name('Administrators')
|
10
|
+
user = console_dispatcher.generate_local_user
|
11
|
+
console_dispatcher.add_user_to_role(user, administrator_role)
|
12
|
+
login_with_puppet_access_on(client, user)
|
13
|
+
end
|
14
|
+
|
15
|
+
puppet_query_on(client, "nodes{}")
|
16
|
+
puppet_db_on(client, "status")
|
17
|
+
dir = client.tmpdir('pdb-cli-basic')
|
18
|
+
puppet_db_on(client, "export #{dir}/pdb_archive.tgz")
|
19
|
+
puppet_db_on(client, "import #{dir}/pdb_archive.tgz")
|
20
|
+
end
|
data/appveyor.yml
ADDED
@@ -0,0 +1,57 @@
|
|
1
|
+
---
|
2
|
+
# version: 1.0.{build}-{branch}
|
3
|
+
|
4
|
+
environment:
|
5
|
+
LOG_SPEC_ORDER: true
|
6
|
+
matrix:
|
7
|
+
# FIXME: enable ruby 2.5 on windows once puppet and puppet-module gems have unpinned ffi
|
8
|
+
# - RUBY_VERSION: 25-x64
|
9
|
+
# USE_MSYS: true
|
10
|
+
# SUITES: "spec"
|
11
|
+
# BUNDLE_JOBS: 4
|
12
|
+
- RUBY_VERSION: 25-x64
|
13
|
+
USE_MSYS: true
|
14
|
+
SUITES: "spec"
|
15
|
+
BUNDLE_JOBS: 1
|
16
|
+
- RUBY_VERSION: 25-x64
|
17
|
+
USE_CYGWIN: true
|
18
|
+
SUITES: "spec"
|
19
|
+
BUNDLE_JOBS: 1
|
20
|
+
- RUBY_VERSION: 23-x64
|
21
|
+
USE_CYGWIN: true
|
22
|
+
SUITES: "spec"
|
23
|
+
BUNDLE_JOBS: 1
|
24
|
+
|
25
|
+
install:
|
26
|
+
- ps: |
|
27
|
+
if ($ENV:USE_MSYS -ne $Null) {
|
28
|
+
Push-Location "C:\Ruby${ENV:RUBY_VERSION}\bin"
|
29
|
+
.\ridk.ps1 install 2 3
|
30
|
+
.\ridk.ps1 enable
|
31
|
+
Pop-Location
|
32
|
+
}
|
33
|
+
ElseIf ($ENV:USE_CYGWIN) {
|
34
|
+
$ENV:PATH = "C:\Ruby${ENV:RUBY_VERSION}\bin;C:\mingw-w64\x86_64-6.3.0-posix-seh-rt_v5-rev1\mingw64\bin;" + $ENV:PATH
|
35
|
+
}
|
36
|
+
- ps: |
|
37
|
+
$CACertFile = Join-Path -Path $ENV:AppData -ChildPath "RubyCACert.pem"
|
38
|
+
If (-Not (Test-Path -Path $CACertFile)) {
|
39
|
+
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
|
40
|
+
Invoke-WebRequest -Uri "https://curl.haxx.se/ca/cacert.pem" -UseBasicParsing -OutFile $CACertFile | Out-Null
|
41
|
+
}
|
42
|
+
$ENV:SSL_CERT_FILE = $CACertFile
|
43
|
+
- echo %PATH%
|
44
|
+
- bundle install --retry 2
|
45
|
+
|
46
|
+
build: off
|
47
|
+
|
48
|
+
branches:
|
49
|
+
only:
|
50
|
+
- master
|
51
|
+
|
52
|
+
before_test:
|
53
|
+
- bundle env
|
54
|
+
- type Gemfile.lock
|
55
|
+
|
56
|
+
test_script:
|
57
|
+
- bundle exec rake %SUITES%
|
data/bin/console
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'bundler/setup'
|
5
|
+
require 'cli'
|
6
|
+
|
7
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
8
|
+
# with your gem easier. You can also use a different console, if you like.
|
9
|
+
|
10
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
11
|
+
# require "pry"
|
12
|
+
# Pry.start
|
13
|
+
|
14
|
+
require 'irb'
|
15
|
+
IRB.start(__FILE__)
|
data/bin/setup
ADDED
data/exe/puppet-db
ADDED
data/exe/puppet-query
ADDED
data/lib/puppetdb_cli.rb
ADDED
@@ -0,0 +1,54 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'cri'
|
4
|
+
require 'puppetdb'
|
5
|
+
|
6
|
+
require 'puppetdb_cli/logger'
|
7
|
+
require 'puppetdb_cli/utils'
|
8
|
+
require 'puppetdb_cli/version'
|
9
|
+
|
10
|
+
# The top level command for the PuppetDB CLI
|
11
|
+
module PuppetDBCLI
|
12
|
+
def self.run(args)
|
13
|
+
@base_cmd.run(args)
|
14
|
+
end
|
15
|
+
|
16
|
+
@base_cmd = Cri::Command.define do
|
17
|
+
name 'puppet'
|
18
|
+
usage 'puppet command [options]'
|
19
|
+
summary 'PuppetDB CLI'
|
20
|
+
description 'A command line tool for interacting with PuppetDB'
|
21
|
+
default_subcommand 'help'
|
22
|
+
|
23
|
+
flag :v, :version, 'Show version of puppetdb cli tool.' do |_, _|
|
24
|
+
puts PuppetDBCLI::VERSION
|
25
|
+
exit 0
|
26
|
+
end
|
27
|
+
|
28
|
+
flag :h, :help, 'Show help for this command.' do |_, c|
|
29
|
+
puts c.help
|
30
|
+
exit 0
|
31
|
+
end
|
32
|
+
|
33
|
+
flag :d, :debug, 'Enable debug output.' do |_, _|
|
34
|
+
PuppetDBCLI.logger.enable_debug_mode
|
35
|
+
end
|
36
|
+
|
37
|
+
option :c, :config, 'The path to the PuppetDB CLI config', argument: :required
|
38
|
+
|
39
|
+
option nil, :urls, 'The urls of your PuppetDB instances (overrides SERVER_URLS).', argument: :required
|
40
|
+
|
41
|
+
option nil, :cacert, 'Overrides the path for the Puppet CA cert', argument: :required
|
42
|
+
|
43
|
+
option nil, :cert, 'Overrides the path for the Puppet client cert.', argument: :required
|
44
|
+
|
45
|
+
option nil, :key, 'Overrides the path for the Puppet client private key.', argument: :required
|
46
|
+
|
47
|
+
option nil, :token, 'Overrides the path for the RBAC token (PE only).', argument: :required
|
48
|
+
end
|
49
|
+
|
50
|
+
require 'puppetdb_cli/query'
|
51
|
+
require 'puppetdb_cli/db'
|
52
|
+
|
53
|
+
@base_cmd.add_command Cri::Command.new_basic_help
|
54
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Add the db command
|
4
|
+
#
|
5
|
+
# This subcommand has no functionalty other than --help. It's purpose is to contain
|
6
|
+
# subcommands for compatibility with usage as 'puppet db'.
|
7
|
+
module PuppetDBCLI
|
8
|
+
@db_cmd = @base_cmd.define_command do
|
9
|
+
name 'db'
|
10
|
+
usage 'db [options] <subcommand>'
|
11
|
+
summary 'manage PuppetDB administrative tasks'
|
12
|
+
default_subcommand 'help'
|
13
|
+
|
14
|
+
flag :h, :help, 'Show help for this command.' do |_, c|
|
15
|
+
puts c.help
|
16
|
+
exit 0
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
@db_cmd.add_command Cri::Command.new_basic_help
|
21
|
+
|
22
|
+
require 'puppetdb_cli/db/import'
|
23
|
+
require 'puppetdb_cli/db/export'
|
24
|
+
require 'puppetdb_cli/db/status'
|
25
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Adds the export command to the PuppetDB CLI
|
4
|
+
#
|
5
|
+
# The export command can be used to create an archive of your PuppetDB database
|
6
|
+
module PuppetDBCLI
|
7
|
+
# Transform and validate a String into a
|
8
|
+
# keyword anonymization profile
|
9
|
+
class AnonymizationTransformer
|
10
|
+
def call(str)
|
11
|
+
raise ArgumentError unless str.is_a? String
|
12
|
+
|
13
|
+
str.to_sym.tap do |symbol|
|
14
|
+
raise unless %i[none low moderate full].include?(symbol)
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
@export_cmd = @db_cmd.define_command do
|
20
|
+
name 'export'
|
21
|
+
usage 'export [options] <path>'
|
22
|
+
summary 'export an archive from PuppetDB'
|
23
|
+
|
24
|
+
option :a, :anonymization, 'Archive anonymization profile (low, moderate, high)',
|
25
|
+
default: :none,
|
26
|
+
argument: :required,
|
27
|
+
transform: AnonymizationTransformer.new
|
28
|
+
|
29
|
+
run do |opts, args, cmd|
|
30
|
+
PuppetDBCLI::Utils.log_command_start cmd.name, opts, args
|
31
|
+
|
32
|
+
if args.count.zero?
|
33
|
+
PuppetDBCLI.logger.fatal 'No file path provided'
|
34
|
+
exit 1
|
35
|
+
elsif args.count > 1
|
36
|
+
PuppetDBCLI.logger.fatal 'Only one argument, the path where the export file will be written, is allowed.'
|
37
|
+
exit 1
|
38
|
+
end
|
39
|
+
|
40
|
+
filename = File.expand_path args.first
|
41
|
+
PuppetDBCLI.logger.info "Starting export to '#{filename}'"
|
42
|
+
|
43
|
+
client = PuppetDBCLI::Utils.open_client_connection opts
|
44
|
+
response = client.export(filename, anonymization_profile: opts[:anonymization])
|
45
|
+
|
46
|
+
exit 1 unless response.success?
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|