puppetdb_cli 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +27 -0
- data/.rspec +3 -0
- data/.rubocop.yml +21 -0
- data/.travis.yml +25 -0
- data/CHANGELOG.md +54 -0
- data/CONTRIBUTING.md +9 -0
- data/Gemfile +8 -0
- data/LICENSE +13 -0
- data/MAINTAINERS +28 -0
- data/README.md +121 -0
- data/Rakefile +11 -0
- data/acceptance/Gemfile +27 -0
- data/acceptance/Rakefile +99 -0
- data/acceptance/config/vcloud-ubuntu1604-64mda.cfg +18 -0
- data/acceptance/foss/setup/pre_suite/00_setup_env.rb +80 -0
- data/acceptance/foss/tests/basic.rb +14 -0
- data/acceptance/pe/setup/pre_suite/00_setup_env.rb +65 -0
- data/acceptance/pe/tests/basic.rb +20 -0
- data/appveyor.yml +57 -0
- data/bin/console +15 -0
- data/bin/setup +8 -0
- data/exe/puppet-db +11 -0
- data/exe/puppet-query +11 -0
- data/lib/puppetdb_cli.rb +54 -0
- data/lib/puppetdb_cli/db.rb +25 -0
- data/lib/puppetdb_cli/db/export.rb +49 -0
- data/lib/puppetdb_cli/db/import.rb +32 -0
- data/lib/puppetdb_cli/db/status.rb +25 -0
- data/lib/puppetdb_cli/logger.rb +35 -0
- data/lib/puppetdb_cli/query.rb +38 -0
- data/lib/puppetdb_cli/utils.rb +50 -0
- data/lib/puppetdb_cli/version.rb +6 -0
- data/man/puppet-db.pod +127 -0
- data/man/puppet-query.pod +83 -0
- data/man/puppetdb_conf.pod +87 -0
- data/pod2man.sh +28 -0
- data/puppetdb_cli.gemspec +33 -0
- metadata +186 -0
@@ -0,0 +1,32 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Add the import command
|
4
|
+
#
|
5
|
+
# The import command is used to submit an exported archive to PuppetDB
|
6
|
+
module PuppetDBCLI
|
7
|
+
@import_cmd = @db_cmd.define_command do
|
8
|
+
name 'import'
|
9
|
+
usage 'import [options] <path>'
|
10
|
+
summary 'import a PuppetDB archive to PuppetDB'
|
11
|
+
|
12
|
+
run do |opts, args, cmd|
|
13
|
+
PuppetDBCLI::Utils.log_command_start cmd.name, opts, args
|
14
|
+
|
15
|
+
if args.count.zero?
|
16
|
+
PuppetDBCLI.logger.fatal 'No file path provided'
|
17
|
+
exit 1
|
18
|
+
elsif args.count > 1
|
19
|
+
PuppetDBCLI.logger.fatal 'Only one argument, the path to the export file, is allowed.'
|
20
|
+
exit 1
|
21
|
+
end
|
22
|
+
|
23
|
+
filename = File.expand_path(args.first)
|
24
|
+
PuppetDBCLI.logger.info "Starting import from '#{filename}'"
|
25
|
+
|
26
|
+
client = PuppetDBCLI::Utils.open_client_connection(opts)
|
27
|
+
response = client.import(filename)
|
28
|
+
|
29
|
+
exit 1 unless response.success?
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Add the status command to the PuppetDB CLI
|
4
|
+
#
|
5
|
+
# The status command is used to query for all the statuses of the configured PuppetDB's
|
6
|
+
module PuppetDBCLI
|
7
|
+
@status_cmd = @db_cmd.define_command do
|
8
|
+
name 'status'
|
9
|
+
usage 'status [options]'
|
10
|
+
summary 'query the PuppetDB status endpoint for each configured PuppetDB'
|
11
|
+
|
12
|
+
run do |opts, args, cmd|
|
13
|
+
PuppetDBCLI::Utils.log_command_start cmd.name, opts, args
|
14
|
+
|
15
|
+
unless args.count.zero?
|
16
|
+
PuppetDBCLI.logger.fatal 'status command does not allow arguments'
|
17
|
+
exit 1
|
18
|
+
end
|
19
|
+
client = PuppetDBCLI::Utils.open_client_connection opts
|
20
|
+
|
21
|
+
response = client.status
|
22
|
+
puts JSON.pretty_generate(response)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'logger'
|
4
|
+
|
5
|
+
# PuppetDB CLI namespace
|
6
|
+
module PuppetDBCLI
|
7
|
+
def self.logger
|
8
|
+
@logger ||= PuppetDBCLI::Logger.new
|
9
|
+
end
|
10
|
+
|
11
|
+
# A logger for the PuppetDB CLI
|
12
|
+
#
|
13
|
+
# Overrides standard format of logs for better cli ouput, but reverts to traditional
|
14
|
+
# log formatting when in debug mode
|
15
|
+
class Logger < ::Logger
|
16
|
+
def initialize
|
17
|
+
super($stderr)
|
18
|
+
|
19
|
+
self.formatter = proc do |severity, datetime, _progname, msg|
|
20
|
+
if level == ::Logger::DEBUG
|
21
|
+
"[#{datetime.strftime '%Y-%m-%d %H:%M:%S.%6N'}] #{severity} -- #{msg}\n"
|
22
|
+
else
|
23
|
+
"#{severity}: #{msg}\n"
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
self.level = ::Logger::INFO
|
28
|
+
end
|
29
|
+
|
30
|
+
def enable_debug_mode
|
31
|
+
self.level = ::Logger::DEBUG
|
32
|
+
debug 'Debug mode enabled'
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'json'
|
4
|
+
|
5
|
+
# Add the query command to PuppetDBCLI
|
6
|
+
#
|
7
|
+
# The query command submits queries to /pdb/query/v4
|
8
|
+
module PuppetDBCLI
|
9
|
+
@query_cmd = @base_cmd.define_command do
|
10
|
+
name 'query'
|
11
|
+
usage 'query [options] <query>'
|
12
|
+
summary 'Query puppetdb with AST or PQL'
|
13
|
+
|
14
|
+
flag :h, :help, 'Show help for this command.' do |_, c|
|
15
|
+
c.add_command Cri::Command.new_basic_help
|
16
|
+
puts c.help
|
17
|
+
exit 0
|
18
|
+
end
|
19
|
+
|
20
|
+
run do |opts, args, cmd|
|
21
|
+
PuppetDBCLI::Utils.log_command_start cmd.name, opts, args
|
22
|
+
|
23
|
+
if args.count.zero?
|
24
|
+
PuppetDBCLI.logger.fatal 'No query provided'
|
25
|
+
exit 1
|
26
|
+
elsif args.count > 1
|
27
|
+
PuppetDBCLI.logger.fatal 'More than one argument provided. Try wrapping the query in single quotes.'
|
28
|
+
exit 1
|
29
|
+
end
|
30
|
+
query = args.first
|
31
|
+
|
32
|
+
client = PuppetDBCLI::Utils.open_client_connection opts
|
33
|
+
|
34
|
+
response = PuppetDBCLI::Utils.send_query client, query
|
35
|
+
puts JSON.pretty_generate(response.data)
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,50 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Utils for PuppetDBCLI
|
4
|
+
#
|
5
|
+
# Primarily used for interaction with the PuppetDB::Client
|
6
|
+
module PuppetDBCLI::Utils
|
7
|
+
def self.log_command_start(name, opts, args)
|
8
|
+
PuppetDBCLI.logger.debug "Running the #{name} command"
|
9
|
+
PuppetDBCLI.logger.debug "CLI options: #{opts}"
|
10
|
+
PuppetDBCLI.logger.debug "CLI arguments: #{args.to_a}"
|
11
|
+
end
|
12
|
+
|
13
|
+
def self.construct_config_overrides(cli_opts)
|
14
|
+
{
|
15
|
+
config_file: cli_opts[:config],
|
16
|
+
server_urls: cli_opts[:urls]&.split(','),
|
17
|
+
key: cli_opts[:key],
|
18
|
+
cert: cli_opts[:cert],
|
19
|
+
cacert: cli_opts[:cacert],
|
20
|
+
token_file: cli_opts[:token]
|
21
|
+
}.delete_if { |_, v| v.nil? }
|
22
|
+
end
|
23
|
+
|
24
|
+
def self.open_client_connection(cli_opts)
|
25
|
+
config_overrides = construct_config_overrides cli_opts
|
26
|
+
PuppetDBCLI.logger.debug "Initializing client connection with configuration overrides: #{config_overrides}"
|
27
|
+
|
28
|
+
PuppetDB::Client.new(config_overrides)
|
29
|
+
rescue URI::InvalidURIError => e
|
30
|
+
PuppetDBCLI.logger.fatal "The provided PuppetDB server url was invalid. Failed with message '#{e.message}'"
|
31
|
+
exit 1
|
32
|
+
# This will catch errors like SocketError from HTTParty and RuntimeError from puppetdb-ruby
|
33
|
+
rescue RuntimeError => e
|
34
|
+
PuppetDBCLI.logger.fatal e.message
|
35
|
+
exit 1
|
36
|
+
end
|
37
|
+
|
38
|
+
def self.send_query(client, query)
|
39
|
+
PuppetDBCLI.logger.debug "Sending query request '#{query}'"
|
40
|
+
|
41
|
+
client.request('', query, query_mode: :failover)
|
42
|
+
rescue SocketError => e
|
43
|
+
PuppetDBCLI.logger.fatal e.message
|
44
|
+
exit 1
|
45
|
+
rescue PuppetDB::APIError => e
|
46
|
+
puts e.response
|
47
|
+
PuppetDBCLI.logger.fatal "Last PuppetDB API response code #{e.response&.code}"
|
48
|
+
exit 1
|
49
|
+
end
|
50
|
+
end
|
data/man/puppet-db.pod
ADDED
@@ -0,0 +1,127 @@
|
|
1
|
+
=head1 NAME
|
2
|
+
|
3
|
+
puppet db - manage PuppetDB administrative tasks
|
4
|
+
|
5
|
+
=head1 SYNOPSIS
|
6
|
+
|
7
|
+
puppet-db [options] <action> [arguments]
|
8
|
+
|
9
|
+
=head1 DESCRIPTION
|
10
|
+
|
11
|
+
The C<puppet-db> tool allows you to perform PuppetDB administrative tasks such
|
12
|
+
as exporting and anonymizing a backup of your PuppetDB or importing a backup to
|
13
|
+
a PuppetDB. To learn more about the archive format and these administrative
|
14
|
+
tasks in general, consult our documentation at:
|
15
|
+
[http://docs.puppetlabs.com/puppetdb/master/anonymization.html]
|
16
|
+
|
17
|
+
=head1 OPTIONS
|
18
|
+
|
19
|
+
=over 4
|
20
|
+
|
21
|
+
=item B<-h>,B<--help>
|
22
|
+
|
23
|
+
Prints a list of the commands and a brief synopsis of each command. If
|
24
|
+
an action is specified, it will print a description of that action and
|
25
|
+
the options specific to that action.
|
26
|
+
|
27
|
+
=item B<--version>
|
28
|
+
|
29
|
+
Displays version information
|
30
|
+
|
31
|
+
=item B<-c>,B<--config> <path>
|
32
|
+
|
33
|
+
Overrides the path for the PuppetDB CLI config. For more information about
|
34
|
+
PuppetDB CLI configuration, see puppetdb_conf(8).
|
35
|
+
Default: ~/.puppetlabs/client-tools/puppetdb.conf
|
36
|
+
|
37
|
+
=item B<--urls> <str>
|
38
|
+
|
39
|
+
Overrides the SERVER_URLS setting for the PuppetDB service. These urls points to
|
40
|
+
your PuppetDB instances. You can specify multiple urls as a comma-delimitted
|
41
|
+
list, 'http://foo:8080,http://bar.com:8080'.
|
42
|
+
|
43
|
+
=item B<--cacert> <path>
|
44
|
+
|
45
|
+
Overrides the path for the Puppet CA cert.
|
46
|
+
|
47
|
+
=item B<--cert> <path>
|
48
|
+
|
49
|
+
Overrides the path for the Puppet client cert.
|
50
|
+
|
51
|
+
=item B<--key> <path>
|
52
|
+
|
53
|
+
Overrides the path for the Puppet client private key.
|
54
|
+
|
55
|
+
=item B<--token> <path>
|
56
|
+
|
57
|
+
Overrides the path for the RBAC token (PE only).
|
58
|
+
|
59
|
+
=back
|
60
|
+
|
61
|
+
=head1 ACTIONS
|
62
|
+
|
63
|
+
$ puppet-db export [options]
|
64
|
+
The export action will export a PuppetDB archive from PuppetDB. The
|
65
|
+
default location of this archive will be './pdb-export.tgz' relative to
|
66
|
+
wherever the command was run from. You can specify a different location to
|
67
|
+
export as an optional argument. Additionally you can specify what level of
|
68
|
+
anonymization you want for your archive using the '--anonymization <str>'
|
69
|
+
flag, for more information about PuppetDB archive anonymization, consult
|
70
|
+
the documentation at:
|
71
|
+
[http://docs.puppetlabs.com/puppetdb/master/anonymization.html]
|
72
|
+
|
73
|
+
$ puppet-db import <path>
|
74
|
+
The import action will import a PuppetDB archive to PuppetDB. You must
|
75
|
+
specify the location of the archive to the import action as a path.
|
76
|
+
|
77
|
+
$ puppet-db status
|
78
|
+
The status action will query the PuppetDB status endpoint (for each
|
79
|
+
configured PuppetDB) and return a map from PuppetDB host to the status for
|
80
|
+
that PuppetDB. For more information about the PuppetDB status endpoint
|
81
|
+
see: [https://docs.puppet.com/puppetdb/latest/api/status/v1/status.html]
|
82
|
+
|
83
|
+
=head1 SEE ALSO
|
84
|
+
|
85
|
+
puppet-db(8), puppetdb_conf(8)
|
86
|
+
|
87
|
+
=head1 EXAMPLES
|
88
|
+
|
89
|
+
--------------------------------------------------------------------
|
90
|
+
Example #1 - Export a PuppetDB archive:
|
91
|
+
|
92
|
+
$ puppet-db export ./my-pdb-export.tgz
|
93
|
+
Exporting PuppetDB...
|
94
|
+
Finished exporting PuppetDB archive to ./my-pdb-export.tgz.
|
95
|
+
|
96
|
+
--------------------------------------------------------------------
|
97
|
+
Example #2 - Import a PuppetDB archive:
|
98
|
+
|
99
|
+
$ puppet-db import ./my-pdb-export.tgz
|
100
|
+
Importing ./my-pdb-export.tgz to PuppetDB...
|
101
|
+
Finished importing ./my-pdb-export.tgz to PuppetDB.
|
102
|
+
|
103
|
+
--------------------------------------------------------------------
|
104
|
+
Example #3 - Query for the status of PuppetDB:
|
105
|
+
|
106
|
+
$ puppet-db status
|
107
|
+
{
|
108
|
+
"puppetdb-status": {
|
109
|
+
"service_version": "4.0.0-SNAPSHOT",
|
110
|
+
"service_status_version": 1,
|
111
|
+
"detail_level": "info",
|
112
|
+
"state": "running",
|
113
|
+
"status": {
|
114
|
+
"maintenance_mode?": false,
|
115
|
+
"queue_depth": 0,
|
116
|
+
"read_db_up?": true,
|
117
|
+
"write_db_up?": true
|
118
|
+
}
|
119
|
+
},
|
120
|
+
"status-service": {
|
121
|
+
"service_version": "0.3.1",
|
122
|
+
"service_status_version": 1,
|
123
|
+
"detail_level": "info",
|
124
|
+
"state": "running",
|
125
|
+
"status": {}
|
126
|
+
}
|
127
|
+
}
|
@@ -0,0 +1,83 @@
|
|
1
|
+
=head1 NAME
|
2
|
+
|
3
|
+
puppet query - perform ad hoc queries against PuppetDB
|
4
|
+
|
5
|
+
=head1 SYNOPSIS
|
6
|
+
|
7
|
+
puppet-query [options] <query>
|
8
|
+
|
9
|
+
=head1 DESCRIPTION
|
10
|
+
|
11
|
+
The C<puppet-query> tool allows you to query PuppetDB using either the AST or
|
12
|
+
PQL query languages. To read more about the syntax of PuppetDB queries, please
|
13
|
+
consult the documentation at:
|
14
|
+
[http://docs.puppetlabs.com/puppetdb/master/api/query/v4/pql.html]
|
15
|
+
|
16
|
+
=head1 OPTIONS
|
17
|
+
|
18
|
+
=over 4
|
19
|
+
|
20
|
+
=item B<-h>,B<--help>
|
21
|
+
|
22
|
+
Prints a list of the commands and a brief synopsis of each command. If
|
23
|
+
an action is specified, it will print a description of that action and
|
24
|
+
the options specific to that action.
|
25
|
+
|
26
|
+
=item B<--version>
|
27
|
+
|
28
|
+
Displays version information
|
29
|
+
|
30
|
+
=item B<-c>,B<--config> <path>
|
31
|
+
|
32
|
+
Overrides the path for the PuppetDB CLI config. For more information about
|
33
|
+
PuppetDB CLI configuration, see puppetdb_conf(8).
|
34
|
+
Default: ~/.puppetlabs/client-tools/puppetdb.conf
|
35
|
+
|
36
|
+
=item B<--urls> <str>
|
37
|
+
|
38
|
+
Overrides the SERVER_URLS setting for the PuppetDB service. These urls points to
|
39
|
+
your PuppetDB instances. You can specify multiple urls as a comma-delimitted
|
40
|
+
list, 'http://foo:8080,http://bar.com:8080'.
|
41
|
+
|
42
|
+
=item B<--cacert> <path>
|
43
|
+
|
44
|
+
Overrides the path for the Puppet CA cert.
|
45
|
+
|
46
|
+
=item B<--cert> <path>
|
47
|
+
|
48
|
+
Overrides the path for the Puppet client cert.
|
49
|
+
|
50
|
+
=item B<--key> <path>
|
51
|
+
|
52
|
+
Overrides the path for the Puppet client private key.
|
53
|
+
|
54
|
+
=item B<--token> <path>
|
55
|
+
|
56
|
+
Overrides the path for the RBAC token (PE only).
|
57
|
+
|
58
|
+
=back
|
59
|
+
|
60
|
+
=head1 SEE ALSO
|
61
|
+
|
62
|
+
puppet-db(8), puppetdb_conf(8)
|
63
|
+
|
64
|
+
=head1 EXAMPLES
|
65
|
+
|
66
|
+
----------------------------------------------------------------------
|
67
|
+
$ puppet-query "nodes { certname = 'host-1' }"
|
68
|
+
|
69
|
+
[
|
70
|
+
{
|
71
|
+
"catalog_environment": "production",
|
72
|
+
"catalog_timestamp": "2016-01-28T18:26:04.023Z",
|
73
|
+
"certname": "host-0",
|
74
|
+
"deactivated": null,
|
75
|
+
"expired": null,
|
76
|
+
"facts_environment": "production",
|
77
|
+
"facts_timestamp": "2016-01-28T18:26:02.589Z",
|
78
|
+
"latest_report_hash": "2638652161207e7606d7d2461538d2dae883237b",
|
79
|
+
"latest_report_status": "failed",
|
80
|
+
"report_environment": "production",
|
81
|
+
"report_timestamp": "2016-01-28T18:13:02.405Z"
|
82
|
+
}
|
83
|
+
]
|
@@ -0,0 +1,87 @@
|
|
1
|
+
=head1 NAME
|
2
|
+
|
3
|
+
puppetdb_conf - PuppetDB CLI configuration files
|
4
|
+
|
5
|
+
=head1 SYNOPSIS
|
6
|
+
|
7
|
+
~/.puppetlabs/client-tools/puppetdb.conf
|
8
|
+
|
9
|
+
=head1 DESCRIPTION
|
10
|
+
|
11
|
+
The `puppet-query` and `puppet-db` commands obtain their configuration from the
|
12
|
+
following sources in the following order:
|
13
|
+
|
14
|
+
=over 4
|
15
|
+
|
16
|
+
=item 1. command-line options
|
17
|
+
|
18
|
+
=item 2. ~/.puppetlabs/client-tools/puppetdb.conf
|
19
|
+
|
20
|
+
=item 3. /etc/puppetlabs/client-tools/puppetdb.conf
|
21
|
+
|
22
|
+
=item 4. hardcoded default PuppetDB url, B<http://127.0.0.1:8080>
|
23
|
+
|
24
|
+
=back
|
25
|
+
|
26
|
+
The configuration file is in JSON format.
|
27
|
+
|
28
|
+
=head1 OPTIONS
|
29
|
+
|
30
|
+
=over 4
|
31
|
+
|
32
|
+
=item B<server_urls>
|
33
|
+
|
34
|
+
Either a JSON String (for a single url) or Array (for multiple urls) of your
|
35
|
+
PuppetDB servers to query or manage via the CLI commands.
|
36
|
+
|
37
|
+
=item B<cacert>
|
38
|
+
|
39
|
+
Your site's CA certificate.
|
40
|
+
|
41
|
+
=item B<cert>
|
42
|
+
|
43
|
+
An SSL certificate signed by your site's Puppet CA.
|
44
|
+
|
45
|
+
=item B<key>
|
46
|
+
|
47
|
+
The private key for that certificate.
|
48
|
+
|
49
|
+
=item B<token-file>
|
50
|
+
|
51
|
+
The path for the RBAC token (PE only).
|
52
|
+
|
53
|
+
=back
|
54
|
+
|
55
|
+
=head1 SEE ALSO
|
56
|
+
|
57
|
+
puppet-db(8), puppet-query(8)
|
58
|
+
|
59
|
+
=head1 EXAMPLES
|
60
|
+
|
61
|
+
--------------------------------------------------------------------
|
62
|
+
Example #1 - Using a single entry in server_urls:
|
63
|
+
|
64
|
+
{
|
65
|
+
"puppetdb": {
|
66
|
+
"server_urls":"https://alpha-rho.local:8081",
|
67
|
+
"cacert":"<path to ca.pem>",
|
68
|
+
"cert":"<path to cert .pem>",
|
69
|
+
"key":"<path to private-key .pem>"
|
70
|
+
}
|
71
|
+
}
|
72
|
+
|
73
|
+
|
74
|
+
--------------------------------------------------------------------
|
75
|
+
Example #2 - Using multiple server_urls:
|
76
|
+
|
77
|
+
{
|
78
|
+
"puppetdb": {
|
79
|
+
"server_urls":[
|
80
|
+
"https://alpha-rho.local:8081",
|
81
|
+
"https://beta-phi.local:8081"
|
82
|
+
],
|
83
|
+
"cacert":"<path to ca.pem>",
|
84
|
+
"cert":"<path to cert .pem>",
|
85
|
+
"key":"<path to private-key .pem>"
|
86
|
+
}
|
87
|
+
}
|