puppetdb_cli 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +27 -0
- data/.rspec +3 -0
- data/.rubocop.yml +21 -0
- data/.travis.yml +25 -0
- data/CHANGELOG.md +54 -0
- data/CONTRIBUTING.md +9 -0
- data/Gemfile +8 -0
- data/LICENSE +13 -0
- data/MAINTAINERS +28 -0
- data/README.md +121 -0
- data/Rakefile +11 -0
- data/acceptance/Gemfile +27 -0
- data/acceptance/Rakefile +99 -0
- data/acceptance/config/vcloud-ubuntu1604-64mda.cfg +18 -0
- data/acceptance/foss/setup/pre_suite/00_setup_env.rb +80 -0
- data/acceptance/foss/tests/basic.rb +14 -0
- data/acceptance/pe/setup/pre_suite/00_setup_env.rb +65 -0
- data/acceptance/pe/tests/basic.rb +20 -0
- data/appveyor.yml +57 -0
- data/bin/console +15 -0
- data/bin/setup +8 -0
- data/exe/puppet-db +11 -0
- data/exe/puppet-query +11 -0
- data/lib/puppetdb_cli.rb +54 -0
- data/lib/puppetdb_cli/db.rb +25 -0
- data/lib/puppetdb_cli/db/export.rb +49 -0
- data/lib/puppetdb_cli/db/import.rb +32 -0
- data/lib/puppetdb_cli/db/status.rb +25 -0
- data/lib/puppetdb_cli/logger.rb +35 -0
- data/lib/puppetdb_cli/query.rb +38 -0
- data/lib/puppetdb_cli/utils.rb +50 -0
- data/lib/puppetdb_cli/version.rb +6 -0
- data/man/puppet-db.pod +127 -0
- data/man/puppet-query.pod +83 -0
- data/man/puppetdb_conf.pod +87 -0
- data/pod2man.sh +28 -0
- data/puppetdb_cli.gemspec +33 -0
- metadata +186 -0
@@ -0,0 +1,32 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Add the import command
|
4
|
+
#
|
5
|
+
# The import command is used to submit an exported archive to PuppetDB
|
6
|
+
module PuppetDBCLI
|
7
|
+
@import_cmd = @db_cmd.define_command do
|
8
|
+
name 'import'
|
9
|
+
usage 'import [options] <path>'
|
10
|
+
summary 'import a PuppetDB archive to PuppetDB'
|
11
|
+
|
12
|
+
run do |opts, args, cmd|
|
13
|
+
PuppetDBCLI::Utils.log_command_start cmd.name, opts, args
|
14
|
+
|
15
|
+
if args.count.zero?
|
16
|
+
PuppetDBCLI.logger.fatal 'No file path provided'
|
17
|
+
exit 1
|
18
|
+
elsif args.count > 1
|
19
|
+
PuppetDBCLI.logger.fatal 'Only one argument, the path to the export file, is allowed.'
|
20
|
+
exit 1
|
21
|
+
end
|
22
|
+
|
23
|
+
filename = File.expand_path(args.first)
|
24
|
+
PuppetDBCLI.logger.info "Starting import from '#{filename}'"
|
25
|
+
|
26
|
+
client = PuppetDBCLI::Utils.open_client_connection(opts)
|
27
|
+
response = client.import(filename)
|
28
|
+
|
29
|
+
exit 1 unless response.success?
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Add the status command to the PuppetDB CLI
|
4
|
+
#
|
5
|
+
# The status command is used to query for all the statuses of the configured PuppetDB's
|
6
|
+
module PuppetDBCLI
|
7
|
+
@status_cmd = @db_cmd.define_command do
|
8
|
+
name 'status'
|
9
|
+
usage 'status [options]'
|
10
|
+
summary 'query the PuppetDB status endpoint for each configured PuppetDB'
|
11
|
+
|
12
|
+
run do |opts, args, cmd|
|
13
|
+
PuppetDBCLI::Utils.log_command_start cmd.name, opts, args
|
14
|
+
|
15
|
+
unless args.count.zero?
|
16
|
+
PuppetDBCLI.logger.fatal 'status command does not allow arguments'
|
17
|
+
exit 1
|
18
|
+
end
|
19
|
+
client = PuppetDBCLI::Utils.open_client_connection opts
|
20
|
+
|
21
|
+
response = client.status
|
22
|
+
puts JSON.pretty_generate(response)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'logger'
|
4
|
+
|
5
|
+
# PuppetDB CLI namespace
|
6
|
+
module PuppetDBCLI
|
7
|
+
def self.logger
|
8
|
+
@logger ||= PuppetDBCLI::Logger.new
|
9
|
+
end
|
10
|
+
|
11
|
+
# A logger for the PuppetDB CLI
|
12
|
+
#
|
13
|
+
# Overrides standard format of logs for better cli ouput, but reverts to traditional
|
14
|
+
# log formatting when in debug mode
|
15
|
+
class Logger < ::Logger
|
16
|
+
def initialize
|
17
|
+
super($stderr)
|
18
|
+
|
19
|
+
self.formatter = proc do |severity, datetime, _progname, msg|
|
20
|
+
if level == ::Logger::DEBUG
|
21
|
+
"[#{datetime.strftime '%Y-%m-%d %H:%M:%S.%6N'}] #{severity} -- #{msg}\n"
|
22
|
+
else
|
23
|
+
"#{severity}: #{msg}\n"
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
self.level = ::Logger::INFO
|
28
|
+
end
|
29
|
+
|
30
|
+
def enable_debug_mode
|
31
|
+
self.level = ::Logger::DEBUG
|
32
|
+
debug 'Debug mode enabled'
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'json'
|
4
|
+
|
5
|
+
# Add the query command to PuppetDBCLI
|
6
|
+
#
|
7
|
+
# The query command submits queries to /pdb/query/v4
|
8
|
+
module PuppetDBCLI
|
9
|
+
@query_cmd = @base_cmd.define_command do
|
10
|
+
name 'query'
|
11
|
+
usage 'query [options] <query>'
|
12
|
+
summary 'Query puppetdb with AST or PQL'
|
13
|
+
|
14
|
+
flag :h, :help, 'Show help for this command.' do |_, c|
|
15
|
+
c.add_command Cri::Command.new_basic_help
|
16
|
+
puts c.help
|
17
|
+
exit 0
|
18
|
+
end
|
19
|
+
|
20
|
+
run do |opts, args, cmd|
|
21
|
+
PuppetDBCLI::Utils.log_command_start cmd.name, opts, args
|
22
|
+
|
23
|
+
if args.count.zero?
|
24
|
+
PuppetDBCLI.logger.fatal 'No query provided'
|
25
|
+
exit 1
|
26
|
+
elsif args.count > 1
|
27
|
+
PuppetDBCLI.logger.fatal 'More than one argument provided. Try wrapping the query in single quotes.'
|
28
|
+
exit 1
|
29
|
+
end
|
30
|
+
query = args.first
|
31
|
+
|
32
|
+
client = PuppetDBCLI::Utils.open_client_connection opts
|
33
|
+
|
34
|
+
response = PuppetDBCLI::Utils.send_query client, query
|
35
|
+
puts JSON.pretty_generate(response.data)
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,50 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Utils for PuppetDBCLI
|
4
|
+
#
|
5
|
+
# Primarily used for interaction with the PuppetDB::Client
|
6
|
+
module PuppetDBCLI::Utils
|
7
|
+
def self.log_command_start(name, opts, args)
|
8
|
+
PuppetDBCLI.logger.debug "Running the #{name} command"
|
9
|
+
PuppetDBCLI.logger.debug "CLI options: #{opts}"
|
10
|
+
PuppetDBCLI.logger.debug "CLI arguments: #{args.to_a}"
|
11
|
+
end
|
12
|
+
|
13
|
+
def self.construct_config_overrides(cli_opts)
|
14
|
+
{
|
15
|
+
config_file: cli_opts[:config],
|
16
|
+
server_urls: cli_opts[:urls]&.split(','),
|
17
|
+
key: cli_opts[:key],
|
18
|
+
cert: cli_opts[:cert],
|
19
|
+
cacert: cli_opts[:cacert],
|
20
|
+
token_file: cli_opts[:token]
|
21
|
+
}.delete_if { |_, v| v.nil? }
|
22
|
+
end
|
23
|
+
|
24
|
+
def self.open_client_connection(cli_opts)
|
25
|
+
config_overrides = construct_config_overrides cli_opts
|
26
|
+
PuppetDBCLI.logger.debug "Initializing client connection with configuration overrides: #{config_overrides}"
|
27
|
+
|
28
|
+
PuppetDB::Client.new(config_overrides)
|
29
|
+
rescue URI::InvalidURIError => e
|
30
|
+
PuppetDBCLI.logger.fatal "The provided PuppetDB server url was invalid. Failed with message '#{e.message}'"
|
31
|
+
exit 1
|
32
|
+
# This will catch errors like SocketError from HTTParty and RuntimeError from puppetdb-ruby
|
33
|
+
rescue RuntimeError => e
|
34
|
+
PuppetDBCLI.logger.fatal e.message
|
35
|
+
exit 1
|
36
|
+
end
|
37
|
+
|
38
|
+
def self.send_query(client, query)
|
39
|
+
PuppetDBCLI.logger.debug "Sending query request '#{query}'"
|
40
|
+
|
41
|
+
client.request('', query, query_mode: :failover)
|
42
|
+
rescue SocketError => e
|
43
|
+
PuppetDBCLI.logger.fatal e.message
|
44
|
+
exit 1
|
45
|
+
rescue PuppetDB::APIError => e
|
46
|
+
puts e.response
|
47
|
+
PuppetDBCLI.logger.fatal "Last PuppetDB API response code #{e.response&.code}"
|
48
|
+
exit 1
|
49
|
+
end
|
50
|
+
end
|
data/man/puppet-db.pod
ADDED
@@ -0,0 +1,127 @@
|
|
1
|
+
=head1 NAME
|
2
|
+
|
3
|
+
puppet db - manage PuppetDB administrative tasks
|
4
|
+
|
5
|
+
=head1 SYNOPSIS
|
6
|
+
|
7
|
+
puppet-db [options] <action> [arguments]
|
8
|
+
|
9
|
+
=head1 DESCRIPTION
|
10
|
+
|
11
|
+
The C<puppet-db> tool allows you to perform PuppetDB administrative tasks such
|
12
|
+
as exporting and anonymizing a backup of your PuppetDB or importing a backup to
|
13
|
+
a PuppetDB. To learn more about the archive format and these administrative
|
14
|
+
tasks in general, consult our documentation at:
|
15
|
+
[http://docs.puppetlabs.com/puppetdb/master/anonymization.html]
|
16
|
+
|
17
|
+
=head1 OPTIONS
|
18
|
+
|
19
|
+
=over 4
|
20
|
+
|
21
|
+
=item B<-h>,B<--help>
|
22
|
+
|
23
|
+
Prints a list of the commands and a brief synopsis of each command. If
|
24
|
+
an action is specified, it will print a description of that action and
|
25
|
+
the options specific to that action.
|
26
|
+
|
27
|
+
=item B<--version>
|
28
|
+
|
29
|
+
Displays version information
|
30
|
+
|
31
|
+
=item B<-c>,B<--config> <path>
|
32
|
+
|
33
|
+
Overrides the path for the PuppetDB CLI config. For more information about
|
34
|
+
PuppetDB CLI configuration, see puppetdb_conf(8).
|
35
|
+
Default: ~/.puppetlabs/client-tools/puppetdb.conf
|
36
|
+
|
37
|
+
=item B<--urls> <str>
|
38
|
+
|
39
|
+
Overrides the SERVER_URLS setting for the PuppetDB service. These urls points to
|
40
|
+
your PuppetDB instances. You can specify multiple urls as a comma-delimitted
|
41
|
+
list, 'http://foo:8080,http://bar.com:8080'.
|
42
|
+
|
43
|
+
=item B<--cacert> <path>
|
44
|
+
|
45
|
+
Overrides the path for the Puppet CA cert.
|
46
|
+
|
47
|
+
=item B<--cert> <path>
|
48
|
+
|
49
|
+
Overrides the path for the Puppet client cert.
|
50
|
+
|
51
|
+
=item B<--key> <path>
|
52
|
+
|
53
|
+
Overrides the path for the Puppet client private key.
|
54
|
+
|
55
|
+
=item B<--token> <path>
|
56
|
+
|
57
|
+
Overrides the path for the RBAC token (PE only).
|
58
|
+
|
59
|
+
=back
|
60
|
+
|
61
|
+
=head1 ACTIONS
|
62
|
+
|
63
|
+
$ puppet-db export [options]
|
64
|
+
The export action will export a PuppetDB archive from PuppetDB. The
|
65
|
+
default location of this archive will be './pdb-export.tgz' relative to
|
66
|
+
wherever the command was run from. You can specify a different location to
|
67
|
+
export as an optional argument. Additionally you can specify what level of
|
68
|
+
anonymization you want for your archive using the '--anonymization <str>'
|
69
|
+
flag, for more information about PuppetDB archive anonymization, consult
|
70
|
+
the documentation at:
|
71
|
+
[http://docs.puppetlabs.com/puppetdb/master/anonymization.html]
|
72
|
+
|
73
|
+
$ puppet-db import <path>
|
74
|
+
The import action will import a PuppetDB archive to PuppetDB. You must
|
75
|
+
specify the location of the archive to the import action as a path.
|
76
|
+
|
77
|
+
$ puppet-db status
|
78
|
+
The status action will query the PuppetDB status endpoint (for each
|
79
|
+
configured PuppetDB) and return a map from PuppetDB host to the status for
|
80
|
+
that PuppetDB. For more information about the PuppetDB status endpoint
|
81
|
+
see: [https://docs.puppet.com/puppetdb/latest/api/status/v1/status.html]
|
82
|
+
|
83
|
+
=head1 SEE ALSO
|
84
|
+
|
85
|
+
puppet-db(8), puppetdb_conf(8)
|
86
|
+
|
87
|
+
=head1 EXAMPLES
|
88
|
+
|
89
|
+
--------------------------------------------------------------------
|
90
|
+
Example #1 - Export a PuppetDB archive:
|
91
|
+
|
92
|
+
$ puppet-db export ./my-pdb-export.tgz
|
93
|
+
Exporting PuppetDB...
|
94
|
+
Finished exporting PuppetDB archive to ./my-pdb-export.tgz.
|
95
|
+
|
96
|
+
--------------------------------------------------------------------
|
97
|
+
Example #2 - Import a PuppetDB archive:
|
98
|
+
|
99
|
+
$ puppet-db import ./my-pdb-export.tgz
|
100
|
+
Importing ./my-pdb-export.tgz to PuppetDB...
|
101
|
+
Finished importing ./my-pdb-export.tgz to PuppetDB.
|
102
|
+
|
103
|
+
--------------------------------------------------------------------
|
104
|
+
Example #3 - Query for the status of PuppetDB:
|
105
|
+
|
106
|
+
$ puppet-db status
|
107
|
+
{
|
108
|
+
"puppetdb-status": {
|
109
|
+
"service_version": "4.0.0-SNAPSHOT",
|
110
|
+
"service_status_version": 1,
|
111
|
+
"detail_level": "info",
|
112
|
+
"state": "running",
|
113
|
+
"status": {
|
114
|
+
"maintenance_mode?": false,
|
115
|
+
"queue_depth": 0,
|
116
|
+
"read_db_up?": true,
|
117
|
+
"write_db_up?": true
|
118
|
+
}
|
119
|
+
},
|
120
|
+
"status-service": {
|
121
|
+
"service_version": "0.3.1",
|
122
|
+
"service_status_version": 1,
|
123
|
+
"detail_level": "info",
|
124
|
+
"state": "running",
|
125
|
+
"status": {}
|
126
|
+
}
|
127
|
+
}
|
@@ -0,0 +1,83 @@
|
|
1
|
+
=head1 NAME
|
2
|
+
|
3
|
+
puppet query - perform ad hoc queries against PuppetDB
|
4
|
+
|
5
|
+
=head1 SYNOPSIS
|
6
|
+
|
7
|
+
puppet-query [options] <query>
|
8
|
+
|
9
|
+
=head1 DESCRIPTION
|
10
|
+
|
11
|
+
The C<puppet-query> tool allows you to query PuppetDB using either the AST or
|
12
|
+
PQL query languages. To read more about the syntax of PuppetDB queries, please
|
13
|
+
consult the documentation at:
|
14
|
+
[http://docs.puppetlabs.com/puppetdb/master/api/query/v4/pql.html]
|
15
|
+
|
16
|
+
=head1 OPTIONS
|
17
|
+
|
18
|
+
=over 4
|
19
|
+
|
20
|
+
=item B<-h>,B<--help>
|
21
|
+
|
22
|
+
Prints a list of the commands and a brief synopsis of each command. If
|
23
|
+
an action is specified, it will print a description of that action and
|
24
|
+
the options specific to that action.
|
25
|
+
|
26
|
+
=item B<--version>
|
27
|
+
|
28
|
+
Displays version information
|
29
|
+
|
30
|
+
=item B<-c>,B<--config> <path>
|
31
|
+
|
32
|
+
Overrides the path for the PuppetDB CLI config. For more information about
|
33
|
+
PuppetDB CLI configuration, see puppetdb_conf(8).
|
34
|
+
Default: ~/.puppetlabs/client-tools/puppetdb.conf
|
35
|
+
|
36
|
+
=item B<--urls> <str>
|
37
|
+
|
38
|
+
Overrides the SERVER_URLS setting for the PuppetDB service. These urls points to
|
39
|
+
your PuppetDB instances. You can specify multiple urls as a comma-delimitted
|
40
|
+
list, 'http://foo:8080,http://bar.com:8080'.
|
41
|
+
|
42
|
+
=item B<--cacert> <path>
|
43
|
+
|
44
|
+
Overrides the path for the Puppet CA cert.
|
45
|
+
|
46
|
+
=item B<--cert> <path>
|
47
|
+
|
48
|
+
Overrides the path for the Puppet client cert.
|
49
|
+
|
50
|
+
=item B<--key> <path>
|
51
|
+
|
52
|
+
Overrides the path for the Puppet client private key.
|
53
|
+
|
54
|
+
=item B<--token> <path>
|
55
|
+
|
56
|
+
Overrides the path for the RBAC token (PE only).
|
57
|
+
|
58
|
+
=back
|
59
|
+
|
60
|
+
=head1 SEE ALSO
|
61
|
+
|
62
|
+
puppet-db(8), puppetdb_conf(8)
|
63
|
+
|
64
|
+
=head1 EXAMPLES
|
65
|
+
|
66
|
+
----------------------------------------------------------------------
|
67
|
+
$ puppet-query "nodes { certname = 'host-1' }"
|
68
|
+
|
69
|
+
[
|
70
|
+
{
|
71
|
+
"catalog_environment": "production",
|
72
|
+
"catalog_timestamp": "2016-01-28T18:26:04.023Z",
|
73
|
+
"certname": "host-0",
|
74
|
+
"deactivated": null,
|
75
|
+
"expired": null,
|
76
|
+
"facts_environment": "production",
|
77
|
+
"facts_timestamp": "2016-01-28T18:26:02.589Z",
|
78
|
+
"latest_report_hash": "2638652161207e7606d7d2461538d2dae883237b",
|
79
|
+
"latest_report_status": "failed",
|
80
|
+
"report_environment": "production",
|
81
|
+
"report_timestamp": "2016-01-28T18:13:02.405Z"
|
82
|
+
}
|
83
|
+
]
|
@@ -0,0 +1,87 @@
|
|
1
|
+
=head1 NAME
|
2
|
+
|
3
|
+
puppetdb_conf - PuppetDB CLI configuration files
|
4
|
+
|
5
|
+
=head1 SYNOPSIS
|
6
|
+
|
7
|
+
~/.puppetlabs/client-tools/puppetdb.conf
|
8
|
+
|
9
|
+
=head1 DESCRIPTION
|
10
|
+
|
11
|
+
The `puppet-query` and `puppet-db` commands obtain their configuration from the
|
12
|
+
following sources in the following order:
|
13
|
+
|
14
|
+
=over 4
|
15
|
+
|
16
|
+
=item 1. command-line options
|
17
|
+
|
18
|
+
=item 2. ~/.puppetlabs/client-tools/puppetdb.conf
|
19
|
+
|
20
|
+
=item 3. /etc/puppetlabs/client-tools/puppetdb.conf
|
21
|
+
|
22
|
+
=item 4. hardcoded default PuppetDB url, B<http://127.0.0.1:8080>
|
23
|
+
|
24
|
+
=back
|
25
|
+
|
26
|
+
The configuration file is in JSON format.
|
27
|
+
|
28
|
+
=head1 OPTIONS
|
29
|
+
|
30
|
+
=over 4
|
31
|
+
|
32
|
+
=item B<server_urls>
|
33
|
+
|
34
|
+
Either a JSON String (for a single url) or Array (for multiple urls) of your
|
35
|
+
PuppetDB servers to query or manage via the CLI commands.
|
36
|
+
|
37
|
+
=item B<cacert>
|
38
|
+
|
39
|
+
Your site's CA certificate.
|
40
|
+
|
41
|
+
=item B<cert>
|
42
|
+
|
43
|
+
An SSL certificate signed by your site's Puppet CA.
|
44
|
+
|
45
|
+
=item B<key>
|
46
|
+
|
47
|
+
The private key for that certificate.
|
48
|
+
|
49
|
+
=item B<token-file>
|
50
|
+
|
51
|
+
The path for the RBAC token (PE only).
|
52
|
+
|
53
|
+
=back
|
54
|
+
|
55
|
+
=head1 SEE ALSO
|
56
|
+
|
57
|
+
puppet-db(8), puppet-query(8)
|
58
|
+
|
59
|
+
=head1 EXAMPLES
|
60
|
+
|
61
|
+
--------------------------------------------------------------------
|
62
|
+
Example #1 - Using a single entry in server_urls:
|
63
|
+
|
64
|
+
{
|
65
|
+
"puppetdb": {
|
66
|
+
"server_urls":"https://alpha-rho.local:8081",
|
67
|
+
"cacert":"<path to ca.pem>",
|
68
|
+
"cert":"<path to cert .pem>",
|
69
|
+
"key":"<path to private-key .pem>"
|
70
|
+
}
|
71
|
+
}
|
72
|
+
|
73
|
+
|
74
|
+
--------------------------------------------------------------------
|
75
|
+
Example #2 - Using multiple server_urls:
|
76
|
+
|
77
|
+
{
|
78
|
+
"puppetdb": {
|
79
|
+
"server_urls":[
|
80
|
+
"https://alpha-rho.local:8081",
|
81
|
+
"https://beta-phi.local:8081"
|
82
|
+
],
|
83
|
+
"cacert":"<path to ca.pem>",
|
84
|
+
"cert":"<path to cert .pem>",
|
85
|
+
"key":"<path to private-key .pem>"
|
86
|
+
}
|
87
|
+
}
|