puppetdb_cli 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,32 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Add the import command
4
+ #
5
+ # The import command is used to submit an exported archive to PuppetDB
6
+ module PuppetDBCLI
7
+ @import_cmd = @db_cmd.define_command do
8
+ name 'import'
9
+ usage 'import [options] <path>'
10
+ summary 'import a PuppetDB archive to PuppetDB'
11
+
12
+ run do |opts, args, cmd|
13
+ PuppetDBCLI::Utils.log_command_start cmd.name, opts, args
14
+
15
+ if args.count.zero?
16
+ PuppetDBCLI.logger.fatal 'No file path provided'
17
+ exit 1
18
+ elsif args.count > 1
19
+ PuppetDBCLI.logger.fatal 'Only one argument, the path to the export file, is allowed.'
20
+ exit 1
21
+ end
22
+
23
+ filename = File.expand_path(args.first)
24
+ PuppetDBCLI.logger.info "Starting import from '#{filename}'"
25
+
26
+ client = PuppetDBCLI::Utils.open_client_connection(opts)
27
+ response = client.import(filename)
28
+
29
+ exit 1 unless response.success?
30
+ end
31
+ end
32
+ end
@@ -0,0 +1,25 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Add the status command to the PuppetDB CLI
4
+ #
5
+ # The status command is used to query for all the statuses of the configured PuppetDB's
6
+ module PuppetDBCLI
7
+ @status_cmd = @db_cmd.define_command do
8
+ name 'status'
9
+ usage 'status [options]'
10
+ summary 'query the PuppetDB status endpoint for each configured PuppetDB'
11
+
12
+ run do |opts, args, cmd|
13
+ PuppetDBCLI::Utils.log_command_start cmd.name, opts, args
14
+
15
+ unless args.count.zero?
16
+ PuppetDBCLI.logger.fatal 'status command does not allow arguments'
17
+ exit 1
18
+ end
19
+ client = PuppetDBCLI::Utils.open_client_connection opts
20
+
21
+ response = client.status
22
+ puts JSON.pretty_generate(response)
23
+ end
24
+ end
25
+ end
@@ -0,0 +1,35 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'logger'
4
+
5
+ # PuppetDB CLI namespace
6
+ module PuppetDBCLI
7
+ def self.logger
8
+ @logger ||= PuppetDBCLI::Logger.new
9
+ end
10
+
11
+ # A logger for the PuppetDB CLI
12
+ #
13
+ # Overrides standard format of logs for better cli ouput, but reverts to traditional
14
+ # log formatting when in debug mode
15
+ class Logger < ::Logger
16
+ def initialize
17
+ super($stderr)
18
+
19
+ self.formatter = proc do |severity, datetime, _progname, msg|
20
+ if level == ::Logger::DEBUG
21
+ "[#{datetime.strftime '%Y-%m-%d %H:%M:%S.%6N'}] #{severity} -- #{msg}\n"
22
+ else
23
+ "#{severity}: #{msg}\n"
24
+ end
25
+ end
26
+
27
+ self.level = ::Logger::INFO
28
+ end
29
+
30
+ def enable_debug_mode
31
+ self.level = ::Logger::DEBUG
32
+ debug 'Debug mode enabled'
33
+ end
34
+ end
35
+ end
@@ -0,0 +1,38 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'json'
4
+
5
+ # Add the query command to PuppetDBCLI
6
+ #
7
+ # The query command submits queries to /pdb/query/v4
8
+ module PuppetDBCLI
9
+ @query_cmd = @base_cmd.define_command do
10
+ name 'query'
11
+ usage 'query [options] <query>'
12
+ summary 'Query puppetdb with AST or PQL'
13
+
14
+ flag :h, :help, 'Show help for this command.' do |_, c|
15
+ c.add_command Cri::Command.new_basic_help
16
+ puts c.help
17
+ exit 0
18
+ end
19
+
20
+ run do |opts, args, cmd|
21
+ PuppetDBCLI::Utils.log_command_start cmd.name, opts, args
22
+
23
+ if args.count.zero?
24
+ PuppetDBCLI.logger.fatal 'No query provided'
25
+ exit 1
26
+ elsif args.count > 1
27
+ PuppetDBCLI.logger.fatal 'More than one argument provided. Try wrapping the query in single quotes.'
28
+ exit 1
29
+ end
30
+ query = args.first
31
+
32
+ client = PuppetDBCLI::Utils.open_client_connection opts
33
+
34
+ response = PuppetDBCLI::Utils.send_query client, query
35
+ puts JSON.pretty_generate(response.data)
36
+ end
37
+ end
38
+ end
@@ -0,0 +1,50 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Utils for PuppetDBCLI
4
+ #
5
+ # Primarily used for interaction with the PuppetDB::Client
6
+ module PuppetDBCLI::Utils
7
+ def self.log_command_start(name, opts, args)
8
+ PuppetDBCLI.logger.debug "Running the #{name} command"
9
+ PuppetDBCLI.logger.debug "CLI options: #{opts}"
10
+ PuppetDBCLI.logger.debug "CLI arguments: #{args.to_a}"
11
+ end
12
+
13
+ def self.construct_config_overrides(cli_opts)
14
+ {
15
+ config_file: cli_opts[:config],
16
+ server_urls: cli_opts[:urls]&.split(','),
17
+ key: cli_opts[:key],
18
+ cert: cli_opts[:cert],
19
+ cacert: cli_opts[:cacert],
20
+ token_file: cli_opts[:token]
21
+ }.delete_if { |_, v| v.nil? }
22
+ end
23
+
24
+ def self.open_client_connection(cli_opts)
25
+ config_overrides = construct_config_overrides cli_opts
26
+ PuppetDBCLI.logger.debug "Initializing client connection with configuration overrides: #{config_overrides}"
27
+
28
+ PuppetDB::Client.new(config_overrides)
29
+ rescue URI::InvalidURIError => e
30
+ PuppetDBCLI.logger.fatal "The provided PuppetDB server url was invalid. Failed with message '#{e.message}'"
31
+ exit 1
32
+ # This will catch errors like SocketError from HTTParty and RuntimeError from puppetdb-ruby
33
+ rescue RuntimeError => e
34
+ PuppetDBCLI.logger.fatal e.message
35
+ exit 1
36
+ end
37
+
38
+ def self.send_query(client, query)
39
+ PuppetDBCLI.logger.debug "Sending query request '#{query}'"
40
+
41
+ client.request('', query, query_mode: :failover)
42
+ rescue SocketError => e
43
+ PuppetDBCLI.logger.fatal e.message
44
+ exit 1
45
+ rescue PuppetDB::APIError => e
46
+ puts e.response
47
+ PuppetDBCLI.logger.fatal "Last PuppetDB API response code #{e.response&.code}"
48
+ exit 1
49
+ end
50
+ end
@@ -0,0 +1,6 @@
1
+ # frozen_string_literal: true
2
+
3
+ # PuppetDB CLI version
4
+ module PuppetDBCLI
5
+ VERSION = '2.0.0'
6
+ end
data/man/puppet-db.pod ADDED
@@ -0,0 +1,127 @@
1
+ =head1 NAME
2
+
3
+ puppet db - manage PuppetDB administrative tasks
4
+
5
+ =head1 SYNOPSIS
6
+
7
+ puppet-db [options] <action> [arguments]
8
+
9
+ =head1 DESCRIPTION
10
+
11
+ The C<puppet-db> tool allows you to perform PuppetDB administrative tasks such
12
+ as exporting and anonymizing a backup of your PuppetDB or importing a backup to
13
+ a PuppetDB. To learn more about the archive format and these administrative
14
+ tasks in general, consult our documentation at:
15
+ [http://docs.puppetlabs.com/puppetdb/master/anonymization.html]
16
+
17
+ =head1 OPTIONS
18
+
19
+ =over 4
20
+
21
+ =item B<-h>,B<--help>
22
+
23
+ Prints a list of the commands and a brief synopsis of each command. If
24
+ an action is specified, it will print a description of that action and
25
+ the options specific to that action.
26
+
27
+ =item B<--version>
28
+
29
+ Displays version information
30
+
31
+ =item B<-c>,B<--config> <path>
32
+
33
+ Overrides the path for the PuppetDB CLI config. For more information about
34
+ PuppetDB CLI configuration, see puppetdb_conf(8).
35
+ Default: ~/.puppetlabs/client-tools/puppetdb.conf
36
+
37
+ =item B<--urls> <str>
38
+
39
+ Overrides the SERVER_URLS setting for the PuppetDB service. These urls points to
40
+ your PuppetDB instances. You can specify multiple urls as a comma-delimitted
41
+ list, 'http://foo:8080,http://bar.com:8080'.
42
+
43
+ =item B<--cacert> <path>
44
+
45
+ Overrides the path for the Puppet CA cert.
46
+
47
+ =item B<--cert> <path>
48
+
49
+ Overrides the path for the Puppet client cert.
50
+
51
+ =item B<--key> <path>
52
+
53
+ Overrides the path for the Puppet client private key.
54
+
55
+ =item B<--token> <path>
56
+
57
+ Overrides the path for the RBAC token (PE only).
58
+
59
+ =back
60
+
61
+ =head1 ACTIONS
62
+
63
+ $ puppet-db export [options]
64
+ The export action will export a PuppetDB archive from PuppetDB. The
65
+ default location of this archive will be './pdb-export.tgz' relative to
66
+ wherever the command was run from. You can specify a different location to
67
+ export as an optional argument. Additionally you can specify what level of
68
+ anonymization you want for your archive using the '--anonymization <str>'
69
+ flag, for more information about PuppetDB archive anonymization, consult
70
+ the documentation at:
71
+ [http://docs.puppetlabs.com/puppetdb/master/anonymization.html]
72
+
73
+ $ puppet-db import <path>
74
+ The import action will import a PuppetDB archive to PuppetDB. You must
75
+ specify the location of the archive to the import action as a path.
76
+
77
+ $ puppet-db status
78
+ The status action will query the PuppetDB status endpoint (for each
79
+ configured PuppetDB) and return a map from PuppetDB host to the status for
80
+ that PuppetDB. For more information about the PuppetDB status endpoint
81
+ see: [https://docs.puppet.com/puppetdb/latest/api/status/v1/status.html]
82
+
83
+ =head1 SEE ALSO
84
+
85
+ puppet-db(8), puppetdb_conf(8)
86
+
87
+ =head1 EXAMPLES
88
+
89
+ --------------------------------------------------------------------
90
+ Example #1 - Export a PuppetDB archive:
91
+
92
+ $ puppet-db export ./my-pdb-export.tgz
93
+ Exporting PuppetDB...
94
+ Finished exporting PuppetDB archive to ./my-pdb-export.tgz.
95
+
96
+ --------------------------------------------------------------------
97
+ Example #2 - Import a PuppetDB archive:
98
+
99
+ $ puppet-db import ./my-pdb-export.tgz
100
+ Importing ./my-pdb-export.tgz to PuppetDB...
101
+ Finished importing ./my-pdb-export.tgz to PuppetDB.
102
+
103
+ --------------------------------------------------------------------
104
+ Example #3 - Query for the status of PuppetDB:
105
+
106
+ $ puppet-db status
107
+ {
108
+ "puppetdb-status": {
109
+ "service_version": "4.0.0-SNAPSHOT",
110
+ "service_status_version": 1,
111
+ "detail_level": "info",
112
+ "state": "running",
113
+ "status": {
114
+ "maintenance_mode?": false,
115
+ "queue_depth": 0,
116
+ "read_db_up?": true,
117
+ "write_db_up?": true
118
+ }
119
+ },
120
+ "status-service": {
121
+ "service_version": "0.3.1",
122
+ "service_status_version": 1,
123
+ "detail_level": "info",
124
+ "state": "running",
125
+ "status": {}
126
+ }
127
+ }
@@ -0,0 +1,83 @@
1
+ =head1 NAME
2
+
3
+ puppet query - perform ad hoc queries against PuppetDB
4
+
5
+ =head1 SYNOPSIS
6
+
7
+ puppet-query [options] <query>
8
+
9
+ =head1 DESCRIPTION
10
+
11
+ The C<puppet-query> tool allows you to query PuppetDB using either the AST or
12
+ PQL query languages. To read more about the syntax of PuppetDB queries, please
13
+ consult the documentation at:
14
+ [http://docs.puppetlabs.com/puppetdb/master/api/query/v4/pql.html]
15
+
16
+ =head1 OPTIONS
17
+
18
+ =over 4
19
+
20
+ =item B<-h>,B<--help>
21
+
22
+ Prints a list of the commands and a brief synopsis of each command. If
23
+ an action is specified, it will print a description of that action and
24
+ the options specific to that action.
25
+
26
+ =item B<--version>
27
+
28
+ Displays version information
29
+
30
+ =item B<-c>,B<--config> <path>
31
+
32
+ Overrides the path for the PuppetDB CLI config. For more information about
33
+ PuppetDB CLI configuration, see puppetdb_conf(8).
34
+ Default: ~/.puppetlabs/client-tools/puppetdb.conf
35
+
36
+ =item B<--urls> <str>
37
+
38
+ Overrides the SERVER_URLS setting for the PuppetDB service. These urls points to
39
+ your PuppetDB instances. You can specify multiple urls as a comma-delimitted
40
+ list, 'http://foo:8080,http://bar.com:8080'.
41
+
42
+ =item B<--cacert> <path>
43
+
44
+ Overrides the path for the Puppet CA cert.
45
+
46
+ =item B<--cert> <path>
47
+
48
+ Overrides the path for the Puppet client cert.
49
+
50
+ =item B<--key> <path>
51
+
52
+ Overrides the path for the Puppet client private key.
53
+
54
+ =item B<--token> <path>
55
+
56
+ Overrides the path for the RBAC token (PE only).
57
+
58
+ =back
59
+
60
+ =head1 SEE ALSO
61
+
62
+ puppet-db(8), puppetdb_conf(8)
63
+
64
+ =head1 EXAMPLES
65
+
66
+ ----------------------------------------------------------------------
67
+ $ puppet-query "nodes { certname = 'host-1' }"
68
+
69
+ [
70
+ {
71
+ "catalog_environment": "production",
72
+ "catalog_timestamp": "2016-01-28T18:26:04.023Z",
73
+ "certname": "host-0",
74
+ "deactivated": null,
75
+ "expired": null,
76
+ "facts_environment": "production",
77
+ "facts_timestamp": "2016-01-28T18:26:02.589Z",
78
+ "latest_report_hash": "2638652161207e7606d7d2461538d2dae883237b",
79
+ "latest_report_status": "failed",
80
+ "report_environment": "production",
81
+ "report_timestamp": "2016-01-28T18:13:02.405Z"
82
+ }
83
+ ]
@@ -0,0 +1,87 @@
1
+ =head1 NAME
2
+
3
+ puppetdb_conf - PuppetDB CLI configuration files
4
+
5
+ =head1 SYNOPSIS
6
+
7
+ ~/.puppetlabs/client-tools/puppetdb.conf
8
+
9
+ =head1 DESCRIPTION
10
+
11
+ The `puppet-query` and `puppet-db` commands obtain their configuration from the
12
+ following sources in the following order:
13
+
14
+ =over 4
15
+
16
+ =item 1. command-line options
17
+
18
+ =item 2. ~/.puppetlabs/client-tools/puppetdb.conf
19
+
20
+ =item 3. /etc/puppetlabs/client-tools/puppetdb.conf
21
+
22
+ =item 4. hardcoded default PuppetDB url, B<http://127.0.0.1:8080>
23
+
24
+ =back
25
+
26
+ The configuration file is in JSON format.
27
+
28
+ =head1 OPTIONS
29
+
30
+ =over 4
31
+
32
+ =item B<server_urls>
33
+
34
+ Either a JSON String (for a single url) or Array (for multiple urls) of your
35
+ PuppetDB servers to query or manage via the CLI commands.
36
+
37
+ =item B<cacert>
38
+
39
+ Your site's CA certificate.
40
+
41
+ =item B<cert>
42
+
43
+ An SSL certificate signed by your site's Puppet CA.
44
+
45
+ =item B<key>
46
+
47
+ The private key for that certificate.
48
+
49
+ =item B<token-file>
50
+
51
+ The path for the RBAC token (PE only).
52
+
53
+ =back
54
+
55
+ =head1 SEE ALSO
56
+
57
+ puppet-db(8), puppet-query(8)
58
+
59
+ =head1 EXAMPLES
60
+
61
+ --------------------------------------------------------------------
62
+ Example #1 - Using a single entry in server_urls:
63
+
64
+ {
65
+ "puppetdb": {
66
+ "server_urls":"https://alpha-rho.local:8081",
67
+ "cacert":"<path to ca.pem>",
68
+ "cert":"<path to cert .pem>",
69
+ "key":"<path to private-key .pem>"
70
+ }
71
+ }
72
+
73
+
74
+ --------------------------------------------------------------------
75
+ Example #2 - Using multiple server_urls:
76
+
77
+ {
78
+ "puppetdb": {
79
+ "server_urls":[
80
+ "https://alpha-rho.local:8081",
81
+ "https://beta-phi.local:8081"
82
+ ],
83
+ "cacert":"<path to ca.pem>",
84
+ "cert":"<path to cert .pem>",
85
+ "key":"<path to private-key .pem>"
86
+ }
87
+ }