Class: OctocatalogDiff::CatalogUtil::BuildDir
- Inherits:
-
Object
- Object
- OctocatalogDiff::CatalogUtil::BuildDir
- Defined in:
- lib/octocatalog-diff/catalog-util/builddir.rb
Overview
Represents a directory that is created such that a catalog can be compiled in it. This has the following major functions:
-
Create the temporary directory that will serve as the puppet configuration directory
-
Register a handler to remove the temporary directory upon exit
-
Install needed configuration files within the directory (e.g. puppetdb.conf)
-
Install the facts into the directory
-
Install ‘environments/(environment)’ which is a symlink to the checkout of the puppet code
Instance Attribute Summary collapse
-
#enc ⇒ Object
readonly
Allow the path to the temporary directory to be read.
-
#fact_file ⇒ Object
readonly
Allow the path to the temporary directory to be read.
-
#tempdir ⇒ Object
readonly
Allow the path to the temporary directory to be read.
Instance Method Summary collapse
-
#create_structure ⇒ Object
Create common structure.
-
#create_symlinks(logger = nil) ⇒ Object
Create symlinks.
-
#initialize(options = {}, logger = nil) ⇒ BuildDir
constructor
Constructor Options for constructor: :puppetdb_url [String] PuppetDB Server URLs :puppetdb_server_url_timeout [Integer] Timeout (seconds) for puppetdb.conf :facts [OctocatalogDiff::Facts] Facts object :fact_file [String] File from which to read facts :node [String] Node name :basedir [String] Directory containing puppet code :enc [String] ENC script file (can be relative or absolute path) :pe_enc_url [String] ENC URL (for Puppet Enterprise node classification service) :hiera_config [String] hiera configuration file (relative to base directory) :hiera_path [String] relative path to hiera data files (mutually exclusive with :hiera_path_strip) :hiera_path_strip [String] string to strip off the beginning of :datadir :puppetdb_ssl_ca [String] Path to SSL CA certificate :puppetdb_ssl_crl [String] Path to Certificate Revocation List :puppetdb_ssl_client_key [String] String representation of SSL client key :puppetdb_ssl_client_cert [String] String representation of SSL client certificate :puppetdb_ssl_client_password [String] Password to unlock SSL private key.
-
#install_directory_symlink(logger, dir, target = 'environments/production') ⇒ Object
Install symbolic link to puppet environment.
-
#install_enc(logger) ⇒ Object
Install ENC.
-
#install_fact_file(logger, options) ⇒ Object
Install the fact file in temporary directory.
-
#install_hiera_config(logger, options) ⇒ Object
Install hiera config file.
-
#install_puppetdb_conf(logger, server_urls, server_url_timeout = 30) ⇒ Object
Install puppetdb.conf file in temporary directory.
-
#install_routes_yaml(logger) ⇒ Object
Install routes.yaml file in temporary directory No parameters or return - thus just writes a file (and notes it to debugging log) Note: catalog cache => json avoids sending the compiled catalog to PuppetDB even if storeconfigs is enabled.
-
#install_ssl(logger, options) ⇒ Object
Install SSL certificate authority certificate, client key, and client certificate into the expected locations within Puppet’s SSL directory.
Constructor Details
#initialize(options = {}, logger = nil) ⇒ BuildDir
Constructor Options for constructor: :puppetdb_url [String] PuppetDB Server URLs :puppetdb_server_url_timeout [Integer] Timeout (seconds) for puppetdb.conf :facts [OctocatalogDiff::Facts] Facts object :fact_file [String] File from which to read facts :node [String] Node name :basedir [String] Directory containing puppet code :enc [String] ENC script file (can be relative or absolute path) :pe_enc_url [String] ENC URL (for Puppet Enterprise node classification service) :hiera_config [String] hiera configuration file (relative to base directory) :hiera_path [String] relative path to hiera data files (mutually exclusive with :hiera_path_strip) :hiera_path_strip [String] string to strip off the beginning of :datadir :puppetdb_ssl_ca [String] Path to SSL CA certificate :puppetdb_ssl_crl [String] Path to Certificate Revocation List :puppetdb_ssl_client_key [String] String representation of SSL client key :puppetdb_ssl_client_cert [String] String representation of SSL client certificate :puppetdb_ssl_client_password [String] Password to unlock SSL private key
41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
# File 'lib/octocatalog-diff/catalog-util/builddir.rb', line 41 def initialize( = {}, logger = nil) @options = .dup @tempdir = OctocatalogDiff::Util::Util.temp_dir('ocd-builddir-') @factdir = nil @enc = nil @fact_file = nil @node = [:node] @facts_terminus = .fetch(:facts_terminus, 'yaml') create_structure create_symlinks(logger) # These configurations are optional. Don't call the methods if parameters are nil. unless [:puppetdb_url].nil? install_puppetdb_conf(logger, [:puppetdb_url], [:puppetdb_server_url_timeout]) install_routes_yaml(logger) end install_hiera_config(logger, ) unless [:hiera_config].nil? @fact_file = install_fact_file(logger, ) if @facts_terminus == 'yaml' @enc = install_enc(logger) unless [:enc].nil? && [:pe_enc_url].nil? install_ssl(logger, ) if [:puppetdb_ssl_ca] || [:puppetdb_ssl_client_cert] end |
Instance Attribute Details
#enc ⇒ Object (readonly)
Allow the path to the temporary directory to be read
20 21 22 |
# File 'lib/octocatalog-diff/catalog-util/builddir.rb', line 20 def enc @enc end |
#fact_file ⇒ Object (readonly)
Allow the path to the temporary directory to be read
20 21 22 |
# File 'lib/octocatalog-diff/catalog-util/builddir.rb', line 20 def fact_file @fact_file end |
#tempdir ⇒ Object (readonly)
Allow the path to the temporary directory to be read
20 21 22 |
# File 'lib/octocatalog-diff/catalog-util/builddir.rb', line 20 def tempdir @tempdir end |
Instance Method Details
#create_structure ⇒ Object
Create common structure
66 67 68 69 70 71 |
# File 'lib/octocatalog-diff/catalog-util/builddir.rb', line 66 def create_structure %w(facts var var/ssl var/yaml var/yaml/facts).each do |dir| Dir.mkdir(File.join(@tempdir, dir)) FileUtils.chmod 0o755, File.join(@tempdir, dir) end end |
#create_symlinks(logger = nil) ⇒ Object
Create symlinks.
If the ‘–preserve-environments` option is used, the `environments` directory, plus `modules` and `manifests` symlinks are created. Otherwise, `environments/production` is pointed at the base directory.
80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 |
# File 'lib/octocatalog-diff/catalog-util/builddir.rb', line 80 def create_symlinks(logger = nil) if @options[:preserve_environments] install_directory_symlink(logger, File.join(@options[:basedir], 'environments'), 'environments') @options.fetch(:create_symlinks, %w(modules manifests)).each do |x| install_directory_symlink(logger, File.join(@options[:basedir], x), x) end else if @options[:create_symlinks] && @options[:environment] unless logger.nil? logger.warn '--create-symlinks with --environment ignored unless --preserve-environments is used' end elsif @options[:create_symlinks] logger.warn '--create-symlinks is ignored unless --preserve-environments is used' unless logger.nil? elsif @options[:environment] return install_directory_symlink(logger, @options[:basedir], "environments/#{@options[:environment]}") end install_directory_symlink(logger, @options[:basedir]) end end |
#install_directory_symlink(logger, dir, target = 'environments/production') ⇒ Object
Install symbolic link to puppet environment
184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 |
# File 'lib/octocatalog-diff/catalog-util/builddir.rb', line 184 def install_directory_symlink(logger, dir, target = 'environments/production') raise ArgumentError, "Called install_directory_symlink with #{dir.class} argument" unless dir.is_a?(String) raise Errno::ENOENT, "Specified directory #{dir} doesn't exist" unless File.directory?(dir) symlink_target = File.join(@tempdir, target) if target =~ %r{/} parent_dir = File.dirname(symlink_target) FileUtils.mkdir_p parent_dir end FileUtils.rm_f symlink_target if File.exist?(symlink_target) FileUtils.symlink dir, symlink_target logger.debug("Symlinked #{symlink_target} -> #{dir}") end |
#install_enc(logger) ⇒ Object
Install ENC
202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 |
# File 'lib/octocatalog-diff/catalog-util/builddir.rb', line 202 def install_enc(logger) raise ArgumentError, 'A node must be specified when using an ENC' unless @node.is_a?(String) enc_obj = OctocatalogDiff::CatalogUtil::ENC.new(@options.merge(tempdir: @tempdir)) enc_obj.execute(logger) raise "Failed ENC: #{enc_obj.}" if enc_obj. enc_path = File.join(@tempdir, 'enc.sh') File.open(enc_path, 'w') do |f| f.write "#!/bin/sh\n" f.write "cat <<-'EOF'\n" f.write enc_obj.content f.write "\nEOF\n" end FileUtils.chmod 0o755, enc_path logger.debug("Installed ENC to echo content, #{enc_obj.content.length} bytes") enc_path end |
#install_fact_file(logger, options) ⇒ Object
Install the fact file in temporary directory
145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 |
# File 'lib/octocatalog-diff/catalog-util/builddir.rb', line 145 def install_fact_file(logger, ) unless @facts_terminus == 'yaml' raise ArgumentError, "Called install_fact_file but :facts_terminus = #{@facts_terminus}" end unless [:node].is_a?(String) && ![:node].empty? raise ArgumentError, 'Called install_fact_file without node, or with an empty node' end facts = if [:facts].is_a?(OctocatalogDiff::Facts) [:facts].dup elsif [:fact_file] raise Errno::ENOENT, "Fact file #{[:fact_file]} does not exist" unless File.file?([:fact_file]) fact_file_opts = { fact_file_string: File.read([:fact_file]) } fact_file_opts[:backend] = Regexp.last_match(1).to_sym if [:fact_file] =~ /.{1,1000}\.(\w+)$/ OctocatalogDiff::Facts.new(fact_file_opts) else raise ArgumentError, 'No facts passed to "install_fact_file" method' end if [:fact_override].is_a?(Array) [:fact_override].each do |override| keys = override.key.is_a?(Regexp) ? facts.matching(override.key) : [override.key] keys.each do |key| old_value = facts.fact(key) facts.override(key, override.value) logger.debug("Override #{key} from #{old_value.inspect} to #{override.value.inspect}") end end end fact_file_out = File.join(@tempdir, 'var', 'yaml', 'facts', "#{[:node]}.yaml") File.open(fact_file_out, 'w') { |f| f.write(facts.facts_to_yaml([:node])) } logger.debug("Installed fact file at #{fact_file_out}") fact_file_out end |
#install_hiera_config(logger, options) ⇒ Object
Install hiera config file
223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 |
# File 'lib/octocatalog-diff/catalog-util/builddir.rb', line 223 def install_hiera_config(logger, ) # Validate hiera config file hiera_config = [:hiera_config] unless hiera_config.is_a?(String) raise ArgumentError, "Called install_hiera_config with a #{hiera_config.class} argument" end file_src = if hiera_config.start_with? '/' hiera_config elsif hiera_config =~ %r{^environments/#{Regexp.escape(environment)}/} File.join(@tempdir, hiera_config) else File.join(@tempdir, 'environments', environment, hiera_config) end raise Errno::ENOENT, "hiera.yaml (#{file_src}) wasn't found" unless File.file?(file_src) # Munge datadir in hiera config file obj = YAML.load_file(file_src) version = obj['version'] || obj[:version] || 3 if version.to_i == 5 update_hiera_config_v5(logger, , obj) else update_hiera_config_v3(logger, , obj) end # Write properly formatted hiera config file into temporary directory File.open(File.join(@tempdir, 'hiera.yaml'), 'w') { |f| f.write(obj.to_yaml.gsub('!ruby/sym ', ':')) } logger.debug("Installed hiera.yaml from #{file_src} to #{File.join(@tempdir, 'hiera.yaml')}") end |
#install_puppetdb_conf(logger, server_urls, server_url_timeout = 30) ⇒ Object
Install puppetdb.conf file in temporary directory
103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 |
# File 'lib/octocatalog-diff/catalog-util/builddir.rb', line 103 def install_puppetdb_conf(logger, server_urls, server_url_timeout = 30) unless server_urls.is_a?(String) raise ArgumentError, "server_urls must be a string, got a: #{server_urls.class}" end server_url_timeout ||= 30 # If called with nil argument, supply default unless server_url_timeout.is_a?(Integer) raise ArgumentError, "server_url_timeout must be a fixnum, got a: #{server_url_timeout.class}" end puppetdb_conf = File.join(@tempdir, 'puppetdb.conf') File.open(puppetdb_conf, 'w') do |f| f.write "[main]\n" f.write "server_urls = #{server_urls}\n" f.write "server_url_timeout = #{server_url_timeout}\n" end logger.debug("Installed puppetdb.conf file at #{puppetdb_conf}") end |
#install_routes_yaml(logger) ⇒ Object
Install routes.yaml file in temporary directory No parameters or return - thus just writes a file (and notes it to debugging log) Note: catalog cache => json avoids sending the compiled catalog to PuppetDB even if storeconfigs is enabled.
126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 |
# File 'lib/octocatalog-diff/catalog-util/builddir.rb', line 126 def install_routes_yaml(logger) routes_yaml = File.join(@tempdir, 'routes.yaml') routes_hash = { 'master' => { 'facts' => { 'terminus' => @facts_terminus, 'cache' => 'yaml' }, 'catalog' => { 'cache' => 'json' } } } File.open(routes_yaml, 'w') { |f| f.write(routes_hash.to_yaml) } logger.debug("Installed routes.yaml file at #{routes_yaml}") end |
#install_ssl(logger, options) ⇒ Object
Install SSL certificate authority certificate, client key, and client certificate into the expected locations within Puppet’s SSL directory. Note that if the client key has a password, this will write the key (without password) onto disk, because Puppet doesn’t support unlocking the private key.
258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 |
# File 'lib/octocatalog-diff/catalog-util/builddir.rb', line 258 def install_ssl(logger, ) return unless [:puppetdb_ssl_client_cert] || [:puppetdb_ssl_client_key] || [:puppetdb_ssl_ca] # Create directory structure expected by Puppet %w(var/ssl/certs var/ssl/private var/ssl/private_keys).each do |dir| Dir.mkdir(File.join(@tempdir, dir)) FileUtils.chmod 0o700, File.join(@tempdir, dir) end # SSL client auth requested? if [:puppetdb_ssl_client_cert] || [:puppetdb_ssl_client_key] raise ArgumentError, '--puppetdb-ssl-ca must be provided for client auth' unless [:puppetdb_ssl_ca] raise ArgumentError, '--puppetdb-ssl-client-cert must be provided' unless [:puppetdb_ssl_client_cert] raise ArgumentError, '--puppetdb-ssl-client-key must be provided' unless [:puppetdb_ssl_client_key] install_ssl_client(logger, ) end # SSL CA provided? install_ssl_ca(logger, ) if [:puppetdb_ssl_ca] # SSL CRL provided? install_ssl_crl(logger, ) if [:puppetdb_ssl_crl] end |