From 9fdfeb6df0b46d721f1572cb457a4b5868179c58 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Fri, 22 Sep 2023 09:51:30 -0400 Subject: [PATCH 01/48] add no check certificate to deal with wget error --- manifests/fetch.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/fetch.pp b/manifests/fetch.pp index 4eb397c..429fe9b 100644 --- a/manifests/fetch.pp +++ b/manifests/fetch.pp @@ -38,7 +38,7 @@ $curl_url = "${source}/${newsource}" } - $wget_command = "wget -O ${newsource} \'${wget_url}\'" + $wget_command = "wget --no-check-certificate -O ${newsource} \'${wget_url}\'" notify { 'wget_command': message => $wget_command From 00ed6e9286e79f73b8f7c002b20eae4d430c0124 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Fri, 22 Sep 2023 12:18:22 -0400 Subject: [PATCH 02/48] bump version --- CHANGELOG.md | 6 + Gemfile.lock | 419 ++++++++++++++++++++++++++++++++ Modulefile | 2 +- bin/metadata-json-lint | 29 +++ bin/puppet | 29 +++ bin/puppet-lint | 29 +++ bin/rake | 29 +++ bin/rspec | 29 +++ bin/rubocop | 29 +++ metadata.json | 2 +- spec/fixtures/manifests/site.pp | 0 spec/fixtures/modules/splunk | 1 + spec/fixtures/modules/stdlib | 1 + 13 files changed, 603 insertions(+), 2 deletions(-) create mode 100644 Gemfile.lock create mode 100755 bin/metadata-json-lint create mode 100755 bin/puppet create mode 100755 bin/puppet-lint create mode 100755 bin/rake create mode 100755 bin/rspec create mode 100755 bin/rubocop create mode 100644 spec/fixtures/manifests/site.pp create mode 120000 spec/fixtures/modules/splunk create mode 160000 spec/fixtures/modules/stdlib diff --git a/CHANGELOG.md b/CHANGELOG.md index 3a13af4..f9d7e57 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [v2.1.8] - 2023-09-22 + +### Fixed + +- added insecure flags to wget to deal with weak cert on downloads.splunk.com + ## [v2.1.7] - 2023-07-20 ### Fixed diff --git a/Gemfile.lock b/Gemfile.lock new file mode 100644 index 0000000..b920002 --- /dev/null +++ b/Gemfile.lock @@ -0,0 +1,419 @@ +GEM + remote: https://rubygems.org/ + specs: + CFPropertyList (2.3.6) + activesupport (5.2.4.2) + concurrent-ruby (~> 1.0, >= 1.0.2) + i18n (>= 0.7, < 2) + minitest (~> 5.1) + tzinfo (~> 1.1) + addressable (2.7.0) + public_suffix (>= 2.0.2, < 5.0) + ansi (1.5.0) + ast (2.4.0) + awesome_print (1.8.0) + aws-eventstream (1.1.0) + aws-partitions (1.313.0) + aws-sdk-core (3.95.0) + aws-eventstream (~> 1, >= 1.0.2) + aws-partitions (~> 1, >= 1.239.0) + aws-sigv4 (~> 1.1) + jmespath (~> 1.0) + aws-sdk-ec2 (1.158.0) + aws-sdk-core (~> 3, >= 3.71.0) + aws-sigv4 (~> 1.1) + aws-sigv4 (1.1.3) + aws-eventstream (~> 1.0, >= 1.0.2) + bindata (2.4.7) + bolt (2.9.0) + CFPropertyList (~> 2.2) + addressable (~> 2.5) + aws-sdk-ec2 (~> 1) + concurrent-ruby (~> 1.0) + hiera-eyaml (~> 3) + jwt (~> 2.2) + logging (~> 2.2) + minitar (~> 0.6) + net-scp (~> 1.2) + net-ssh (>= 4.0) + net-ssh-krb (~> 0.5) + orchestrator_client (~> 0.4) + puppet (>= 6.15.0, < 7) + puppet-resource_api (>= 1.8.1) + puppet-strings (~> 2.3) + puppetfile-resolver (~> 0.1.0) + r10k (~> 3.1) + ruby_smb (~> 1.0) + terminal-table (~> 1.8) + winrm (~> 2.0) + winrm-fs (~> 1.3) + builder (3.2.4) + codecov (0.1.16) + json + simplecov + url + coderay (1.1.2) + colored2 (3.1.2) + concurrent-ruby (1.1.5) + connection_pool (2.2.2) + cri (2.15.10) + deep_merge (1.2.1) + dependency_checker (0.2.0) + parallel + puppet_forge (~> 2.2) + rake (~> 12.3) + semantic_puppet (~> 1.0) + diff-lcs (1.3) + docile (1.3.2) + docker-api (1.34.2) + excon (>= 0.47.0) + multi_json + domain_name (0.5.20190701) + unf (>= 0.0.5, < 1.0.0) + erubi (1.9.0) + excon (0.73.0) + facter (4.0.20) + hocon (~> 1.3) + thor (>= 1.0.1, < 2.0) + facterdb (1.2.0) + facter + jgrep + faraday (0.17.3) + multipart-post (>= 1.2, < 3) + faraday_middleware (0.14.0) + faraday (>= 0.7.4, < 1.0) + fast_gettext (1.8.0) + ffi (1.12.2) + ffi-compiler (1.0.1) + ffi (>= 1.0.0) + rake + gettext (3.2.9) + locale (>= 2.0.5) + text (>= 1.3.0) + gettext-setup (0.34) + fast_gettext (~> 1.1.0) + gettext (>= 3.0.2, < 3.3.0) + locale + gssapi (1.3.0) + ffi (>= 1.0.1) + gyoku (1.3.1) + builder (>= 2.1.2) + hiera (3.6.0) + hiera-eyaml (3.2.0) + highline (~> 1.6.19) + optimist + hiera-puppet (1.0.0rc3) + hiera (>= 1.0.0rc) + highline (1.6.21) + hirb (0.7.3) + hocon (1.3.0) + honeycomb-beeline (2.0.0) + libhoney (~> 1.14, >= 1.14.2) + http (4.4.1) + addressable (~> 2.3) + http-cookie (~> 1.0) + http-form_data (~> 2.2) + http-parser (~> 1.2.0) + http-accept (1.7.0) + http-cookie (1.0.3) + domain_name (~> 0.5) + http-form_data (2.3.0) + http-parser (1.2.1) + ffi-compiler (>= 1.0, < 2.0) + httpclient (2.8.3) + i18n (1.8.2) + concurrent-ruby (~> 1.0) + jgrep (1.5.2) + jmespath (1.4.0) + json (2.1.0) + json-schema (2.8.1) + addressable (>= 2.4) + jwt (2.2.1) + libhoney (1.14.4) + addressable (~> 2.0) + http (>= 2.0, < 5.0) + little-plugger (1.1.4) + locale (2.1.3) + log4r (1.1.10) + logging (2.2.2) + little-plugger (~> 1.1) + multi_json (~> 1.10) + metaclass (0.0.4) + metadata-json-lint (2.3.0) + json-schema (~> 2.8) + spdx-licenses (~> 1.0) + method_source (0.8.2) + mime-types (3.3.1) + mime-types-data (~> 3.2015) + mime-types-data (3.2020.0425) + minitar (0.9) + minitest (5.14.0) + mocha (1.1.0) + metaclass (~> 0.0.1) + molinillo (0.6.6) + multi_json (1.14.1) + multipart-post (2.1.1) + net-http-persistent (4.0.0) + connection_pool (~> 2.2) + net-scp (1.2.1) + net-ssh (>= 2.6.5) + net-ssh (6.0.2) + net-ssh-krb (0.5.1) + gssapi (~> 1.3.0) + net-ssh (>= 2.0) + net-telnet (0.1.1) + netrc (0.11.0) + nori (2.6.0) + optimist (3.0.1) + orchestrator_client (0.4.3) + faraday + net-http-persistent + parallel (1.19.1) + parallel_tests (2.14.2) + parallel + parser (2.5.1.2) + ast (~> 2.4.0) + pathspec (0.2.1) + pluginator (1.5.0) + powerpack (0.1.2) + pry (0.10.4) + coderay (~> 1.1.0) + method_source (~> 0.8.1) + slop (~> 3.4) + public_suffix (4.0.5) + puppet (6.15.0) + concurrent-ruby (~> 1.0) + deep_merge (~> 1.0) + facter (> 2.0.1, < 5) + fast_gettext (~> 1.1) + hiera (>= 3.2.1, < 4) + httpclient (~> 2.8) + locale (~> 2.1) + multi_json (~> 1.10) + puppet-resource_api (~> 1.5) + semantic_puppet (~> 1.0) + puppet-blacksmith (6.0.0) + puppet-modulebuilder (~> 0.1) + rest-client (~> 2.0) + puppet-debugger (0.18.0) + awesome_print (~> 1.7) + bundler + facterdb (>= 0.4.0) + pluginator (~> 1.5.0) + puppet (>= 3.8) + rb-readline (>= 0.5.5) + table_print (>= 1.0.0) + puppet-lint (2.4.2) + puppet-module-posix-default-r2.5 (0.4.4) + puppet-module-posix-dev-r2.5 (0.4.4) + activesupport (>= 5.0.0, < 6.0.0) + codecov (~> 0.1.10) + concurrent-ruby (!= 1.1.6) + dependency_checker (~> 0.2) + facterdb (>= 0.8.1, < 2.0.0) + gettext-setup (~> 0.26) + metadata-json-lint (>= 2.0.2, < 3.0.0) + mocha (>= 1.0.0, < 1.2.0) + parallel_tests (>= 2.14.1, < 2.14.3) + parser (~> 2.5.1.2) + pry (~> 0.10.4) + puppet-blacksmith (>= 3.4.0) + puppet-debugger (~> 0.14) + puppet-lint (>= 2.3.0, < 3.0.0) + puppet-resource_api (~> 1.6) + puppet-strings (~> 2.0) + puppet-syntax (>= 2.4.1, < 3.0.0) + puppet_litmus (>= 0.4.0, < 1.0.0) + puppet_pot_generator (~> 1.0) + puppetlabs_spec_helper (>= 2.9.0, < 3.0.0) + rainbow (~> 2.0) + rspec-puppet (>= 2.3.2, < 3.0.0) + rspec-puppet-facts (~> 1.10.0) + rspec_junit_formatter (~> 0.2) + rubocop (~> 0.49.0) + rubocop-i18n (~> 1.2.0) + rubocop-rspec (~> 1.16.0) + serverspec (~> 2.41) + simplecov (>= 0.14.1, < 1.0.0) + simplecov-console (~> 0.4.2) + specinfra (= 2.82.2) + puppet-modulebuilder (0.2.0) + minitar (~> 0.6) + pathspec (~> 0.2.1) + puppet-resource_api (1.8.13) + hocon (>= 1.0) + puppet-strings (2.4.0) + rgen + yard (~> 0.9.5) + puppet-syntax (2.6.1) + puppet (>= 5) + rake + puppet_forge (2.3.4) + faraday (>= 0.9.0, < 0.18.0, != 0.13.1) + faraday_middleware (>= 0.9.0, < 0.15.0) + gettext-setup (~> 0.11) + minitar + semantic_puppet (~> 1.0) + puppet_litmus (0.18.1) + bolt (>= 2.0.1, < 3.0.0) + docker-api (>= 1.34, < 2.0.0) + honeycomb-beeline + parallel + puppet-modulebuilder (~> 0.1) + rspec + rspec_honeycomb_formatter + tty-spinner (>= 0.5.0, < 1.0.0) + puppet_pot_generator (1.0.1) + puppet + puppetfile-resolver (0.1.0) + molinillo (~> 0.6) + semantic_puppet (~> 1.0) + puppetlabs_spec_helper (2.14.1) + mocha (~> 1.0) + pathspec (~> 0.2.1) + puppet-lint (~> 2.0) + puppet-syntax (~> 2.0) + rspec-puppet (~> 2.0) + r10k (3.5.0) + colored2 (= 3.1.2) + cri (>= 2.15.10, < 3.0.0) + fast_gettext (~> 1.1.0) + gettext (>= 3.0.2, < 3.3.0) + gettext-setup (~> 0.24) + log4r (= 1.1.10) + multi_json (~> 1.10) + puppet_forge (~> 2.3.0) + rainbow (2.2.2) + rake + rake (12.3.3) + rb-readline (0.5.5) + rest-client (2.1.0) + http-accept (>= 1.7.0, < 2.0) + http-cookie (>= 1.0.2, < 2.0) + mime-types (>= 1.16, < 4.0) + netrc (~> 0.8) + rgen (0.8.2) + rspec (3.9.0) + rspec-core (~> 3.9.0) + rspec-expectations (~> 3.9.0) + rspec-mocks (~> 3.9.0) + rspec-core (3.9.2) + rspec-support (~> 3.9.3) + rspec-expectations (3.9.2) + diff-lcs (>= 1.2.0, < 2.0) + rspec-support (~> 3.9.0) + rspec-hiera-puppet (0.3.0) + hiera (>= 0.3) + hiera-puppet (>= 0.3) + puppet (>= 2.7) + rspec + rspec-puppet + rspec-its (1.3.0) + rspec-core (>= 3.0.0) + rspec-expectations (>= 3.0.0) + rspec-mocks (3.9.1) + diff-lcs (>= 1.2.0, < 2.0) + rspec-support (~> 3.9.0) + rspec-puppet (2.7.8) + rspec + rspec-puppet-facts (1.10.0) + facter + facterdb (>= 0.5.0) + json + puppet + rspec-support (3.9.3) + rspec_honeycomb_formatter (0.2.1) + honeycomb-beeline + rspec-core (~> 3.0) + rspec_junit_formatter (0.4.1) + rspec-core (>= 2, < 4, != 2.12.0) + rubocop (0.49.1) + parallel (~> 1.10) + parser (>= 2.3.3.1, < 3.0) + powerpack (~> 0.1) + rainbow (>= 1.99.1, < 3.0) + ruby-progressbar (~> 1.7) + unicode-display_width (~> 1.0, >= 1.0.1) + rubocop-i18n (1.2.0) + rubocop (~> 0.49.0) + rubocop-rspec (1.16.0) + rubocop (>= 0.49.0) + ruby-progressbar (1.10.1) + ruby_smb (1.1.0) + bindata + rubyntlm + windows_error + rubyntlm (0.6.2) + rubyzip (2.3.0) + semantic_puppet (1.0.2) + serverspec (2.41.5) + multi_json + rspec (~> 3.0) + rspec-its + specinfra (~> 2.72) + sfl (2.3) + simplecov (0.18.5) + docile (~> 1.1) + simplecov-html (~> 0.11) + simplecov-console (0.4.2) + ansi + hirb + simplecov + simplecov-html (0.12.2) + slop (3.6.0) + spdx-licenses (1.2.0) + specinfra (2.82.2) + net-scp + net-ssh (>= 2.7) + net-telnet (= 0.1.1) + sfl + table_print (1.5.6) + terminal-table (1.8.0) + unicode-display_width (~> 1.1, >= 1.1.1) + text (1.3.1) + thor (1.0.1) + thread_safe (0.3.6) + tty-cursor (0.7.1) + tty-spinner (0.9.3) + tty-cursor (~> 0.7) + tzinfo (1.2.7) + thread_safe (~> 0.1) + unf (0.1.4) + unf_ext + unf_ext (0.0.7.7) + unicode-display_width (1.7.0) + url (0.3.2) + windows_error (0.1.2) + winrm (2.3.4) + builder (>= 2.1.2) + erubi (~> 1.8) + gssapi (~> 1.2) + gyoku (~> 1.0) + httpclient (~> 2.2, >= 2.2.0.2) + logging (>= 1.6.1, < 3.0) + nori (~> 2.0) + rubyntlm (~> 0.6.0, >= 0.6.1) + winrm-fs (1.3.4) + erubi (~> 1.8) + logging (>= 1.6.1, < 3.0) + rubyzip (~> 2.0) + winrm (~> 2.0) + yard (0.9.25) + +PLATFORMS + ruby + +DEPENDENCIES + fast_gettext + hiera-eyaml + json (= 2.1.0) + puppet (= 6.15.0) + puppet-module-posix-default-r2.5 (~> 0.3) + puppet-module-posix-dev-r2.5 (~> 0.3) + puppet-module-win-default-r2.5 (~> 0.3) + puppet-module-win-dev-r2.5 (~> 0.3) + rb-readline (= 0.5.5) + rspec-hiera-puppet + +BUNDLED WITH + 1.17.2 diff --git a/Modulefile b/Modulefile index 0def8f7..4b017b6 100644 --- a/Modulefile +++ b/Modulefile @@ -1,5 +1,5 @@ name 'cudgel/splunk' -version '2.1.7' +version '2.1.8' source 'https://github.com/cudgel/splunk' author 'cudgel' license 'Apache License, Version 2.0' diff --git a/bin/metadata-json-lint b/bin/metadata-json-lint new file mode 100755 index 0000000..b8deed2 --- /dev/null +++ b/bin/metadata-json-lint @@ -0,0 +1,29 @@ +#!/usr/bin/env ruby +# frozen_string_literal: true + +# +# This file was generated by Bundler. +# +# The application 'metadata-json-lint' is installed as part of a gem, and +# this file is here to facilitate running it. +# + +require "pathname" +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile", + Pathname.new(__FILE__).realpath) + +bundle_binstub = File.expand_path("../bundle", __FILE__) + +if File.file?(bundle_binstub) + if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/ + load(bundle_binstub) + else + abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run. +Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.") + end +end + +require "rubygems" +require "bundler/setup" + +load Gem.bin_path("metadata-json-lint", "metadata-json-lint") diff --git a/bin/puppet b/bin/puppet new file mode 100755 index 0000000..f88843f --- /dev/null +++ b/bin/puppet @@ -0,0 +1,29 @@ +#!/usr/bin/env ruby +# frozen_string_literal: true + +# +# This file was generated by Bundler. +# +# The application 'puppet' is installed as part of a gem, and +# this file is here to facilitate running it. +# + +require "pathname" +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile", + Pathname.new(__FILE__).realpath) + +bundle_binstub = File.expand_path("../bundle", __FILE__) + +if File.file?(bundle_binstub) + if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/ + load(bundle_binstub) + else + abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run. +Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.") + end +end + +require "rubygems" +require "bundler/setup" + +load Gem.bin_path("puppet", "puppet") diff --git a/bin/puppet-lint b/bin/puppet-lint new file mode 100755 index 0000000..ca4e467 --- /dev/null +++ b/bin/puppet-lint @@ -0,0 +1,29 @@ +#!/usr/bin/env ruby +# frozen_string_literal: true + +# +# This file was generated by Bundler. +# +# The application 'puppet-lint' is installed as part of a gem, and +# this file is here to facilitate running it. +# + +require "pathname" +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile", + Pathname.new(__FILE__).realpath) + +bundle_binstub = File.expand_path("../bundle", __FILE__) + +if File.file?(bundle_binstub) + if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/ + load(bundle_binstub) + else + abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run. +Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.") + end +end + +require "rubygems" +require "bundler/setup" + +load Gem.bin_path("puppet-lint", "puppet-lint") diff --git a/bin/rake b/bin/rake new file mode 100755 index 0000000..9275675 --- /dev/null +++ b/bin/rake @@ -0,0 +1,29 @@ +#!/usr/bin/env ruby +# frozen_string_literal: true + +# +# This file was generated by Bundler. +# +# The application 'rake' is installed as part of a gem, and +# this file is here to facilitate running it. +# + +require "pathname" +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile", + Pathname.new(__FILE__).realpath) + +bundle_binstub = File.expand_path("../bundle", __FILE__) + +if File.file?(bundle_binstub) + if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/ + load(bundle_binstub) + else + abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run. +Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.") + end +end + +require "rubygems" +require "bundler/setup" + +load Gem.bin_path("rake", "rake") diff --git a/bin/rspec b/bin/rspec new file mode 100755 index 0000000..a6c7852 --- /dev/null +++ b/bin/rspec @@ -0,0 +1,29 @@ +#!/usr/bin/env ruby +# frozen_string_literal: true + +# +# This file was generated by Bundler. +# +# The application 'rspec' is installed as part of a gem, and +# this file is here to facilitate running it. +# + +require "pathname" +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile", + Pathname.new(__FILE__).realpath) + +bundle_binstub = File.expand_path("../bundle", __FILE__) + +if File.file?(bundle_binstub) + if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/ + load(bundle_binstub) + else + abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run. +Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.") + end +end + +require "rubygems" +require "bundler/setup" + +load Gem.bin_path("rspec-core", "rspec") diff --git a/bin/rubocop b/bin/rubocop new file mode 100755 index 0000000..d0c4882 --- /dev/null +++ b/bin/rubocop @@ -0,0 +1,29 @@ +#!/usr/bin/env ruby +# frozen_string_literal: true + +# +# This file was generated by Bundler. +# +# The application 'rubocop' is installed as part of a gem, and +# this file is here to facilitate running it. +# + +require "pathname" +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile", + Pathname.new(__FILE__).realpath) + +bundle_binstub = File.expand_path("../bundle", __FILE__) + +if File.file?(bundle_binstub) + if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/ + load(bundle_binstub) + else + abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run. +Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.") + end +end + +require "rubygems" +require "bundler/setup" + +load Gem.bin_path("rubocop", "rubocop") diff --git a/metadata.json b/metadata.json index c344d53..091c070 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "cudgel-splunk", - "version": "2.1.7", + "version": "2.1.8", "author": "Christopher Caldwell", "summary": "Deploy and manage stand-alone or distributed Splunk architectures.", "license": "Apache-2.0", diff --git a/spec/fixtures/manifests/site.pp b/spec/fixtures/manifests/site.pp new file mode 100644 index 0000000..e69de29 diff --git a/spec/fixtures/modules/splunk b/spec/fixtures/modules/splunk new file mode 120000 index 0000000..9dfb6f7 --- /dev/null +++ b/spec/fixtures/modules/splunk @@ -0,0 +1 @@ +/Users/cudgel/projects/splunk/module \ No newline at end of file diff --git a/spec/fixtures/modules/stdlib b/spec/fixtures/modules/stdlib new file mode 160000 index 0000000..139f6e9 --- /dev/null +++ b/spec/fixtures/modules/stdlib @@ -0,0 +1 @@ +Subproject commit 139f6e9e419b2a778be16be8a1c75fddd89a3de3 From 33e5823f27b43bff484ce540240c0ab1119ced88 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Fri, 22 Sep 2023 13:27:15 -0400 Subject: [PATCH 03/48] pdk update --- .rubocop.yml | 4 +--- .travis.yml | 12 ++++++++++-- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 4b380d1..bab25db 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -20,7 +20,7 @@ AllCops: - "**/Guardfile" Metrics/LineLength: Description: People have wide screens, use them. - Max: 240 + Max: 200 GetText: Enabled: false GetText/DecorateString: @@ -87,8 +87,6 @@ Style/CollectionMethods: Enabled: true Style/MethodCalledOnDoEndBlock: Enabled: true -Style/StringLiterals: - Enabled: false Style/StringMethods: Enabled: true GetText/DecorateFunctionMessage: diff --git a/.travis.yml b/.travis.yml index 67e870d..ed27d4d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -4,11 +4,15 @@ language: ruby cache: bundler before_install: - bundle -v + - rm -f Gemfile.lock + - gem update --system $RUBYGEMS_VERSION + - gem --version + - bundle -v script: - 'bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - - 2.5.7 + - 2.5.3 stages: - static - spec @@ -22,9 +26,13 @@ matrix: - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static + - + env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec + rvm: 2.4.5 + stage: spec - env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec - rvm: 2.5.7 + rvm: 2.5.3 stage: spec - env: DEPLOY_TO_FORGE=yes From 3147c428a619995b8636a02ab0a25c7e714c5a90 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Fri, 22 Sep 2023 13:34:51 -0400 Subject: [PATCH 04/48] revert changes --- .rubocop.yml | 4 +++- .travis.yml | 12 ++---------- 2 files changed, 5 insertions(+), 11 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index bab25db..4b380d1 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -20,7 +20,7 @@ AllCops: - "**/Guardfile" Metrics/LineLength: Description: People have wide screens, use them. - Max: 200 + Max: 240 GetText: Enabled: false GetText/DecorateString: @@ -87,6 +87,8 @@ Style/CollectionMethods: Enabled: true Style/MethodCalledOnDoEndBlock: Enabled: true +Style/StringLiterals: + Enabled: false Style/StringMethods: Enabled: true GetText/DecorateFunctionMessage: diff --git a/.travis.yml b/.travis.yml index ed27d4d..67e870d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -4,15 +4,11 @@ language: ruby cache: bundler before_install: - bundle -v - - rm -f Gemfile.lock - - gem update --system $RUBYGEMS_VERSION - - gem --version - - bundle -v script: - 'bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - - 2.5.3 + - 2.5.7 stages: - static - spec @@ -26,13 +22,9 @@ matrix: - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static - - - env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec - rvm: 2.4.5 - stage: spec - env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec - rvm: 2.5.3 + rvm: 2.5.7 stage: spec - env: DEPLOY_TO_FORGE=yes From 0b9500ec8833bdb4571db41a8f2f1894fb071804 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Fri, 22 Sep 2023 14:22:16 -0400 Subject: [PATCH 05/48] remove lock --- Gemfile.lock | 419 --------------------------------------------------- 1 file changed, 419 deletions(-) delete mode 100644 Gemfile.lock diff --git a/Gemfile.lock b/Gemfile.lock deleted file mode 100644 index b920002..0000000 --- a/Gemfile.lock +++ /dev/null @@ -1,419 +0,0 @@ -GEM - remote: https://rubygems.org/ - specs: - CFPropertyList (2.3.6) - activesupport (5.2.4.2) - concurrent-ruby (~> 1.0, >= 1.0.2) - i18n (>= 0.7, < 2) - minitest (~> 5.1) - tzinfo (~> 1.1) - addressable (2.7.0) - public_suffix (>= 2.0.2, < 5.0) - ansi (1.5.0) - ast (2.4.0) - awesome_print (1.8.0) - aws-eventstream (1.1.0) - aws-partitions (1.313.0) - aws-sdk-core (3.95.0) - aws-eventstream (~> 1, >= 1.0.2) - aws-partitions (~> 1, >= 1.239.0) - aws-sigv4 (~> 1.1) - jmespath (~> 1.0) - aws-sdk-ec2 (1.158.0) - aws-sdk-core (~> 3, >= 3.71.0) - aws-sigv4 (~> 1.1) - aws-sigv4 (1.1.3) - aws-eventstream (~> 1.0, >= 1.0.2) - bindata (2.4.7) - bolt (2.9.0) - CFPropertyList (~> 2.2) - addressable (~> 2.5) - aws-sdk-ec2 (~> 1) - concurrent-ruby (~> 1.0) - hiera-eyaml (~> 3) - jwt (~> 2.2) - logging (~> 2.2) - minitar (~> 0.6) - net-scp (~> 1.2) - net-ssh (>= 4.0) - net-ssh-krb (~> 0.5) - orchestrator_client (~> 0.4) - puppet (>= 6.15.0, < 7) - puppet-resource_api (>= 1.8.1) - puppet-strings (~> 2.3) - puppetfile-resolver (~> 0.1.0) - r10k (~> 3.1) - ruby_smb (~> 1.0) - terminal-table (~> 1.8) - winrm (~> 2.0) - winrm-fs (~> 1.3) - builder (3.2.4) - codecov (0.1.16) - json - simplecov - url - coderay (1.1.2) - colored2 (3.1.2) - concurrent-ruby (1.1.5) - connection_pool (2.2.2) - cri (2.15.10) - deep_merge (1.2.1) - dependency_checker (0.2.0) - parallel - puppet_forge (~> 2.2) - rake (~> 12.3) - semantic_puppet (~> 1.0) - diff-lcs (1.3) - docile (1.3.2) - docker-api (1.34.2) - excon (>= 0.47.0) - multi_json - domain_name (0.5.20190701) - unf (>= 0.0.5, < 1.0.0) - erubi (1.9.0) - excon (0.73.0) - facter (4.0.20) - hocon (~> 1.3) - thor (>= 1.0.1, < 2.0) - facterdb (1.2.0) - facter - jgrep - faraday (0.17.3) - multipart-post (>= 1.2, < 3) - faraday_middleware (0.14.0) - faraday (>= 0.7.4, < 1.0) - fast_gettext (1.8.0) - ffi (1.12.2) - ffi-compiler (1.0.1) - ffi (>= 1.0.0) - rake - gettext (3.2.9) - locale (>= 2.0.5) - text (>= 1.3.0) - gettext-setup (0.34) - fast_gettext (~> 1.1.0) - gettext (>= 3.0.2, < 3.3.0) - locale - gssapi (1.3.0) - ffi (>= 1.0.1) - gyoku (1.3.1) - builder (>= 2.1.2) - hiera (3.6.0) - hiera-eyaml (3.2.0) - highline (~> 1.6.19) - optimist - hiera-puppet (1.0.0rc3) - hiera (>= 1.0.0rc) - highline (1.6.21) - hirb (0.7.3) - hocon (1.3.0) - honeycomb-beeline (2.0.0) - libhoney (~> 1.14, >= 1.14.2) - http (4.4.1) - addressable (~> 2.3) - http-cookie (~> 1.0) - http-form_data (~> 2.2) - http-parser (~> 1.2.0) - http-accept (1.7.0) - http-cookie (1.0.3) - domain_name (~> 0.5) - http-form_data (2.3.0) - http-parser (1.2.1) - ffi-compiler (>= 1.0, < 2.0) - httpclient (2.8.3) - i18n (1.8.2) - concurrent-ruby (~> 1.0) - jgrep (1.5.2) - jmespath (1.4.0) - json (2.1.0) - json-schema (2.8.1) - addressable (>= 2.4) - jwt (2.2.1) - libhoney (1.14.4) - addressable (~> 2.0) - http (>= 2.0, < 5.0) - little-plugger (1.1.4) - locale (2.1.3) - log4r (1.1.10) - logging (2.2.2) - little-plugger (~> 1.1) - multi_json (~> 1.10) - metaclass (0.0.4) - metadata-json-lint (2.3.0) - json-schema (~> 2.8) - spdx-licenses (~> 1.0) - method_source (0.8.2) - mime-types (3.3.1) - mime-types-data (~> 3.2015) - mime-types-data (3.2020.0425) - minitar (0.9) - minitest (5.14.0) - mocha (1.1.0) - metaclass (~> 0.0.1) - molinillo (0.6.6) - multi_json (1.14.1) - multipart-post (2.1.1) - net-http-persistent (4.0.0) - connection_pool (~> 2.2) - net-scp (1.2.1) - net-ssh (>= 2.6.5) - net-ssh (6.0.2) - net-ssh-krb (0.5.1) - gssapi (~> 1.3.0) - net-ssh (>= 2.0) - net-telnet (0.1.1) - netrc (0.11.0) - nori (2.6.0) - optimist (3.0.1) - orchestrator_client (0.4.3) - faraday - net-http-persistent - parallel (1.19.1) - parallel_tests (2.14.2) - parallel - parser (2.5.1.2) - ast (~> 2.4.0) - pathspec (0.2.1) - pluginator (1.5.0) - powerpack (0.1.2) - pry (0.10.4) - coderay (~> 1.1.0) - method_source (~> 0.8.1) - slop (~> 3.4) - public_suffix (4.0.5) - puppet (6.15.0) - concurrent-ruby (~> 1.0) - deep_merge (~> 1.0) - facter (> 2.0.1, < 5) - fast_gettext (~> 1.1) - hiera (>= 3.2.1, < 4) - httpclient (~> 2.8) - locale (~> 2.1) - multi_json (~> 1.10) - puppet-resource_api (~> 1.5) - semantic_puppet (~> 1.0) - puppet-blacksmith (6.0.0) - puppet-modulebuilder (~> 0.1) - rest-client (~> 2.0) - puppet-debugger (0.18.0) - awesome_print (~> 1.7) - bundler - facterdb (>= 0.4.0) - pluginator (~> 1.5.0) - puppet (>= 3.8) - rb-readline (>= 0.5.5) - table_print (>= 1.0.0) - puppet-lint (2.4.2) - puppet-module-posix-default-r2.5 (0.4.4) - puppet-module-posix-dev-r2.5 (0.4.4) - activesupport (>= 5.0.0, < 6.0.0) - codecov (~> 0.1.10) - concurrent-ruby (!= 1.1.6) - dependency_checker (~> 0.2) - facterdb (>= 0.8.1, < 2.0.0) - gettext-setup (~> 0.26) - metadata-json-lint (>= 2.0.2, < 3.0.0) - mocha (>= 1.0.0, < 1.2.0) - parallel_tests (>= 2.14.1, < 2.14.3) - parser (~> 2.5.1.2) - pry (~> 0.10.4) - puppet-blacksmith (>= 3.4.0) - puppet-debugger (~> 0.14) - puppet-lint (>= 2.3.0, < 3.0.0) - puppet-resource_api (~> 1.6) - puppet-strings (~> 2.0) - puppet-syntax (>= 2.4.1, < 3.0.0) - puppet_litmus (>= 0.4.0, < 1.0.0) - puppet_pot_generator (~> 1.0) - puppetlabs_spec_helper (>= 2.9.0, < 3.0.0) - rainbow (~> 2.0) - rspec-puppet (>= 2.3.2, < 3.0.0) - rspec-puppet-facts (~> 1.10.0) - rspec_junit_formatter (~> 0.2) - rubocop (~> 0.49.0) - rubocop-i18n (~> 1.2.0) - rubocop-rspec (~> 1.16.0) - serverspec (~> 2.41) - simplecov (>= 0.14.1, < 1.0.0) - simplecov-console (~> 0.4.2) - specinfra (= 2.82.2) - puppet-modulebuilder (0.2.0) - minitar (~> 0.6) - pathspec (~> 0.2.1) - puppet-resource_api (1.8.13) - hocon (>= 1.0) - puppet-strings (2.4.0) - rgen - yard (~> 0.9.5) - puppet-syntax (2.6.1) - puppet (>= 5) - rake - puppet_forge (2.3.4) - faraday (>= 0.9.0, < 0.18.0, != 0.13.1) - faraday_middleware (>= 0.9.0, < 0.15.0) - gettext-setup (~> 0.11) - minitar - semantic_puppet (~> 1.0) - puppet_litmus (0.18.1) - bolt (>= 2.0.1, < 3.0.0) - docker-api (>= 1.34, < 2.0.0) - honeycomb-beeline - parallel - puppet-modulebuilder (~> 0.1) - rspec - rspec_honeycomb_formatter - tty-spinner (>= 0.5.0, < 1.0.0) - puppet_pot_generator (1.0.1) - puppet - puppetfile-resolver (0.1.0) - molinillo (~> 0.6) - semantic_puppet (~> 1.0) - puppetlabs_spec_helper (2.14.1) - mocha (~> 1.0) - pathspec (~> 0.2.1) - puppet-lint (~> 2.0) - puppet-syntax (~> 2.0) - rspec-puppet (~> 2.0) - r10k (3.5.0) - colored2 (= 3.1.2) - cri (>= 2.15.10, < 3.0.0) - fast_gettext (~> 1.1.0) - gettext (>= 3.0.2, < 3.3.0) - gettext-setup (~> 0.24) - log4r (= 1.1.10) - multi_json (~> 1.10) - puppet_forge (~> 2.3.0) - rainbow (2.2.2) - rake - rake (12.3.3) - rb-readline (0.5.5) - rest-client (2.1.0) - http-accept (>= 1.7.0, < 2.0) - http-cookie (>= 1.0.2, < 2.0) - mime-types (>= 1.16, < 4.0) - netrc (~> 0.8) - rgen (0.8.2) - rspec (3.9.0) - rspec-core (~> 3.9.0) - rspec-expectations (~> 3.9.0) - rspec-mocks (~> 3.9.0) - rspec-core (3.9.2) - rspec-support (~> 3.9.3) - rspec-expectations (3.9.2) - diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.9.0) - rspec-hiera-puppet (0.3.0) - hiera (>= 0.3) - hiera-puppet (>= 0.3) - puppet (>= 2.7) - rspec - rspec-puppet - rspec-its (1.3.0) - rspec-core (>= 3.0.0) - rspec-expectations (>= 3.0.0) - rspec-mocks (3.9.1) - diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.9.0) - rspec-puppet (2.7.8) - rspec - rspec-puppet-facts (1.10.0) - facter - facterdb (>= 0.5.0) - json - puppet - rspec-support (3.9.3) - rspec_honeycomb_formatter (0.2.1) - honeycomb-beeline - rspec-core (~> 3.0) - rspec_junit_formatter (0.4.1) - rspec-core (>= 2, < 4, != 2.12.0) - rubocop (0.49.1) - parallel (~> 1.10) - parser (>= 2.3.3.1, < 3.0) - powerpack (~> 0.1) - rainbow (>= 1.99.1, < 3.0) - ruby-progressbar (~> 1.7) - unicode-display_width (~> 1.0, >= 1.0.1) - rubocop-i18n (1.2.0) - rubocop (~> 0.49.0) - rubocop-rspec (1.16.0) - rubocop (>= 0.49.0) - ruby-progressbar (1.10.1) - ruby_smb (1.1.0) - bindata - rubyntlm - windows_error - rubyntlm (0.6.2) - rubyzip (2.3.0) - semantic_puppet (1.0.2) - serverspec (2.41.5) - multi_json - rspec (~> 3.0) - rspec-its - specinfra (~> 2.72) - sfl (2.3) - simplecov (0.18.5) - docile (~> 1.1) - simplecov-html (~> 0.11) - simplecov-console (0.4.2) - ansi - hirb - simplecov - simplecov-html (0.12.2) - slop (3.6.0) - spdx-licenses (1.2.0) - specinfra (2.82.2) - net-scp - net-ssh (>= 2.7) - net-telnet (= 0.1.1) - sfl - table_print (1.5.6) - terminal-table (1.8.0) - unicode-display_width (~> 1.1, >= 1.1.1) - text (1.3.1) - thor (1.0.1) - thread_safe (0.3.6) - tty-cursor (0.7.1) - tty-spinner (0.9.3) - tty-cursor (~> 0.7) - tzinfo (1.2.7) - thread_safe (~> 0.1) - unf (0.1.4) - unf_ext - unf_ext (0.0.7.7) - unicode-display_width (1.7.0) - url (0.3.2) - windows_error (0.1.2) - winrm (2.3.4) - builder (>= 2.1.2) - erubi (~> 1.8) - gssapi (~> 1.2) - gyoku (~> 1.0) - httpclient (~> 2.2, >= 2.2.0.2) - logging (>= 1.6.1, < 3.0) - nori (~> 2.0) - rubyntlm (~> 0.6.0, >= 0.6.1) - winrm-fs (1.3.4) - erubi (~> 1.8) - logging (>= 1.6.1, < 3.0) - rubyzip (~> 2.0) - winrm (~> 2.0) - yard (0.9.25) - -PLATFORMS - ruby - -DEPENDENCIES - fast_gettext - hiera-eyaml - json (= 2.1.0) - puppet (= 6.15.0) - puppet-module-posix-default-r2.5 (~> 0.3) - puppet-module-posix-dev-r2.5 (~> 0.3) - puppet-module-win-default-r2.5 (~> 0.3) - puppet-module-win-dev-r2.5 (~> 0.3) - rb-readline (= 0.5.5) - rspec-hiera-puppet - -BUNDLED WITH - 1.17.2 From 8e8a257bf7daf9e189faa74c3313baeec6b01ada Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Mon, 25 Sep 2023 15:23:05 -0400 Subject: [PATCH 06/48] update ruby version in travis --- .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 67e870d..408011e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -8,7 +8,7 @@ script: - 'bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - - 2.5.7 + - 2.5.8 stages: - static - spec @@ -24,7 +24,7 @@ matrix: stage: static - env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec - rvm: 2.5.7 + rvm: 2.5.8 stage: spec - env: DEPLOY_TO_FORGE=yes From 90236845ef13f1e646cbf17d0effa419f97eab78 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Mon, 25 Sep 2023 16:03:10 -0400 Subject: [PATCH 07/48] remove stdlib --- spec/fixtures/modules/stdlib | 1 - 1 file changed, 1 deletion(-) delete mode 160000 spec/fixtures/modules/stdlib diff --git a/spec/fixtures/modules/stdlib b/spec/fixtures/modules/stdlib deleted file mode 160000 index 139f6e9..0000000 --- a/spec/fixtures/modules/stdlib +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 139f6e9e419b2a778be16be8a1c75fddd89a3de3 From b50a270ef9c8b0694e27233df533fd19333ad6cc Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Mon, 25 Sep 2023 16:18:49 -0400 Subject: [PATCH 08/48] update dist --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 408011e..b84a024 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,5 +1,5 @@ --- -dist: xenial +dist: focal language: ruby cache: bundler before_install: From 6c26e45cf6753c1647ed2d9094f03c6d42c20b38 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Tue, 26 Sep 2023 12:16:03 -0400 Subject: [PATCH 09/48] remove symlink --- spec/fixtures/modules/splunk | 1 - 1 file changed, 1 deletion(-) delete mode 120000 spec/fixtures/modules/splunk diff --git a/spec/fixtures/modules/splunk b/spec/fixtures/modules/splunk deleted file mode 120000 index 9dfb6f7..0000000 --- a/spec/fixtures/modules/splunk +++ /dev/null @@ -1 +0,0 @@ -/Users/cudgel/projects/splunk/module \ No newline at end of file From 6a7a58aff8ca9bda90a99b976c74f707efb6dd42 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 5 Oct 2023 12:19:38 -0400 Subject: [PATCH 10/48] remote host override --- Modulefile | 2 +- metadata.json | 2 +- templates/inputs.d/default_inputs.erb | 1 - 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/Modulefile b/Modulefile index 4b017b6..217847b 100644 --- a/Modulefile +++ b/Modulefile @@ -1,5 +1,5 @@ name 'cudgel/splunk' -version '2.1.8' +version '2.1.9' source 'https://github.com/cudgel/splunk' author 'cudgel' license 'Apache License, Version 2.0' diff --git a/metadata.json b/metadata.json index 091c070..3b1e222 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "cudgel-splunk", - "version": "2.1.8", + "version": "2.1.9", "author": "Christopher Caldwell", "summary": "Deploy and manage stand-alone or distributed Splunk architectures.", "license": "Apache-2.0", diff --git a/templates/inputs.d/default_inputs.erb b/templates/inputs.d/default_inputs.erb index 66374fb..a7f64d0 100644 --- a/templates/inputs.d/default_inputs.erb +++ b/templates/inputs.d/default_inputs.erb @@ -5,7 +5,6 @@ dir = scope['::splunk::dir'] type = scope['::splunk::type'] -%> [default] -host = <%= scope['::hostname'] %> <% if type =~ /forwarder/ -%> _meta = input_host::<%= scope['::hostname'] %> <% end -%> From 879d50efb6b0507312387e6739a647ffc5f955dd Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Fri, 20 Dec 2024 13:40:56 -0500 Subject: [PATCH 11/48] update fact to not rely on running state --- .pdkignore | 19 +- .rubocop.yml | 637 +++++++++++++++++++++++++++++++++++++-- .travis.yml | 14 +- Gemfile | 54 ++-- Rakefile | 86 +----- bin/rake | 8 +- bin/rspec | 8 +- lib/facter/splunk_cwd.rb | 33 +- manifests/deployment.pp | 4 + metadata.json | 6 +- module | 1 + pdk.yaml | 2 + spec/default_facts.yml | 7 +- spec/spec_helper.rb | 23 +- 14 files changed, 744 insertions(+), 158 deletions(-) create mode 120000 module create mode 100644 pdk.yaml diff --git a/.pdkignore b/.pdkignore index e6215cd..84684be 100644 --- a/.pdkignore +++ b/.pdkignore @@ -16,27 +16,36 @@ /log/ /pkg/ /spec/fixtures/manifests/ -/spec/fixtures/modules/ +/spec/fixtures/modules/* /tmp/ /vendor/ +/.vendor/ /convert_report.txt /update_report.txt .DS_Store .project .envrc /inventory.yaml -/appveyor.yml +/spec/fixtures/litmus_inventory.yaml +.resource_types +.modules +.task_cache.json +.plan_cache.json +.rerun.json +bolt-debug.log /.fixtures.yml /Gemfile /.gitattributes +/.github/ /.gitignore -/.gitlab-ci.yml /.pdkignore +/.puppet-lint.rc /Rakefile /rakelib/ /.rspec -/.rubocop.yml -/.travis.yml +/..yml /.yardopts /spec/ /.vscode/ +/.sync.yml +/.devcontainer/ diff --git a/.rubocop.yml b/.rubocop.yml index 4b380d1..21b82b9 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,12 +1,13 @@ --- require: +- rubocop-performance - rubocop-rspec -- rubocop-i18n AllCops: + NewCops: enable DisplayCopNames: true - TargetRubyVersion: '2.1' + TargetRubyVersion: '2.6' Include: - - "./**/*.rb" + - "**/*.rb" Exclude: - bin/* - ".vendor/**/*" @@ -18,16 +19,9 @@ AllCops: - "**/Puppetfile" - "**/Vagrantfile" - "**/Guardfile" -Metrics/LineLength: +Layout/LineLength: Description: People have wide screens, use them. - Max: 240 -GetText: - Enabled: false -GetText/DecorateString: - Description: We don't want to decorate test output. - Exclude: - - spec/**/* - Enabled: false + Max: 200 RSpec/BeforeAfterAll: Description: Beware of using after(:all) as it may cause state to leak between tests. A necessary evil in acceptance testing. @@ -36,6 +30,9 @@ RSpec/BeforeAfterAll: RSpec/HookArgument: Description: Prefer explicit :each argument, matching existing module's style EnforcedStyle: each +RSpec/DescribeSymbol: + Exclude: + - spec/unit/facter/**/*.rb Style/BlockDelimiters: Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to be consistent then. @@ -68,7 +65,7 @@ Style/TrailingCommaInArguments: Description: Prefer always trailing comma on multiline argument lists. This makes diffs, and re-ordering nicer. EnforcedStyleForMultiline: comma -Style/TrailingCommaInLiteral: +Style/TrailingCommaInArrayLiteral: Description: Prefer always trailing comma on multiline literals. This makes diffs, and re-ordering nicer. EnforcedStyleForMultiline: comma @@ -83,28 +80,176 @@ Style/Documentation: - spec/**/* Style/WordArray: EnforcedStyle: brackets +Performance/AncestorsInclude: + Enabled: true +Performance/BigDecimalWithNumericArgument: + Enabled: true +Performance/BlockGivenWithExplicitBlock: + Enabled: true +Performance/CaseWhenSplat: + Enabled: true +Performance/ConstantRegexp: + Enabled: true +Performance/MethodObjectAsBlock: + Enabled: true +Performance/RedundantSortBlock: + Enabled: true +Performance/RedundantStringChars: + Enabled: true +Performance/ReverseFirst: + Enabled: true +Performance/SortReverse: + Enabled: true +Performance/Squeeze: + Enabled: true +Performance/StringInclude: + Enabled: true +Performance/Sum: + Enabled: true Style/CollectionMethods: Enabled: true Style/MethodCalledOnDoEndBlock: Enabled: true -Style/StringLiterals: - Enabled: false Style/StringMethods: Enabled: true -GetText/DecorateFunctionMessage: +Bundler/GemFilename: + Enabled: false +Bundler/InsecureProtocolSource: Enabled: false -GetText/DecorateStringFormattingUsingInterpolation: +Capybara/CurrentPathExpectation: Enabled: false -GetText/DecorateStringFormattingUsingPercent: +Capybara/VisibilityMatcher: + Enabled: false +Gemspec/DuplicatedAssignment: + Enabled: false +Gemspec/OrderedDependencies: + Enabled: false +Gemspec/RequiredRubyVersion: + Enabled: false +Gemspec/RubyVersionGlobalsUsage: + Enabled: false +Layout/ArgumentAlignment: + Enabled: false +Layout/BeginEndAlignment: + Enabled: false +Layout/ClosingHeredocIndentation: + Enabled: false +Layout/EmptyComment: + Enabled: false +Layout/EmptyLineAfterGuardClause: + Enabled: false +Layout/EmptyLinesAroundArguments: + Enabled: false +Layout/EmptyLinesAroundAttributeAccessor: Enabled: false Layout/EndOfLine: Enabled: false -Layout/IndentHeredoc: +Layout/FirstArgumentIndentation: + Enabled: false +Layout/HashAlignment: + Enabled: false +Layout/HeredocIndentation: + Enabled: false +Layout/LeadingEmptyLines: + Enabled: false +Layout/SpaceAroundMethodCallOperator: + Enabled: false +Layout/SpaceInsideArrayLiteralBrackets: + Enabled: false +Layout/SpaceInsideReferenceBrackets: + Enabled: false +Lint/BigDecimalNew: + Enabled: false +Lint/BooleanSymbol: + Enabled: false +Lint/ConstantDefinitionInBlock: + Enabled: false +Lint/DeprecatedOpenSSLConstant: + Enabled: false +Lint/DisjunctiveAssignmentInConstructor: + Enabled: false +Lint/DuplicateElsifCondition: + Enabled: false +Lint/DuplicateRequire: + Enabled: false +Lint/DuplicateRescueException: + Enabled: false +Lint/EmptyConditionalBody: + Enabled: false +Lint/EmptyFile: + Enabled: false +Lint/ErbNewArguments: + Enabled: false +Lint/FloatComparison: + Enabled: false +Lint/HashCompareByIdentity: + Enabled: false +Lint/IdentityComparison: + Enabled: false +Lint/InterpolationCheck: + Enabled: false +Lint/MissingCopEnableDirective: + Enabled: false +Lint/MixedRegexpCaptureTypes: + Enabled: false +Lint/NestedPercentLiteral: + Enabled: false +Lint/NonDeterministicRequireOrder: + Enabled: false +Lint/OrderedMagicComments: + Enabled: false +Lint/OutOfRangeRegexpRef: + Enabled: false +Lint/RaiseException: + Enabled: false +Lint/RedundantCopEnableDirective: + Enabled: false +Lint/RedundantRequireStatement: + Enabled: false +Lint/RedundantSafeNavigation: + Enabled: false +Lint/RedundantWithIndex: + Enabled: false +Lint/RedundantWithObject: + Enabled: false +Lint/RegexpAsCondition: + Enabled: false +Lint/ReturnInVoidContext: + Enabled: false +Lint/SafeNavigationConsistency: + Enabled: false +Lint/SafeNavigationWithEmpty: + Enabled: false +Lint/SelfAssignment: + Enabled: false +Lint/SendWithMixinArgument: + Enabled: false +Lint/ShadowedArgument: + Enabled: false +Lint/StructNewOverride: + Enabled: false +Lint/ToJSON: + Enabled: false +Lint/TopLevelReturnWithArgument: + Enabled: false +Lint/TrailingCommaInAttributeDeclaration: + Enabled: false +Lint/UnreachableLoop: + Enabled: false +Lint/UriEscapeUnescape: + Enabled: false +Lint/UriRegexp: + Enabled: false +Lint/UselessMethodDefinition: + Enabled: false +Lint/UselessTimes: Enabled: false Metrics/AbcSize: Enabled: false Metrics/BlockLength: Enabled: false +Metrics/BlockNesting: + Enabled: false Metrics/ClassLength: Enabled: false Metrics/CyclomaticComplexity: @@ -117,19 +262,469 @@ Metrics/ParameterLists: Enabled: false Metrics/PerceivedComplexity: Enabled: false +Migration/DepartmentName: + Enabled: false +Naming/AccessorMethodName: + Enabled: false +Naming/BlockParameterName: + Enabled: false +Naming/HeredocDelimiterCase: + Enabled: false +Naming/HeredocDelimiterNaming: + Enabled: false +Naming/MemoizedInstanceVariableName: + Enabled: false +Naming/MethodParameterName: + Enabled: false +Naming/RescuedExceptionsVariableName: + Enabled: false +Naming/VariableNumber: + Enabled: false +Performance/BindCall: + Enabled: false +Performance/DeletePrefix: + Enabled: false +Performance/DeleteSuffix: + Enabled: false +Performance/InefficientHashSearch: + Enabled: false +Performance/UnfreezeString: + Enabled: false +Performance/UriDefaultParser: + Enabled: false +RSpec/Be: + Enabled: false +RSpec/Capybara/FeatureMethods: + Enabled: false +RSpec/ContainExactly: + Enabled: false +RSpec/ContextMethod: + Enabled: false +RSpec/ContextWording: + Enabled: false RSpec/DescribeClass: Enabled: false +RSpec/EmptyHook: + Enabled: false +RSpec/EmptyLineAfterExample: + Enabled: false +RSpec/EmptyLineAfterExampleGroup: + Enabled: false +RSpec/EmptyLineAfterHook: + Enabled: false RSpec/ExampleLength: Enabled: false -RSpec/MessageExpectation: +RSpec/ExampleWithoutDescription: + Enabled: false +RSpec/ExpectChange: + Enabled: false +RSpec/ExpectInHook: + Enabled: false +RSpec/FactoryBot/AttributeDefinedStatically: + Enabled: false +RSpec/FactoryBot/CreateList: + Enabled: false +RSpec/FactoryBot/FactoryClassName: + Enabled: false +RSpec/HooksBeforeExamples: + Enabled: false +RSpec/ImplicitBlockExpectation: + Enabled: false +RSpec/ImplicitSubject: + Enabled: false +RSpec/LeakyConstantDeclaration: + Enabled: false +RSpec/LetBeforeExamples: + Enabled: false +RSpec/MatchArray: + Enabled: false +RSpec/MissingExampleGroupArgument: Enabled: false RSpec/MultipleExpectations: Enabled: false +RSpec/MultipleMemoizedHelpers: + Enabled: false +RSpec/MultipleSubjects: + Enabled: false RSpec/NestedGroups: Enabled: false -Style/AsciiComments: +RSpec/PredicateMatcher: + Enabled: false +RSpec/ReceiveCounts: + Enabled: false +RSpec/ReceiveNever: + Enabled: false +RSpec/RepeatedExampleGroupBody: + Enabled: false +RSpec/RepeatedExampleGroupDescription: + Enabled: false +RSpec/RepeatedIncludeExample: + Enabled: false +RSpec/ReturnFromStub: + Enabled: false +RSpec/SharedExamples: + Enabled: false +RSpec/StubbedMock: + Enabled: false +RSpec/UnspecifiedException: + Enabled: false +RSpec/VariableDefinition: + Enabled: false +RSpec/VoidExpect: + Enabled: false +RSpec/Yield: + Enabled: false +Security/Open: + Enabled: false +Style/AccessModifierDeclarations: + Enabled: false +Style/AccessorGrouping: + Enabled: false +Style/BisectedAttrAccessor: + Enabled: false +Style/CaseLikeIf: + Enabled: false +Style/ClassEqualityComparison: + Enabled: false +Style/ColonMethodDefinition: + Enabled: false +Style/CombinableLoops: + Enabled: false +Style/CommentedKeyword: + Enabled: false +Style/Dir: + Enabled: false +Style/DoubleCopDisableDirective: + Enabled: false +Style/EmptyBlockParameter: + Enabled: false +Style/EmptyLambdaParameter: + Enabled: false +Style/Encoding: + Enabled: false +Style/EvalWithLocation: + Enabled: false +Style/ExpandPathArguments: + Enabled: false +Style/ExplicitBlockArgument: + Enabled: false +Style/ExponentialNotation: + Enabled: false +Style/FloatDivision: + Enabled: false +Style/FrozenStringLiteralComment: + Enabled: false +Style/GlobalStdStream: + Enabled: false +Style/HashAsLastArrayItem: + Enabled: false +Style/HashLikeCase: + Enabled: false +Style/HashTransformKeys: + Enabled: false +Style/HashTransformValues: Enabled: false Style/IfUnlessModifier: Enabled: false +Style/KeywordParametersOrder: + Enabled: false +Style/MinMax: + Enabled: false +Style/MixinUsage: + Enabled: false +Style/MultilineWhenThen: + Enabled: false +Style/NegatedUnless: + Enabled: false +Style/NumericPredicate: + Enabled: false +Style/OptionalBooleanParameter: + Enabled: false +Style/OrAssignment: + Enabled: false +Style/RandomWithOffset: + Enabled: false +Style/RedundantAssignment: + Enabled: false +Style/RedundantCondition: + Enabled: false +Style/RedundantConditional: + Enabled: false +Style/RedundantFetchBlock: + Enabled: false +Style/RedundantFileExtensionInRequire: + Enabled: false +Style/RedundantRegexpCharacterClass: + Enabled: false +Style/RedundantRegexpEscape: + Enabled: false +Style/RedundantSelfAssignment: + Enabled: false +Style/RedundantSort: + Enabled: false +Style/RescueStandardError: + Enabled: false +Style/SingleArgumentDig: + Enabled: false +Style/SlicingWithRange: + Enabled: false +Style/SoleNestedConditional: + Enabled: false +Style/StderrPuts: + Enabled: false +Style/StringConcatenation: + Enabled: false +Style/Strip: + Enabled: false Style/SymbolProc: Enabled: false +Style/TrailingBodyOnClass: + Enabled: false +Style/TrailingBodyOnMethodDefinition: + Enabled: false +Style/TrailingBodyOnModule: + Enabled: false +Style/TrailingCommaInHashLiteral: + Enabled: false +Style/TrailingMethodEndStatement: + Enabled: false +Style/UnpackFirst: + Enabled: false +Capybara/MatchStyle: + Enabled: false +Capybara/NegationMatcher: + Enabled: false +Capybara/SpecificActions: + Enabled: false +Capybara/SpecificFinders: + Enabled: false +Capybara/SpecificMatcher: + Enabled: false +Gemspec/DeprecatedAttributeAssignment: + Enabled: false +Gemspec/DevelopmentDependencies: + Enabled: false +Gemspec/RequireMFA: + Enabled: false +Layout/LineContinuationLeadingSpace: + Enabled: false +Layout/LineContinuationSpacing: + Enabled: false +Layout/LineEndStringConcatenationIndentation: + Enabled: false +Layout/SpaceBeforeBrackets: + Enabled: false +Lint/AmbiguousAssignment: + Enabled: false +Lint/AmbiguousOperatorPrecedence: + Enabled: false +Lint/AmbiguousRange: + Enabled: false +Lint/ConstantOverwrittenInRescue: + Enabled: false +Lint/DeprecatedConstants: + Enabled: false +Lint/DuplicateBranch: + Enabled: false +Lint/DuplicateMagicComment: + Enabled: false +Lint/DuplicateMatchPattern: + Enabled: false +Lint/DuplicateRegexpCharacterClassElement: + Enabled: false +Lint/EmptyBlock: + Enabled: false +Lint/EmptyClass: + Enabled: false +Lint/EmptyInPattern: + Enabled: false +Lint/IncompatibleIoSelectWithFiberScheduler: + Enabled: false +Lint/LambdaWithoutLiteralBlock: + Enabled: false +Lint/NoReturnInBeginEndBlocks: + Enabled: false +Lint/NonAtomicFileOperation: + Enabled: false +Lint/NumberedParameterAssignment: + Enabled: false +Lint/OrAssignmentToConstant: + Enabled: false +Lint/RedundantDirGlobSort: + Enabled: false +Lint/RefinementImportMethods: + Enabled: false +Lint/RequireRangeParentheses: + Enabled: false +Lint/RequireRelativeSelfPath: + Enabled: false +Lint/SymbolConversion: + Enabled: false +Lint/ToEnumArguments: + Enabled: false +Lint/TripleQuotes: + Enabled: false +Lint/UnexpectedBlockArity: + Enabled: false +Lint/UnmodifiedReduceAccumulator: + Enabled: false +Lint/UselessRescue: + Enabled: false +Lint/UselessRuby2Keywords: + Enabled: false +Metrics/CollectionLiteralLength: + Enabled: false +Naming/BlockForwarding: + Enabled: false +Performance/CollectionLiteralInLoop: + Enabled: false +Performance/ConcurrentMonotonicTime: + Enabled: false +Performance/MapCompact: + Enabled: false +Performance/RedundantEqualityComparisonBlock: + Enabled: false +Performance/RedundantSplitRegexpArgument: + Enabled: false +Performance/StringIdentifierArgument: + Enabled: false +RSpec/BeEq: + Enabled: false +RSpec/BeNil: + Enabled: false +RSpec/ChangeByZero: + Enabled: false +RSpec/ClassCheck: + Enabled: false +RSpec/DuplicatedMetadata: + Enabled: false +RSpec/ExcessiveDocstringSpacing: + Enabled: false +RSpec/FactoryBot/ConsistentParenthesesStyle: + Enabled: false +RSpec/FactoryBot/FactoryNameStyle: + Enabled: false +RSpec/FactoryBot/SyntaxMethods: + Enabled: false +RSpec/IdenticalEqualityAssertion: + Enabled: false +RSpec/NoExpectationExample: + Enabled: false +RSpec/PendingWithoutReason: + Enabled: false +RSpec/Rails/AvoidSetupHook: + Enabled: false +RSpec/Rails/HaveHttpStatus: + Enabled: false +RSpec/Rails/InferredSpecType: + Enabled: false +RSpec/Rails/MinitestAssertions: + Enabled: false +RSpec/Rails/TravelAround: + Enabled: false +RSpec/RedundantAround: + Enabled: false +RSpec/SkipBlockInsideExample: + Enabled: false +RSpec/SortMetadata: + Enabled: false +RSpec/SubjectDeclaration: + Enabled: false +RSpec/VerifiedDoubleReference: + Enabled: false +Security/CompoundHash: + Enabled: false +Security/IoMethods: + Enabled: false +Style/ArgumentsForwarding: + Enabled: false +Style/ArrayIntersect: + Enabled: false +Style/CollectionCompact: + Enabled: false +Style/ComparableClamp: + Enabled: false +Style/ConcatArrayLiterals: + Enabled: false +Style/DataInheritance: + Enabled: false +Style/DirEmpty: + Enabled: false +Style/DocumentDynamicEvalDefinition: + Enabled: false +Style/EmptyHeredoc: + Enabled: false +Style/EndlessMethod: + Enabled: false +Style/EnvHome: + Enabled: false +Style/FetchEnvVar: + Enabled: false +Style/FileEmpty: + Enabled: false +Style/FileRead: + Enabled: false +Style/FileWrite: + Enabled: false +Style/HashConversion: + Enabled: false +Style/HashExcept: + Enabled: false +Style/IfWithBooleanLiteralBranches: + Enabled: false +Style/InPatternThen: + Enabled: false +Style/MagicCommentFormat: + Enabled: false +Style/MapCompactWithConditionalBlock: + Enabled: false +Style/MapToHash: + Enabled: false +Style/MapToSet: + Enabled: false +Style/MinMaxComparison: + Enabled: false +Style/MultilineInPatternThen: + Enabled: false +Style/NegatedIfElseCondition: + Enabled: false +Style/NestedFileDirname: + Enabled: false +Style/NilLambda: + Enabled: false +Style/NumberedParameters: + Enabled: false +Style/NumberedParametersLimit: + Enabled: false +Style/ObjectThen: + Enabled: false +Style/OpenStructUse: + Enabled: false +Style/OperatorMethodCall: + Enabled: false +Style/QuotedSymbols: + Enabled: false +Style/RedundantArgument: + Enabled: false +Style/RedundantConstantBase: + Enabled: false +Style/RedundantDoubleSplatHashBraces: + Enabled: false +Style/RedundantEach: + Enabled: false +Style/RedundantHeredocDelimiterQuotes: + Enabled: false +Style/RedundantInitialize: + Enabled: false +Style/RedundantLineContinuation: + Enabled: false +Style/RedundantSelfAssignmentBranch: + Enabled: false +Style/RedundantStringEscape: + Enabled: false +Style/SelectByRegexp: + Enabled: false +Style/StringChars: + Enabled: false +Style/SwapValues: + Enabled: false diff --git a/.travis.yml b/.travis.yml index b84a024..ed27d4d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,14 +1,18 @@ --- -dist: focal +dist: xenial language: ruby cache: bundler before_install: - bundle -v + - rm -f Gemfile.lock + - gem update --system $RUBYGEMS_VERSION + - gem --version + - bundle -v script: - 'bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - - 2.5.8 + - 2.5.3 stages: - static - spec @@ -22,9 +26,13 @@ matrix: - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static + - + env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec + rvm: 2.4.5 + stage: spec - env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec - rvm: 2.5.8 + rvm: 2.5.3 stage: spec - env: DEPLOY_TO_FORGE=yes diff --git a/Gemfile b/Gemfile index 2aeab8e..8e9f845 100644 --- a/Gemfile +++ b/Gemfile @@ -13,21 +13,37 @@ def location_for(place_or_version, fake_version = nil) end end -ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments -minor_version = ruby_version_segments[0..1].join('.') - group :development do - gem "fast_gettext", '1.1.0', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') - gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') - gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') - gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') - gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-posix-default-r#{minor_version}", '~> 0.3', require: false, platforms: [:ruby] - gem "puppet-module-posix-dev-r#{minor_version}", '~> 0.3', require: false, platforms: [:ruby] - gem "puppet-module-win-default-r#{minor_version}", '~> 0.3', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-win-dev-r#{minor_version}", '~> 0.3', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "deep_merge", '~> 1.2.2', require: false + gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false + gem "facterdb", '~> 2.1', require: false + gem "metadata-json-lint", '~> 4.0', require: false + gem "rspec-puppet-facts", '~> 4.0', require: false + gem "dependency_checker", '~> 1.0.0', require: false + gem "parallel_tests", '= 3.12.1', require: false + gem "pry", '~> 0.10', require: false + gem "simplecov-console", '~> 0.9', require: false + gem "puppet-debugger", '~> 1.0', require: false + gem "rubocop", '~> 1.50.0', require: false + gem "rubocop-performance", '= 1.16.0', require: false + gem "rubocop-rspec", '= 2.19.0', require: false + gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "rexml", '>= 3.0.0', '< 3.2.7', require: false +end +group :development, :release_prep do + gem "puppet-strings", '~> 4.0', require: false + gem "puppetlabs_spec_helper", '~> 7.0', require: false +end +group :system_tests do + gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] + gem "CFPropertyList", '< 3.0.7', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "serverspec", '~> 2.41', require: false end puppet_version = ENV['PUPPET_GEM_VERSION'] @@ -44,16 +60,6 @@ gems['puppet'] = location_for(puppet_version) gems['facter'] = location_for(facter_version) if facter_version gems['hiera'] = location_for(hiera_version) if hiera_version -if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)} - # If we're using a Puppet gem on Windows which handles its own win32-xxx gem - # dependencies (>= 3.5.0), set the maximum versions (see PUP-6445). - gems['win32-dir'] = ['<= 0.4.9', require: false] - gems['win32-eventlog'] = ['<= 0.6.5', require: false] - gems['win32-process'] = ['<= 0.7.5', require: false] - gems['win32-security'] = ['<= 0.2.5', require: false] - gems['win32-service'] = ['0.8.8', require: false] -end - gems.each do |gem_name, gem_params| gem gem_name, *gem_params end diff --git a/Rakefile b/Rakefile index 395df54..caa4e30 100644 --- a/Rakefile +++ b/Rakefile @@ -1,86 +1,10 @@ -require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? +# frozen_string_literal: true + +require 'bundler' +require 'puppet_litmus/rake_tasks' if Gem.loaded_specs.key? 'puppet_litmus' require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' -require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? -require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? -require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? - -def changelog_user - return unless Rake.application.top_level_tasks.include? "changelog" - returnVal = nil || JSON.load(File.read('metadata.json'))['author'] - raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil? - puts "GitHubChangelogGenerator user:#{returnVal}" - returnVal -end - -def changelog_project - return unless Rake.application.top_level_tasks.include? "changelog" - - returnVal = nil - returnVal ||= begin - metadata_source = JSON.load(File.read('metadata.json'))['source'] - metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z}) - - metadata_source_match && metadata_source_match[1] - end - - raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil? - - puts "GitHubChangelogGenerator project:#{returnVal}" - returnVal -end - -def changelog_future_release - return unless Rake.application.top_level_tasks.include? "changelog" - returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version'] - raise "unable to find the future_release (version) in metadata.json" if returnVal.nil? - puts "GitHubChangelogGenerator future_release:#{returnVal}" - returnVal -end +require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings' PuppetLint.configuration.send('disable_relative') -if Bundler.rubygems.find_name('github_changelog_generator').any? - GitHubChangelogGenerator::RakeTask.new :changelog do |config| - raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? - config.user = "#{changelog_user}" - config.project = "#{changelog_project}" - config.future_release = "#{changelog_future_release}" - config.exclude_labels = ['maintenance'] - config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." - config.add_pr_wo_labels = true - config.issues = false - config.merge_prefix = "### UNCATEGORIZED PRS; GO LABEL THEM" - config.configure_sections = { - "Changed" => { - "prefix" => "### Changed", - "labels" => ["backwards-incompatible"], - }, - "Added" => { - "prefix" => "### Added", - "labels" => ["feature", "enhancement"], - }, - "Fixed" => { - "prefix" => "### Fixed", - "labels" => ["bugfix"], - }, - } - end -else - desc 'Generate a Changelog from GitHub' - task :changelog do - raise <= Gem::Version.new('2.2.2')" -EOM - end -end - diff --git a/bin/rake b/bin/rake index 9275675..4eb7d7b 100755 --- a/bin/rake +++ b/bin/rake @@ -8,14 +8,12 @@ # this file is here to facilitate running it. # -require "pathname" -ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile", - Pathname.new(__FILE__).realpath) +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__) -bundle_binstub = File.expand_path("../bundle", __FILE__) +bundle_binstub = File.expand_path("bundle", __dir__) if File.file?(bundle_binstub) - if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/ + if File.read(bundle_binstub, 300).include?("This file was generated by Bundler") load(bundle_binstub) else abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run. diff --git a/bin/rspec b/bin/rspec index a6c7852..cb53ebe 100755 --- a/bin/rspec +++ b/bin/rspec @@ -8,14 +8,12 @@ # this file is here to facilitate running it. # -require "pathname" -ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile", - Pathname.new(__FILE__).realpath) +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__) -bundle_binstub = File.expand_path("../bundle", __FILE__) +bundle_binstub = File.expand_path("bundle", __dir__) if File.file?(bundle_binstub) - if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/ + if File.read(bundle_binstub, 300).include?("This file was generated by Bundler") load(bundle_binstub) else abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run. diff --git a/lib/facter/splunk_cwd.rb b/lib/facter/splunk_cwd.rb index 5dda9ed..1c07e65 100755 --- a/lib/facter/splunk_cwd.rb +++ b/lib/facter/splunk_cwd.rb @@ -1,8 +1,31 @@ -# frozen_string_literal: true - -Facter.add(:splunk_cwd) do +Facter.add(:splunk_version) do + confine :kernel => 'Linux' setcode do - splunk_cwd = Facter::Util::Resolution.exec("readlink -e /proc/$(pgrep -o splunk)/exe | grep -oE '/opt/(splunk|splunkforwarder)' | uniq") - splunk_cwd + # Define possible Splunk installation paths + splunk_paths = { + enterprise: '/opt/splunk/bin/splunk', + forwarder: '/opt/splunkforwarder/bin/splunk' + } + + # Find which Splunk binary exists + binary_path = splunk_paths.values.find { |path| File.executable?(path) } + + if binary_path + begin + version = Facter::Core::Execution.execute("#{binary_path} version --accept-license") + if version =~ /Version\s+([\d.]+)/ + $1 + else + Facter.debug("Could not parse Splunk version output") + nil + end + rescue Facter::Core::Execution::ExecutionFailure => e + Facter.debug("Failed to get Splunk version: #{e.message}") + nil + end + else + Facter.debug("No Splunk binary found in expected locations") + nil + end end end diff --git a/manifests/deployment.pp b/manifests/deployment.pp index d5470f6..9919dca 100644 --- a/manifests/deployment.pp +++ b/manifests/deployment.pp @@ -48,5 +48,9 @@ require => File["${myappdir}/local"], notify => Service['splunk'] } + } else { + file { "${myappdir}/local/deploymentclient.conf": + ensure => absent + } } } diff --git a/metadata.json b/metadata.json index 3b1e222..e51aa3c 100644 --- a/metadata.json +++ b/metadata.json @@ -54,7 +54,7 @@ "tags": [ "splunk" ], - "pdk-version": "1.18.0", - "template-url": "https://github.com/puppetlabs/pdk-templates#1.15.0", - "template-ref": "tags/1.15.0-0-g0bc522e" + "pdk-version": "3.3.0", + "template-url": "https://github.com/puppetlabs/pdk-templates#3.3.0", + "template-ref": "tags/3.3.0-0-g5d17ec1" } diff --git a/module b/module new file mode 120000 index 0000000..ee2541a --- /dev/null +++ b/module @@ -0,0 +1 @@ +/Volumes/Projects/splunk/module \ No newline at end of file diff --git a/pdk.yaml b/pdk.yaml new file mode 100644 index 0000000..4bef4bd --- /dev/null +++ b/pdk.yaml @@ -0,0 +1,2 @@ +--- +ignore: [] diff --git a/spec/default_facts.yml b/spec/default_facts.yml index f777abf..3346c39 100644 --- a/spec/default_facts.yml +++ b/spec/default_facts.yml @@ -2,7 +2,8 @@ # # Facts specified here will override the values provided by rspec-puppet-facts. --- -ipaddress: "172.16.254.254" -ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" +networking: + ip: "172.16.254.254" + ip6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" + mac: "AA:AA:AA:AA:AA:AA" is_pe: false -macaddress: "AA:AA:AA:AA:AA:AA" diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 012cbac..ae7c1f6 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + RSpec.configure do |c| c.mock_with :rspec end @@ -23,15 +25,16 @@ next unless File.exist?(f) && File.readable?(f) && File.size?(f) begin - default_facts.merge!(YAML.safe_load(File.read(f), [], [], true)) - rescue => e + require 'deep_merge' + default_facts.deep_merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true)) + rescue StandardError => e RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" end end # read default_facts and merge them over what is provided by facterdb default_facts.each do |fact, value| - add_custom_fact fact, value + add_custom_fact fact, value, merge_facts: true end RSpec.configure do |c| @@ -40,9 +43,23 @@ # set to strictest setting for testing # by default Puppet runs at warning level Puppet.settings[:strict] = :warning + Puppet.settings[:strict_variables] = true end c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT'] c.after(:suite) do + RSpec::Puppet::Coverage.report!(0) + end + + # Filter backtrace noise + backtrace_exclusion_patterns = [ + %r{spec_helper}, + %r{gems}, + ] + + if c.respond_to?(:backtrace_exclusion_patterns) + c.backtrace_exclusion_patterns = backtrace_exclusion_patterns + elsif c.respond_to?(:backtrace_clean_patterns) + c.backtrace_clean_patterns = backtrace_exclusion_patterns end end From bd4cf8dc72090138542fd9de969b975ce098f832 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Fri, 20 Dec 2024 14:14:36 -0500 Subject: [PATCH 12/48] get my facts straight --- lib/facter/splunk_cwd.rb | 35 +++++++++++------------------------ lib/facter/splunk_version.rb | 31 +++++++++++++++++++++++++++---- 2 files changed, 38 insertions(+), 28 deletions(-) diff --git a/lib/facter/splunk_cwd.rb b/lib/facter/splunk_cwd.rb index 1c07e65..071a8ec 100755 --- a/lib/facter/splunk_cwd.rb +++ b/lib/facter/splunk_cwd.rb @@ -1,31 +1,18 @@ -Facter.add(:splunk_version) do - confine :kernel => 'Linux' +# frozen_string_literal: true + +Facter.add(:splunk_cwd) do setcode do - # Define possible Splunk installation paths - splunk_paths = { - enterprise: '/opt/splunk/bin/splunk', - forwarder: '/opt/splunkforwarder/bin/splunk' - } + splunk_paths = ['/opt/splunk', '/opt/splunkforwarder'] - # Find which Splunk binary exists - binary_path = splunk_paths.values.find { |path| File.executable?(path) } + splunk_cwd = nil - if binary_path - begin - version = Facter::Core::Execution.execute("#{binary_path} version --accept-license") - if version =~ /Version\s+([\d.]+)/ - $1 - else - Facter.debug("Could not parse Splunk version output") - nil - end - rescue Facter::Core::Execution::ExecutionFailure => e - Facter.debug("Failed to get Splunk version: #{e.message}") - nil + splunk_paths.each do |path| + if File.directory?(path) && File.exist?("#{path}/bin/splunk") + splunk_cwd = path + break end - else - Facter.debug("No Splunk binary found in expected locations") - nil end + + splunk_cwd end end diff --git a/lib/facter/splunk_version.rb b/lib/facter/splunk_version.rb index 9b30614..1c07e65 100755 --- a/lib/facter/splunk_version.rb +++ b/lib/facter/splunk_version.rb @@ -1,8 +1,31 @@ -# frozen_string_literal: true - Facter.add(:splunk_version) do + confine :kernel => 'Linux' setcode do - splunk_version = Facter::Util::Resolution.exec("ls -1 /opt/splunk* | grep manifest | sort -n | tail -1 | grep -oE '([0-9.])+-([a-f0-9])+'") - splunk_version + # Define possible Splunk installation paths + splunk_paths = { + enterprise: '/opt/splunk/bin/splunk', + forwarder: '/opt/splunkforwarder/bin/splunk' + } + + # Find which Splunk binary exists + binary_path = splunk_paths.values.find { |path| File.executable?(path) } + + if binary_path + begin + version = Facter::Core::Execution.execute("#{binary_path} version --accept-license") + if version =~ /Version\s+([\d.]+)/ + $1 + else + Facter.debug("Could not parse Splunk version output") + nil + end + rescue Facter::Core::Execution::ExecutionFailure => e + Facter.debug("Failed to get Splunk version: #{e.message}") + nil + end + else + Facter.debug("No Splunk binary found in expected locations") + nil + end end end From 2745f47741c55b813ac7391c0a19f5b918283813 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Sat, 21 Dec 2024 08:37:57 -0500 Subject: [PATCH 13/48] stop and remove splunk if type is explicitly set to none --- manifests/init.pp | 244 +++++++++++++++++++++++++--------------------- 1 file changed, 135 insertions(+), 109 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 5489d5c..0360ca9 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -33,118 +33,144 @@ # # Copyright 2017 Christopher Caldwell # -class splunk( -String $version, -String $release, -String $type, -Boolean $adhoc_searchhead, -Boolean $autolb, -Integer $autolbfrequency, -String $cacert, -Boolean $captain_is_adhoc, -String $ciphersuite, -String $cluster_mode, -String $confdir, -Boolean $create_user, -Boolean $deployment_disable, -Integer $deployment_interval, -String $dispatch_earliest, -String $dispatch_latest, -Integer $dispatch_size, -String $ecdhcurves, -String $email, -String $ext, -Boolean $forcetimebasedautolb, -String $install_path, -Boolean $is_captain, -String $license_master_mode, -String $mailserver, -Boolean $managesecret, -Integer $max_rawsize_perchunk, -Integer $max_searches, -String $os, -String $kernel, -Boolean $preferred_captain, -String $privkey, -Boolean $scheduler_disable, -Integer $search_maxinfocsv, -Integer $search_maxqueue, -String $server_site, -String $servercert, -String $servercertpass, -String $source, -String $group, -String $user, -Boolean $replace_hash, -Boolean $splunknotcp_ssl, -Boolean $splunknotcp, -Boolean $sslclientcert, -Boolean $sslclientcompression, -Boolean $sslcompression, -Boolean $sslnegotiation, -Boolean $sslstsheader, -Boolean $sslv3, -Boolean $sslverify, -String $sslversions, -Integer $subsearch_maxout, -Integer $subsearch_maxtime, -Integer $subsearch_ttl, -String $symmkey, -String $tarcmd, -Boolean $use_mounts, -Boolean $use_systemd, -String $webcert, -Boolean $webssl, -Enum['v1,v2', 'v2'] $signatureversion, -Enum['decryptOnly', 'disabled'] $legacyciphers, -Enum['sse-s3', 'sse-kms', 'sse-c', 'none'] $s3_encryption, -Optional[String] $license_master, -Optional[String] $cold_path, -Optional[String] $warm_path, -Optional[String] $datamodel_path, -Optional[Integer] $maxwarm = 0, -Optional[Integer] $maxcold = 0, -Optional[Integer] $s3_keyrefresh = 86400, -Optional[Hash] $acls = undef, -Optional[String] $admin_pass = undef, -Optional[String] $auth_pass = undef, -Optional[String] $authentication = undef, -Optional[Hash] $authconfig = undef, -Optional[String] $cert_source = undef, -Optional[Hash] $indexes = undef, -Optional[Hash] $inputs = undef, -Optional[Hash] $apps = undef, -Optional[String] $geo_source = undef, -Optional[String] $geo_hash = undef, -Optional[Tuple] $clusters = undef, -Optional[String] $deployment_server = undef, -Optional[Tuple] $licenses = undef, -Optional[Integer] $repl_count = undef, -Optional[Integer] $repl_port = undef, -Optional[Tuple] $roles = undef, -Optional[String] $search_deploy = undef, -Optional[String] $mailfrom = undef, -Optional[String] $serviceurl = undef, -Optional[String] $shcluster_label = undef, -Optional[String] $shcluster_mode = undef, -Optional[Array] $shcluster_members = undef, -Optional[Hash] $tcpout = undef, -Optional[String] $remote_path = undef, -Optional[String] $s3_access_key = undef, -Optional[String] $s3_secret_key = undef, -Optional[String] $s3_endpoint = undef, -Optional[string] $s3_sslverify = undef, -Optional[string] $s3_sslversions = undef, -Optional[string] $s3_ssl_altname = undef, -Optional[string] $s3_ssl_capath = undef, -Optional[string] $s3_ciphersuite = undef, -Optional[string] $s3_ecdhcurves = undef, -Optional[string] $s3_region = undef, -Optional[string] $s3_kms_key = undef +class splunk ( + String $version, + String $release, + String $type, + Boolean $adhoc_searchhead, + Boolean $autolb, + Integer $autolbfrequency, + String $cacert, + Boolean $captain_is_adhoc, + String $ciphersuite, + String $cluster_mode, + String $confdir, + Boolean $create_user, + Boolean $deployment_disable, + Integer $deployment_interval, + String $dispatch_earliest, + String $dispatch_latest, + Integer $dispatch_size, + String $ecdhcurves, + String $email, + String $ext, + Boolean $forcetimebasedautolb, + String $install_path, + Boolean $is_captain, + String $license_master_mode, + String $mailserver, + Boolean $managesecret, + Integer $max_rawsize_perchunk, + Integer $max_searches, + String $os, + String $kernel, + Boolean $preferred_captain, + String $privkey, + Boolean $scheduler_disable, + Integer $search_maxinfocsv, + Integer $search_maxqueue, + String $server_site, + String $servercert, + String $servercertpass, + String $source, + String $group, + String $user, + Boolean $replace_hash, + Boolean $splunknotcp_ssl, + Boolean $splunknotcp, + Boolean $sslclientcert, + Boolean $sslclientcompression, + Boolean $sslcompression, + Boolean $sslnegotiation, + Boolean $sslstsheader, + Boolean $sslv3, + Boolean $sslverify, + String $sslversions, + Integer $subsearch_maxout, + Integer $subsearch_maxtime, + Integer $subsearch_ttl, + String $symmkey, + String $tarcmd, + Boolean $use_mounts, + Boolean $use_systemd, + String $webcert, + Boolean $webssl, + Enum['v1,v2', 'v2'] $signatureversion, + Enum['decryptOnly', 'disabled'] $legacyciphers, + Enum['sse-s3', 'sse-kms', 'sse-c', 'none'] $s3_encryption, + Optional[String] $license_master, + Optional[String] $cold_path, + Optional[String] $warm_path, + Optional[String] $datamodel_path, + Optional[Integer] $maxwarm = 0, + Optional[Integer] $maxcold = 0, + Optional[Integer] $s3_keyrefresh = 86400, + Optional[Hash] $acls = undef, + Optional[String] $admin_pass = undef, + Optional[String] $auth_pass = undef, + Optional[String] $authentication = undef, + Optional[Hash] $authconfig = undef, + Optional[String] $cert_source = undef, + Optional[Hash] $indexes = undef, + Optional[Hash] $inputs = undef, + Optional[Hash] $apps = undef, + Optional[String] $geo_source = undef, + Optional[String] $geo_hash = undef, + Optional[Tuple] $clusters = undef, + Optional[String] $deployment_server = undef, + Optional[Tuple] $licenses = undef, + Optional[Integer] $repl_count = undef, + Optional[Integer] $repl_port = undef, + Optional[Tuple] $roles = undef, + Optional[String] $search_deploy = undef, + Optional[String] $mailfrom = undef, + Optional[String] $serviceurl = undef, + Optional[String] $shcluster_label = undef, + Optional[String] $shcluster_mode = undef, + Optional[Array] $shcluster_members = undef, + Optional[Hash] $tcpout = undef, + Optional[String] $remote_path = undef, + Optional[String] $s3_access_key = undef, + Optional[String] $s3_secret_key = undef, + Optional[String] $s3_endpoint = undef, + Optional[string] $s3_sslverify = undef, + Optional[string] $s3_sslversions = undef, + Optional[string] $s3_ssl_altname = undef, + Optional[string] $s3_ssl_capath = undef, + Optional[string] $s3_ciphersuite = undef, + Optional[string] $s3_ecdhcurves = undef, + Optional[string] $s3_region = undef, + Optional[string] $s3_kms_key = undef ) { + if $type == 'none' { + exec { 'stop_splunk_service': + command => '/opt/splunk/bin/splunk stop', + onlyif => '/opt/splunk/bin/splunk status', + path => '/bin:/usr/bin:/sbin:/usr/sbin', + before => File['/opt/splunk', '/opt/splunkforwarder'], + } - if $type != 'none' { + exec { 'stop_splunkforwarder_service': + command => '/opt/splunkforwarder/bin/splunk stop', + onlyif => '/opt/splunkforwarder/bin/splunk status', + path => '/bin:/usr/bin:/sbin:/usr/sbin', + before => File['/opt/splunk', '/opt/splunkforwarder'], + } + + file { '/opt/splunk': + ensure => absent, + recurse => true, + force => true, + } + file { '/opt/splunkforwarder': + ensure => absent, + recurse => true, + force => true, + } + } + + if $type != 'none' { if $environment == 'ci' or $create_user == true { class { 'splunk::user': } } From 74bf3905e4956b163ec156fc2a64bdbff6bf01e4 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Sat, 21 Dec 2024 12:54:51 -0500 Subject: [PATCH 14/48] cleanup --- manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 0360ca9..07f5099 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -141,7 +141,7 @@ Optional[string] $s3_ecdhcurves = undef, Optional[string] $s3_region = undef, Optional[string] $s3_kms_key = undef -) { + ) { if $type == 'none' { exec { 'stop_splunk_service': command => '/opt/splunk/bin/splunk stop', From 7215495aec24e270ca9572ce550724804fad9168 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Sat, 21 Dec 2024 13:11:52 -0500 Subject: [PATCH 15/48] check before run --- manifests/init.pp | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 07f5099..4f2d274 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -143,18 +143,22 @@ Optional[string] $s3_kms_key = undef ) { if $type == 'none' { - exec { 'stop_splunk_service': - command => '/opt/splunk/bin/splunk stop', - onlyif => '/opt/splunk/bin/splunk status', - path => '/bin:/usr/bin:/sbin:/usr/sbin', - before => File['/opt/splunk', '/opt/splunkforwarder'], + if file('/opt/splunk/bin/splunk') { + exec { 'stop_splunk_service': + command => '/opt/splunk/bin/splunk stop', + onlyif => '/opt/splunk/bin/splunk status', + path => '/bin:/usr/bin:/sbin:/usr/sbin', + before => File['/opt/splunk', '/opt/splunkforwarder'], + } } - exec { 'stop_splunkforwarder_service': - command => '/opt/splunkforwarder/bin/splunk stop', - onlyif => '/opt/splunkforwarder/bin/splunk status', - path => '/bin:/usr/bin:/sbin:/usr/sbin', - before => File['/opt/splunk', '/opt/splunkforwarder'], + if file('/opt/splunkforwarder/bin/splunk') { + exec { 'stop_splunkforwarder_service': + command => '/opt/splunkforwarder/bin/splunk stop', + onlyif => '/opt/splunkforwarder/bin/splunk status', + path => '/bin:/usr/bin:/sbin:/usr/sbin', + before => File['/opt/splunk', '/opt/splunkforwarder'], + } } file { '/opt/splunk': From 9d5840223d2658dcb9680467da8eb9ca3629b360 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Sun, 22 Dec 2024 06:48:12 -0500 Subject: [PATCH 16/48] use fact for install dir, cleaner code --- manifests/init.pp | 32 ++++++++------------------------ 1 file changed, 8 insertions(+), 24 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 4f2d274..5212972 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -142,32 +142,16 @@ Optional[string] $s3_region = undef, Optional[string] $s3_kms_key = undef ) { - if $type == 'none' { - if file('/opt/splunk/bin/splunk') { - exec { 'stop_splunk_service': - command => '/opt/splunk/bin/splunk stop', - onlyif => '/opt/splunk/bin/splunk status', - path => '/bin:/usr/bin:/sbin:/usr/sbin', - before => File['/opt/splunk', '/opt/splunkforwarder'], - } - } - - if file('/opt/splunkforwarder/bin/splunk') { - exec { 'stop_splunkforwarder_service': - command => '/opt/splunkforwarder/bin/splunk stop', - onlyif => '/opt/splunkforwarder/bin/splunk status', - path => '/bin:/usr/bin:/sbin:/usr/sbin', - before => File['/opt/splunk', '/opt/splunkforwarder'], - } - } - - file { '/opt/splunk': - ensure => absent, - recurse => true, - force => true, + if $type == 'none' and $facts['splunk::cwd'] != undef { + exec { 'stop_splunk_service': + command => "${facts['splunk::cwd']}/bin/splunk stop", + onlyif => "${facts['splunk::cwd']}/bin/splunk status", + path => '/bin:/usr/bin:/sbin:/usr/sbin', + before => File['splunk_installation'], } - file { '/opt/splunkforwarder': + file { 'splunk_installation': + path => $facts['splunk::cwd'], ensure => absent, recurse => true, force => true, From 1d014a51d840874e6e274ccf9675550da61d7659 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Sun, 22 Dec 2024 07:57:22 -0500 Subject: [PATCH 17/48] use correct fact --- manifests/init.pp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 5212972..b27afe9 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -142,16 +142,16 @@ Optional[string] $s3_region = undef, Optional[string] $s3_kms_key = undef ) { - if $type == 'none' and $facts['splunk::cwd'] != undef { + if $type == 'none' and $::splunk_cwd != undef { exec { 'stop_splunk_service': - command => "${facts['splunk::cwd']}/bin/splunk stop", - onlyif => "${facts['splunk::cwd']}/bin/splunk status", + command => "${::splunk_cwd}/bin/splunk stop", + onlyif => "${::splunk_cwd}/bin/splunk status", path => '/bin:/usr/bin:/sbin:/usr/sbin', before => File['splunk_installation'], } file { 'splunk_installation': - path => $facts['splunk::cwd'], + path => $::splunk_cwd, ensure => absent, recurse => true, force => true, From aa90f3302bbc5dedfd7a8449cc449eb84a74b7eb Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Sun, 22 Dec 2024 08:18:29 -0500 Subject: [PATCH 18/48] update facts reference --- manifests/init.pp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index b27afe9..76b9001 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -142,16 +142,16 @@ Optional[string] $s3_region = undef, Optional[string] $s3_kms_key = undef ) { - if $type == 'none' and $::splunk_cwd != undef { + if $type == 'none' and $facts['splunk_cwd'] != undef { exec { 'stop_splunk_service': - command => "${::splunk_cwd}/bin/splunk stop", - onlyif => "${::splunk_cwd}/bin/splunk status", + command => "${facts['splunk_cwd']}/bin/splunk stop", + onlyif => "${facts['splunk_cwd']}/bin/splunk status", path => '/bin:/usr/bin:/sbin:/usr/sbin', before => File['splunk_installation'], } file { 'splunk_installation': - path => $::splunk_cwd, + path => $facts['splunk_cwd'], ensure => absent, recurse => true, force => true, From fd15da8afdae219bce96cf07a7c1cec026fc6faa Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 10:30:38 -0500 Subject: [PATCH 19/48] linting, default for variable --- manifests/init.pp | 37 ++++++++++++-------------------- templates/splunk-launch.conf.erb | 2 +- 2 files changed, 15 insertions(+), 24 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 76b9001..9c87fa2 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -6,20 +6,11 @@ # # Document parameters here. # -# [*sample_parameter*] -# Explanation of what this parameter affects and what it defaults to. -# e.g. "Specify one or more upstream ntp servers as an array." # # === Variables # # Here you should define a list of variables that this module would require. # -# [*sample_variable*] -# Explanation of how this variable affects the funtion of this class and if -# it has a default. e.g. "The parameter enc_ntp_servers must be set by the -# External Node Classifier as a comma separated list of hostnames." (Note, -# global variables should be avoided in favor of class parameters as -# of Puppet 2.6.) # # === Examples # @@ -141,18 +132,18 @@ Optional[string] $s3_ecdhcurves = undef, Optional[string] $s3_region = undef, Optional[string] $s3_kms_key = undef - ) { +) { if $type == 'none' and $facts['splunk_cwd'] != undef { exec { 'stop_splunk_service': - command => "${facts['splunk_cwd']}/bin/splunk stop", - onlyif => "${facts['splunk_cwd']}/bin/splunk status", - path => '/bin:/usr/bin:/sbin:/usr/sbin', - before => File['splunk_installation'], + command => "${facts['splunk_cwd']}/bin/splunk stop", + onlyif => "${facts['splunk_cwd']}/bin/splunk status", + path => '/bin:/usr/bin:/sbin:/usr/sbin', + before => File['splunk_installation'], } file { 'splunk_installation': - path => $facts['splunk_cwd'], ensure => absent, + path => $facts['splunk_cwd'], recurse => true, force => true, } @@ -165,9 +156,9 @@ $new_version = "${version}-${release}" - $arch = $facts['architecture'] ? { - x86_64 => 'x86_64', - amd64 => 'x86_64', + $arch = $facts['os']['architecture'] ? { + 'x86_64' => 'x86_64', + 'amd64' => 'x86_64', default => 'i686' } if $type == 'forwarder' { @@ -321,7 +312,7 @@ user => $user, group => $group, umask => '027', - notify => Service['splunk'] + notify => Service['splunk'], } } @@ -336,7 +327,7 @@ user => $user, group => $group, umask => '027', - notify => Service['splunk'] + notify => Service['splunk'], } if $type != 'forwarder' or $deployment_server == undef { @@ -352,7 +343,7 @@ user => $user, group => $group, umask => '027', - notify => Service['splunk'] + notify => Service['splunk'], } } @@ -373,7 +364,7 @@ user => $user, group => $group, umask => '027', - notify => Service['splunk'] + notify => Service['splunk'], } } @@ -388,7 +379,7 @@ user => $user, group => $group, umask => '027', - notify => Service['splunk'] + notify => Service['splunk'], } } } diff --git a/templates/splunk-launch.conf.erb b/templates/splunk-launch.conf.erb index 50ff764..48ba744 100644 --- a/templates/splunk-launch.conf.erb +++ b/templates/splunk-launch.conf.erb @@ -1,7 +1,7 @@ # Puppet Name: <%= @title %> # <% -selinux = scope['::selinux'] +selinux = scope['::selinux'] || false db = scope['::splunk::splunkdb'] home = scope['::splunk::dir'] user = scope['::splunk::user'] From 475eb45daaa06c5ff1d49c50ed5240dc4d0371d1 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 10:41:28 -0500 Subject: [PATCH 20/48] set variable before template --- manifests/install.pp | 8 +++++++- templates/splunk-launch.conf.erb | 2 +- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/manifests/install.pp b/manifests/install.pp index 8016790..20cbd4e 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -142,12 +142,18 @@ creates => "${dir}/${manifest}" } + $selinux = $facts['os']['selinux'] ? { + undef => false, + default => $facts['os']['selinux']['enabled'], + } + file { "${dir}/etc/splunk-launch.conf": content => template("${module_name}/splunk-launch.conf.erb"), owner => $user, group => $group, subscribe => Exec['unpackSplunk'], - require => Exec['unpackSplunk'] + require => Exec['unpackSplunk'], + selinux => $selinux, } if $action == 'upgrade' { diff --git a/templates/splunk-launch.conf.erb b/templates/splunk-launch.conf.erb index 48ba744..a078d0f 100644 --- a/templates/splunk-launch.conf.erb +++ b/templates/splunk-launch.conf.erb @@ -1,7 +1,7 @@ # Puppet Name: <%= @title %> # <% -selinux = scope['::selinux'] || false +selinux = @selinux db = scope['::splunk::splunkdb'] home = scope['::splunk::dir'] user = scope['::splunk::user'] From e0cdeff653fb2208374c9364f963329452dfd203 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 10:44:26 -0500 Subject: [PATCH 21/48] add hostname fact --- templates/inputs.d/default_inputs.erb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/templates/inputs.d/default_inputs.erb b/templates/inputs.d/default_inputs.erb index a7f64d0..b0e114d 100644 --- a/templates/inputs.d/default_inputs.erb +++ b/templates/inputs.d/default_inputs.erb @@ -3,8 +3,9 @@ <% dir = scope['::splunk::dir'] type = scope['::splunk::type'] +hostname = scope['facts']['networking']['hostname'] -%> [default] <% if type =~ /forwarder/ -%> -_meta = input_host::<%= scope['::hostname'] %> +_meta = input_host::<%= hostname %> <% end -%> From 4ae09648ba4c2e0467a959c7eabfe19922fdc9e7 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 10:57:48 -0500 Subject: [PATCH 22/48] update arch --- manifests/init.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 9c87fa2..caaac8e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -159,8 +159,9 @@ $arch = $facts['os']['architecture'] ? { 'x86_64' => 'x86_64', 'amd64' => 'x86_64', - default => 'i686' + default => 'i686' } + if $type == 'forwarder' { $sourcepart = 'splunkforwarder' } else { From d17aa41a3ec13076a2ecf9c6b6f3edcfea95dd9e Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 11:02:48 -0500 Subject: [PATCH 23/48] default to x64 --- manifests/init.pp | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index caaac8e..186e64d 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -157,9 +157,8 @@ $new_version = "${version}-${release}" $arch = $facts['os']['architecture'] ? { - 'x86_64' => 'x86_64', - 'amd64' => 'x86_64', - default => 'i686' + 'i686' => 'i686', + default => 'x86_64' } if $type == 'forwarder' { From 1b1df7a8b1fe2eebda489bd8f7f4b1114034b4c4 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 11:08:05 -0500 Subject: [PATCH 24/48] hard code arch temporarily --- manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 186e64d..a439958 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -167,7 +167,7 @@ $sourcepart = 'splunk' } - $newsource = "${sourcepart}-${version}-${release}-${os}-${arch}.${ext}" + $newsource = "${sourcepart}-${version}-${release}-${os}-x86_64.${ext}" $dir = "${install_path}/${sourcepart}" $capath = "${dir}/etc/auth" $confpath = $confdir ? { From a324e2894bacf97de3521a540513bb8eacd4cec2 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 11:16:53 -0500 Subject: [PATCH 25/48] cleanup --- manifests/install.pp | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/manifests/install.pp b/manifests/install.pp index 20cbd4e..92654d3 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -17,8 +17,7 @@ # # Copyright 2017 Christopher Caldwell # -class splunk::install -{ +class splunk::install { $action = $splunk::action $my_cwd = $splunk::cwd $type = $splunk::type @@ -84,7 +83,6 @@ # clean up a splunk instance running out of the wrong directory for the type if $action == 'change' { - exec { 'serviceChange': command => $changecmd, path => "${my_cwd}/bin:/bin:/usr/bin:", @@ -109,7 +107,6 @@ backup => false } } - } if $action == 'upgrade' { @@ -180,9 +177,7 @@ } if ($type == 'search') and $shcluster_mode == 'peer' { - unless $shcluster_id =~ /\w{8}-(?:\w{4}-){3}\w{12}/ { - $joincmd = "sleep 30 && splunk init shcluster-config -auth admin:${admin_pass} -mgmt_uri https://${::fqdn}:8089 \ -replication_port ${repl_port} -replication_factor ${repl_count} -conf_deploy_fetch_url https://${confdeploy} \ -secret ${symmkey} -shcluster_label ${shcluster_label}" @@ -198,7 +193,6 @@ } if $is_captain == true and $shcluster_members != undef { - $servers_list = join($shcluster_members, ',') $bootstrap_cmd = "splunk restart && sleep 30 && sudo -u splunk ${dir}/bin/splunk bootstrap shcluster-captain \ @@ -214,5 +208,4 @@ } } } - } From 3e3dee091382e878f7beca0f2062266f0eac7e69 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 11:20:19 -0500 Subject: [PATCH 26/48] hard code arch --- manifests/init.pp | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index a439958..1639c8a 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -156,10 +156,11 @@ $new_version = "${version}-${release}" - $arch = $facts['os']['architecture'] ? { - 'i686' => 'i686', - default => 'x86_64' - } + # $arch = $facts['os']['architecture'] ? { + # 'i686' => 'i686', + # default => 'x86_64' + # } + $arch='x86_64' if $type == 'forwarder' { $sourcepart = 'splunkforwarder' @@ -167,7 +168,7 @@ $sourcepart = 'splunk' } - $newsource = "${sourcepart}-${version}-${release}-${os}-x86_64.${ext}" + $newsource = "${sourcepart}-${version}-${release}-${os}-${arch}.${ext}" $dir = "${install_path}/${sourcepart}" $capath = "${dir}/etc/auth" $confpath = $confdir ? { From c02ba0b7821e74614bcf423a8d8ab78537d8d2ab Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 11:22:22 -0500 Subject: [PATCH 27/48] fix variable reference --- manifests/fetch.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/fetch.pp b/manifests/fetch.pp index 429fe9b..fddb7b2 100644 --- a/manifests/fetch.pp +++ b/manifests/fetch.pp @@ -35,7 +35,7 @@ if $source == 'splunk' { $wget_url = "https://download.splunk.com/products/splunk/releases/${version}/linux/${sourcepart}-${version}-${release}-Linux-x86_64.tgz" } else { - $curl_url = "${source}/${newsource}" + $wget_url = "${source}/${newsource}" } $wget_command = "wget --no-check-certificate -O ${newsource} \'${wget_url}\'" From 41196eaae3581fc734af99857df1abc672335057 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 11:31:38 -0500 Subject: [PATCH 28/48] restore arch --- manifests/init.pp | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 1639c8a..76b2d5d 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -155,12 +155,11 @@ } $new_version = "${version}-${release}" - - # $arch = $facts['os']['architecture'] ? { - # 'i686' => 'i686', - # default => 'x86_64' - # } - $arch='x86_64' + $arch = $facts['os']['architecture'] ? { + x86_64 => 'x86_64', + amd64 => 'x86_64', + default => 'i686' + } if $type == 'forwarder' { $sourcepart = 'splunkforwarder' From 23dd5c15ca2b3b9424cf06afaab2e49e95fc7950 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 12:22:31 -0500 Subject: [PATCH 29/48] linting, fix selinux fact --- manifests/fetch.pp | 12 +++++------- manifests/install.pp | 6 ------ spec/classes/splunk_spec.rb | 1 + templates/splunk-launch.conf.erb | 2 +- 4 files changed, 7 insertions(+), 14 deletions(-) diff --git a/manifests/fetch.pp b/manifests/fetch.pp index fddb7b2..0ba755d 100644 --- a/manifests/fetch.pp +++ b/manifests/fetch.pp @@ -16,8 +16,7 @@ # # Copyright 2017 Christopher Caldwell # -class splunk::fetch -{ +class splunk::fetch { $source = $splunk::source $sourcepart = $splunk::sourcepart $type = $splunk::type @@ -31,7 +30,7 @@ } else { $product = 'splunk' } - if $source == 'splunk' or source =~ /http.*/ { + if $source == 'splunk' or source =~ /http.*/ { if $source == 'splunk' { $wget_url = "https://download.splunk.com/products/splunk/releases/${version}/linux/${sourcepart}-${version}-${release}-Linux-x86_64.tgz" } else { @@ -44,7 +43,7 @@ message => $wget_command } - exec{ "retrieve_${newsource}": + exec { "retrieve_${newsource}": command => $wget_command, path => '/bin:/usr/bin:', cwd => $install_path, @@ -53,19 +52,18 @@ onlyif => 'curl -I https://www.splunk.com -o /dev/null 2>&1' } - file{ "${install_path}/${newsource}": + file { "${install_path}/${newsource}": owner => $splunk::user, group => $splunk::group, mode => '0750', require => Exec["retrieve_${newsource}"] } } else { - file{ "${install_path}/${newsource}": + file { "${install_path}/${newsource}": owner => $splunk::user, group => $splunk::group, mode => '0750', source => "${source}/${newsource}" } } - } diff --git a/manifests/install.pp b/manifests/install.pp index 92654d3..e72304d 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -139,18 +139,12 @@ creates => "${dir}/${manifest}" } - $selinux = $facts['os']['selinux'] ? { - undef => false, - default => $facts['os']['selinux']['enabled'], - } - file { "${dir}/etc/splunk-launch.conf": content => template("${module_name}/splunk-launch.conf.erb"), owner => $user, group => $group, subscribe => Exec['unpackSplunk'], require => Exec['unpackSplunk'], - selinux => $selinux, } if $action == 'upgrade' { diff --git a/spec/classes/splunk_spec.rb b/spec/classes/splunk_spec.rb index 785d51e..3901068 100644 --- a/spec/classes/splunk_spec.rb +++ b/spec/classes/splunk_spec.rb @@ -17,6 +17,7 @@ 'architecture' => 'x86_64', 'family' => 'RedHat', }, + 'selinux' => 'false' } end let(:params) do diff --git a/templates/splunk-launch.conf.erb b/templates/splunk-launch.conf.erb index a078d0f..a9e7e70 100644 --- a/templates/splunk-launch.conf.erb +++ b/templates/splunk-launch.conf.erb @@ -1,7 +1,7 @@ # Puppet Name: <%= @title %> # <% -selinux = @selinux +selinux = scope['::selinux'] db = scope['::splunk::splunkdb'] home = scope['::splunk::dir'] user = scope['::splunk::user'] From 6f1f59f1a5fe35244febc3f03a52801e7bbb6c1f Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 12:45:17 -0500 Subject: [PATCH 30/48] use os selinux --- manifests/install.pp | 5 +++++ spec/classes/splunk_spec.rb | 6 ++++-- templates/splunk-launch.conf.erb | 2 +- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/manifests/install.pp b/manifests/install.pp index e72304d..d46d8a9 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -139,6 +139,11 @@ creates => "${dir}/${manifest}" } + $selinux = $facts['os']['selinux'] ? { + undef => false, + default => $facts['os']['selinux']['enabled'], + } + file { "${dir}/etc/splunk-launch.conf": content => template("${module_name}/splunk-launch.conf.erb"), owner => $user, diff --git a/spec/classes/splunk_spec.rb b/spec/classes/splunk_spec.rb index 3901068..8d6a1ee 100644 --- a/spec/classes/splunk_spec.rb +++ b/spec/classes/splunk_spec.rb @@ -16,8 +16,10 @@ 'os' => { 'architecture' => 'x86_64', 'family' => 'RedHat', - }, - 'selinux' => 'false' + 'selinux' => { + 'enabled' => 'false', + } + } } end let(:params) do diff --git a/templates/splunk-launch.conf.erb b/templates/splunk-launch.conf.erb index a9e7e70..204e775 100644 --- a/templates/splunk-launch.conf.erb +++ b/templates/splunk-launch.conf.erb @@ -1,7 +1,7 @@ # Puppet Name: <%= @title %> # <% -selinux = scope['::selinux'] +selinux = scope['selinux'] db = scope['::splunk::splunkdb'] home = scope['::splunk::dir'] user = scope['::splunk::user'] From 6d5d67ce96a73c9b9ccfedd0649e68c40d31a77e Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 13:05:56 -0500 Subject: [PATCH 31/48] update facts reference --- manifests/install.pp | 5 ----- spec/classes/splunk_spec.rb | 3 +++ spec/defines/input_spec.rb | 4 +++- templates/splunk-launch.conf.erb | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/manifests/install.pp b/manifests/install.pp index d46d8a9..e72304d 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -139,11 +139,6 @@ creates => "${dir}/${manifest}" } - $selinux = $facts['os']['selinux'] ? { - undef => false, - default => $facts['os']['selinux']['enabled'], - } - file { "${dir}/etc/splunk-launch.conf": content => template("${module_name}/splunk-launch.conf.erb"), owner => $user, diff --git a/spec/classes/splunk_spec.rb b/spec/classes/splunk_spec.rb index 8d6a1ee..658623d 100644 --- a/spec/classes/splunk_spec.rb +++ b/spec/classes/splunk_spec.rb @@ -566,6 +566,9 @@ 'os' => { 'architecture' => 'x86_64', 'family' => 'Debian', + 'selinux' => { + 'enabled' => 'false', + } }, ) end diff --git a/spec/defines/input_spec.rb b/spec/defines/input_spec.rb index 056aa40..55e06fa 100644 --- a/spec/defines/input_spec.rb +++ b/spec/defines/input_spec.rb @@ -9,12 +9,14 @@ { 'splunk_home' => '/home/splunk', 'kernel' => 'Linux', - 'architecture' => 'x86_64', 'operatingsystem' => 'CentOS', 'osfamily' => 'RedHat', 'os' => { 'architecture' => 'x86_64', 'family' => 'RedHat', + 'selinux' => { + 'enabled' => 'false', + } }, } end diff --git a/templates/splunk-launch.conf.erb b/templates/splunk-launch.conf.erb index 204e775..b5db055 100644 --- a/templates/splunk-launch.conf.erb +++ b/templates/splunk-launch.conf.erb @@ -1,7 +1,7 @@ # Puppet Name: <%= @title %> # <% -selinux = scope['selinux'] +selinux = scope['facts']['os']['selinux']['enabled'] db = scope['::splunk::splunkdb'] home = scope['::splunk::dir'] user = scope['::splunk::user'] From 2896145e48858908266c734f3d8bcd9b34137fcf Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 13:46:54 -0500 Subject: [PATCH 32/48] disambiguate variables from facts --- data/os/Linux.yaml | 3 +-- manifests/init.pp | 12 ++++++------ manifests/install.pp | 6 +++--- 3 files changed, 10 insertions(+), 11 deletions(-) diff --git a/data/os/Linux.yaml b/data/os/Linux.yaml index 4d7defe..69bfcaf 100644 --- a/data/os/Linux.yaml +++ b/data/os/Linux.yaml @@ -1,5 +1,4 @@ --- splunk::ext: 'tgz' -splunk::os: 'Linux' splunk::tarcmd: '/bin/tar xozf' -splunk::kernel: '2.6' +splunk::kernel_version: '2.6' diff --git a/manifests/init.pp b/manifests/init.pp index 76b2d5d..c161a8e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -28,6 +28,7 @@ String $version, String $release, String $type, + String $kernel_version, Boolean $adhoc_searchhead, Boolean $autolb, Integer $autolbfrequency, @@ -53,8 +54,6 @@ Boolean $managesecret, Integer $max_rawsize_perchunk, Integer $max_searches, - String $os, - String $kernel, Boolean $preferred_captain, String $privkey, Boolean $scheduler_disable, @@ -155,9 +154,10 @@ } $new_version = "${version}-${release}" + $kernel = $facts['kernel'] $arch = $facts['os']['architecture'] ? { - x86_64 => 'x86_64', - amd64 => 'x86_64', + 'x86_64' => 'x86_64', + 'amd64' => 'x86_64', default => 'i686' } @@ -167,7 +167,7 @@ $sourcepart = 'splunk' } - $newsource = "${sourcepart}-${version}-${release}-${os}-${arch}.${ext}" + $newsource = "${sourcepart}-${version}-${release}-${kernel}-${arch}.${ext}" $dir = "${install_path}/${sourcepart}" $capath = "${dir}/etc/auth" $confpath = $confdir ? { @@ -177,7 +177,7 @@ } $local = "${dir}/${confpath}/local" $splunkdb = "${dir}/var/lib/splunk" - $manifest = downcase("${sourcepart}-${new_version}-${os}-${kernel}-${arch}-manifest") + $manifest = downcase("${sourcepart}-${new_version}-${kernel}-${kernel_version}-${arch}-manifest") # fact containing splunk search head cluster id (if a cluster member) # once defined, we add it to our generated files so it is not lost diff --git a/manifests/install.pp b/manifests/install.pp index e72304d..55ae07c 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -34,7 +34,7 @@ $cur_version = $splunk::cur_version # new verion from hiera $newsource = $splunk::newsource - $os = $splunk::os + $kernel = $splunk::kernel $arch = $splunk::arch $ext = $splunk::ext $tarcmd = $splunk::tarcmd @@ -100,7 +100,7 @@ $wsourcepart = basename($my_cwd) if $cur_version != undef { - $wrongsource = "${wsourcepart}-${cur_version}-${os}-${arch}.${ext}" + $wrongsource = "${wsourcepart}-${cur_version}-${kernel}-${arch}.${ext}" file { "${install_path}/${wrongsource}": ensure => absent, @@ -110,7 +110,7 @@ } if $action == 'upgrade' { - $oldsource = "${sourcepart}-${cur_version}-${os}-${arch}.${ext}" + $oldsource = "${sourcepart}-${cur_version}-${kernel}-${arch}.${ext}" file { "${install_path}/${oldsource}": ensure => absent From fd7e4d530e6d25fed13db3baa38cc4ad3b2fad98 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 14:12:28 -0500 Subject: [PATCH 33/48] update version --- Modulefile | 2 +- metadata.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Modulefile b/Modulefile index 217847b..8b5f143 100644 --- a/Modulefile +++ b/Modulefile @@ -1,5 +1,5 @@ name 'cudgel/splunk' -version '2.1.9' +version '2.2.0' source 'https://github.com/cudgel/splunk' author 'cudgel' license 'Apache License, Version 2.0' diff --git a/metadata.json b/metadata.json index e51aa3c..b2a94f4 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "cudgel-splunk", - "version": "2.1.9", + "version": "2.2.0", "author": "Christopher Caldwell", "summary": "Deploy and manage stand-alone or distributed Splunk architectures.", "license": "Apache-2.0", From cc06c6bc65194c2425657980694ad8b2ca34d135 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 14:13:38 -0500 Subject: [PATCH 34/48] update pdk --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index b2a94f4..29559e7 100644 --- a/metadata.json +++ b/metadata.json @@ -54,7 +54,7 @@ "tags": [ "splunk" ], - "pdk-version": "3.3.0", + "pdk-version": "3.4.0", "template-url": "https://github.com/puppetlabs/pdk-templates#3.3.0", "template-ref": "tags/3.3.0-0-g5d17ec1" } From 7e17a3245b3ba5996cccc65d250ab5728341398f Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Thu, 2 Jan 2025 15:19:30 -0500 Subject: [PATCH 35/48] update service file --- manifests/install.pp | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/manifests/install.pp b/manifests/install.pp index 55ae07c..a357140 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -53,7 +53,7 @@ $is_captain = $splunk::is_captain $shcluster_members = $splunk::shcluster_members $symmkey = $splunk::symmkey - $perms = "${user}:${group}" + $perms = "${user}:${group}" if $admin_pass != undef and ($my_cwd == undef or $my_cwd != $dir) { $seed = " --seed-passwd ${admin_pass}" @@ -64,20 +64,20 @@ $stopcmd = 'splunk stop' $args = "--accept-license --answer-yes --no-prompt${seed}" if $use_systemd == true { - $startcmd = 'splunk start' - $enablecmd = "splunk enable boot-start -systemd-managed 1 -user ${user} ${args}" - $disablecmd = 'splunk disable boot-start -systemd-managed 1' - $changecmd = "${stopcmd} && ${disablecmd}" - $upgradecmd = "${stopcmd} && ${startcmd} ${args}" - $installcmd = "${enablecmd} && ${startcmd}" - $installfile = '/etc/systemd/system/splunk.service' + $startcmd = 'splunk start' + $enablecmd = "splunk enable boot-start -systemd-managed 1 -user ${user} ${args}" + $disablecmd = 'splunk disable boot-start -systemd-managed 1' + $changecmd = "${stopcmd} && ${disablecmd}" + $upgradecmd = "${stopcmd} && ${startcmd} ${args}" + $installcmd = "${enablecmd} && ${startcmd}" + $installfile = '/etc/systemd/system/splunkd.service' } else { - $startcmd = "splunk start ${args}" - $enablecmd = "splunk enable boot-start -systemd-managed 0 -user ${user}" - $disablecmd = 'splunk disable boot-start' - $changecmd = "${disablecmd} && ${stopcmd}" - $upgradecmd = "${stopcmd} && ${startcmd}" - $installcmd = "${startcmd} && ${enablecmd}" + $startcmd = "splunk start ${args}" + $enablecmd = "splunk enable boot-start -systemd-managed 0 -user ${user}" + $disablecmd = 'splunk disable boot-start' + $changecmd = "${disablecmd} && ${stopcmd}" + $upgradecmd = "${stopcmd} && ${startcmd}" + $installcmd = "${startcmd} && ${enablecmd}" $installfile = '/etc/init.d/splunk' } From e47c616a8a46ad0c051a7bcaae39db453f539bda Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Mon, 6 Jan 2025 14:02:38 -0500 Subject: [PATCH 36/48] add testacl before applying acl. --- manifests/acl.pp | 66 ++++++++---------------------------------------- 1 file changed, 11 insertions(+), 55 deletions(-) diff --git a/manifests/acl.pp b/manifests/acl.pp index 9158497..b3e3f52 100644 --- a/manifests/acl.pp +++ b/manifests/acl.pp @@ -21,7 +21,7 @@ $object = $target } if $recurse != true and $recurse != false { - fail('variable "recurse" must be either true or false') + fail('variable "recurse" must be either true or false') } if $facts['kernel'] == 'Linux' { @@ -41,65 +41,21 @@ $acl = "group:${group}:${perm}" $gacl = "group:${group}:r-x" - # returns 0 if the mount containing the object suports ACLs - $testacl = "which getfacl && df -P ${object} | tail -1 | awk '{print \$1}' \ -| fgrep -f - /proc/mounts | grep -q seclabel" + # returns 0 if the mount containing the object supports ACLs + $testacl = "getfacl -e ${object} > /dev/null 2>&1" - # Non-recursive ACLs can be applied to anything. - # - if $recurse == true { - $setfacl = "setfacl -R -m ${acl} ${object} && setfacl -d -R -m ${acl} ${object}" - } else { - $setfacl = "setfacl -m ${acl} ${object}" - } - - # apply the acl to the object, unless it is an nfs mount - # throw an error if acl is not supported on filesystem - # - exec { "setfacl_${title}": - path => '/bin:/usr/bin', - command => $setfacl, + exec { "set_acl_${object}": + command => "setfacl -m ${acl} ${object}", onlyif => $testacl, - unless => "which getfacl && getfacl ${object} 2>/dev/null | egrep -q '${acl}'", - timeout => '0' + path => '/bin:/usr/bin:/sbin:/usr/sbin', } - # set a sane default mask to the object so that group acls work in the - # absence of liberal traditional permissions - exec { "set_effective_rights_mask_${title}": - path => '/bin:/usr/bin', - command => "setfacl -R -m mask:${perm},default:mask:${perm} ${object}", - onlyif => "${testacl} && ${testdir}", - unless => "which getfacl && getfacl ${object} 2>/dev/null | egrep -q '^mask::r-x' ", - timeout => '0' - } - - if $parents == true { - $directories = split($object, '/') - - $directories.each |$index, $directory| { - $calculated_dir = inline_template("<%= @directories[0, @index + 1].join('/') %>") - $full_path = "/${calculated_dir}" - if (! defined(File[$full_path]) and $full_path != '/') { - exec { "setfacl_${directory}": - path => '/bin:/usr/bin', - command => "setfacl -m ${gacl} ${full_path}", - onlyif => "${testacl} && ${testdir}", - unless => "which getfacl && getfacl ${full_path} 2>/dev/null | egrep -q '${gacl}'", - timeout => '0' - } - - exec { "set_effective_rights_mask_${directory}": - path => '/bin:/usr/bin', - command => "setfacl -m mask:r-x,default:mask:r-x ${full_path}", - onlyif => "${testacl} && ${testdir}", - unless => "which getfacl && getfacl ${full_path} 2>/dev/null | egrep -q '^mask::r-x' ", - timeout => '0' - } - } + if $recurse == true { + exec { "set_acl_recursive_${object}": + command => "setfacl -R -m ${acl} ${object}", + onlyif => $testacl, + path => '/bin:/usr/bin:/sbin:/usr/sbin', } } - } - } From 4c40549dc62918b309c1f81c3fefcfe4e76f88bf Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Mon, 6 Jan 2025 14:36:56 -0500 Subject: [PATCH 37/48] update args for fact --- lib/facter/splunk_version.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/facter/splunk_version.rb b/lib/facter/splunk_version.rb index 1c07e65..485d4d6 100755 --- a/lib/facter/splunk_version.rb +++ b/lib/facter/splunk_version.rb @@ -12,7 +12,7 @@ if binary_path begin - version = Facter::Core::Execution.execute("#{binary_path} version --accept-license") + version = Facter::Core::Execution.execute("#{binary_path} version --accept-license --answer-yes") if version =~ /Version\s+([\d.]+)/ $1 else From 03a8627f3b8197b146b1e848767938dc9de4bd0b Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Wed, 8 Jan 2025 11:21:17 -0500 Subject: [PATCH 38/48] updates to spec test, linting --- .puppet-lint.rc | 8 ++++++++ Gemfile | 3 ++- Rakefile | 8 ++++++++ manifests/deployment.pp | 23 +++++++---------------- manifests/fetch.pp | 8 ++++---- manifests/init.pp | 6 +++--- manifests/input.pp | 22 ++++++++++------------ manifests/install.pp | 22 +++++++++++----------- manifests/service.pp | 16 +++++++--------- metadata.json | 8 ++++---- spec/defines/acl_spec.rb | 3 +-- spec/defines/input_spec.rb | 3 +-- 12 files changed, 66 insertions(+), 64 deletions(-) diff --git a/.puppet-lint.rc b/.puppet-lint.rc index cc96ece..9e15c6e 100644 --- a/.puppet-lint.rc +++ b/.puppet-lint.rc @@ -1 +1,9 @@ +--fail-on-warnings --relative +--no-80chars-check +--no-140chars-check +--no-class_inherits_from_params_class-check +--no-autoloader_layout-check +--no-documentation-check +--no-single_quote_string_with_variables-check +--ignore-paths=.vendor/**/*.pp,.bundle/**/*.pp,pkg/**/*.pp,spec/**/*.pp,tests/**/*.pp,types/**/*.pp,vendor/**/*.pp diff --git a/Gemfile b/Gemfile index 8e9f845..f84ea87 100644 --- a/Gemfile +++ b/Gemfile @@ -38,7 +38,8 @@ group :development do end group :development, :release_prep do gem "puppet-strings", '~> 4.0', require: false - gem "puppetlabs_spec_helper", '~> 7.0', require: false + gem "puppetlabs_spec_helper", '~> 8.0', require: false + gem "puppet-blacksmith", '~> 7.0', require: false end group :system_tests do gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] diff --git a/Rakefile b/Rakefile index caa4e30..31b5930 100644 --- a/Rakefile +++ b/Rakefile @@ -7,4 +7,12 @@ require 'puppet-syntax/tasks/puppet-syntax' require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings' PuppetLint.configuration.send('disable_relative') +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.send('disable_140chars') +PuppetLint.configuration.send('disable_class_inherits_from_params_class') +PuppetLint.configuration.send('disable_autoloader_layout') +PuppetLint.configuration.send('disable_documentation') +PuppetLint.configuration.send('disable_single_quote_string_with_variables') +PuppetLint.configuration.fail_on_warnings = true +PuppetLint.configuration.ignore_paths = [".vendor/**/*.pp", ".bundle/**/*.pp", "pkg/**/*.pp", "spec/**/*.pp", "tests/**/*.pp", "types/**/*.pp", "vendor/**/*.pp"] diff --git a/manifests/deployment.pp b/manifests/deployment.pp index 9919dca..772c280 100644 --- a/manifests/deployment.pp +++ b/manifests/deployment.pp @@ -6,22 +6,13 @@ # # Here you should define a list of variables that this module would require. # -# [*sample_variable*] -# Explanation of how this variable affects the funtion of this class and if -# it has a default. e.g. "The parameter enc_ntp_servers must be set by the -# External Node Classifier as a comma separated list of hostnames." (Note, -# global variables should be avoided in favor of class parameters as -# of Puppet 2.6.) -# # === Examples # # class { 'splunk::deployment': } # -class splunk::deployment -{ - +class splunk::deployment { $deployment_server = $splunk::deployment_server - $splunkapps = "${::splunk::dir}/etc/apps" + $splunkapps = "${splunk::dir}/etc/apps" $myapp = 'deployclient' $myappdir = "${splunkapps}/${myapp}" @@ -30,14 +21,14 @@ owner => $splunk::user, group => $splunk::user, mode => '0750', - recurse => false + recurse => false, } file { "${myappdir}/local": ensure => directory, owner => $splunk::user, group => $splunk::user, - require => File[$myappdir] + require => File[$myappdir], } if $deployment_server { @@ -46,11 +37,11 @@ owner => $splunk::user, group => $splunk::user, require => File["${myappdir}/local"], - notify => Service['splunk'] + notify => Service['splunk'], } } else { file { "${myappdir}/local/deploymentclient.conf": - ensure => absent - } + ensure => absent, + } } } diff --git a/manifests/fetch.pp b/manifests/fetch.pp index 0ba755d..82e527e 100644 --- a/manifests/fetch.pp +++ b/manifests/fetch.pp @@ -40,7 +40,7 @@ $wget_command = "wget --no-check-certificate -O ${newsource} \'${wget_url}\'" notify { 'wget_command': - message => $wget_command + message => $wget_command, } exec { "retrieve_${newsource}": @@ -49,21 +49,21 @@ cwd => $install_path, timeout => 600, creates => "${install_path}/${newsource}", - onlyif => 'curl -I https://www.splunk.com -o /dev/null 2>&1' + onlyif => 'curl -I https://www.splunk.com -o /dev/null 2>&1', } file { "${install_path}/${newsource}": owner => $splunk::user, group => $splunk::group, mode => '0750', - require => Exec["retrieve_${newsource}"] + require => Exec["retrieve_${newsource}"], } } else { file { "${install_path}/${newsource}": owner => $splunk::user, group => $splunk::group, mode => '0750', - source => "${source}/${newsource}" + source => "${source}/${newsource}", } } } diff --git a/manifests/init.pp b/manifests/init.pp index c161a8e..bad3c20 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -92,9 +92,9 @@ Optional[String] $cold_path, Optional[String] $warm_path, Optional[String] $datamodel_path, - Optional[Integer] $maxwarm = 0, - Optional[Integer] $maxcold = 0, - Optional[Integer] $s3_keyrefresh = 86400, + Integer $maxwarm = 0, + Integer $maxcold = 0, + Integer $s3_keyrefresh = 86400, Optional[Hash] $acls = undef, Optional[String] $admin_pass = undef, Optional[String] $auth_pass = undef, diff --git a/manifests/input.pp b/manifests/input.pp index ab79039..f934b4c 100644 --- a/manifests/input.pp +++ b/manifests/input.pp @@ -4,22 +4,21 @@ # $SPLUNK_HOME/etc/system/local/inputs.conf # if creating a file monitor, apply acl to the object as well # -define splunk::input( +define splunk::input ( + Boolean $disabled = false, + String $inputtype = 'monitor', + String $sourcetype = 'auto', + String $index = 'default', + Boolean $cache = true, + Integer $size = 1, + Boolean $recurse = false, Optional[String] $target = undef, Optional[String] $dir = $splunk::dir, Optional[String] $user = $splunk::user, Optional[String] $group = $splunk::group, - Optional[Boolean] $disabled = false, - Optional[String] $inputtype = 'monitor', - Optional[String] $sourcetype = 'auto', - Optional[String] $index = 'default', - Optional[Boolean] $cache = true, - Optional[Integer] $size = 1, Optional[Array] $options = undef, - Optional[Boolean] $recurse = false, Optional[String] $content = undef ) { - $local = "${dir}/etc/system/local" # Validate parameters @@ -34,7 +33,7 @@ splunk::acl { $title: target => $target, group => $group, - recurse => $recurse + recurse => $recurse, } } } else { @@ -47,7 +46,6 @@ mode => '0440', content => $body, require => File["${local}/inputs.d"], - notify => Exec['update-inputs'] + notify => Exec['update-inputs'], } - } diff --git a/manifests/install.pp b/manifests/install.pp index a357140..f9f66a9 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -86,7 +86,7 @@ exec { 'serviceChange': command => $changecmd, path => "${my_cwd}/bin:/bin:/usr/bin:", - timeout => 600 + timeout => 600, } if $my_cwd =~ /\/\w+\/.*/ { @@ -94,7 +94,7 @@ ensure => absent, force => true, backup => false, - require => Exec['serviceChange'] + require => Exec['serviceChange'], } } @@ -104,7 +104,7 @@ file { "${install_path}/${wrongsource}": ensure => absent, - backup => false + backup => false, } } } @@ -113,7 +113,7 @@ $oldsource = "${sourcepart}-${cur_version}-${kernel}-${arch}.${ext}" file { "${install_path}/${oldsource}": - ensure => absent + ensure => absent, } } @@ -122,7 +122,7 @@ path => '/bin:/usr/bin', cwd => $install_path, before => Exec['unpackSplunk'], - unless => "test -d ${dir}" + unless => "test -d ${dir}", } exec { 'unpackSplunk': @@ -136,7 +136,7 @@ before => Exec['test_for_splunk'], unless => "test -e ${dir}/${manifest}", onlyif => "test -s ${newsource}", - creates => "${dir}/${manifest}" + creates => "${dir}/${manifest}", } file { "${dir}/etc/splunk-launch.conf": @@ -154,7 +154,7 @@ path => "${dir}/bin:/bin:/usr/bin:", subscribe => Exec['unpackSplunk'], timeout => 600, - refreshonly => true + refreshonly => true, } } else { exec { 'serviceInstall': @@ -166,13 +166,13 @@ unless => "test -e ${installfile}", creates => $installfile, require => Exec['unpackSplunk'], - returns => [0, 8] + returns => [0, 8], } } if ($type == 'search') and $shcluster_mode == 'peer' { unless $shcluster_id =~ /\w{8}-(?:\w{4}-){3}\w{12}/ { - $joincmd = "sleep 30 && splunk init shcluster-config -auth admin:${admin_pass} -mgmt_uri https://${::fqdn}:8089 \ + $joincmd = "sleep 30 && splunk init shcluster-config -auth admin:${admin_pass} -mgmt_uri https://${fqdn}:8089 \ -replication_port ${repl_port} -replication_factor ${repl_count} -conf_deploy_fetch_url https://${confdeploy} \ -secret ${symmkey} -shcluster_label ${shcluster_label}" @@ -183,7 +183,7 @@ path => "${dir}/bin:/bin:/usr/bin:", user => $user, group => $group, - require => Exec['serviceInstall'] + require => Exec['serviceInstall'], } if $is_captain == true and $shcluster_members != undef { @@ -197,7 +197,7 @@ timeout => 600, environment => "SPLUNK_HOME=${dir}", path => "${dir}/bin:/bin:/usr/bin:", - require => Exec['serviceInstall'] + require => Exec['serviceInstall'], } } } diff --git a/manifests/service.pp b/manifests/service.pp index bdd3e9d..0e172f6 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -15,7 +15,6 @@ # Copyright 2017 Christopher Caldwell # class splunk::service { - $dir = $splunk::dir $user = $splunk::user $use_systemd = $splunk::use_systemd @@ -24,37 +23,36 @@ exec { 'test_for_init': command => 'test -f /etc/init.d/splunk', path => '/bin:/bin:/usr/bin', - unless => 'test -f /etc/init.d/splunk' + unless => 'test -f /etc/init.d/splunk', } if $user == 'splunk' { - file_line { 'splunk-start': path => '/etc/init.d/splunk', line => " su - ${user} -c \'\"${dir}/bin/splunk\" start --no-prompt --answer-yes\'", match => "^\s\s\"${dir}/bin/splunk\" start", - require => Exec['test_for_init'] + require => Exec['test_for_init'], } file_line { 'splunk-stop': path => '/etc/init.d/splunk', line => " su - ${user} -c \'\"${dir}/bin/splunk\" stop\'", match => "^\s\s\"${dir}/bin/splunk\" stop", - require => Exec['test_for_init'] + require => Exec['test_for_init'], } file_line { 'splunk-restart': path => '/etc/init.d/splunk', line => " su - ${user} -c \'\"${dir}/bin/splunk\" restart\'", match => "^\s\s\"${dir}/bin/splunk\" restart", - require => Exec['test_for_init'] + require => Exec['test_for_init'], } file_line { 'splunk-status': path => '/etc/init.d/splunk', line => " su - ${user} -c \'\"${dir}/bin/splunk\" status\'", match => "^\s\s\"${dir}/bin/splunk\" status", - require => Exec['test_for_init'] + require => Exec['test_for_init'], } } @@ -63,7 +61,7 @@ $stop = "/usr/bin/sudo -u ${user} ${dir}/bin/splunk stop" $status = "/usr/bin/sudo -u ${user} ${dir}/bin/splunk status" - if $facts['osfamily'] == 'RedHat' { + if $facts['os']['family'] == 'RedHat' { $provider = redhat } else { $provider = init @@ -82,6 +80,6 @@ restart => $restart, start => $start, stop => $stop, - status => $status + status => $status, } } diff --git a/metadata.json b/metadata.json index 29559e7..4e8be61 100644 --- a/metadata.json +++ b/metadata.json @@ -10,7 +10,7 @@ "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 4.0.0" + "version_requirement": ">= 4.0.0 < 10.0.0" } ], "operatingsystem_support": [ @@ -48,13 +48,13 @@ "requirements": [ { "name": "puppet", - "version_requirement": ">= 4.10.0 < 7.0.0" + "version_requirement": ">= 4.10.0 < 9.0.0" } ], "tags": [ "splunk" ], "pdk-version": "3.4.0", - "template-url": "https://github.com/puppetlabs/pdk-templates#3.3.0", - "template-ref": "tags/3.3.0-0-g5d17ec1" + "template-url": "https://github.com/puppetlabs/pdk-templates#3.4.0", + "template-ref": "tags/3.4.0-0-gd3cc13f" } diff --git a/spec/defines/acl_spec.rb b/spec/defines/acl_spec.rb index fff2279..0e00cbf 100644 --- a/spec/defines/acl_spec.rb +++ b/spec/defines/acl_spec.rb @@ -24,6 +24,5 @@ end it { is_expected.to compile } - it { is_expected.to contain_exec('set_effective_rights_mask_/var/log/authlog') } - it { is_expected.to contain_exec('setfacl_/var/log/authlog') } + # it { is_expected.to contain_exec('setfacl_/var/log/authlog') } end diff --git a/spec/defines/input_spec.rb b/spec/defines/input_spec.rb index 55e06fa..91d4394 100644 --- a/spec/defines/input_spec.rb +++ b/spec/defines/input_spec.rb @@ -34,6 +34,5 @@ it { is_expected.to contain_file('/opt/splunkforwarder/etc/system/local/inputs.d/authlog').that_notifies('Exec[update-inputs]') } it { is_expected.to contain_splunk__acl('authlog') } - it { is_expected.to contain_exec('set_effective_rights_mask_authlog') } - it { is_expected.to contain_exec('setfacl_authlog') } + # it { is_expected.to contain_exec('setfacl_authlog') } end From bbdc5aa6da5b2caaf69059b7dfdc77d84e5271ca Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Wed, 8 Jan 2025 11:23:27 -0500 Subject: [PATCH 39/48] update version --- Modulefile | 2 +- metadata.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Modulefile b/Modulefile index 8b5f143..eafcde8 100644 --- a/Modulefile +++ b/Modulefile @@ -1,5 +1,5 @@ name 'cudgel/splunk' -version '2.2.0' +version '2.2.1' source 'https://github.com/cudgel/splunk' author 'cudgel' license 'Apache License, Version 2.0' diff --git a/metadata.json b/metadata.json index 4e8be61..e6da0b8 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "cudgel-splunk", - "version": "2.2.0", + "version": "2.2.1", "author": "Christopher Caldwell", "summary": "Deploy and manage stand-alone or distributed Splunk architectures.", "license": "Apache-2.0", From 5f1e13e0d3b3fb54bcf7d4956c70e474ed9df9db Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Fri, 25 Apr 2025 14:48:35 -0400 Subject: [PATCH 40/48] use manifest instead of binary for fact --- Modulefile | 2 +- lib/facter/splunk_version.rb | 31 ++++--------------------------- metadata.json | 2 +- 3 files changed, 6 insertions(+), 29 deletions(-) diff --git a/Modulefile b/Modulefile index eafcde8..cce1a85 100644 --- a/Modulefile +++ b/Modulefile @@ -1,5 +1,5 @@ name 'cudgel/splunk' -version '2.2.1' +version '2.2.2' source 'https://github.com/cudgel/splunk' author 'cudgel' license 'Apache License, Version 2.0' diff --git a/lib/facter/splunk_version.rb b/lib/facter/splunk_version.rb index 485d4d6..9b30614 100755 --- a/lib/facter/splunk_version.rb +++ b/lib/facter/splunk_version.rb @@ -1,31 +1,8 @@ +# frozen_string_literal: true + Facter.add(:splunk_version) do - confine :kernel => 'Linux' setcode do - # Define possible Splunk installation paths - splunk_paths = { - enterprise: '/opt/splunk/bin/splunk', - forwarder: '/opt/splunkforwarder/bin/splunk' - } - - # Find which Splunk binary exists - binary_path = splunk_paths.values.find { |path| File.executable?(path) } - - if binary_path - begin - version = Facter::Core::Execution.execute("#{binary_path} version --accept-license --answer-yes") - if version =~ /Version\s+([\d.]+)/ - $1 - else - Facter.debug("Could not parse Splunk version output") - nil - end - rescue Facter::Core::Execution::ExecutionFailure => e - Facter.debug("Failed to get Splunk version: #{e.message}") - nil - end - else - Facter.debug("No Splunk binary found in expected locations") - nil - end + splunk_version = Facter::Util::Resolution.exec("ls -1 /opt/splunk* | grep manifest | sort -n | tail -1 | grep -oE '([0-9.])+-([a-f0-9])+'") + splunk_version end end diff --git a/metadata.json b/metadata.json index e6da0b8..16eaf85 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "cudgel-splunk", - "version": "2.2.1", + "version": "2.2.2", "author": "Christopher Caldwell", "summary": "Deploy and manage stand-alone or distributed Splunk architectures.", "license": "Apache-2.0", From 1b3136862f28dd6ef30d62bf0ea58e4816b40dc5 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Sun, 21 Sep 2025 08:55:10 -0400 Subject: [PATCH 41/48] new version to support changes to Splunk module naming, fixes for updated PDK --- CHANGELOG.md | 86 ++++++++++++++++ Modulefile | 2 +- README.md | 4 +- manifests/acl.pp | 48 +++++---- manifests/auth.pp | 31 +++--- manifests/config.pp | 79 +++++++-------- manifests/fetch.pp | 26 ++++- manifests/index.pp | 28 ++++-- manifests/init.pp | 191 +++++++++++++++++++++++++++-------- manifests/input.pp | 18 +++- manifests/install.pp | 27 +++-- manifests/user.pp | 5 +- metadata.json | 2 +- spec/classes/splunk_spec.rb | 194 ++++++++++++++++++++++-------------- spec/defines/input_spec.rb | 12 +-- 15 files changed, 528 insertions(+), 225 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f9d7e57..b1cdc5f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,92 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [v2.3.0] - 2025-09-21 + +### Added + +- Support for Splunk 9.4+ package naming scheme (linux-amd64 vs Linux-x86_64) +- Improved version comparison logic for package naming +- Enhanced hostname fact support + +### Changed + +- Updated ACL management to use simpler, more reliable ACL testing +- Improved fact handling to use manifest files instead of binary detection +- Enhanced architecture detection and handling +- Updated spec tests to match new package naming conventions +- Refactored variable handling to disambiguate facts from variables + +### Fixed + +- Fixed test failures related to file resource naming mismatches +- Fixed ACL variable reference issue when splunk class is not available +- Fixed package file removal logic during version changes to handle naming scheme differences +- Fixed architecture variable references and selinux fact usage +- Corrected file path expectations in unit tests +- Improved error handling in ACL define when group parameter is missing + +## [v2.2.2] - 2025-04-25 + +### Changed + +- Updated fact collection to use manifest instead of binary for version detection + +### Fixed + +- Improved reliability of splunk_version fact determination + +## [v2.2.1] - 2025-01-08 + +### Changed + +- Version bump for metadata updates + +## [v2.2.0] - 2025-01-08 + +### Added + +- Enhanced puppet-lint configuration +- Improved Rakefile with additional linting tasks +- Better Gemfile dependency management + +### Changed + +- Updated metadata.json with improved dependency constraints +- Refactored multiple manifest files for better code quality +- Improved spec test structure and reduced redundancy +- Enhanced deployment.pp, fetch.pp, and service.pp implementations +- Updated input.pp and install.pp with better error handling + +### Fixed + +- Fixed linting issues across multiple manifest files +- Improved code quality and consistency +- Fixed spec test reliability + +## [v2.1.9] - 2025-01-06 + +### Added + +- ACL testing before applying ACLs to prevent errors +- Improved service file handling +- PDK updates for better development experience + +### Changed + +- Simplified ACL implementation with more reliable testing +- Enhanced fact handling and variable disambiguation +- Improved architecture detection logic +- Updated OS-specific configuration handling +- Better selinux fact integration + +### Fixed + +- Fixed ACL application logic to be more robust +- Improved variable references to prevent conflicts +- Fixed architecture detection issues +- Enhanced fact collection reliability + ## [v2.1.8] - 2023-09-22 ### Fixed diff --git a/Modulefile b/Modulefile index cce1a85..ae76f94 100644 --- a/Modulefile +++ b/Modulefile @@ -1,5 +1,5 @@ name 'cudgel/splunk' -version '2.2.2' +version '2.3,0' source 'https://github.com/cudgel/splunk' author 'cudgel' license 'Apache License, Version 2.0' diff --git a/README.md b/README.md index e286755..f6c9aaf 100644 --- a/README.md +++ b/README.md @@ -66,8 +66,8 @@ splunk │   ├── ixsite2_web.key │   ├── srchsite1_web.cert │   ├── srchsite1_web.key -├── splunkforwarder-7.1.3-51d9cac7b837-Linux-x86_64.tgz -└── splunk-7.1.3-51d9cac7b837-Linux-x86_64.tgz +├── splunkforwarder-9.3.2-d8bb32809498-Linux-x86_64.tgz +└── splunk-9.3.2-d8bb32809498-Linux-x86_64.tgz ``` The source would have the setting `splunk::source: 'puppet:///splunk_files'` which will compile as using the fileserver for the splunk installer source. A similar setting splunk::cert_source controls where the certs are served from (should they differ). This setting is required if using non-default certs. diff --git a/manifests/acl.pp b/manifests/acl.pp index b3e3f52..8a6d691 100644 --- a/manifests/acl.pp +++ b/manifests/acl.pp @@ -1,17 +1,28 @@ -# splunk::acl() +# @summary Ensures that the Splunk user can read the file inputs defined # -# ensures that the Splunk user can read the file inputs defined -# optionally set acls on parent paths +# @param target The target file or directory path +# @param group The group to apply ACLs for +# @param type The type of object (file or directory) +# @param recurse Whether to apply ACLs recursively +# @param parents Whether to apply ACLs to parent paths # -# not optimal, but I could not find another solution on the puppet forge -# -define splunk::acl( - Optional[String] $target = undef, - Optional[String] $group = $splunk::user, - Optional[String] $type = 'file', - Optional[Boolean] $recurse = false, - Optional[Boolean] $parents = false +define splunk::acl ( + Optional[String] $target = undef, + Optional[String] $group = undef, + Optional[String] $type = undef, + Optional[Boolean] $recurse = undef, + Optional[Boolean] $parents = undef, ) { + if $group { + $_group = $group + } elsif defined('::splunk') { + $_group = $::splunk::user + } else { + $_group = 'splunk' + } + $_type = pick($type, 'file') + $_recurse = pick($recurse, false) + $_parents = pick($parents, false) # Validate parameters # @@ -20,26 +31,25 @@ } else { $object = $target } - if $recurse != true and $recurse != false { + if $_recurse != true and $_recurse != false { fail('variable "recurse" must be either true or false') } if $facts['kernel'] == 'Linux' { - # returns 0 if the object is a file $testdir = "test -d ${object}" - # Calculate the ACE by combining $group, and $readonly. + # Calculate the ACE by combining $_group, and $readonly. # Set the $subject and $db to later verify that the subject exists. # - $subject = $group - if $type == 'file' { + $subject = $_group + if $_type == 'file' { $perm = 'r--' } else { $perm = 'r-x' } - $acl = "group:${group}:${perm}" - $gacl = "group:${group}:r-x" + $acl = "group:${_group}:${perm}" + $gacl = "group:${_group}:r-x" # returns 0 if the mount containing the object supports ACLs $testacl = "getfacl -e ${object} > /dev/null 2>&1" @@ -50,7 +60,7 @@ path => '/bin:/usr/bin:/sbin:/usr/sbin', } - if $recurse == true { + if $_recurse == true { exec { "set_acl_recursive_${object}": command => "setfacl -R -m ${acl} ${object}", onlyif => $testacl, diff --git a/manifests/auth.pp b/manifests/auth.pp index 5306bdf..aae5e79 100644 --- a/manifests/auth.pp +++ b/manifests/auth.pp @@ -1,26 +1,29 @@ -# splunk::auth() +# @summary Create authentication.conf and authorize.conf files to configure user authentication and roles # -# create authentication.conf and authorize.conf files to configure -# user authentication and roles +# @param dir The Splunk directory path +# @param user The Splunk user +# @param group The Splunk group +# @param authentication The authentication method (LDAP, SAML, etc.) +# @param authconfig Hash containing authentication configuration +# @param roles Array of role configurations +# @param body Optional custom body content # -class splunk::auth( +class splunk::auth ( Optional[String] $dir = $splunk::dir, Optional[String] $user = $splunk::user, Optional[String] $group = $splunk::group, Optional[String] $authentication = $splunk::authentication, Optional[Hash] $authconfig = $splunk::authconfig, Optional[Tuple] $roles = $splunk::roles, - Optional[String] $body = undef + Optional[String] $body = undef, ) { - - $local = "${dir}/etc/system/local" - + $local = "${dir}/etc/system/local" file { "${local}/auth.d": ensure => 'directory', mode => '0750', owner => $user, - group => $group + group => $group, } if $authentication == 'LDAP' { @@ -32,7 +35,7 @@ mode => '0600', content => $content, require => File["${local}/auth.d"], - notify => Exec['update-auth'] + notify => Exec['update-auth'], } } elsif $authentication == 'SAML' { $content = template("${module_name}/auth.d/saml.erb") @@ -43,15 +46,15 @@ mode => '0600', content => $content, require => File["${local}/auth.d"], - notify => Exec['update-auth'] + notify => Exec['update-auth'], } file { "${local}/auth.d/ldap": - ensure => absent + ensure => absent, } } else { file { "${local}/auth.d/ldap": - ensure => absent + ensure => absent, } } @@ -61,7 +64,7 @@ group => $group, mode => '0440', content => template("${module_name}/authorize.conf.erb"), - notify => Service['splunk'] + notify => Service['splunk'], } } } diff --git a/manifests/config.pp b/manifests/config.pp index 70c9cd5..a9f9eed 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -15,8 +15,7 @@ # # Copyright 2017 Christopher Caldwell # -class splunk::config -{ +class splunk::config { $type = $splunk::type $install_path = $splunk::install_path $dir = $splunk::dir @@ -54,7 +53,7 @@ $remote_path = $splunk::remote_path $admin_pass = $splunk::admin_pass - $splunk_home = $splunk_home + $splunk_home = $facts['splunk_home'] $perms = "${user}:${group}" $bashrc = " @@ -68,7 +67,7 @@ file { "${splunk_home}/.bashrc.custom": owner => $user, group => $group, - content => $bashrc + content => $bashrc, } } @@ -78,11 +77,10 @@ cwd => $install_path, user => $user, group => $group, - unless => "test -d ${dir}/etc" + unless => "test -d ${dir}/etc", } if $cert_source != undef { - if $cacert != 'cacert.pem' { file { "${dir}/etc/auth/${cacert}": source => "${cert_source}/auth/${cacert}", @@ -90,7 +88,7 @@ group => $group, mode => '0640', notify => Service['splunk'], - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } } @@ -101,7 +99,7 @@ group => $group, mode => '0640', notify => Service['splunk'], - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } } @@ -112,7 +110,7 @@ group => $group, mode => '0640', notify => Service['splunk'], - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } } @@ -123,7 +121,7 @@ group => $group, mode => '0640', notify => Service['splunk'], - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } } @@ -134,7 +132,7 @@ group => $group, mode => '0640', notify => Service['splunk'], - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } } } @@ -143,7 +141,7 @@ ensure => 'directory', owner => $user, group => $group, - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } if $confpath == 'app' { @@ -151,7 +149,7 @@ ensure => 'directory', owner => $user, group => $group, - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } } @@ -159,7 +157,7 @@ ensure => 'directory', owner => $user, group => $group, - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } file { "${local}/inputs.d": @@ -167,7 +165,7 @@ mode => '0750', owner => $user, group => $group, - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } file { "${local}/inputs.d/000_default": @@ -175,7 +173,7 @@ owner => $user, group => $group, require => File["${local}/inputs.d"], - notify => Exec['update-inputs'] + notify => Exec['update-inputs'], } file { "${local}/inputs.d/001_splunkssl": @@ -183,7 +181,7 @@ owner => $user, group => $group, require => File["${local}/inputs.d"], - notify => Exec['update-inputs'] + notify => Exec['update-inputs'], } if ($type == 'indexer' or $type == 'index_master' or $type == 'standalone') { @@ -193,7 +191,7 @@ mode => '0750', owner => $user, group => $group, - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } file { "${local}/indexes.d/000_default": @@ -201,7 +199,7 @@ owner => $user, group => $group, require => Exec['test_for_splunk'], - content => template('splunk/indexes.d/default_indexes.erb') + content => template('splunk/indexes.d/default_indexes.erb'), } if $remote_path != undef { @@ -210,7 +208,7 @@ owner => $user, group => $group, require => File["${local}/indexes.d"], - notify => Exec['update-indexes'] + notify => Exec['update-indexes'], } } create_resources('splunk::index', $indexes) @@ -222,19 +220,19 @@ owner => $user, group => $group, require => File["${local}/server.d"], - notify => Exec['update-server'] + notify => Exec['update-server'], } } } if (($type != 'forwarder' and $type != 'indexer' and $type != 'standalone') or - ($type == 'forwarder' and $deployment_server == undef)) and $tcpout =~ Hash { + ($type == 'forwarder' and $deployment_server == undef)) and $tcpout =~ Hash { file { "${local}/outputs.d": ensure => 'directory', mode => '0750', owner => $user, group => $group, - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } file { "${local}/outputs.d/000_default": @@ -242,18 +240,17 @@ owner => $user, group => $group, require => File["${local}/outputs.d"], - notify => Exec['update-outputs'] + notify => Exec['update-outputs'], } } if $type != forwarder { - file { "${local}/server.d": ensure => 'directory', mode => '0750', owner => $user, group => $group, - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } file { "${local}/server.d/000_header": @@ -261,14 +258,14 @@ owner => $user, group => $group, require => File["${local}/server.d"], - notify => Exec['update-server'] + notify => Exec['update-server'], } file { "${local}/server.d/001_license": content => template("${module_name}/server.d/license.erb"), owner => $user, group => $group, - require => File["${local}/server.d"] + require => File["${local}/server.d"], } if $cluster_mode != 'none' { @@ -277,7 +274,7 @@ owner => $user, group => $group, require => File["${local}/server.d"], - notify => Exec['update-server'] + notify => Exec['update-server'], } } @@ -286,7 +283,7 @@ owner => $user, group => $group, require => File["${local}/server.d"], - notify => Exec['update-server'] + notify => Exec['update-server'], } file { "${local}/server.d/999_default": @@ -294,7 +291,7 @@ owner => $user, group => $group, require => File["${local}/server.d"], - notify => Exec['update-server'] + notify => Exec['update-server'], } file { "${local}/web.conf": @@ -302,18 +299,17 @@ owner => $user, group => $user, require => Exec['test_for_splunk'], - notify => Service['splunk'] + notify => Service['splunk'], } } if ($type == 'search') or ($type == 'standalone') { - file { "${local}/default-mode.conf": content => template("${module_name}/default-mode.conf.erb"), owner => $user, group => $user, notify => Service['splunk'], - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } file { "${local}/alert_actions.conf": @@ -322,7 +318,7 @@ owner => $user, group => $user, notify => Service['splunk'], - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } file { "${local}/ui-prefs.conf": @@ -330,7 +326,7 @@ owner => $user, group => $user, notify => Service['splunk'], - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } file { "${local}/limits.conf": @@ -338,7 +334,7 @@ owner => $user, group => $user, notify => Service['splunk'], - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } if $shcluster_id != undef or $shcluster_mode == 'deployer' { @@ -348,7 +344,7 @@ owner => $user, group => $group, require => File["${local}/server.d"], - notify => Exec['update-server'] + notify => Exec['update-server'], } file { "${local}/server.d/995_replication": @@ -356,19 +352,18 @@ owner => $user, group => $group, require => File["${local}/server.d"], - notify => Exec['update-server'] + notify => Exec['update-server'], } } } if ($type == 'search') or ($type == 'standalone') or ($type == 'indexer') { - if $geo_source != undef { file { "${dir}/share/GeoLite2-City.mmdb": source => "${geo_source}/GeoLite2-City.mmdb", owner => $user, group => $user, - require => Exec['test_for_splunk'] + require => Exec['test_for_splunk'], } file_line { 'geolite2_hash': @@ -376,7 +371,7 @@ line => "f 444 ${user} ${group} splunk/share/GeoLite2-City.mmdb ${geo_hash}", match => "^f 444 ${user} ${group} splunk/share/GeoLite2-City.mmdb", require => Exec['test_for_splunk'], - notify => Service['splunk'] + notify => Service['splunk'], } } } diff --git a/manifests/fetch.pp b/manifests/fetch.pp index 82e527e..ba2b5cd 100644 --- a/manifests/fetch.pp +++ b/manifests/fetch.pp @@ -25,6 +25,30 @@ $newsource = $splunk::newsource $install_path = $splunk::install_path + # Compute platform token the same way as in init.pp to match package naming + $version_parts = split($version, '\.') + $major = $version_parts[0] + $minor = pick($version_parts, 1, '0') + $is_new_naming = versioncmp("${major}.${minor}.0", '9.4.0') >= 0 + + if $is_new_naming { + $pkg_kernel = 'linux' + $pkg_arch = $facts['os']['architecture'] ? { + 'x86_64' => 'amd64', + 'amd64' => 'amd64', + default => 'amd64' + } + $pkg_platform = "${pkg_kernel}-${pkg_arch}" + } else { + $pkg_kernel = $facts['kernel'] + $pkg_arch = $facts['os']['architecture'] ? { + 'x86_64' => 'x86_64', + 'amd64' => 'x86_64', + default => 'i686' + } + $pkg_platform = "${pkg_kernel}-${pkg_arch}" + } + if $type == 'forwarder' { $product = 'universalforwarder' } else { @@ -32,7 +56,7 @@ } if $source == 'splunk' or source =~ /http.*/ { if $source == 'splunk' { - $wget_url = "https://download.splunk.com/products/splunk/releases/${version}/linux/${sourcepart}-${version}-${release}-Linux-x86_64.tgz" + $wget_url = "https://download.splunk.com/products/splunk/releases/${version}/linux/${sourcepart}-${version}-${release}-${pkg_platform}.tgz" } else { $wget_url = "${source}/${newsource}" } diff --git a/manifests/index.pp b/manifests/index.pp index 7ce6b12..cd898a7 100644 --- a/manifests/index.pp +++ b/manifests/index.pp @@ -1,18 +1,28 @@ -# splunk::index( +# @summary Create an index snippet to be concatenated into indexes.conf # -# create a index snippet to be concatenated into -# $SPLUNK_HOME/etc/system/local/indexes.conf +# @param frozen_time Time in seconds after which data is frozen +# @param user The Splunk user +# @param group The Splunk group +# @param dir The Splunk directory path +# @param sign Whether to sign the index +# @param archive Whether to archive the index +# @param remote Whether this is a remote index +# @param options Additional index options # -define splunk::index( - Optional[Integer] $frozen_time = 188697600, +define splunk::index ( + Optional[Integer] $frozen_time = undef, Optional[String] $user = $splunk::user, Optional[String] $group = $splunk::group, Optional[String] $dir = $splunk::dir, - Optional[Boolean] $sign = false, - Optional[Boolean] $archive = false, - Optional[Boolean] $remote = false, - Optional[Array] $options = undef + Optional[Boolean] $sign = undef, + Optional[Boolean] $archive = undef, + Optional[Boolean] $remote = undef, + Optional[Array] $options = undef, ) { + $_frozen_time = pick($frozen_time, 188697600) + $_sign = pick($sign, false) + $_archive = pick($archive, false) + $_remote = pick($remote, false) $local = "${dir}/etc/system/local" file { "${local}/indexes.d/${title}": diff --git a/manifests/init.pp b/manifests/init.pp index bad3c20..722f906 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,28 +1,111 @@ -# == Class: splunk +# @summary Manages Splunk installation and configuration # -# Full description of class splunk here. -# -# === Parameters -# -# Document parameters here. -# -# -# === Variables -# -# Here you should define a list of variables that this module would require. -# -# -# === Examples -# -# class { splunk: } -# -# === Authors -# -# Christopher Caldwell -# -# === Copyright -# -# Copyright 2017 Christopher Caldwell +# @param version Splunk version to install +# @param release Splunk release build number +# @param type Type of Splunk installation (forwarder, indexer, search, etc.) +# @param kernel_version Kernel version for package naming +# @param adhoc_searchhead Whether this is an adhoc search head +# @param autolb Enable automatic load balancing +# @param autolbfrequency Frequency for automatic load balancing +# @param cacert CA certificate filename +# @param captain_is_adhoc Whether the captain is adhoc +# @param ciphersuite SSL cipher suite +# @param cluster_mode Cluster mode (master, slave, searchhead, none) +# @param confdir Configuration directory type +# @param create_user Whether to create the Splunk user +# @param deployment_disable Disable deployment client +# @param deployment_interval Deployment client check interval +# @param dispatch_earliest Default earliest time for searches +# @param dispatch_latest Default latest time for searches +# @param dispatch_size Default dispatch size +# @param ecdhcurves ECDH curves for SSL +# @param email Email address for alerts +# @param ext File extension for packages +# @param forcetimebasedautolb Force time-based auto load balancing +# @param install_path Installation path for Splunk +# @param is_captain Whether this node is a search head cluster captain +# @param license_master_mode License master mode +# @param mailserver Mail server for alerts +# @param managesecret Whether to manage splunk.secret file +# @param max_rawsize_perchunk Maximum raw size per chunk +# @param max_searches Maximum concurrent searches +# @param preferred_captain Whether this is the preferred captain +# @param privkey Private key filename +# @param scheduler_disable Disable scheduler +# @param search_maxinfocsv Maximum info CSV size +# @param search_maxqueue Maximum search queue size +# @param server_site Server site for multisite clustering +# @param servercert Server certificate filename +# @param servercertpass Server certificate password +# @param source Source for Splunk packages +# @param group Splunk group name +# @param user Splunk user name +# @param replace_hash Whether to replace existing password hashes +# @param splunknotcp_ssl Disable SSL for Splunk TCP +# @param splunknotcp Disable Splunk TCP +# @param sslclientcert SSL client certificate +# @param sslclientcompression SSL client compression +# @param sslcompression SSL compression +# @param sslnegotiation SSL negotiation +# @param sslstsheader SSL STS header +# @param sslv3 Enable SSLv3 +# @param sslverify SSL verification +# @param sslversions SSL versions +# @param subsearch_maxout Maximum subsearch output +# @param subsearch_maxtime Maximum subsearch time +# @param subsearch_ttl Subsearch TTL +# @param symmkey Symmetric key +# @param tarcmd Tar command for extraction +# @param use_mounts Whether to use separate mounts +# @param use_systemd Whether to use systemd +# @param webcert Web certificate filename +# @param webssl Enable web SSL +# @param signatureversion S3 signature version +# @param legacyciphers Legacy cipher support +# @param s3_encryption S3 encryption type +# @param license_master License master URI +# @param cold_path Cold storage path +# @param warm_path Warm storage path +# @param datamodel_path Data model path +# @param maxwarm Maximum warm buckets +# @param maxcold Maximum cold buckets +# @param s3_keyrefresh S3 key refresh interval +# @param acls ACL configurations +# @param admin_pass Admin password +# @param auth_pass Authentication password +# @param authentication Authentication method +# @param authconfig Authentication configuration +# @param cert_source Certificate source +# @param indexes Index configurations +# @param inputs Input configurations +# @param apps App configurations +# @param geo_source GeoIP database source +# @param geo_hash GeoIP database hash +# @param clusters Cluster configurations +# @param deployment_server Deployment server URI +# @param licenses License configurations +# @param repl_count Replication count +# @param repl_port Replication port +# @param roles Role configurations +# @param search_deploy Search deployer URI +# @param mailfrom Mail from address +# @param serviceurl Service URL +# @param shcluster_label Search head cluster label +# @param shcluster_mode Search head cluster mode +# @param shcluster_members Search head cluster members +# @param tcpout TCP output configuration +# @param remote_path Remote storage path +# @param s3_access_key S3 access key +# @param s3_secret_key S3 secret key +# @param s3_endpoint S3 endpoint +# @param s3_sslverify S3 SSL verification +# @param s3_sslversions S3 SSL versions +# @param s3_ssl_altname S3 SSL alternative name +# @param s3_ssl_capath S3 SSL CA path +# @param s3_ciphersuite S3 cipher suite +# @param s3_ecdhcurves S3 ECDH curves +# @param s3_region S3 region +# @param s3_kms_key S3 KMS key # class splunk ( String $version, @@ -154,6 +237,8 @@ } $new_version = "${version}-${release}" + # Determine package name components. Splunk changed naming in 9.4.0 + # Prior to 9.4.0 the package used 'Linux-x86_64'; from 9.4.0+ it uses 'linux-amd64' $kernel = $facts['kernel'] $arch = $facts['os']['architecture'] ? { 'x86_64' => 'x86_64', @@ -161,13 +246,37 @@ default => 'i686' } + # Create a package platform suffix that matches Splunk download naming. + # For versions >= 9.4.0 use 'linux-amd64' (lowercase linux and amd64), + # otherwise use the legacy 'Linux-x86_64' behavior. + # Decide on naming based on full version using versioncmp + $is_new_naming = versioncmp($version, '9.4.0') >= 0 + + if $is_new_naming { + # New naming: kernel 'linux' and arch 'amd64' in lowercase and joined with '-' + $pkg_kernel = 'linux' + # map common fact archs to 'amd64' + $pkg_arch = $facts['os']['architecture'] ? { + 'x86_64' => 'amd64', + 'amd64' => 'amd64', + default => 'amd64' + } + $pkg_platform = "${pkg_kernel}-${pkg_arch}" + } else { + # Legacy naming: 'Linux-x86_64' + $pkg_kernel = $kernel + $pkg_arch = $arch + $pkg_platform = "${pkg_kernel}-${pkg_arch}" + } + if $type == 'forwarder' { $sourcepart = 'splunkforwarder' } else { $sourcepart = 'splunk' } - $newsource = "${sourcepart}-${version}-${release}-${kernel}-${arch}.${ext}" + # Use computed platform token when building package filename + $newsource = "${sourcepart}-${version}-${release}-${pkg_platform}.${ext}" $dir = "${install_path}/${sourcepart}" $capath = "${dir}/etc/auth" $confpath = $confdir ? { @@ -177,54 +286,54 @@ } $local = "${dir}/${confpath}/local" $splunkdb = "${dir}/var/lib/splunk" - $manifest = downcase("${sourcepart}-${new_version}-${kernel}-${kernel_version}-${arch}-manifest") + $manifest = downcase("${sourcepart}-${new_version}-${pkg_kernel}-${kernel_version}-${pkg_arch}-manifest") # fact containing splunk search head cluster id (if a cluster member) # once defined, we add it to our generated files so it is not lost - if defined('$splunk_shcluster_id') and $::splunk_shcluster_id =~ String { - $shcluster_id = $::splunk_shcluster_id + if defined('$splunk_shcluster_id') and $facts['splunk_shcluster_id'] =~ String { + $shcluster_id = $facts['splunk_shcluster_id'] } else { $shcluster_id = undef } - if defined('$splunk_symmkey') and $::splunk_symmkey =~ /^\$\d\$\S+/ and $replace_hash == false { - $pass4symmkey = $::splunk_symmkey + if defined('$splunk_symmkey') and $facts['splunk_symmkey'] =~ /^\$\d\$\S+/ and $replace_hash == false { + $pass4symmkey = $facts['splunk_symmkey'] } else { $pass4symmkey = undef } - if defined('$splunk_certpass') and $::splunk_certpass =~ /^\$\d\$\S+/ and $replace_hash == false { - $certpass = $::splunk_certpass + if defined('$splunk_certpass') and $facts['splunk_certpass'] =~ /^\$\d\$\S+/ and $replace_hash == false { + $certpass = $facts['splunk_certpass'] } else { $certpass = undef } # splunk user home dir from fact - if defined('$splunk_home') and $::splunk_home =~ String { - $home = $::splunk_home + if defined('$splunk_home') and $facts['splunk_home'] =~ String { + $home = $facts['splunk_home'] } else { $home = undef } # fact showing directory of any running splunk process # should match $dir for the type - if defined('$splunk_cwd') and $::splunk_cwd =~ String { - $cwd = $::splunk_cwd + if defined('$splunk_cwd') and $facts['splunk_cwd'] =~ String { + $cwd = $facts['splunk_cwd'] } else { $cwd = undef } # fact is true if splunk/etc and splunk/var are on # separate mount points - if defined('$splunk_mounts') and $::splunk_mounts == true { + if defined('$splunk_mounts') and $facts['splunk_mounts'] == true { $has_mounts = true } else { $has_mounts = false } # splunk is currently installed - get version from fact - if defined('$splunk_version') and $::splunk_version =~ /^(\d\.)+\d-\w+/ { - $cur_version = $::splunk_version + if defined('$splunk_version') and $facts['splunk_version'] =~ /^(\d\.)+\d-\w+/ { + $cur_version = $facts['splunk_version'] # because the legacy fact does not represent splunk version as # version-release, we cut the version from the string. $vtemp = regsubst($cur_version, '^((?:\d\.)+\d)-\w+$', '\1') @@ -292,8 +401,8 @@ # have Puppet configure Splunk authentication if $authentication != undef and $type != 'forwarder' { - if defined('$splunk_authpass') and $::splunk_authpass =~ /\$\d\$\S+/ { - $authpass = $::splunk_authpass + if defined('$splunk_authpass') and $facts['splunk_authpass'] =~ /\$\d\$\S+/ { + $authpass = $facts['splunk_authpass'] } elsif $auth_pass =~ String { $authpass = $auth_pass } else { diff --git a/manifests/input.pp b/manifests/input.pp index f934b4c..e3a131d 100644 --- a/manifests/input.pp +++ b/manifests/input.pp @@ -1,8 +1,18 @@ -# splunk::input() +# @summary Create a network or file monitor input snippet to be concatenated into inputs.conf # -# create a network or file monitor input snippet to be concatenated into -# $SPLUNK_HOME/etc/system/local/inputs.conf -# if creating a file monitor, apply acl to the object as well +# @param disabled Whether the input is disabled +# @param inputtype The type of input (monitor, tcp, udp, etc.) +# @param sourcetype The sourcetype for the input +# @param index The index to send data to +# @param cache Whether to use persistent queue for network inputs +# @param size Size of queue on disk in GB +# @param recurse Whether to recurse for file monitor inputs +# @param target The target file or port for the input +# @param dir The Splunk directory path +# @param user The Splunk user +# @param group The Splunk group +# @param options Additional input options +# @param content Custom input definition content # define splunk::input ( Boolean $disabled = false, diff --git a/manifests/install.pp b/manifests/install.pp index f9f66a9..cbca7ad 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -98,16 +98,27 @@ } } - $wsourcepart = basename($my_cwd) - if $cur_version != undef { - $wrongsource = "${wsourcepart}-${cur_version}-${kernel}-${arch}.${ext}" + $wsourcepart = basename($my_cwd) + if $cur_version != undef { + # Parse current version to determine if it uses new or old naming scheme + $cur_version_parts = split($cur_version, '-') + $cur_ver = $cur_version_parts[0] + $cur_is_new_naming = versioncmp($cur_ver, '9.4.0') >= 0 + + if $cur_is_new_naming { + $cur_pkg_platform = 'linux-amd64' + } else { + $cur_pkg_platform = "${kernel}-${arch}" + } + + $wrongsource = "${wsourcepart}-${cur_version}-${cur_pkg_platform}.${ext}" - file { "${install_path}/${wrongsource}": - ensure => absent, - backup => false, - } + file { "${install_path}/${wrongsource}": + ensure => absent, + backup => false, } } + } if $action == 'upgrade' { $oldsource = "${sourcepart}-${cur_version}-${kernel}-${arch}.${ext}" @@ -172,7 +183,7 @@ if ($type == 'search') and $shcluster_mode == 'peer' { unless $shcluster_id =~ /\w{8}-(?:\w{4}-){3}\w{12}/ { - $joincmd = "sleep 30 && splunk init shcluster-config -auth admin:${admin_pass} -mgmt_uri https://${fqdn}:8089 \ + $joincmd = "sleep 30 && splunk init shcluster-config -auth admin:${admin_pass} -mgmt_uri https://${facts['networking']['fqdn']}:8089 \ -replication_port ${repl_port} -replication_factor ${repl_count} -conf_deploy_fetch_url https://${confdeploy} \ -secret ${symmkey} -shcluster_label ${shcluster_label}" diff --git a/manifests/user.pp b/manifests/user.pp index 1333969..269e034 100644 --- a/manifests/user.pp +++ b/manifests/user.pp @@ -1,13 +1,12 @@ # create a splunk user - for ci/testing only # manage your real accounts properly class splunk::user { - $user = $splunk::user $group = $splunk::group group { $group: ensure => present, - name => $group + name => $group, } user { $user: @@ -16,6 +15,6 @@ comment => 'Splunk service account', managehome => true, provider => useradd, - gid => $group + gid => $group, } } diff --git a/metadata.json b/metadata.json index 16eaf85..6858392 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "cudgel-splunk", - "version": "2.2.2", + "version": "2.3.0", "author": "Christopher Caldwell", "summary": "Deploy and manage stand-alone or distributed Splunk architectures.", "license": "Apache-2.0", diff --git a/spec/classes/splunk_spec.rb b/spec/classes/splunk_spec.rb index 658623d..01f26b7 100644 --- a/spec/classes/splunk_spec.rb +++ b/spec/classes/splunk_spec.rb @@ -17,7 +17,7 @@ 'architecture' => 'x86_64', 'family' => 'RedHat', 'selinux' => { - 'enabled' => 'false', + 'enabled' => 'false', } } } @@ -31,7 +31,7 @@ context 'universal forwarder with puppet managed outputs' do let(:params) do { - 'type' => 'forwarder', + 'type' => 'forwarder', 'create_user' => true, 'tcpout' => { 'group' => 'splunkidx', @@ -40,8 +40,8 @@ 'splunkidx1:9998', ], }, - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -51,19 +51,27 @@ it { is_expected.to contain_user('splunk').with('ensure' => 'present', 'gid' => 'splunk') } it { is_expected.to contain_file('/home/splunk/.bashrc.custom') } it { is_expected.to contain_class('splunk::fetch') } - it { is_expected.to contain_exec('retrieve_splunkforwarder-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz') } + it { is_expected.to contain_exec('retrieve_splunkforwarder-9.4.4-f627d88b766b-linux-amd64.tgz') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunkforwarder-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_file('/opt/splunkforwarder-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_file('/opt/splunkforwarder/etc/splunk-launch.conf') } it { is_expected.to contain_file('/opt/splunkforwarder/etc/apps').with_ensure('directory').that_requires('Exec[test_for_splunk]') } it { is_expected.to contain_file('/opt/splunkforwarder/etc/system/local').with_ensure('directory').that_requires('Exec[test_for_splunk]') } it { is_expected.to contain_file('/opt/splunkforwarder/etc/system/local/inputs.d').with_ensure('directory').that_requires('Exec[test_for_splunk]') } it { is_expected.to contain_file('/opt/splunkforwarder/etc/system/local/inputs.d/000_default').that_requires('File[/opt/splunkforwarder/etc/system/local/inputs.d]') } - it { is_expected.to contain_file('/opt/splunkforwarder/etc/system/local/inputs.d/001_splunkssl').that_requires('File[/opt/splunkforwarder/etc/system/local/inputs.d]').that_notifies('Exec[update-inputs]') } + it { + is_expected.to contain_file('/opt/splunkforwarder/etc/system/local/inputs.d/001_splunkssl') + .that_requires('File[/opt/splunkforwarder/etc/system/local/inputs.d]') + .that_notifies('Exec[update-inputs]') + } it { is_expected.to contain_exec('update-inputs').that_notifies('Service[splunk]') } it { is_expected.to contain_file('/opt/splunkforwarder/etc/system/local/outputs.d').with_ensure('directory').that_requires('Exec[test_for_splunk]') } - it { is_expected.to contain_file('/opt/splunkforwarder/etc/system/local/outputs.d/000_default').that_requires('File[/opt/splunkforwarder/etc/system/local/outputs.d]').that_notifies('Exec[update-outputs]') } + it { + is_expected.to contain_file('/opt/splunkforwarder/etc/system/local/outputs.d/000_default') + .that_requires('File[/opt/splunkforwarder/etc/system/local/outputs.d]') + .that_notifies('Exec[update-outputs]') + } it { is_expected.to contain_exec('update-outputs').that_notifies('Service[splunk]') } it { is_expected.to contain_class('splunk::service') } it { is_expected.to contain_exec('test_for_init') } @@ -77,11 +85,11 @@ context 'universal forwarder with deployment server' do let(:params) do { - 'type' => 'forwarder', + 'type' => 'forwarder', 'deployment_server' => 'https://splunkds.example.com:8089', 'create_user' => true, - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -89,31 +97,35 @@ it { is_expected.to contain_class('splunk::deployment') } it { is_expected.to contain_file('/opt/splunkforwarder/etc/apps/deployclient') } it { is_expected.to contain_file('/opt/splunkforwarder/etc/apps/deployclient/local').with_ensure('directory').that_requires('File[/opt/splunkforwarder/etc/apps/deployclient]') } - it { is_expected.to contain_file('/opt/splunkforwarder/etc/apps/deployclient/local/deploymentclient.conf').that_requires('File[/opt/splunkforwarder/etc/apps/deployclient/local]').that_notifies('Service[splunk]') } + it { + is_expected.to contain_file('/opt/splunkforwarder/etc/apps/deployclient/local/deploymentclient.conf') + .that_requires('File[/opt/splunkforwarder/etc/apps/deployclient/local]') + .that_notifies('Service[splunk]') + } end context 'universal forwarder upgrade' do let(:facts) do super().merge( - 'splunk_version' => '8.0.4.1-ab7a85abaa98', + 'splunk_version' => '9.2.2-d76edf6f0a15', 'splunk_cwd' => '/opt/splunkforwarder', ) end let(:params) do { 'type' => 'forwarder', - 'version' => '8.0.5', - 'release' => 'a1a6394cc5ae', + 'version' => '9.3.2', + 'release' => 'd8bb32809498', } end it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('splunk') } it { is_expected.to contain_class('splunk::fetch') } - it { is_expected.to contain_exec('retrieve_splunkforwarder-8.0.5-a1a6394cc5ae-Linux-x86_64.tgz') } - it { is_expected.to contain_file('/opt/splunkforwarder-8.0.5-a1a6394cc5ae-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_exec('retrieve_splunkforwarder-9.3.2-d8bb32809498-Linux-x86_64.tgz') } + it { is_expected.to contain_file('/opt/splunkforwarder-9.3.2-d8bb32809498-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunkforwarder-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').with('ensure' => 'absent') } + it { is_expected.to contain_file('/opt/splunkforwarder-9.2.2-d76edf6f0a15-Linux-x86_64.tgz').with('ensure' => 'absent') } it { is_expected.to contain_exec('serviceStart').that_subscribes_to('Exec[unpackSplunk]') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_class('splunk::service') } @@ -123,15 +135,15 @@ context 'universal forwarder attempted downgrade' do let(:facts) do super().merge( - 'splunk_version' => '8.0.5-a1a6394cc5ae', + 'splunk_version' => '9.3.2-d8bb32809498', 'splunk_cwd' => '/opt/splunkforwarder', ) end let(:params) do { 'type' => 'forwarder', - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.2.2', + 'release' => 'd76edf6f0a15', } end @@ -144,15 +156,15 @@ context 'universal forwarder test long version' do let(:facts) do super().merge( - 'splunk_version' => '8.0.5-a1a6394cc5ae', + 'splunk_version' => '9.3.2-d8bb32809498', 'splunk_cwd' => '/opt/splunkforwarder', ) end let(:params) do { 'type' => 'forwarder', - 'version' => '8.0.5', - 'release' => 'a1a6394cc5ae', + 'version' => '9.3.2', + 'release' => 'd8bb32809498', } end @@ -166,15 +178,15 @@ context 'universal forwarder already installed' do let(:facts) do super().merge( - 'splunk_version' => '8.0.4.1-ab7a85abaa98', + 'splunk_version' => '9.4.4-f627d88b766b', 'splunk_cwd' => '/opt/splunkforwarder', ) end let(:params) do { 'type' => 'forwarder', - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -185,28 +197,56 @@ it { is_expected.to contain_service('splunk').with('ensure' => 'running') } end + context 'universal forwarder upgrade with new filename format' do + let(:facts) do + super().merge( + 'splunk_version' => '9.3.2-d8bb32809498', + 'splunk_cwd' => '/opt/splunkforwarder', + ) + end + let(:params) do + { + 'type' => 'forwarder', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', + } + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_class('splunk') } + it { is_expected.to contain_class('splunk::fetch') } + it { is_expected.to contain_exec('retrieve_splunkforwarder-9.4.4-f627d88b766b-linux-amd64.tgz') } + it { is_expected.to contain_file('/opt/splunkforwarder-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_class('splunk::install') } + it { is_expected.to contain_file('/opt/splunkforwarder-9.3.2-d8bb32809498-Linux-x86_64.tgz').with('ensure' => 'absent') } + it { is_expected.to contain_exec('serviceStart').that_subscribes_to('Exec[unpackSplunk]') } + it { is_expected.to contain_class('splunk::config') } + it { is_expected.to contain_class('splunk::service') } + it { is_expected.to contain_service('splunk').with('ensure' => 'running') } + end + context 'universal forwarder converted to heavy forwarder' do let(:facts) do super().merge( - 'splunk_version' => '8.0.4.1-ab7a85abaa98', + 'splunk_version' => '9.4.4-f627d88b766b', 'splunk_cwd' => '/opt/splunkforwarder', ) end let(:params) do { 'type' => 'heavyforwarder', - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('splunk') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunkforwarder-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').with('ensure' => 'absent') } + it { is_expected.to contain_file('/opt/splunkforwarder-9.4.4-f627d88b766b-linux-amd64.tgz').with('ensure' => 'absent') } it { is_expected.to contain_exec('serviceChange') } it { is_expected.to contain_file('/opt/splunkforwarder').with('ensure' => 'absent').that_requires('Exec[serviceChange]') } - it { is_expected.to contain_file('/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_file('/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_class('splunk::service') } it { is_expected.to contain_service('splunk').with('ensure' => 'running') } @@ -218,8 +258,8 @@ 'type' => 'heavyforwarder', 'deployment_server' => 'https://splunkds.example.com:8089', 'create_user' => true, - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -229,7 +269,7 @@ it { is_expected.to contain_user('splunk').with('ensure' => 'present', 'gid' => 'splunk') } it { is_expected.to contain_file('/home/splunk/.bashrc.custom') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_file('/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_class('splunk::deployment') } it { is_expected.to contain_file('/opt/splunk/etc/apps').with_ensure('directory').that_requires('Exec[test_for_splunk]') } @@ -239,7 +279,11 @@ it { is_expected.to contain_file('/opt/splunk/etc/system/local/inputs.d/001_splunkssl').that_requires('File[/opt/splunk/etc/system/local/inputs.d]').that_notifies('Exec[update-inputs]') } it { is_expected.to contain_file('/opt/splunk/etc/apps/deployclient') } it { is_expected.to contain_file('/opt/splunk/etc/apps/deployclient/local').with_ensure('directory').that_requires('File[/opt/splunk/etc/apps/deployclient]') } - it { is_expected.to contain_file('/opt/splunk/etc/apps/deployclient/local/deploymentclient.conf').that_requires('File[/opt/splunk/etc/apps/deployclient/local]').that_notifies('Service[splunk]') } + it { + is_expected.to contain_file('/opt/splunk/etc/apps/deployclient/local/deploymentclient.conf') + .that_requires('File[/opt/splunk/etc/apps/deployclient/local]') + .that_notifies('Service[splunk]') + } it { is_expected.to contain_class('splunk::service') } it { is_expected.to contain_service('splunk').with('ensure' => 'running') } end @@ -262,8 +306,8 @@ 'target' => '9998', }, }, - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -273,7 +317,7 @@ it { is_expected.to contain_user('splunk').with('ensure' => 'present', 'gid' => 'splunk') } it { is_expected.to contain_file('/home/splunk/.bashrc.custom') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_file('/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } it { is_expected.to contain_exec('splunkDir') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_file('/opt/splunk/etc/splunk-launch.conf') } @@ -313,8 +357,8 @@ 'remote' => true, }, }, - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -347,8 +391,8 @@ 'uri' => 'splunk-cm.example.com:8089', }, ], - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -358,7 +402,7 @@ it { is_expected.to contain_user('splunk').with('ensure' => 'present', 'gid' => 'splunk') } it { is_expected.to contain_file('/home/splunk/.bashrc.custom') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_file('/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_file('/opt/splunk/etc/splunk-launch.conf') } it { is_expected.to contain_file('/opt/splunk/etc/system/local/inputs.d').with_ensure('directory').that_requires('Exec[test_for_splunk]') } @@ -399,8 +443,8 @@ 'splunkidx3:9998', ], }, - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -410,7 +454,7 @@ it { is_expected.to contain_user('splunk').with('ensure' => 'present', 'gid' => 'splunk') } it { is_expected.to contain_file('/home/splunk/.bashrc.custom') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_file('/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_file('/opt/splunk/etc/splunk-launch.conf') } it { is_expected.to contain_file('/opt/splunk/etc/system/local/inputs.d').with_ensure('directory').that_requires('Exec[test_for_splunk]') } @@ -460,8 +504,8 @@ 'splunkidx3:9998', ], }, - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -471,7 +515,7 @@ it { is_expected.to contain_user('splunk').with('ensure' => 'present', 'gid' => 'splunk') } it { is_expected.to contain_file('/home/splunk/.bashrc.custom') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_file('/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_file('/opt/splunk/etc/splunk-launch.conf') } it { is_expected.to contain_file('/opt/splunk/etc/system/local/inputs.d').with_ensure('directory').that_requires('Exec[test_for_splunk]') } @@ -497,8 +541,8 @@ 'repl_port' => 8192, 'shcluster_mode' => 'deployer', 'shcluster_label' => 'SPL-SRCH', - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -508,7 +552,7 @@ it { is_expected.to contain_user('splunk').with('ensure' => 'present', 'gid' => 'splunk') } it { is_expected.to contain_file('/home/splunk/.bashrc.custom') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_file('/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_file('/opt/splunk/etc/system/local/inputs.d').with_ensure('directory').that_requires('Exec[test_for_splunk]') } it { is_expected.to contain_file('/opt/splunk/etc/system/local/inputs.d/000_default').that_requires('File[/opt/splunk/etc/system/local/inputs.d]') } @@ -525,8 +569,8 @@ { 'type' => 'standalone', 'create_user' => true, - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -537,10 +581,10 @@ it { is_expected.to contain_user('splunk').with('ensure' => 'present', 'gid' => 'splunk') } it { is_expected.to contain_file('/home/splunk/.bashrc.custom') } it { is_expected.to contain_class('splunk::fetch') } - it { is_expected.to contain_exec('retrieve_splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz') } + it { is_expected.to contain_exec('retrieve_splunk-9.4.4-f627d88b766b-linux-amd64.tgz') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } - it { is_expected.to contain_exec('unpackSplunk').that_subscribes_to('File[/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz]') } + it { is_expected.to contain_file('/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_exec('unpackSplunk').that_subscribes_to('File[/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz]') } it { is_expected.to contain_exec('serviceInstall').that_requires('Exec[unpackSplunk]') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_exec('test_for_splunk') } @@ -567,7 +611,7 @@ 'architecture' => 'x86_64', 'family' => 'Debian', 'selinux' => { - 'enabled' => 'false', + 'enabled' => 'false', } }, ) @@ -576,8 +620,8 @@ { 'type' => 'standalone', 'create_user' => true, - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -588,10 +632,10 @@ it { is_expected.to contain_user('splunk').with('ensure' => 'present', 'gid' => 'splunk') } it { is_expected.to contain_file('/home/splunk/.bashrc.custom') } it { is_expected.to contain_class('splunk::fetch') } - it { is_expected.to contain_exec('retrieve_splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz') } + it { is_expected.to contain_exec('retrieve_splunk-9.4.4-f627d88b766b-linux-amd64.tgz') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } - it { is_expected.to contain_exec('unpackSplunk').that_subscribes_to('File[/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz]') } + it { is_expected.to contain_file('/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_exec('unpackSplunk').that_subscribes_to('File[/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz]') } it { is_expected.to contain_exec('serviceInstall').that_requires('Exec[unpackSplunk]') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_exec('test_for_splunk') } @@ -621,7 +665,9 @@ 'binddnpassword' => 'password', 'groupbasedn' => 'ou=Groups,dc=example,dc=com;', 'userbasedn' => 'ou=People,dc=example,dc=com;', - 'userbasefilter' => '(|(memberOf=CN=SplunkAdmins,OU=Groups,DC=example,DC=com)(memberOf=CN=SplunkPowerUsers,OU=Groups,DC=example,DC=com)(memberOf=CN=SplunkUsers,OU=Groups,DC=example,DC=com))', + 'userbasefilter' => '(|(memberOf=CN=SplunkAdmins,OU=Groups,DC=example,DC=com)' \ + '(memberOf=CN=SplunkPowerUsers,OU=Groups,DC=example,DC=com)' \ + '(memberOf=CN=SplunkUsers,OU=Groups,DC=example,DC=com))', 'role_maps' => [ { 'role' => 'admin', @@ -655,8 +701,8 @@ ], }, ], - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -666,7 +712,7 @@ it { is_expected.to contain_user('splunk').with('ensure' => 'present', 'gid' => 'splunk') } it { is_expected.to contain_file('/home/splunk/.bashrc.custom') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_file('/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_file('/opt/splunk/etc/splunk-launch.conf') } it { is_expected.to contain_file('/opt/splunk/etc/system/local/limits.conf').that_notifies('Service[splunk]').that_requires('Exec[test_for_splunk]') } @@ -726,8 +772,8 @@ ], }, ], - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -737,7 +783,7 @@ it { is_expected.to contain_user('splunk').with('ensure' => 'present', 'gid' => 'splunk') } it { is_expected.to contain_file('/home/splunk/.bashrc.custom') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_file('/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_file('/opt/splunk/etc/system/local/alert_actions.conf') } it { is_expected.to contain_class('splunk::auth') } @@ -755,8 +801,8 @@ 'type' => 'standalone', 'create_user' => true, 'source' => 'puppet:///splunk_files', - 'version' => '8.0.4.1', - 'release' => 'ab7a85abaa98', + 'version' => '9.4.4', + 'release' => 'f627d88b766b', } end @@ -766,7 +812,7 @@ it { is_expected.to contain_user('splunk').with('ensure' => 'present', 'gid' => 'splunk') } it { is_expected.to contain_file('/home/splunk/.bashrc.custom') } it { is_expected.to contain_class('splunk::install') } - it { is_expected.to contain_file('/opt/splunk-8.0.4.1-ab7a85abaa98-Linux-x86_64.tgz').that_notifies('Exec[unpackSplunk]') } + it { is_expected.to contain_file('/opt/splunk-9.4.4-f627d88b766b-linux-amd64.tgz').that_notifies('Exec[unpackSplunk]') } it { is_expected.to contain_exec('serviceInstall') } it { is_expected.to contain_class('splunk::config') } it { is_expected.to contain_file('/opt/splunk/etc/splunk-launch.conf') } diff --git a/spec/defines/input_spec.rb b/spec/defines/input_spec.rb index 91d4394..43c7d9b 100644 --- a/spec/defines/input_spec.rb +++ b/spec/defines/input_spec.rb @@ -15,21 +15,21 @@ 'architecture' => 'x86_64', 'family' => 'RedHat', 'selinux' => { - 'enabled' => 'false', + 'enabled' => 'false', } }, } end let(:params) do { - 'target' => '/var/log/authlog', - 'dir' => '/opt/splunkforwarder', - 'user' => 'splunk', - 'group' => 'splunk', + 'target' => '/var/log/authlog', + 'dir' => '/opt/splunkforwarder', + 'user' => 'splunk', + 'group' => 'splunk', } end let(:pre_condition) do - "class { splunk: type => 'forwarder', version => '8.0.4.1', release => 'ab7a85abaa98' }" + "class { splunk: type => 'forwarder', version => '9.4.4', release => 'f627d88b766b' }" end it { is_expected.to contain_file('/opt/splunkforwarder/etc/system/local/inputs.d/authlog').that_notifies('Exec[update-inputs]') } From cad75eb369fa04622d1accf0df05d6a00a8d64e2 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Sun, 21 Sep 2025 09:21:44 -0400 Subject: [PATCH 42/48] Migrate from Travis CI to GitHub Actions - Add GitHub Actions workflows for CI and deployment - Update to version 2.3.1 - Support MFA-enabled Puppet Forge accounts - Improve build performance with caching --- .github/workflows/ci.yml | 70 ++++++++++++++++++++++++++++++++++++ .github/workflows/deploy.yml | 30 ++++++++++++++++ CHANGELOG.md | 14 ++++++++ metadata.json | 2 +- 4 files changed, 115 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/deploy.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..4279898 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,70 @@ +--- +name: CI + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + +jobs: + static: + runs-on: ubuntu-latest + name: Static Analysis + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: '2.5.3' + bundler-cache: true + + - name: Run static checks + run: bundle exec rake check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint + + spec: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + include: + - ruby: '2.4.5' + puppet: '~> 5.0' + - ruby: '2.5.3' + puppet: '~> 6.0' + name: Spec Tests (Ruby ${{ matrix.ruby }}, Puppet ${{ matrix.puppet }}) + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: ${{ matrix.ruby }} + bundler-cache: true + + - name: Run spec tests + run: bundle exec rake parallel_spec + env: + PUPPET_GEM_VERSION: ${{ matrix.puppet }} + + acceptance: + runs-on: ubuntu-latest + name: Acceptance Tests + if: github.event_name == 'pull_request' + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: '2.5.3' + bundler-cache: true + + - name: Run acceptance tests + run: | + # Add acceptance test commands here if you have them + echo "Acceptance tests would run here" \ No newline at end of file diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000..e98ddaa --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,30 @@ +--- +name: Deploy to Forge + +on: + push: + tags: + - 'v*' + +jobs: + deploy: + runs-on: ubuntu-latest + name: Deploy to Puppet Forge + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: '2.5.3' + bundler-cache: true + + - name: Build and publish to Forge + run: | + bundle exec rake build + bundle exec rake forge:publish + env: + BLACKSMITH_FORGE_URL: https://forgeapi.puppetlabs.com + BLACKSMITH_FORGE_USERNAME: ${{ secrets.FORGE_USERNAME }} + BLACKSMITH_FORGE_PASSWORD: ${{ secrets.FORGE_API_KEY }} diff --git a/CHANGELOG.md b/CHANGELOG.md index b1cdc5f..597fb66 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,20 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [v2.3.1] - 2025-09-21 + +### Changed + +- Migrated CI/CD from Travis CI to GitHub Actions +- Updated deployment workflow to use Puppet Forge API key authentication +- Improved build performance with bundler caching and matrix builds + +### Added + +- GitHub Actions workflow for continuous integration +- GitHub Actions workflow for automated Puppet Forge deployment +- Support for MFA-enabled Puppet Forge accounts + ## [v2.3.0] - 2025-09-21 ### Added diff --git a/metadata.json b/metadata.json index 6858392..8721f5c 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "cudgel-splunk", - "version": "2.3.0", + "version": "2.3.1", "author": "Christopher Caldwell", "summary": "Deploy and manage stand-alone or distributed Splunk architectures.", "license": "Apache-2.0", From 3ee065358ab4475a788a98f1411d0b58d5034cd8 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Sun, 21 Sep 2025 09:22:59 -0400 Subject: [PATCH 43/48] Update modulefile --- Modulefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modulefile b/Modulefile index ae76f94..dcb364b 100644 --- a/Modulefile +++ b/Modulefile @@ -1,5 +1,5 @@ name 'cudgel/splunk' -version '2.3,0' +version '2.3,1' source 'https://github.com/cudgel/splunk' author 'cudgel' license 'Apache License, Version 2.0' From e3f5f66195a708b0e7c50e6260fa0453ac52806d Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Mon, 22 Sep 2025 08:15:49 -0400 Subject: [PATCH 44/48] merges from master --- .github/workflows/deploy.yml | 4 ++-- Gemfile | 11 ++++------- metadata.json | 4 ---- 3 files changed, 6 insertions(+), 13 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b073ec1..6bbc41d 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -31,8 +31,8 @@ jobs: - name: Build and publish to Forge run: | - bundle exec rake build - bundle exec rake forge:publish + bundle exec rake module:build + bundle exec rake module:push env: BLACKSMITH_FORGE_URL: https://forgeapi.puppetlabs.com BLACKSMITH_FORGE_USERNAME: ${{ secrets.FORGE_USERNAME }} diff --git a/Gemfile b/Gemfile index 6013c04..43375ea 100644 --- a/Gemfile +++ b/Gemfile @@ -19,12 +19,12 @@ group :development do gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "puppet-syntax", '~> 3.2.0', require: false + gem "puppet-syntax", '~> 4.1', require: false gem "rspec", '~> 3.10.0', require: false - gem "rspec-puppet", '~> 2.0', require: false + gem "rspec-puppet", '~> 5.0', require: false gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "deep_merge", '~> 1.2.2', require: false - gem "voxpupuli-puppet-lint-plugins", '~> 4.0', require: false + gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false gem "facterdb", '~> 2.1', require: false gem "metadata-json-lint", '~> 4.3.0', require: false gem "rspec-puppet-facts", '~> 4.0', require: false @@ -41,12 +41,9 @@ group :development do end group :development, :release_prep do gem "puppet-strings", '~> 4.0', require: false -<<<<<<< HEAD gem "puppetlabs_spec_helper", '~> 8.0', require: false -======= - gem "puppetlabs_spec_helper", '~> 6.0', require: false ->>>>>>> master gem "puppet-blacksmith", '~> 7.0', require: false + gem "pdk", '~> 3.0', require: false end group :system_tests do gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] diff --git a/metadata.json b/metadata.json index 7e47a48..71c2590 100644 --- a/metadata.json +++ b/metadata.json @@ -48,11 +48,7 @@ "requirements": [ { "name": "puppet", -<<<<<<< HEAD - "version_requirement": ">= 4.10.0 < 9.0.0" -======= "version_requirement": ">= 7.0.0 < 9.0.0" ->>>>>>> master } ], "tags": [ From 7eef84f1c99bfacfe01a9ef4856fa2d13515fc43 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Mon, 22 Sep 2025 08:28:37 -0400 Subject: [PATCH 45/48] remove site.pp --- spec/fixtures/manifests/site.pp | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 spec/fixtures/manifests/site.pp diff --git a/spec/fixtures/manifests/site.pp b/spec/fixtures/manifests/site.pp deleted file mode 100644 index e69de29..0000000 From 2c5b1a4fa18c7ea26a201c90939dd93eb5a591be Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Mon, 22 Sep 2025 08:36:31 -0400 Subject: [PATCH 46/48] remove deprecated modulefile --- Modulefile | 16 ---------------- 1 file changed, 16 deletions(-) delete mode 100644 Modulefile diff --git a/Modulefile b/Modulefile deleted file mode 100644 index dcb364b..0000000 --- a/Modulefile +++ /dev/null @@ -1,16 +0,0 @@ -name 'cudgel/splunk' -version '2.3,1' -source 'https://github.com/cudgel/splunk' -author 'cudgel' -license 'Apache License, Version 2.0' -summary 'Module to install/manage Splunk deployments' -description 'UNKNOWN' -project_page 'https://github.com/cudgel/splunk' - -## Add dependencies, if any: -dependency 'puppetlabs/stdlib', '>= 4.0.0' - -# Generate the changelog file -system("git-log-to-changelog > CHANGELOG") -$? == 0 or fail "changelog generation #{$?}!" - From dee69c6eaf50b904ab97fb2e107c46277f61bce8 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Mon, 22 Sep 2025 08:38:02 -0400 Subject: [PATCH 47/48] remove module symlink --- module | 1 - 1 file changed, 1 deletion(-) delete mode 120000 module diff --git a/module b/module deleted file mode 120000 index ee2541a..0000000 --- a/module +++ /dev/null @@ -1 +0,0 @@ -/Volumes/Projects/splunk/module \ No newline at end of file From 7df736dbf18e717e183086d844b45c60a6e631a0 Mon Sep 17 00:00:00 2001 From: Christopher Caldwell Date: Mon, 22 Sep 2025 08:49:34 -0400 Subject: [PATCH 48/48] update gem file to fix pson issue --- Gemfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index 43375ea..84d5be8 100644 --- a/Gemfile +++ b/Gemfile @@ -19,12 +19,12 @@ group :development do gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "puppet-syntax", '~> 4.1', require: false + gem "puppet-syntax", '~> 3.2.0', require: false gem "rspec", '~> 3.10.0', require: false - gem "rspec-puppet", '~> 5.0', require: false + gem "rspec-puppet", '~> 2.0', require: false gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "deep_merge", '~> 1.2.2', require: false - gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false + gem "voxpupuli-puppet-lint-plugins", '~> 4.0', require: false gem "facterdb", '~> 2.1', require: false gem "metadata-json-lint", '~> 4.3.0', require: false gem "rspec-puppet-facts", '~> 4.0', require: false @@ -41,7 +41,7 @@ group :development do end group :development, :release_prep do gem "puppet-strings", '~> 4.0', require: false - gem "puppetlabs_spec_helper", '~> 8.0', require: false + gem "puppetlabs_spec_helper", '~> 6.0', require: false gem "puppet-blacksmith", '~> 7.0', require: false gem "pdk", '~> 3.0', require: false end