Tools to parse and evaluate the Puppet DSL.
This is a set of tools that is supposed to fill all your Puppet needs : syntax checks, catalog compilation, PuppetDB queries, simulation of complex interactions between nodes, Puppet master replacement, and more !
A library to work with Puppet manifests, test them and eventually replace everything ruby.
Install
Install with stack:
stack install language-puppet
Install with nix:
nix-env -i -f https://github.com/bartavelle/language-puppet/tarball/v1.4.5
(replace 1.4.3 with any commit ref or tag).
Build from sources:
git clone https://github.com/bartavelle/language-puppet.git
cd language-puppet
# Using nix
nix build
# Using stack
ln -s stack-10.yaml stack.yaml
stack build
Puppetresources
Basic usage
puppetresources --puppetdir /where/your/puppet/files/are --node node.name.com
The puppetresources command is a command line utility that let you interactively compute catalogs on your local computer. It is much faster than its ruby counterpart, and has been designed for giving assistance to the Puppet catalog writer.
There are 4 different modes:
--nodewill display all resources on screen in a nice user-friendly colored fashion.--alldisplays statistics and optionally shows dead code.--parseonly goes as far as parsing. No interpretation.--showcontentto display file content.
Catalog is not computed exactly the same way Puppet does. Some good practices are enforced. A strict and more permissive mode are provided.
Command line arguments
-por--puppetdirThis argument is mandatory except inparsemode. It must point to the base of the puppet directory (the directory that contains themodulesandmanifestsdirectories).-oor--nodeEnable thenode mode. This let you specify the name of the node you wish to compute the catalog for.-aor--allEnable thestats mode. If you specifyallnodesit will compute the catalogs for all nodes that are specified insite.pp(this will not work for regexp-specified or the default nodes). You can also specify a list of nodes separated by a comma.Combined with
--deadcode, it will display the list of puppet files that have not been used.This is useful as automated tests, to check a change didn’t break something. You might want to run this option with
+RTS -N.-tor--typeFilters the resources of the resulting catalog by type. Using PCRE regex is supported.-nor--nameFilters the resources of the resulting catalog by name. Using PCRE regex is supported.-cor--showcontentIf-nis the exact name of a file type resource defined in the catalog, this will display the file content nicely. Useful for debugging templates.Example:
puppetresources -p . -o mynodename -n '/etc/motd' --showcontent--loglevelor-vPossible values are : DEBUG, INFO, NOTICE, WARNING, ERROR--pdburlExpects the url of a live PuppetDB.--pdbfileExpects a path to a fake PuppetDB, represented as a YAML file on disk. This option is pretty slow but can be invaluable to test exported resources tricks.--hieraExpects the path to thehiera.yamlfile.--ignoredmodulesExpects a list of comma-separated modules. The interpreter will not try to parse and evaluate the defined types and classes from this module. This is useful for using modules that use bad practices forbidden bypuppetresources.--commitdbWhen this flag is set, exported resources, catalogs and facts are saved in the PuppetDB. This is useful in conjunction with--pdbfile.--checkExportedWhen this flag is set, exported resources are saved in the PuppetDB. This is useful in conjunction with--pdbfile.-jor--JSONDisplays the catalog as a Puppet-compatible JSON file, that can then be used withpuppet apply.--strictEnable strict check. Strict is less permissive than vanilla Puppet. It is meant to prevent some pitfalls by enforcing good practices. For instance it refuses tosilently ignore/convert
undefvariableslookup an hash with an unknown key and return
undef.
--noextratestsDisable the extra tests fromPuppet.OptionalTests.--parseEnableparse mode. Specify the puppet file to be parsed. Variables are not resolved. No interpretation.--versionOutput version information and exist.
Settings defaults using a yaml file
Defaults for some of these options can be set using a /yourworkingdirectory/tests/defaults.yaml file. For instance OptionalTests is checking that all users and groups are known. Because some of these users and groups might be defined outside puppet, a list of known ones is used internally. This can be overridden in that file using the key knownusers and knowngroups.
Please look at the template file for a list of possible defaults.
pdbQuery
The pdbquery command will work with different implementations of PuppetDB (the official one with its HTTP API, the file-based backend and dummy ones). It can be used to:
- export data from production PuppetDB to a file (in order to debug some issue with
puppetresources). - query a Puppetdb
Command line arguments
-lor--locationThe URL of the PuppetDB when working with a remote PuppetDB, a file path when working with the file-based test implementation.-tor--pdbtypeThe type of PuppetDB to work with:dummy: a dummy PuppetDB.
remote: a "real" PuppetDB, accessed by its HTTP API.
test: a file-based backend emulating a PuppetDB.
factsOutput facts for a specific node (json)nodesOutput all nodes (json)resourcesOutput all resources for a specific node (json)dumpfactsDump all facts to/tmp/allfacts.yaml.snapshotCreate a test DB from the current DBaddfactsAdds facts to the test DB for the given node name, if they are not already defined.--versionOutput version information and exit.
Supported features
Supported version puppet 4 is mostly supported. Please look at the list of issues for details.
Custom ruby functions The tool might bark when resolving custom ruby functions. These function can easily be mocked or implemented in Haskell if necessary.
Puppet functions
the
requirefunction is not supported (see issue #17)the deprecated
importfunction is not supportedthe deprecated node inheritance feature is not supported
OS Linux is the default OS. The tool has also been successfully installed and used on
OS X. Windows is not supported.