├── .devcontainer ├── Dockerfile └── devcontainer.json ├── .fixtures.yml ├── .gitattributes ├── .github └── workflows │ ├── test.yml │ └── validate.yml ├── .gitignore ├── .pdkignore ├── .puppet-lint.rc ├── .rspec ├── .rubocop.yml ├── .sync.yml ├── .vscode └── extensions.json ├── .yardopts ├── CHANGELOG.md ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── Gemfile ├── Gemfile.lock ├── LICENSE ├── README.md ├── Rakefile ├── Rakefile.release ├── data └── common.yaml ├── files ├── RPM-GPG-KEY-graylog └── graylog-keyring.gpg ├── hiera.yaml ├── manifests ├── init.pp ├── params.pp ├── repository.pp ├── repository │ ├── apt.pp │ └── yum.pp └── server.pp ├── metadata.json ├── pdk.yaml ├── provision.yaml ├── spec ├── acceptance │ └── integration_spec.rb ├── classes │ ├── init_spec.rb │ ├── params_spec.rb │ ├── repository_spec.rb │ └── server_spec.rb ├── default_facts.yml ├── spec_helper.rb └── spec_helper_acceptance.rb └── templates └── server ├── environment.epp └── graylog.conf.erb /.devcontainer/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM puppet/pdk:latest 2 | 3 | # [Optional] Uncomment this section to install additional packages. 4 | # RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ 5 | # && apt-get -y install --no-install-recommends 6 | 7 | -------------------------------------------------------------------------------- /.devcontainer/devcontainer.json: -------------------------------------------------------------------------------- 1 | // For format details, see https://aka.ms/devcontainer.json. For config options, see the README at: 2 | // https://github.com/microsoft/vscode-dev-containers/tree/v0.140.1/containers/puppet 3 | { 4 | "name": "Puppet Development Kit (Community)", 5 | "dockerFile": "Dockerfile", 6 | 7 | // Set *default* container specific settings.json values on container create. 8 | "settings": { 9 | "terminal.integrated.shell.linux": "/bin/bash" 10 | }, 11 | 12 | // Add the IDs of extensions you want installed when the container is created. 13 | "extensions": [ 14 | "puppet.puppet-vscode", 15 | "rebornix.Ruby" 16 | ] 17 | 18 | // Use 'forwardPorts' to make a list of ports inside the container available locally. 19 | // "forwardPorts": [], 20 | 21 | // Use 'postCreateCommand' to run commands after the container is created. 22 | // "postCreateCommand": "pdk --version", 23 | } 24 | -------------------------------------------------------------------------------- /.fixtures.yml: -------------------------------------------------------------------------------- 1 | # This file can be used to install module dependencies for unit testing 2 | # See https://github.com/puppetlabs/puppetlabs_spec_helper#using-fixtures for details 3 | --- 4 | fixtures: 5 | forge_modules: 6 | stdlib: "puppetlabs/stdlib" 7 | apt: puppetlabs/apt 8 | yumrepo_core: puppetlabs/yumrepo_core 9 | mongodb: puppet/mongodb 10 | opensearch: puppet/opensearch 11 | archive: puppet/archive 12 | repositories: 13 | facts: 'https://github.com/puppetlabs/puppetlabs-facts.git' 14 | puppet_agent: 'https://github.com/puppetlabs/puppetlabs-puppet_agent.git' 15 | provision: 'https://github.com/puppetlabs/provision.git' 16 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | *.rb eol=lf 2 | *.erb eol=lf 3 | *.pp eol=lf 4 | *.sh eol=lf 5 | *.epp eol=lf 6 | -------------------------------------------------------------------------------- /.github/workflows/test.yml: -------------------------------------------------------------------------------- 1 | name: "Test" 2 | 3 | on: 4 | pull_request: 5 | 6 | defaults: 7 | run: 8 | shell: "bash" 9 | 10 | jobs: 11 | test: 12 | name: "Test" 13 | runs-on: "ubuntu-latest" 14 | steps: 15 | - name: "Checkout the source code" 16 | uses: "actions/checkout@v4" 17 | 18 | - name: "Install PDK" 19 | run: | 20 | wget https://apt.puppet.com/puppet-tools-release-jammy.deb 21 | sudo dpkg -i puppet-tools-release-jammy.deb 22 | sudo apt-get update 23 | sudo apt-get install -y pdk 24 | 25 | - name: "Install dependencies" 26 | run: | 27 | pdk bundle install 28 | 29 | - name: "Provision nodes" 30 | run: | 31 | pdk bundle exec rake "litmus:provision_list[default]" 32 | pdk bundle exec rake "litmus:install_agent" 33 | pdk bundle exec rake "litmus:install_module" 34 | 35 | - name: "Run Tests" 36 | run: | 37 | pdk bundle exec rake "litmus:acceptance:parallel" 38 | -------------------------------------------------------------------------------- /.github/workflows/validate.yml: -------------------------------------------------------------------------------- 1 | name: Validate 2 | on: [push] 3 | jobs: 4 | validate: 5 | name: Validate 6 | runs-on: ubuntu-latest 7 | steps: 8 | - name: Checkout 9 | uses: actions/checkout@v2 10 | - name: Validate 11 | run: docker run --rm -w /src -v $GITHUB_WORKSPACE:/src puppet/pdk:latest validate 12 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .git/ 2 | .*.sw[op] 3 | .metadata 4 | .yardoc 5 | .yardwarns 6 | *.iml 7 | /.bundle/ 8 | /.idea/ 9 | /.vagrant/ 10 | /coverage/ 11 | /bin/ 12 | /doc/ 13 | /Gemfile.local 14 | /Gemfile.lock 15 | /junit/ 16 | /log/ 17 | /pkg/ 18 | /spec/fixtures/manifests/ 19 | /spec/fixtures/modules/* 20 | /tmp/ 21 | /vendor/ 22 | /convert_report.txt 23 | /update_report.txt 24 | .DS_Store 25 | .project 26 | .envrc 27 | /inventory.yaml 28 | /spec/fixtures/litmus_inventory.yaml 29 | -------------------------------------------------------------------------------- /.pdkignore: -------------------------------------------------------------------------------- 1 | .git/ 2 | .*.sw[op] 3 | .metadata 4 | .yardoc 5 | .yardwarns 6 | *.iml 7 | /.bundle/ 8 | /.idea/ 9 | /.vagrant/ 10 | /coverage/ 11 | /bin/ 12 | /doc/ 13 | /Gemfile.local 14 | /Gemfile.lock 15 | /junit/ 16 | /log/ 17 | /pkg/ 18 | /spec/fixtures/manifests/ 19 | /spec/fixtures/modules/* 20 | /tmp/ 21 | /vendor/ 22 | /convert_report.txt 23 | /update_report.txt 24 | .DS_Store 25 | .project 26 | .envrc 27 | /inventory.yaml 28 | /spec/fixtures/litmus_inventory.yaml 29 | /.fixtures.yml 30 | /Gemfile 31 | /.gitattributes 32 | /.gitignore 33 | /.pdkignore 34 | /.puppet-lint.rc 35 | /Rakefile 36 | /rakelib/ 37 | /.rspec 38 | /..yml 39 | /.yardopts 40 | /spec/ 41 | /.vscode/ 42 | /.sync.yml 43 | /.devcontainer/ 44 | /Rakefile.release 45 | /Vagrantfile 46 | /tests 47 | -------------------------------------------------------------------------------- /.puppet-lint.rc: -------------------------------------------------------------------------------- 1 | --relative 2 | -------------------------------------------------------------------------------- /.rspec: -------------------------------------------------------------------------------- 1 | --color 2 | --format documentation 3 | -------------------------------------------------------------------------------- /.rubocop.yml: -------------------------------------------------------------------------------- 1 | --- 2 | require: 3 | - rubocop-performance 4 | - rubocop-rspec 5 | AllCops: 6 | DisplayCopNames: true 7 | TargetRubyVersion: '2.6' 8 | Include: 9 | - "**/*.rb" 10 | Exclude: 11 | - bin/* 12 | - ".vendor/**/*" 13 | - "**/Gemfile" 14 | - "**/Rakefile" 15 | - pkg/**/* 16 | - spec/fixtures/**/* 17 | - vendor/**/* 18 | - "**/Puppetfile" 19 | - "**/Vagrantfile" 20 | - "**/Guardfile" 21 | Layout/LineLength: 22 | Description: People have wide screens, use them. 23 | Max: 200 24 | RSpec/BeforeAfterAll: 25 | Description: Beware of using after(:all) as it may cause state to leak between tests. 26 | A necessary evil in acceptance testing. 27 | Exclude: 28 | - spec/acceptance/**/*.rb 29 | RSpec/HookArgument: 30 | Description: Prefer explicit :each argument, matching existing module's style 31 | EnforcedStyle: each 32 | RSpec/DescribeSymbol: 33 | Exclude: 34 | - spec/unit/facter/**/*.rb 35 | Style/BlockDelimiters: 36 | Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to 37 | be consistent then. 38 | EnforcedStyle: braces_for_chaining 39 | Style/ClassAndModuleChildren: 40 | Description: Compact style reduces the required amount of indentation. 41 | EnforcedStyle: compact 42 | Style/EmptyElse: 43 | Description: Enforce against empty else clauses, but allow `nil` for clarity. 44 | EnforcedStyle: empty 45 | Style/FormatString: 46 | Description: Following the main puppet project's style, prefer the % format format. 47 | EnforcedStyle: percent 48 | Style/FormatStringToken: 49 | Description: Following the main puppet project's style, prefer the simpler template 50 | tokens over annotated ones. 51 | EnforcedStyle: template 52 | Style/Lambda: 53 | Description: Prefer the keyword for easier discoverability. 54 | EnforcedStyle: literal 55 | Style/RegexpLiteral: 56 | Description: Community preference. See https://github.com/voxpupuli/modulesync_config/issues/168 57 | EnforcedStyle: percent_r 58 | Style/TernaryParentheses: 59 | Description: Checks for use of parentheses around ternary conditions. Enforce parentheses 60 | on complex expressions for better readability, but seriously consider breaking 61 | it up. 62 | EnforcedStyle: require_parentheses_when_complex 63 | Style/TrailingCommaInArguments: 64 | Description: Prefer always trailing comma on multiline argument lists. This makes 65 | diffs, and re-ordering nicer. 66 | EnforcedStyleForMultiline: comma 67 | Style/TrailingCommaInArrayLiteral: 68 | Description: Prefer always trailing comma on multiline literals. This makes diffs, 69 | and re-ordering nicer. 70 | EnforcedStyleForMultiline: comma 71 | Style/SymbolArray: 72 | Description: Using percent style obscures symbolic intent of array's contents. 73 | EnforcedStyle: brackets 74 | RSpec/MessageSpies: 75 | EnforcedStyle: receive 76 | Style/Documentation: 77 | Exclude: 78 | - lib/puppet/parser/functions/**/* 79 | - spec/**/* 80 | Style/WordArray: 81 | EnforcedStyle: brackets 82 | Performance/AncestorsInclude: 83 | Enabled: true 84 | Performance/BigDecimalWithNumericArgument: 85 | Enabled: true 86 | Performance/BlockGivenWithExplicitBlock: 87 | Enabled: true 88 | Performance/CaseWhenSplat: 89 | Enabled: true 90 | Performance/ConstantRegexp: 91 | Enabled: true 92 | Performance/MethodObjectAsBlock: 93 | Enabled: true 94 | Performance/RedundantSortBlock: 95 | Enabled: true 96 | Performance/RedundantStringChars: 97 | Enabled: true 98 | Performance/ReverseFirst: 99 | Enabled: true 100 | Performance/SortReverse: 101 | Enabled: true 102 | Performance/Squeeze: 103 | Enabled: true 104 | Performance/StringInclude: 105 | Enabled: true 106 | Performance/Sum: 107 | Enabled: true 108 | Style/CollectionMethods: 109 | Enabled: true 110 | Style/MethodCalledOnDoEndBlock: 111 | Enabled: true 112 | Style/StringMethods: 113 | Enabled: true 114 | Bundler/GemFilename: 115 | Enabled: false 116 | Bundler/InsecureProtocolSource: 117 | Enabled: false 118 | Capybara/CurrentPathExpectation: 119 | Enabled: false 120 | Capybara/VisibilityMatcher: 121 | Enabled: false 122 | Gemspec/DuplicatedAssignment: 123 | Enabled: false 124 | Gemspec/OrderedDependencies: 125 | Enabled: false 126 | Gemspec/RequiredRubyVersion: 127 | Enabled: false 128 | Gemspec/RubyVersionGlobalsUsage: 129 | Enabled: false 130 | Layout/ArgumentAlignment: 131 | Enabled: false 132 | Layout/BeginEndAlignment: 133 | Enabled: false 134 | Layout/ClosingHeredocIndentation: 135 | Enabled: false 136 | Layout/EmptyComment: 137 | Enabled: false 138 | Layout/EmptyLineAfterGuardClause: 139 | Enabled: false 140 | Layout/EmptyLinesAroundArguments: 141 | Enabled: false 142 | Layout/EmptyLinesAroundAttributeAccessor: 143 | Enabled: false 144 | Layout/EndOfLine: 145 | Enabled: false 146 | Layout/FirstArgumentIndentation: 147 | Enabled: false 148 | Layout/HashAlignment: 149 | Enabled: false 150 | Layout/HeredocIndentation: 151 | Enabled: false 152 | Layout/LeadingEmptyLines: 153 | Enabled: false 154 | Layout/SpaceAroundMethodCallOperator: 155 | Enabled: false 156 | Layout/SpaceInsideArrayLiteralBrackets: 157 | Enabled: false 158 | Layout/SpaceInsideReferenceBrackets: 159 | Enabled: false 160 | Lint/BigDecimalNew: 161 | Enabled: false 162 | Lint/BooleanSymbol: 163 | Enabled: false 164 | Lint/ConstantDefinitionInBlock: 165 | Enabled: false 166 | Lint/DeprecatedOpenSSLConstant: 167 | Enabled: false 168 | Lint/DisjunctiveAssignmentInConstructor: 169 | Enabled: false 170 | Lint/DuplicateElsifCondition: 171 | Enabled: false 172 | Lint/DuplicateRequire: 173 | Enabled: false 174 | Lint/DuplicateRescueException: 175 | Enabled: false 176 | Lint/EmptyConditionalBody: 177 | Enabled: false 178 | Lint/EmptyFile: 179 | Enabled: false 180 | Lint/ErbNewArguments: 181 | Enabled: false 182 | Lint/FloatComparison: 183 | Enabled: false 184 | Lint/HashCompareByIdentity: 185 | Enabled: false 186 | Lint/IdentityComparison: 187 | Enabled: false 188 | Lint/InterpolationCheck: 189 | Enabled: false 190 | Lint/MissingCopEnableDirective: 191 | Enabled: false 192 | Lint/MixedRegexpCaptureTypes: 193 | Enabled: false 194 | Lint/NestedPercentLiteral: 195 | Enabled: false 196 | Lint/NonDeterministicRequireOrder: 197 | Enabled: false 198 | Lint/OrderedMagicComments: 199 | Enabled: false 200 | Lint/OutOfRangeRegexpRef: 201 | Enabled: false 202 | Lint/RaiseException: 203 | Enabled: false 204 | Lint/RedundantCopEnableDirective: 205 | Enabled: false 206 | Lint/RedundantRequireStatement: 207 | Enabled: false 208 | Lint/RedundantSafeNavigation: 209 | Enabled: false 210 | Lint/RedundantWithIndex: 211 | Enabled: false 212 | Lint/RedundantWithObject: 213 | Enabled: false 214 | Lint/RegexpAsCondition: 215 | Enabled: false 216 | Lint/ReturnInVoidContext: 217 | Enabled: false 218 | Lint/SafeNavigationConsistency: 219 | Enabled: false 220 | Lint/SafeNavigationWithEmpty: 221 | Enabled: false 222 | Lint/SelfAssignment: 223 | Enabled: false 224 | Lint/SendWithMixinArgument: 225 | Enabled: false 226 | Lint/ShadowedArgument: 227 | Enabled: false 228 | Lint/StructNewOverride: 229 | Enabled: false 230 | Lint/ToJSON: 231 | Enabled: false 232 | Lint/TopLevelReturnWithArgument: 233 | Enabled: false 234 | Lint/TrailingCommaInAttributeDeclaration: 235 | Enabled: false 236 | Lint/UnreachableLoop: 237 | Enabled: false 238 | Lint/UriEscapeUnescape: 239 | Enabled: false 240 | Lint/UriRegexp: 241 | Enabled: false 242 | Lint/UselessMethodDefinition: 243 | Enabled: false 244 | Lint/UselessTimes: 245 | Enabled: false 246 | Metrics/AbcSize: 247 | Enabled: false 248 | Metrics/BlockLength: 249 | Enabled: false 250 | Metrics/BlockNesting: 251 | Enabled: false 252 | Metrics/ClassLength: 253 | Enabled: false 254 | Metrics/CyclomaticComplexity: 255 | Enabled: false 256 | Metrics/MethodLength: 257 | Enabled: false 258 | Metrics/ModuleLength: 259 | Enabled: false 260 | Metrics/ParameterLists: 261 | Enabled: false 262 | Metrics/PerceivedComplexity: 263 | Enabled: false 264 | Migration/DepartmentName: 265 | Enabled: false 266 | Naming/AccessorMethodName: 267 | Enabled: false 268 | Naming/BlockParameterName: 269 | Enabled: false 270 | Naming/HeredocDelimiterCase: 271 | Enabled: false 272 | Naming/HeredocDelimiterNaming: 273 | Enabled: false 274 | Naming/MemoizedInstanceVariableName: 275 | Enabled: false 276 | Naming/MethodParameterName: 277 | Enabled: false 278 | Naming/RescuedExceptionsVariableName: 279 | Enabled: false 280 | Naming/VariableNumber: 281 | Enabled: false 282 | Performance/BindCall: 283 | Enabled: false 284 | Performance/DeletePrefix: 285 | Enabled: false 286 | Performance/DeleteSuffix: 287 | Enabled: false 288 | Performance/InefficientHashSearch: 289 | Enabled: false 290 | Performance/UnfreezeString: 291 | Enabled: false 292 | Performance/UriDefaultParser: 293 | Enabled: false 294 | RSpec/Be: 295 | Enabled: false 296 | RSpec/Capybara/FeatureMethods: 297 | Enabled: false 298 | RSpec/ContainExactly: 299 | Enabled: false 300 | RSpec/ContextMethod: 301 | Enabled: false 302 | RSpec/ContextWording: 303 | Enabled: false 304 | RSpec/DescribeClass: 305 | Enabled: false 306 | RSpec/EmptyHook: 307 | Enabled: false 308 | RSpec/EmptyLineAfterExample: 309 | Enabled: false 310 | RSpec/EmptyLineAfterExampleGroup: 311 | Enabled: false 312 | RSpec/EmptyLineAfterHook: 313 | Enabled: false 314 | RSpec/ExampleLength: 315 | Enabled: false 316 | RSpec/ExampleWithoutDescription: 317 | Enabled: false 318 | RSpec/ExpectChange: 319 | Enabled: false 320 | RSpec/ExpectInHook: 321 | Enabled: false 322 | RSpec/FactoryBot/AttributeDefinedStatically: 323 | Enabled: false 324 | RSpec/FactoryBot/CreateList: 325 | Enabled: false 326 | RSpec/FactoryBot/FactoryClassName: 327 | Enabled: false 328 | RSpec/HooksBeforeExamples: 329 | Enabled: false 330 | RSpec/ImplicitBlockExpectation: 331 | Enabled: false 332 | RSpec/ImplicitSubject: 333 | Enabled: false 334 | RSpec/LeakyConstantDeclaration: 335 | Enabled: false 336 | RSpec/LetBeforeExamples: 337 | Enabled: false 338 | RSpec/MatchArray: 339 | Enabled: false 340 | RSpec/MissingExampleGroupArgument: 341 | Enabled: false 342 | RSpec/MultipleExpectations: 343 | Enabled: false 344 | RSpec/MultipleMemoizedHelpers: 345 | Enabled: false 346 | RSpec/MultipleSubjects: 347 | Enabled: false 348 | RSpec/NestedGroups: 349 | Enabled: false 350 | RSpec/PredicateMatcher: 351 | Enabled: false 352 | RSpec/ReceiveCounts: 353 | Enabled: false 354 | RSpec/ReceiveNever: 355 | Enabled: false 356 | RSpec/RepeatedExampleGroupBody: 357 | Enabled: false 358 | RSpec/RepeatedExampleGroupDescription: 359 | Enabled: false 360 | RSpec/RepeatedIncludeExample: 361 | Enabled: false 362 | RSpec/ReturnFromStub: 363 | Enabled: false 364 | RSpec/SharedExamples: 365 | Enabled: false 366 | RSpec/StubbedMock: 367 | Enabled: false 368 | RSpec/UnspecifiedException: 369 | Enabled: false 370 | RSpec/VariableDefinition: 371 | Enabled: false 372 | RSpec/VoidExpect: 373 | Enabled: false 374 | RSpec/Yield: 375 | Enabled: false 376 | Security/Open: 377 | Enabled: false 378 | Style/AccessModifierDeclarations: 379 | Enabled: false 380 | Style/AccessorGrouping: 381 | Enabled: false 382 | Style/BisectedAttrAccessor: 383 | Enabled: false 384 | Style/CaseLikeIf: 385 | Enabled: false 386 | Style/ClassEqualityComparison: 387 | Enabled: false 388 | Style/ColonMethodDefinition: 389 | Enabled: false 390 | Style/CombinableLoops: 391 | Enabled: false 392 | Style/CommentedKeyword: 393 | Enabled: false 394 | Style/Dir: 395 | Enabled: false 396 | Style/DoubleCopDisableDirective: 397 | Enabled: false 398 | Style/EmptyBlockParameter: 399 | Enabled: false 400 | Style/EmptyLambdaParameter: 401 | Enabled: false 402 | Style/Encoding: 403 | Enabled: false 404 | Style/EvalWithLocation: 405 | Enabled: false 406 | Style/ExpandPathArguments: 407 | Enabled: false 408 | Style/ExplicitBlockArgument: 409 | Enabled: false 410 | Style/ExponentialNotation: 411 | Enabled: false 412 | Style/FloatDivision: 413 | Enabled: false 414 | Style/FrozenStringLiteralComment: 415 | Enabled: false 416 | Style/GlobalStdStream: 417 | Enabled: false 418 | Style/HashAsLastArrayItem: 419 | Enabled: false 420 | Style/HashLikeCase: 421 | Enabled: false 422 | Style/HashTransformKeys: 423 | Enabled: false 424 | Style/HashTransformValues: 425 | Enabled: false 426 | Style/IfUnlessModifier: 427 | Enabled: false 428 | Style/KeywordParametersOrder: 429 | Enabled: false 430 | Style/MinMax: 431 | Enabled: false 432 | Style/MixinUsage: 433 | Enabled: false 434 | Style/MultilineWhenThen: 435 | Enabled: false 436 | Style/NegatedUnless: 437 | Enabled: false 438 | Style/NumericPredicate: 439 | Enabled: false 440 | Style/OptionalBooleanParameter: 441 | Enabled: false 442 | Style/OrAssignment: 443 | Enabled: false 444 | Style/RandomWithOffset: 445 | Enabled: false 446 | Style/RedundantAssignment: 447 | Enabled: false 448 | Style/RedundantCondition: 449 | Enabled: false 450 | Style/RedundantConditional: 451 | Enabled: false 452 | Style/RedundantFetchBlock: 453 | Enabled: false 454 | Style/RedundantFileExtensionInRequire: 455 | Enabled: false 456 | Style/RedundantRegexpCharacterClass: 457 | Enabled: false 458 | Style/RedundantRegexpEscape: 459 | Enabled: false 460 | Style/RedundantSelfAssignment: 461 | Enabled: false 462 | Style/RedundantSort: 463 | Enabled: false 464 | Style/RescueStandardError: 465 | Enabled: false 466 | Style/SingleArgumentDig: 467 | Enabled: false 468 | Style/SlicingWithRange: 469 | Enabled: false 470 | Style/SoleNestedConditional: 471 | Enabled: false 472 | Style/StderrPuts: 473 | Enabled: false 474 | Style/StringConcatenation: 475 | Enabled: false 476 | Style/Strip: 477 | Enabled: false 478 | Style/SymbolProc: 479 | Enabled: false 480 | Style/TrailingBodyOnClass: 481 | Enabled: false 482 | Style/TrailingBodyOnMethodDefinition: 483 | Enabled: false 484 | Style/TrailingBodyOnModule: 485 | Enabled: false 486 | Style/TrailingCommaInHashLiteral: 487 | Enabled: false 488 | Style/TrailingMethodEndStatement: 489 | Enabled: false 490 | Style/UnpackFirst: 491 | Enabled: false 492 | Capybara/MatchStyle: 493 | Enabled: false 494 | Capybara/NegationMatcher: 495 | Enabled: false 496 | Capybara/SpecificActions: 497 | Enabled: false 498 | Capybara/SpecificFinders: 499 | Enabled: false 500 | Capybara/SpecificMatcher: 501 | Enabled: false 502 | Gemspec/DeprecatedAttributeAssignment: 503 | Enabled: false 504 | Gemspec/DevelopmentDependencies: 505 | Enabled: false 506 | Gemspec/RequireMFA: 507 | Enabled: false 508 | Layout/LineContinuationLeadingSpace: 509 | Enabled: false 510 | Layout/LineContinuationSpacing: 511 | Enabled: false 512 | Layout/LineEndStringConcatenationIndentation: 513 | Enabled: false 514 | Layout/SpaceBeforeBrackets: 515 | Enabled: false 516 | Lint/AmbiguousAssignment: 517 | Enabled: false 518 | Lint/AmbiguousOperatorPrecedence: 519 | Enabled: false 520 | Lint/AmbiguousRange: 521 | Enabled: false 522 | Lint/ConstantOverwrittenInRescue: 523 | Enabled: false 524 | Lint/DeprecatedConstants: 525 | Enabled: false 526 | Lint/DuplicateBranch: 527 | Enabled: false 528 | Lint/DuplicateMagicComment: 529 | Enabled: false 530 | Lint/DuplicateRegexpCharacterClassElement: 531 | Enabled: false 532 | Lint/EmptyBlock: 533 | Enabled: false 534 | Lint/EmptyClass: 535 | Enabled: false 536 | Lint/EmptyInPattern: 537 | Enabled: false 538 | Lint/IncompatibleIoSelectWithFiberScheduler: 539 | Enabled: false 540 | Lint/LambdaWithoutLiteralBlock: 541 | Enabled: false 542 | Lint/NoReturnInBeginEndBlocks: 543 | Enabled: false 544 | Lint/NonAtomicFileOperation: 545 | Enabled: false 546 | Lint/NumberedParameterAssignment: 547 | Enabled: false 548 | Lint/OrAssignmentToConstant: 549 | Enabled: false 550 | Lint/RedundantDirGlobSort: 551 | Enabled: false 552 | Lint/RefinementImportMethods: 553 | Enabled: false 554 | Lint/RequireRangeParentheses: 555 | Enabled: false 556 | Lint/RequireRelativeSelfPath: 557 | Enabled: false 558 | Lint/SymbolConversion: 559 | Enabled: false 560 | Lint/ToEnumArguments: 561 | Enabled: false 562 | Lint/TripleQuotes: 563 | Enabled: false 564 | Lint/UnexpectedBlockArity: 565 | Enabled: false 566 | Lint/UnmodifiedReduceAccumulator: 567 | Enabled: false 568 | Lint/UselessRescue: 569 | Enabled: false 570 | Lint/UselessRuby2Keywords: 571 | Enabled: false 572 | Metrics/CollectionLiteralLength: 573 | Enabled: false 574 | Naming/BlockForwarding: 575 | Enabled: false 576 | Performance/CollectionLiteralInLoop: 577 | Enabled: false 578 | Performance/ConcurrentMonotonicTime: 579 | Enabled: false 580 | Performance/MapCompact: 581 | Enabled: false 582 | Performance/RedundantEqualityComparisonBlock: 583 | Enabled: false 584 | Performance/RedundantSplitRegexpArgument: 585 | Enabled: false 586 | Performance/StringIdentifierArgument: 587 | Enabled: false 588 | RSpec/BeEq: 589 | Enabled: false 590 | RSpec/BeNil: 591 | Enabled: false 592 | RSpec/ChangeByZero: 593 | Enabled: false 594 | RSpec/ClassCheck: 595 | Enabled: false 596 | RSpec/DuplicatedMetadata: 597 | Enabled: false 598 | RSpec/ExcessiveDocstringSpacing: 599 | Enabled: false 600 | RSpec/FactoryBot/ConsistentParenthesesStyle: 601 | Enabled: false 602 | RSpec/FactoryBot/FactoryNameStyle: 603 | Enabled: false 604 | RSpec/FactoryBot/SyntaxMethods: 605 | Enabled: false 606 | RSpec/IdenticalEqualityAssertion: 607 | Enabled: false 608 | RSpec/NoExpectationExample: 609 | Enabled: false 610 | RSpec/PendingWithoutReason: 611 | Enabled: false 612 | RSpec/Rails/AvoidSetupHook: 613 | Enabled: false 614 | RSpec/Rails/HaveHttpStatus: 615 | Enabled: false 616 | RSpec/Rails/InferredSpecType: 617 | Enabled: false 618 | RSpec/Rails/MinitestAssertions: 619 | Enabled: false 620 | RSpec/Rails/TravelAround: 621 | Enabled: false 622 | RSpec/RedundantAround: 623 | Enabled: false 624 | RSpec/SkipBlockInsideExample: 625 | Enabled: false 626 | RSpec/SortMetadata: 627 | Enabled: false 628 | RSpec/SubjectDeclaration: 629 | Enabled: false 630 | RSpec/VerifiedDoubleReference: 631 | Enabled: false 632 | Security/CompoundHash: 633 | Enabled: false 634 | Security/IoMethods: 635 | Enabled: false 636 | Style/ArgumentsForwarding: 637 | Enabled: false 638 | Style/ArrayIntersect: 639 | Enabled: false 640 | Style/CollectionCompact: 641 | Enabled: false 642 | Style/ComparableClamp: 643 | Enabled: false 644 | Style/ConcatArrayLiterals: 645 | Enabled: false 646 | Style/DirEmpty: 647 | Enabled: false 648 | Style/DocumentDynamicEvalDefinition: 649 | Enabled: false 650 | Style/EmptyHeredoc: 651 | Enabled: false 652 | Style/EndlessMethod: 653 | Enabled: false 654 | Style/EnvHome: 655 | Enabled: false 656 | Style/FetchEnvVar: 657 | Enabled: false 658 | Style/FileEmpty: 659 | Enabled: false 660 | Style/FileRead: 661 | Enabled: false 662 | Style/FileWrite: 663 | Enabled: false 664 | Style/HashConversion: 665 | Enabled: false 666 | Style/HashExcept: 667 | Enabled: false 668 | Style/IfWithBooleanLiteralBranches: 669 | Enabled: false 670 | Style/InPatternThen: 671 | Enabled: false 672 | Style/MagicCommentFormat: 673 | Enabled: false 674 | Style/MapCompactWithConditionalBlock: 675 | Enabled: false 676 | Style/MapToHash: 677 | Enabled: false 678 | Style/MapToSet: 679 | Enabled: false 680 | Style/MinMaxComparison: 681 | Enabled: false 682 | Style/MultilineInPatternThen: 683 | Enabled: false 684 | Style/NegatedIfElseCondition: 685 | Enabled: false 686 | Style/NestedFileDirname: 687 | Enabled: false 688 | Style/NilLambda: 689 | Enabled: false 690 | Style/NumberedParameters: 691 | Enabled: false 692 | Style/NumberedParametersLimit: 693 | Enabled: false 694 | Style/ObjectThen: 695 | Enabled: false 696 | Style/OpenStructUse: 697 | Enabled: false 698 | Style/OperatorMethodCall: 699 | Enabled: false 700 | Style/QuotedSymbols: 701 | Enabled: false 702 | Style/RedundantArgument: 703 | Enabled: false 704 | Style/RedundantConstantBase: 705 | Enabled: false 706 | Style/RedundantDoubleSplatHashBraces: 707 | Enabled: false 708 | Style/RedundantEach: 709 | Enabled: false 710 | Style/RedundantHeredocDelimiterQuotes: 711 | Enabled: false 712 | Style/RedundantInitialize: 713 | Enabled: false 714 | Style/RedundantSelfAssignmentBranch: 715 | Enabled: false 716 | Style/RedundantStringEscape: 717 | Enabled: false 718 | Style/SelectByRegexp: 719 | Enabled: false 720 | Style/StringChars: 721 | Enabled: false 722 | Style/SwapValues: 723 | Enabled: false 724 | -------------------------------------------------------------------------------- /.sync.yml: -------------------------------------------------------------------------------- 1 | # This file can be used to customize the files managed by PDK. 2 | # 3 | # See https://github.com/puppetlabs/pdk-templates/blob/main/README.md 4 | # for more information. 5 | # 6 | # See https://github.com/puppetlabs/pdk-templates/blob/main/config_defaults.yml 7 | # for the default values. 8 | --- {} 9 | -------------------------------------------------------------------------------- /.vscode/extensions.json: -------------------------------------------------------------------------------- 1 | { 2 | "recommendations": [ 3 | "puppet.puppet-vscode", 4 | "rebornix.Ruby" 5 | ] 6 | } 7 | -------------------------------------------------------------------------------- /.yardopts: -------------------------------------------------------------------------------- 1 | --markup markdown 2 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | ## 2.1.0 (2025-01-10) 2 | 3 | - Remove usage of legacy tags. ([#70](https://github.com/Graylog2/puppet-graylog/pull/70), @avitacco) 4 | - Update default Graylog version to 6.1. 5 | - Adjust `puppetlabs/apt` version constraint to support version 9.0. 6 | 7 | ## 2.0.0 (2023-08-14) 8 | 9 | **ATTENTION:** This major release removes support for Graylog versions < 5.0 10 | and switches the `graylog::allinone` module from Elasticsearch to OpenSearch. 11 | 12 | - Add `java_opts` config option to configure addition Java options. ([#52](https://github.com/Graylog2/puppet-graylog/pull/52), @timdeluxe) 13 | - Add stdlib 9.x compatibility. ([#59](https://github.com/Graylog2/puppet-graylog/pull/59), @cruelsmith) 14 | - Replace deprecated `is_master` flag with `is_leader`. ([#57](https://github.com/Graylog2/puppet-graylog/issues/57)) 15 | - Update default Graylog version to 5.1. 16 | - Disable `JAVA` setting in environment file by default. ([#60](https://github.com/Graylog2/puppet-graylog/issues/60)) 17 | - Update PDK to 3.0. 18 | - Switch default MongoDB version to 5.0.19 in `graylog::allinone`. 19 | - Add `package_name` setting for `graylog::server`. 20 | - Remove java module requirement from documentation. 21 | - Replace Elasticsearch with OpenSearch in `graylog::allinone`. 22 | - Remove support for Graylog < 5.0. 23 | 24 | ## 1.0.0 (2021-10-25) 25 | 26 | - Add ability to update Java Heapsize. ([#47](https://github.com/Graylog2/puppet-graylog/issues/47)) 27 | - Add ability to restart service on package upgrade. ([#48](https://github.com/Graylog2/puppet-graylog/issues/48), @clxnetom) 28 | - Convert module to PDK. ([#33](https://github.com/Graylog2/puppet-graylog/issues/33)) 29 | 30 | ## 0.9.1 (2021-10-21) 31 | 32 | - Update the module to use the latest version of Graylog. ([#44](https://github.com/Graylog2/puppet-graylog/issues/44)) 33 | - Update Vagrant VMs used in test script. 34 | - Updated metadata.json to specify supported Puppet and OS versions. ([#33](https://github.com/Graylog2/puppet-graylog/issues/33)) 35 | - Updated Elasticsearch config to specify OSS version and disable `action.auto_create_index`. ([#38](https://github.com/Graylog2/puppet-graylog/issues/38)) 36 | - Migrated CI from TravisCI to Github Actions 37 | 38 | ## 0.9.0 (2019-08-01) 39 | 40 | - Fix problem with missing "/etc/apt/apt.conf.d" directory (#31) 41 | - **Attention:** This also changes the proxy configuration file from `/etc/apt/apt.conf.d/01proxy` 42 | to `/etc/apt/apt.conf.d/01_graylog_proxy`. Make sure to remove the old one when upgrading 43 | this module. 44 | - Run apt-get update after adding repo and before installing server package (#32) 45 | 46 | ## 0.8.0 (2019-02-14) 47 | 48 | - Update for Graylog 3.0.0 49 | - Add capability for installation behind proxy (yum/apt) (#20) 50 | - Don't force `show_diff` to `true` (#24) 51 | - Bump required stdlib version to 4.16 for the length function (#23) 52 | 53 | ## 0.7.0 (2018-11-30) 54 | 55 | - Update for Graylog 2.5.0 56 | - Allow puppetlabs-apt < 7.0.0, puppetlabs-stdlib < 6.0.0 (#27) 57 | 58 | ## 0.6.0 (2018-02-02) 59 | 60 | - Replace deprecated size() with length() (#22, #21) 61 | - Replace deprecated elasticsearch module references (#17) 62 | - Replace deprecated mongodb module references 63 | - Allow puppetlabs/apt module version >3.0.0 (#16) 64 | 65 | ## 0.5.0 (2017-12-22) 66 | 67 | - Update for Graylog 2.4.0 68 | 69 | ## 0.4.0 (2017-07-26) 70 | 71 | - Update for Graylog 2.3.0 72 | 73 | ## 0.3.0 (2017-03-06) 74 | 75 | - Adding a more complex example to README (#11) 76 | - Fix variable scoping (#12, #10) 77 | - Prepare for Graylog 2.2.0 78 | - Fix dependency declaration in metadata.json (#8) 79 | - Replace own custom function with `merge` from stdlib. (#4) 80 | - Make the Vagrant setup work (#3) 81 | 82 | ## 0.2.0 (2016-09-01) 83 | 84 | - Use Graylog 2.1.0 as default version 85 | - Fixed a typo in the README 86 | 87 | ## 0.1.0 (2016-04-29) 88 | 89 | Initial Release 90 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Contributor Covenant Code of Conduct 2 | 3 | ## Our Pledge 4 | 5 | In the interest of fostering an open and welcoming environment, we as 6 | contributors and maintainers pledge to making participation in our project and 7 | our community a harassment-free experience for everyone, regardless of age, body 8 | size, disability, ethnicity, gender identity and expression, level of experience, 9 | nationality, personal appearance, race, religion, or sexual identity and 10 | orientation. 11 | 12 | ## Our Standards 13 | 14 | Examples of behavior that contributes to creating a positive environment 15 | include: 16 | 17 | * Using welcoming and inclusive language 18 | * Being respectful of differing viewpoints and experiences 19 | * Gracefully accepting constructive criticism 20 | * Focusing on what is best for the community 21 | * Showing empathy towards other community members 22 | 23 | Examples of unacceptable behavior by participants include: 24 | 25 | * The use of sexualized language or imagery and unwelcome sexual attention or 26 | advances 27 | * Trolling, insulting/derogatory comments, and personal or political attacks 28 | * Public or private harassment 29 | * Publishing others' private information, such as a physical or electronic 30 | address, without explicit permission 31 | * Other conduct which could reasonably be considered inappropriate in a 32 | professional setting 33 | 34 | ## Our Responsibilities 35 | 36 | Project maintainers are responsible for clarifying the standards of acceptable 37 | behavior and are expected to take appropriate and fair corrective action in 38 | response to any instances of unacceptable behavior. 39 | 40 | Project maintainers have the right and responsibility to remove, edit, or 41 | reject comments, commits, code, wiki edits, issues, and other contributions 42 | that are not aligned to this Code of Conduct, or to ban temporarily or 43 | permanently any contributor for other behaviors that they deem inappropriate, 44 | threatening, offensive, or harmful. 45 | 46 | ## Scope 47 | 48 | This Code of Conduct applies both within project spaces and in public spaces 49 | when an individual is representing the project or its community. Examples of 50 | representing a project or community include using an official project e-mail 51 | address, posting via an official social media account, or acting as an appointed 52 | representative at an online or offline event. Representation of a project may be 53 | further defined and clarified by project maintainers. 54 | 55 | ## Enforcement 56 | 57 | Instances of abusive, harassing, or otherwise unacceptable behavior may be 58 | reported by contacting the project team at . All 59 | complaints will be reviewed and investigated and will result in a response that 60 | is deemed necessary and appropriate to the circumstances. The project team is 61 | obligated to maintain confidentiality with regard to the reporter of an incident. 62 | Further details of specific enforcement policies may be posted separately. 63 | 64 | Project maintainers who do not follow or enforce the Code of Conduct in good 65 | faith may face temporary or permanent repercussions as determined by other 66 | members of the project's leadership. 67 | 68 | ## Attribution 69 | 70 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, 71 | available at [http://contributor-covenant.org/version/1/4][version] 72 | 73 | [homepage]: http://contributor-covenant.org 74 | [version]: http://contributor-covenant.org/version/1/4/ 75 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing Guide 2 | 3 | Please follow [the instructions on graylog.org](https://www.graylog.org/get-involved/). 4 | 5 | ## Code of Conduct 6 | 7 | In the interest of fostering an open and welcoming environment, we as 8 | contributors and maintainers pledge to making participation in our project and 9 | our community a harassment-free experience for everyone, regardless of age, body 10 | size, disability, ethnicity, gender identity and expression, level of experience, 11 | nationality, personal appearance, race, religion, or sexual identity and 12 | orientation. 13 | 14 | Please read and understand the [Code of Conduct](https://github.com/Graylog2/puppet-graylog/blob/master/CODE_OF_CONDUCT.md). 15 | 16 | ## Development 17 | 18 | ### testing 19 | PDK supports three different types of tests, and contributions are expected to pass all three suites. 20 | 21 | #### Validation 22 | PDK should be used to validate the following items: 23 | * metadata.json syntax 24 | * Puppet syntax 25 | * Puppet code style 26 | * Ruby code style 27 | 28 | To run the validation is simple. 29 | 30 | ```bash 31 | pdk validate --parallel 32 | ``` 33 | 34 | #### Unit tests 35 | All classes should have associated unit tests. If you are developing a new class or contributing code to an existing one, it is expected that the code will be accompanied by associated unit test(s). 36 | 37 | To run the unit test suite is fairly easy 38 | ```bash 39 | # Run the full suite in parallel 40 | pdk test unit --parallel 41 | 42 | # Run a specific test 43 | pdk test unit --tests=./spec/classes/init_spec.rb 44 | ``` 45 | 46 | #### Acceptance testing 47 | To ensure that this module actually does what is expected on a managed machine, we need to test the actual application of it. This is accomplished via litmus, which utilizes docker containers to run the module. The running of this suite is broken up into several different steps. 48 | 49 | 1. Provision the container(s) 50 | 2. Install the puppet agent on the container(s) 51 | 3. Install the graylog module (and dependencies) on the container(s) 52 | 4. Apply the module and test the container(s) 53 | 5. Clean up the container(s) 54 | 55 | A normal development process would follow steps 1-4 and then repeat 3 and 4 until all tests pass and then step 5. 56 | 57 | For more information about litmus, please see [the documentation](https://puppetlabs.github.io/litmus/). 58 | 59 | ##### Provision container(s) 60 | There are several sets of containers defined for this module in `provision.yaml`. The full test suite is called default, but this is an arbitrary name. For development, it may be desirable to have only a single container to test against for that you could utilize the set named single. 61 | 62 | ```bash 63 | # The full set of supported OS containers 64 | pdk bundle exec rake 'litmus:provision_list[default]' 65 | 66 | # A single Ubuntu 22.04 container (for quicker test runs) 67 | pdk bundle exec rake 'litmus:provision_list[single]' 68 | 69 | # Debian family containers 70 | pdk bundle exec rake 'litmus:provision_list[debian]' 71 | 72 | # RedHat family containers 73 | pdk bundle exec rake 'litmus:provision_list[redhat]' 74 | ``` 75 | 76 | ##### Install the puppet agent 77 | In order to run puppet code on the containers, puppet needs to be installed on them. It is possible to specify which version of the agent to install, but the default is the latest version. 78 | 79 | ```bash 80 | # Install latest 81 | pdk bundle exec rake 'litmus:install_agent' 82 | 83 | # Install puppet 7 84 | pdk bundle exec rake 'litmus:install_agent[puppet7]' 85 | ``` 86 | 87 | ##### Install the module (and dependencies) 88 | Every time you change module code, you need to ensure that code is installed on the test containers. 89 | 90 | ```bash 91 | pdk bundle exec rake 'litmus:install_module' 92 | ``` 93 | 94 | ##### Run the acceptance tests 95 | The acceptance tests run puppet code on the test containers and examines the containers after to ensure that the systems look the way the tests say they should. The thing to note about the acceptance tests is that they don't revert the state of the container between units. 96 | 97 | ```bash 98 | pdk bundle exec rake 'litmus:acceptance:parallel' 99 | ``` 100 | 101 | ##### Clean up the containers 102 | Once you no longer need the containers or need to start again with clean containers, you can run the command to delete all of them. 103 | 104 | ```bash 105 | pdk bundle exec rake 'litmus:tear_down' 106 | ``` 107 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source ENV['GEM_SOURCE'] || 'https://rubygems.org' 2 | 3 | def location_for(place_or_version, fake_version = nil) 4 | git_url_regex = %r{\A(?(https?|git)[:@][^#]*)(#(?.*))?} 5 | file_url_regex = %r{\Afile:\/\/(?.*)} 6 | 7 | if place_or_version && (git_url = place_or_version.match(git_url_regex)) 8 | [fake_version, { git: git_url[:url], branch: git_url[:branch], require: false }].compact 9 | elsif place_or_version && (file_url = place_or_version.match(file_url_regex)) 10 | ['>= 0', { path: File.expand_path(file_url[:path]), require: false }] 11 | else 12 | [place_or_version, { require: false }] 13 | end 14 | end 15 | 16 | group :development do 17 | gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) 18 | gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) 19 | gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) 20 | gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) 21 | gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) 22 | gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) 23 | gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false 24 | gem "facterdb", '~> 1.18', require: false 25 | gem "metadata-json-lint", '~> 3.0', require: false 26 | gem "puppetlabs_spec_helper", '~> 6.0', require: false 27 | gem "rspec-puppet-facts", '~> 2.0', require: false 28 | gem "codecov", '~> 0.2', require: false 29 | gem "dependency_checker", '~> 1.0.0', require: false 30 | gem "parallel_tests", '= 3.12.1', require: false 31 | gem "pry", '~> 0.10', require: false 32 | gem "simplecov-console", '~> 0.5', require: false 33 | gem "puppet-debugger", '~> 1.0', require: false 34 | gem "rubocop", '= 1.48.1', require: false 35 | gem "rubocop-performance", '= 1.16.0', require: false 36 | gem "rubocop-rspec", '= 2.19.0', require: false 37 | gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] 38 | end 39 | group :system_tests do 40 | gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] 41 | gem "serverspec", '~> 2.41', require: false 42 | end 43 | 44 | puppet_version = ENV['PUPPET_GEM_VERSION'] 45 | facter_version = ENV['FACTER_GEM_VERSION'] 46 | hiera_version = ENV['HIERA_GEM_VERSION'] 47 | 48 | gems = {} 49 | 50 | gems['puppet'] = location_for(puppet_version) 51 | 52 | # If facter or hiera versions have been specified via the environment 53 | # variables 54 | 55 | gems['facter'] = location_for(facter_version) if facter_version 56 | gems['hiera'] = location_for(hiera_version) if hiera_version 57 | 58 | gems.each do |gem_name, gem_params| 59 | gem gem_name, *gem_params 60 | end 61 | 62 | # Evaluate Gemfile.local and ~/.gemfile if they exist 63 | extra_gemfiles = [ 64 | "#{__FILE__}.local", 65 | File.join(Dir.home, '.gemfile'), 66 | ] 67 | 68 | extra_gemfiles.each do |gemfile| 69 | if File.file?(gemfile) && File.readable?(gemfile) 70 | eval(File.read(gemfile), binding) 71 | end 72 | end 73 | # vim: syntax=ruby 74 | -------------------------------------------------------------------------------- /Gemfile.lock: -------------------------------------------------------------------------------- 1 | GEM 2 | remote: https://rubygems.org/ 3 | specs: 4 | CFPropertyList (3.0.7) 5 | base64 6 | nkf 7 | rexml 8 | addressable (2.8.7) 9 | public_suffix (>= 2.0.2, < 7.0) 10 | ansi (1.5.0) 11 | ast (2.4.2) 12 | awesome_print (1.9.2) 13 | aws-eventstream (1.3.0) 14 | aws-partitions (1.1034.0) 15 | aws-sdk-core (3.214.1) 16 | aws-eventstream (~> 1, >= 1.3.0) 17 | aws-partitions (~> 1, >= 1.992.0) 18 | aws-sigv4 (~> 1.9) 19 | jmespath (~> 1, >= 1.6.1) 20 | aws-sdk-ec2 (1.498.0) 21 | aws-sdk-core (~> 3, >= 3.210.0) 22 | aws-sigv4 (~> 1.5) 23 | aws-sigv4 (1.10.1) 24 | aws-eventstream (~> 1, >= 1.0.2) 25 | base64 (0.2.0) 26 | bigdecimal (3.1.9) 27 | bindata (2.5.0) 28 | bolt (4.0.0) 29 | CFPropertyList (>= 2.2) 30 | addressable (~> 2.5) 31 | aws-sdk-ec2 (~> 1) 32 | concurrent-ruby (~> 1.0) 33 | ffi (>= 1.9.25, < 2.0.0) 34 | hiera-eyaml (~> 3) 35 | jwt (~> 2.2) 36 | logging (~> 2.2) 37 | minitar (~> 0.6) 38 | net-scp (>= 1.2, < 5.0) 39 | net-ssh (>= 4.0, < 8.0) 40 | net-ssh-krb (~> 0.5) 41 | orchestrator_client (~> 0.7) 42 | puppet (>= 6.18.0) 43 | puppet-resource_api (>= 1.8.1) 44 | puppet-strings (>= 2.3.0, < 5.0) 45 | puppetfile-resolver (>= 0.6.2, < 1.0) 46 | r10k (>= 3.10, < 5) 47 | ruby_smb (~> 1.0) 48 | terminal-table (~> 3.0) 49 | winrm (~> 2.0) 50 | winrm-fs (~> 1.3) 51 | builder (3.3.0) 52 | codecov (0.6.0) 53 | simplecov (>= 0.15, < 0.22) 54 | coderay (1.1.3) 55 | colored2 (3.1.2) 56 | concurrent-ruby (1.3.4) 57 | connection_pool (2.5.0) 58 | cri (2.15.12) 59 | deep_merge (1.2.2) 60 | dependency_checker (1.0.1) 61 | parallel 62 | puppet_forge (>= 2.2, < 6.0) 63 | rake (~> 13.0) 64 | semantic_puppet (~> 1.0) 65 | diff-lcs (1.5.1) 66 | docile (1.4.1) 67 | docker-api (2.4.0) 68 | excon (>= 0.64.0) 69 | multi_json 70 | domain_name (0.6.20240107) 71 | erubi (1.13.1) 72 | excon (1.2.3) 73 | facter (4.10.0) 74 | hocon (~> 1.3) 75 | thor (>= 1.0.1, < 1.3) 76 | facterdb (1.27.0) 77 | facter (< 5.0.0) 78 | jgrep (~> 1.5, >= 1.5.4) 79 | faraday (2.12.2) 80 | faraday-net_http (>= 2.0, < 3.5) 81 | json 82 | logger 83 | faraday-follow_redirects (0.3.0) 84 | faraday (>= 1, < 3) 85 | faraday-net_http (3.4.0) 86 | net-http (>= 0.5.0) 87 | faraday-net_http_persistent (2.3.0) 88 | faraday (~> 2.5) 89 | net-http-persistent (>= 4.0.4, < 5) 90 | fast_gettext (2.4.0) 91 | prime 92 | ffi (1.17.1) 93 | forwardable (1.3.3) 94 | gettext (3.5.0) 95 | erubi 96 | locale (>= 2.0.5) 97 | prime 98 | racc 99 | text (>= 1.3.0) 100 | gettext-setup (1.1.0) 101 | fast_gettext (~> 2.1) 102 | gettext (~> 3.4) 103 | locale 104 | gssapi (1.3.1) 105 | ffi (>= 1.0.1) 106 | gyoku (1.4.0) 107 | builder (>= 2.1.2) 108 | rexml (~> 3.0) 109 | hiera (3.12.0) 110 | hiera-eyaml (3.4.0) 111 | highline 112 | optimist 113 | highline (3.1.2) 114 | reline 115 | hocon (1.4.0) 116 | http-accept (1.7.0) 117 | http-cookie (1.0.8) 118 | domain_name (~> 0.5) 119 | httpclient (2.8.3) 120 | io-console (0.8.0) 121 | jgrep (1.5.4) 122 | jmespath (1.6.2) 123 | json (2.5.1) 124 | json-schema (4.3.1) 125 | addressable (>= 2.8) 126 | jwt (2.10.1) 127 | base64 128 | little-plugger (1.1.4) 129 | locale (2.1.4) 130 | log4r (1.1.10) 131 | logger (1.6.5) 132 | logging (2.4.0) 133 | little-plugger (~> 1.1) 134 | multi_json (~> 1.14) 135 | metadata-json-lint (3.0.3) 136 | json-schema (>= 2.8, < 5.0) 137 | spdx-licenses (~> 1.0) 138 | method_source (1.1.0) 139 | mime-types (3.6.0) 140 | logger 141 | mime-types-data (~> 3.2015) 142 | mime-types-data (3.2025.0107) 143 | minitar (0.12.1) 144 | mocha (1.16.1) 145 | molinillo (0.8.0) 146 | multi_json (1.15.0) 147 | net-http (0.6.0) 148 | uri 149 | net-http-persistent (4.0.5) 150 | connection_pool (~> 2.2) 151 | net-scp (4.0.0) 152 | net-ssh (>= 2.6.5, < 8.0.0) 153 | net-ssh (7.3.0) 154 | net-ssh-krb (0.5.1) 155 | gssapi (~> 1.3.0) 156 | net-ssh (>= 2.0) 157 | net-telnet (0.2.0) 158 | netrc (0.11.0) 159 | nkf (0.2.0) 160 | nori (2.7.1) 161 | bigdecimal 162 | optimist (3.2.0) 163 | orchestrator_client (0.7.1) 164 | faraday (>= 1.4, < 3.0) 165 | faraday-net_http_persistent (>= 1.0, < 3.0) 166 | parallel (1.26.3) 167 | parallel_tests (3.12.1) 168 | parallel 169 | parser (3.3.6.0) 170 | ast (~> 2.4.1) 171 | racc 172 | pathspec (1.1.3) 173 | pluginator (1.5.0) 174 | prime (0.1.3) 175 | forwardable 176 | singleton 177 | pry (0.15.2) 178 | coderay (~> 1.1) 179 | method_source (~> 1.0) 180 | public_suffix (6.0.1) 181 | puppet (7.34.0) 182 | concurrent-ruby (~> 1.0) 183 | deep_merge (~> 1.0) 184 | facter (> 2.0.1, < 5) 185 | fast_gettext (>= 1.1, < 3) 186 | hiera (>= 3.2.1, < 4) 187 | locale (~> 2.1) 188 | multi_json (~> 1.10) 189 | puppet-resource_api (~> 1.5) 190 | scanf (~> 1.0) 191 | semantic_puppet (~> 1.0) 192 | puppet-blacksmith (8.0.0) 193 | puppet-modulebuilder (~> 2.0, >= 2.0.2) 194 | rest-client (~> 2.0) 195 | puppet-debugger (1.4.0) 196 | awesome_print (~> 1.7) 197 | bundler 198 | facterdb (>= 0.4.0) 199 | pluginator (~> 1.5.0) 200 | puppet (>= 6) 201 | rb-readline (>= 0.5.5) 202 | table_print (>= 1.0.0) 203 | tty-pager (~> 0.14) 204 | puppet-lint (4.2.4) 205 | puppet-lint-absolute_classname-check (4.0.0) 206 | puppet-lint (>= 3.0, < 5) 207 | puppet-lint-anchor-check (2.0.0) 208 | puppet-lint (>= 3, < 5) 209 | puppet-lint-file_ensure-check (2.0.0) 210 | puppet-lint (>= 3, < 5) 211 | puppet-lint-leading_zero-check (2.0.0) 212 | puppet-lint (>= 3, < 5) 213 | puppet-lint-lookup_in_parameter-check (2.0.0) 214 | puppet-lint (>= 3, < 5) 215 | puppet-lint-manifest_whitespace-check (0.3.0) 216 | puppet-lint (>= 1.0, < 5) 217 | puppet-lint-optional_default-check (2.0.0) 218 | puppet-lint (>= 3, < 5) 219 | puppet-lint-param-docs (2.0.0) 220 | puppet-lint (>= 3, < 5) 221 | puppet-lint-param-types (2.0.0) 222 | puppet-lint (>= 3, < 5) 223 | puppet-lint-params_empty_string-check (2.0.0) 224 | puppet-lint (>= 3, < 5) 225 | puppet-lint-resource_reference_syntax (2.0.0) 226 | puppet-lint (>= 3, < 5) 227 | puppet-lint-strict_indent-check (3.0.0) 228 | puppet-lint (>= 3, < 5) 229 | puppet-lint-topscope-variable-check (2.0.0) 230 | puppet-lint (>= 3, < 5) 231 | puppet-lint-trailing_comma-check (2.0.0) 232 | puppet-lint (>= 3, < 5) 233 | puppet-lint-unquoted_string-check (3.0.0) 234 | puppet-lint (>= 3, < 5) 235 | puppet-lint-variable_contains_upcase (2.0.0) 236 | puppet-lint (>= 3, < 5) 237 | puppet-lint-version_comparison-check (2.0.0) 238 | puppet-lint (>= 3, < 5) 239 | puppet-modulebuilder (2.0.2) 240 | minitar (~> 0.9) 241 | pathspec (>= 0.2.1, < 3.0.0) 242 | puppet-resource_api (1.9.0) 243 | hocon (>= 1.0) 244 | puppet-strings (4.1.3) 245 | rgen (~> 0.9) 246 | yard (~> 0.9, < 0.9.37) 247 | puppet-syntax (3.3.0) 248 | puppet (>= 5) 249 | rake 250 | puppet_forge (5.0.4) 251 | faraday (~> 2.0) 252 | faraday-follow_redirects (~> 0.3.0) 253 | minitar (< 1.0.0) 254 | semantic_puppet (~> 1.0) 255 | puppet_litmus (1.6.1) 256 | bolt (~> 4.0) 257 | docker-api (>= 1.34, < 3.0.0) 258 | parallel 259 | puppet-modulebuilder (>= 0.3.0) 260 | retryable (~> 3.0) 261 | rspec 262 | tty-spinner (>= 0.5.0, < 1.0.0) 263 | puppetfile-resolver (0.6.3) 264 | molinillo (~> 0.6) 265 | semantic_puppet (~> 1.0) 266 | puppetlabs_spec_helper (6.0.3) 267 | mocha (~> 1.0) 268 | pathspec (>= 0.2, < 2.0.0) 269 | puppet-lint (~> 4.0) 270 | puppet-syntax (~> 3.0) 271 | rspec-github (~> 2.0) 272 | rspec-puppet (~> 4.0) 273 | r10k (4.1.0) 274 | colored2 (= 3.1.2) 275 | cri (>= 2.15.10) 276 | gettext-setup (>= 0.24, < 2.0) 277 | jwt (>= 2.2.3, < 3) 278 | log4r (= 1.1.10) 279 | minitar (~> 0.9) 280 | multi_json (~> 1.10) 281 | puppet_forge (>= 4.1, < 6) 282 | racc (1.8.1) 283 | rainbow (3.1.1) 284 | rake (13.2.1) 285 | rb-readline (0.5.5) 286 | regexp_parser (2.10.0) 287 | reline (0.6.0) 288 | io-console (~> 0.5) 289 | rest-client (2.1.0) 290 | http-accept (>= 1.7.0, < 2.0) 291 | http-cookie (>= 1.0.2, < 2.0) 292 | mime-types (>= 1.16, < 4.0) 293 | netrc (~> 0.8) 294 | retryable (3.0.5) 295 | rexml (3.4.0) 296 | rgen (0.9.1) 297 | rspec (3.13.0) 298 | rspec-core (~> 3.13.0) 299 | rspec-expectations (~> 3.13.0) 300 | rspec-mocks (~> 3.13.0) 301 | rspec-core (3.13.2) 302 | rspec-support (~> 3.13.0) 303 | rspec-expectations (3.13.3) 304 | diff-lcs (>= 1.2.0, < 2.0) 305 | rspec-support (~> 3.13.0) 306 | rspec-github (2.4.0) 307 | rspec-core (~> 3.0) 308 | rspec-its (2.0.0) 309 | rspec-core (>= 3.13.0) 310 | rspec-expectations (>= 3.13.0) 311 | rspec-mocks (3.13.2) 312 | diff-lcs (>= 1.2.0, < 2.0) 313 | rspec-support (~> 3.13.0) 314 | rspec-puppet (4.0.2) 315 | rspec (~> 3.0) 316 | rspec-puppet-facts (2.0.5) 317 | facter 318 | facterdb (>= 0.5.0) 319 | puppet 320 | rspec-support (3.13.2) 321 | rubocop (1.48.1) 322 | json (~> 2.3) 323 | parallel (~> 1.10) 324 | parser (>= 3.2.0.0) 325 | rainbow (>= 2.2.2, < 4.0) 326 | regexp_parser (>= 1.8, < 3.0) 327 | rexml (>= 3.2.5, < 4.0) 328 | rubocop-ast (>= 1.26.0, < 2.0) 329 | ruby-progressbar (~> 1.7) 330 | unicode-display_width (>= 2.4.0, < 3.0) 331 | rubocop-ast (1.37.0) 332 | parser (>= 3.3.1.0) 333 | rubocop-capybara (2.21.0) 334 | rubocop (~> 1.41) 335 | rubocop-performance (1.16.0) 336 | rubocop (>= 1.7.0, < 2.0) 337 | rubocop-ast (>= 0.4.0) 338 | rubocop-rspec (2.19.0) 339 | rubocop (~> 1.33) 340 | rubocop-capybara (~> 2.17) 341 | ruby-progressbar (1.13.0) 342 | ruby_smb (1.1.0) 343 | bindata 344 | rubyntlm 345 | windows_error 346 | rubyntlm (0.6.5) 347 | base64 348 | rubyzip (2.4.1) 349 | scanf (1.0.0) 350 | semantic_puppet (1.1.1) 351 | serverspec (2.42.3) 352 | multi_json 353 | rspec (~> 3.0) 354 | rspec-its 355 | specinfra (~> 2.72) 356 | sfl (2.3) 357 | simplecov (0.21.2) 358 | docile (~> 1.1) 359 | simplecov-html (~> 0.11) 360 | simplecov_json_formatter (~> 0.1) 361 | simplecov-console (0.9.2) 362 | ansi 363 | simplecov 364 | terminal-table 365 | simplecov-html (0.13.1) 366 | simplecov_json_formatter (0.1.4) 367 | singleton (0.3.0) 368 | spdx-licenses (1.3.0) 369 | specinfra (2.91.0) 370 | base64 371 | net-scp 372 | net-ssh (>= 2.7) 373 | net-telnet 374 | sfl 375 | strings (0.2.1) 376 | strings-ansi (~> 0.2) 377 | unicode-display_width (>= 1.5, < 3.0) 378 | unicode_utils (~> 1.4) 379 | strings-ansi (0.2.0) 380 | table_print (1.5.7) 381 | terminal-table (3.0.2) 382 | unicode-display_width (>= 1.1.1, < 3) 383 | text (1.3.1) 384 | thor (1.2.2) 385 | tty-cursor (0.7.1) 386 | tty-pager (0.14.0) 387 | strings (~> 0.2.0) 388 | tty-screen (~> 0.8) 389 | tty-screen (0.8.2) 390 | tty-spinner (0.9.3) 391 | tty-cursor (~> 0.7) 392 | unicode-display_width (2.6.0) 393 | unicode_utils (1.4.0) 394 | uri (1.0.2) 395 | voxpupuli-puppet-lint-plugins (5.0.0) 396 | puppet-lint (~> 4.0) 397 | puppet-lint-absolute_classname-check (~> 4.0) 398 | puppet-lint-anchor-check (~> 2.0) 399 | puppet-lint-file_ensure-check (~> 2.0) 400 | puppet-lint-leading_zero-check (~> 2.0) 401 | puppet-lint-lookup_in_parameter-check (~> 2.0) 402 | puppet-lint-manifest_whitespace-check (~> 0.3, < 1.0.0) 403 | puppet-lint-optional_default-check (~> 2.0) 404 | puppet-lint-param-docs (~> 2.0) 405 | puppet-lint-param-types (~> 2.0) 406 | puppet-lint-params_empty_string-check (~> 2.0) 407 | puppet-lint-resource_reference_syntax (~> 2.0) 408 | puppet-lint-strict_indent-check (~> 3.0) 409 | puppet-lint-topscope-variable-check (~> 2.0) 410 | puppet-lint-trailing_comma-check (~> 2.0) 411 | puppet-lint-unquoted_string-check (~> 3.0) 412 | puppet-lint-variable_contains_upcase (~> 2.0) 413 | puppet-lint-version_comparison-check (~> 2.0) 414 | windows_error (0.1.5) 415 | winrm (2.3.9) 416 | builder (>= 2.1.2) 417 | erubi (~> 1.8) 418 | gssapi (~> 1.2) 419 | gyoku (~> 1.0) 420 | httpclient (~> 2.2, >= 2.2.0.2) 421 | logging (>= 1.6.1, < 3.0) 422 | nori (~> 2.0, >= 2.7.1) 423 | rexml (~> 3.0) 424 | rubyntlm (~> 0.6.0, >= 0.6.3) 425 | winrm-fs (1.3.5) 426 | erubi (~> 1.8) 427 | logging (>= 1.6.1, < 3.0) 428 | rubyzip (~> 2.0) 429 | winrm (~> 2.0) 430 | yard (0.9.36) 431 | 432 | PLATFORMS 433 | x86_64-linux 434 | 435 | DEPENDENCIES 436 | codecov (~> 0.2) 437 | dependency_checker (~> 1.0.0) 438 | facterdb (~> 1.18) 439 | json (= 2.5.1) 440 | metadata-json-lint (~> 3.0) 441 | parallel_tests (= 3.12.1) 442 | pry (~> 0.10) 443 | puppet 444 | puppet-blacksmith 445 | puppet-debugger (~> 1.0) 446 | puppet_litmus (~> 1.0) 447 | puppetlabs_spec_helper (~> 6.0) 448 | rb-readline (= 0.5.5) 449 | rspec-puppet-facts (~> 2.0) 450 | rubocop (= 1.48.1) 451 | rubocop-performance (= 1.16.0) 452 | rubocop-rspec (= 2.19.0) 453 | serverspec (~> 2.41) 454 | simplecov-console (~> 0.5) 455 | voxpupuli-puppet-lint-plugins (~> 5.0) 456 | 457 | BUNDLED WITH 458 | 2.4.13 459 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | 2 | Apache License 3 | Version 2.0, January 2004 4 | http://www.apache.org/licenses/ 5 | 6 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 7 | 8 | 1. Definitions. 9 | 10 | "License" shall mean the terms and conditions for use, reproduction, 11 | and distribution as defined by Sections 1 through 9 of this document. 12 | 13 | "Licensor" shall mean the copyright owner or entity authorized by 14 | the copyright owner that is granting the License. 15 | 16 | "Legal Entity" shall mean the union of the acting entity and all 17 | other entities that control, are controlled by, or are under common 18 | control with that entity. For the purposes of this definition, 19 | "control" means (i) the power, direct or indirect, to cause the 20 | direction or management of such entity, whether by contract or 21 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 22 | outstanding shares, or (iii) beneficial ownership of such entity. 23 | 24 | "You" (or "Your") shall mean an individual or Legal Entity 25 | exercising permissions granted by this License. 26 | 27 | "Source" form shall mean the preferred form for making modifications, 28 | including but not limited to software source code, documentation 29 | source, and configuration files. 30 | 31 | "Object" form shall mean any form resulting from mechanical 32 | transformation or translation of a Source form, including but 33 | not limited to compiled object code, generated documentation, 34 | and conversions to other media types. 35 | 36 | "Work" shall mean the work of authorship, whether in Source or 37 | Object form, made available under the License, as indicated by a 38 | copyright notice that is included in or attached to the work 39 | (an example is provided in the Appendix below). 40 | 41 | "Derivative Works" shall mean any work, whether in Source or Object 42 | form, that is based on (or derived from) the Work and for which the 43 | editorial revisions, annotations, elaborations, or other modifications 44 | represent, as a whole, an original work of authorship. For the purposes 45 | of this License, Derivative Works shall not include works that remain 46 | separable from, or merely link (or bind by name) to the interfaces of, 47 | the Work and Derivative Works thereof. 48 | 49 | "Contribution" shall mean any work of authorship, including 50 | the original version of the Work and any modifications or additions 51 | to that Work or Derivative Works thereof, that is intentionally 52 | submitted to Licensor for inclusion in the Work by the copyright owner 53 | or by an individual or Legal Entity authorized to submit on behalf of 54 | the copyright owner. For the purposes of this definition, "submitted" 55 | means any form of electronic, verbal, or written communication sent 56 | to the Licensor or its representatives, including but not limited to 57 | communication on electronic mailing lists, source code control systems, 58 | and issue tracking systems that are managed by, or on behalf of, the 59 | Licensor for the purpose of discussing and improving the Work, but 60 | excluding communication that is conspicuously marked or otherwise 61 | designated in writing by the copyright owner as "Not a Contribution." 62 | 63 | "Contributor" shall mean Licensor and any individual or Legal Entity 64 | on behalf of whom a Contribution has been received by Licensor and 65 | subsequently incorporated within the Work. 66 | 67 | 2. Grant of Copyright License. Subject to the terms and conditions of 68 | this License, each Contributor hereby grants to You a perpetual, 69 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 70 | copyright license to reproduce, prepare Derivative Works of, 71 | publicly display, publicly perform, sublicense, and distribute the 72 | Work and such Derivative Works in Source or Object form. 73 | 74 | 3. Grant of Patent License. Subject to the terms and conditions of 75 | this License, each Contributor hereby grants to You a perpetual, 76 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 77 | (except as stated in this section) patent license to make, have made, 78 | use, offer to sell, sell, import, and otherwise transfer the Work, 79 | where such license applies only to those patent claims licensable 80 | by such Contributor that are necessarily infringed by their 81 | Contribution(s) alone or by combination of their Contribution(s) 82 | with the Work to which such Contribution(s) was submitted. If You 83 | institute patent litigation against any entity (including a 84 | cross-claim or counterclaim in a lawsuit) alleging that the Work 85 | or a Contribution incorporated within the Work constitutes direct 86 | or contributory patent infringement, then any patent licenses 87 | granted to You under this License for that Work shall terminate 88 | as of the date such litigation is filed. 89 | 90 | 4. Redistribution. You may reproduce and distribute copies of the 91 | Work or Derivative Works thereof in any medium, with or without 92 | modifications, and in Source or Object form, provided that You 93 | meet the following conditions: 94 | 95 | (a) You must give any other recipients of the Work or 96 | Derivative Works a copy of this License; and 97 | 98 | (b) You must cause any modified files to carry prominent notices 99 | stating that You changed the files; and 100 | 101 | (c) You must retain, in the Source form of any Derivative Works 102 | that You distribute, all copyright, patent, trademark, and 103 | attribution notices from the Source form of the Work, 104 | excluding those notices that do not pertain to any part of 105 | the Derivative Works; and 106 | 107 | (d) If the Work includes a "NOTICE" text file as part of its 108 | distribution, then any Derivative Works that You distribute must 109 | include a readable copy of the attribution notices contained 110 | within such NOTICE file, excluding those notices that do not 111 | pertain to any part of the Derivative Works, in at least one 112 | of the following places: within a NOTICE text file distributed 113 | as part of the Derivative Works; within the Source form or 114 | documentation, if provided along with the Derivative Works; or, 115 | within a display generated by the Derivative Works, if and 116 | wherever such third-party notices normally appear. The contents 117 | of the NOTICE file are for informational purposes only and 118 | do not modify the License. You may add Your own attribution 119 | notices within Derivative Works that You distribute, alongside 120 | or as an addendum to the NOTICE text from the Work, provided 121 | that such additional attribution notices cannot be construed 122 | as modifying the License. 123 | 124 | You may add Your own copyright statement to Your modifications and 125 | may provide additional or different license terms and conditions 126 | for use, reproduction, or distribution of Your modifications, or 127 | for any such Derivative Works as a whole, provided Your use, 128 | reproduction, and distribution of the Work otherwise complies with 129 | the conditions stated in this License. 130 | 131 | 5. Submission of Contributions. Unless You explicitly state otherwise, 132 | any Contribution intentionally submitted for inclusion in the Work 133 | by You to the Licensor shall be under the terms and conditions of 134 | this License, without any additional terms or conditions. 135 | Notwithstanding the above, nothing herein shall supersede or modify 136 | the terms of any separate license agreement you may have executed 137 | with Licensor regarding such Contributions. 138 | 139 | 6. Trademarks. This License does not grant permission to use the trade 140 | names, trademarks, service marks, or product names of the Licensor, 141 | except as required for reasonable and customary use in describing the 142 | origin of the Work and reproducing the content of the NOTICE file. 143 | 144 | 7. Disclaimer of Warranty. Unless required by applicable law or 145 | agreed to in writing, Licensor provides the Work (and each 146 | Contributor provides its Contributions) on an "AS IS" BASIS, 147 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 148 | implied, including, without limitation, any warranties or conditions 149 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 150 | PARTICULAR PURPOSE. You are solely responsible for determining the 151 | appropriateness of using or redistributing the Work and assume any 152 | risks associated with Your exercise of permissions under this License. 153 | 154 | 8. Limitation of Liability. In no event and under no legal theory, 155 | whether in tort (including negligence), contract, or otherwise, 156 | unless required by applicable law (such as deliberate and grossly 157 | negligent acts) or agreed to in writing, shall any Contributor be 158 | liable to You for damages, including any direct, indirect, special, 159 | incidental, or consequential damages of any character arising as a 160 | result of this License or out of the use or inability to use the 161 | Work (including but not limited to damages for loss of goodwill, 162 | work stoppage, computer failure or malfunction, or any and all 163 | other commercial damages or losses), even if such Contributor 164 | has been advised of the possibility of such damages. 165 | 166 | 9. Accepting Warranty or Additional Liability. While redistributing 167 | the Work or Derivative Works thereof, You may choose to offer, 168 | and charge a fee for, acceptance of support, warranty, indemnity, 169 | or other liability obligations and/or rights consistent with this 170 | License. However, in accepting such obligations, You may act only 171 | on Your own behalf and on Your sole responsibility, not on behalf 172 | of any other Contributor, and only if You agree to indemnify, 173 | defend, and hold each Contributor harmless for any liability 174 | incurred by, or claims asserted against, such Contributor by reason 175 | of your accepting any such warranty or additional liability. 176 | 177 | END OF TERMS AND CONDITIONS 178 | 179 | APPENDIX: How to apply the Apache License to your work. 180 | 181 | To apply the Apache License to your work, attach the following 182 | boilerplate notice, with the fields enclosed by brackets "[]" 183 | replaced with your own identifying information. (Don't include 184 | the brackets!) The text should be enclosed in the appropriate 185 | comment syntax for the file format. We also recommend that a 186 | file or class name and description of purpose be included on the 187 | same "printed page" as the copyright notice for easier 188 | identification within third-party archives. 189 | 190 | Copyright [yyyy] [name of copyright owner] 191 | 192 | Licensed under the Apache License, Version 2.0 (the "License"); 193 | you may not use this file except in compliance with the License. 194 | You may obtain a copy of the License at 195 | 196 | http://www.apache.org/licenses/LICENSE-2.0 197 | 198 | Unless required by applicable law or agreed to in writing, software 199 | distributed under the License is distributed on an "AS IS" BASIS, 200 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 201 | See the License for the specific language governing permissions and 202 | limitations under the License. 203 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Graylog Puppet Module 2 | 3 | [![Build Status](https://github.com/Graylog2/puppet-graylog/actions/workflows/validate.yml/badge.svg)](https://github.com/Graylog2/puppet-graylog/actions?query=workflow%3Avalidate) 4 | [![Puppet Forge](https://img.shields.io/puppetforge/v/graylog/graylog?color=green)](https://forge.puppet.com/modules/graylog/graylog) 5 | [![Puppet Forge - downloads](https://img.shields.io/puppetforge/dt/graylog/graylog)](https://forge.puppet.com/modules/graylog/graylog) 6 | 7 | 8 | #### Table of Contents 9 | 10 | 1. [Description](#description) 11 | 1. [Setup - The basics of getting started with graylog](#setup) 12 | * [What graylog affects](#what-graylog-affects) 13 | * [Setup requirements](#setup-requirements) 14 | * [Beginning with graylog](#beginning-with-graylog) 15 | 1. [Usage - Configuration options and additional functionality](#usage) 16 | 1. [Reference - An under-the-hood peek at what the module is doing and how](#reference) 17 | 1. [Limitations - OS compatibility, etc.](#limitations) 18 | 1. [Development - Guide for contributing to the module](#development) 19 | 20 | ## Description 21 | 22 | This module can be used to install and configure a Graylog system. (https://www.graylog.org/) 23 | 24 | ### Native Types 25 | 26 | Native types to configure dashboards, inputs, streams and others are provided 27 | by the community maintained [puppet-graylog_api](https://github.com/magicmemories/puppet-graylog_api) 28 | module. 29 | 30 | ## Setup 31 | 32 | ### What graylog affects 33 | 34 | The graylog module manages the following things: 35 | 36 | * APT/YUM repository 37 | * Graylog packages 38 | * Graylog configuration files 39 | * Graylog service 40 | 41 | ### Setup Requirements 42 | 43 | The module only manages Graylog itself. You need other modules to install 44 | the required dependencies like MongoDB and OpenSearch. 45 | 46 | You could use the following modules to install dependencies: 47 | 48 | * [puppet/mongodb](https://forge.puppet.com/puppet/mongodb) 49 | * [puppet/opensearch](https://forge.puppet.com/modules/puppet/opensearch) 50 | 51 | ### Beginning with graylog 52 | 53 | The following modules are required to use the graylog module: 54 | 55 | * [puppetlabs/apt](https://forge.puppet.com/puppetlabs/apt) 56 | * [puppetlabs/stdlib](https://forge.puppet.com/puppetlabs/stdlib) 57 | 58 | Those dependencies are automatically installed if you are using the Puppet 59 | module tool or something like [librarian-puppet](https://github.com/voxpupuli/librarian-puppet). 60 | 61 | #### Puppet Module Tool 62 | 63 | Use the following command to install the graylog module via the Puppet module 64 | tool. 65 | 66 | ``` 67 | puppet module install graylog/graylog 68 | ``` 69 | 70 | #### librarian-puppet 71 | 72 | Add the following snippet to your `Puppetfile`. 73 | 74 | ``` 75 | mod 'graylog/graylog', 'x.x.x' 76 | ``` 77 | 78 | Make sure to use the latest version of the graylog module! 79 | 80 | ## Usage 81 | 82 | As mentioned above, the graylog module only manages the Graylog system. Other 83 | requirements like MongoDB and OpenSearch need to be managed via 84 | other modules. 85 | 86 | The following config creates a setup with MongoDB, OpenSearch and Graylog 87 | on a single node. 88 | 89 | ```puppet 90 | class { 'mongodb::globals': 91 | manage_package_repo => true, 92 | }-> 93 | class { 'mongodb::server': 94 | bind_ip => ['127.0.0.1'], 95 | } 96 | 97 | class { 'opensearch': 98 | version => '2.9.0', 99 | } 100 | 101 | class { 'graylog::repository': 102 | version => '6.1' 103 | }-> 104 | class { 'graylog::server': 105 | package_version => '6.1.5-2', 106 | config => { 107 | 'password_secret' => '...', # Fill in your password secret 108 | 'root_password_sha2' => '...', # Fill in your root password hash 109 | } 110 | } 111 | ``` 112 | 113 | ### A more complex example 114 | 115 | ```puppet 116 | class { '::graylog::repository': 117 | version => '6.1' 118 | }-> 119 | class { '::graylog::server': 120 | config => { 121 | is_leader => true, 122 | node_id_file => '/etc/graylog/server/node-id', 123 | password_secret => 'password_secret', 124 | root_username => 'admin', 125 | root_password_sha2 => 'root_password_sha2', 126 | root_timezone => 'Europe/Berlin', 127 | allow_leading_wildcard_searches => true, 128 | allow_highlighting => true, 129 | http_bind_address => '0.0.0.0:9000', 130 | http_external_uri => 'https://graylog01.domain.local:9000/', 131 | http_enable_tls => true, 132 | http_tls_cert_file => '/etc/ssl/graylog/graylog_cert_chain.crt', 133 | http_tls_key_file => '/etc/ssl/graylog/graylog_key_pkcs8.pem', 134 | http_tls_key_password => 'sslkey-password', 135 | rotation_strategy => 'time', 136 | retention_strategy => 'delete', 137 | elasticsearch_max_time_per_index => '1d', 138 | elasticsearch_max_number_of_indices => '30', 139 | elasticsearch_shards => '4', 140 | elasticsearch_replicas => '1', 141 | elasticsearch_index_prefix => 'graylog', 142 | elasticsearch_hosts => 'http://opensearch01.domain.local:9200,http://opensearch02.domain.local:9200', 143 | mongodb_uri => 'mongodb://mongouser:mongopass@mongodb01.domain.local:27017,mongodb02.domain.local:27017,mongodb03.domain.local:27017/graylog', 144 | }, 145 | } 146 | ``` 147 | 148 | ## Reference 149 | 150 | ### Classes 151 | 152 | #### Public Classes 153 | 154 | * `graylog::repository`: Manages the official Graylog package repository 155 | * `graylog::server`: Installs, configures and manages the Graylog server service 156 | 157 | #### Private Classes 158 | 159 | * `graylog::params`: Default settings for different platforms 160 | * `graylog::repository::apt`: Manages APT repositories 161 | * `graylog::repository::yum`: Manages YUM repositories 162 | 163 | #### Class: graylog::repository 164 | 165 | ##### `version` 166 | 167 | This setting is used to set the repository version that should be used to install 168 | the Graylog package. The Graylog package repositories are separated by major 169 | version. 170 | 171 | It defaults to `$graylog::params::major_version`. 172 | 173 | Example: `version => '6.1'` 174 | 175 | ##### `url` 176 | 177 | This setting is used to set the package repository url. 178 | 179 | **Note:** The module automatically detects the url for your platform so this 180 | setting should not be changed. 181 | 182 | ##### `proxy` 183 | 184 | This setting is used to facilitate package installation with proxy. 185 | 186 | ##### `release` 187 | 188 | This setting is used to set the package repository release. 189 | 190 | **Note:** The Graylog package repositories only use `stable` as a release so 191 | this setting should not be changed. 192 | 193 | #### Class: graylog::server 194 | 195 | The `graylog::server` class configures the Graylog server service. 196 | 197 | ##### `package_name` 198 | 199 | This setting is used to choose the Graylog package name. It defaults to 200 | `graylog-server` to install Graylog Open. You can use `graylog-enterprise` 201 | to install the Graylog Enterprise package. 202 | 203 | Example: `package_name => 'graylog-server'` 204 | 205 | ##### `package_version` 206 | 207 | This setting is used to choose the Graylog package version. It defaults to 208 | `installed` which means it installs the latest version that is available at 209 | install time. You can also use `latest` so it will always update to the latest 210 | stable version if a new one is available. 211 | 212 | Example: `package_version => '6.1.5-2'` 213 | 214 | ##### `config` 215 | 216 | This setting is used to specify the Graylog server configuration. The server 217 | configuration consists of key value pairs. Every available config option can 218 | be used here. 219 | 220 | See the [example graylog.conf](https://github.com/Graylog2/graylog2-server/blob/master/misc/graylog.conf) 221 | to see a list of available options. 222 | 223 | Required settings: 224 | 225 | * `password_secret` 226 | * `root_password_sha2` 227 | 228 | Please find some default settings in `$graylog::params::default_config`. 229 | 230 | Example: 231 | 232 | ``` 233 | config => { 234 | 'password_secret' => '...', 235 | 'root_password_sha2' => '...', 236 | 'is_leader' => true, 237 | 'output_batch_size' => 2500, 238 | } 239 | ``` 240 | 241 | ##### `user` 242 | 243 | This setting is used to specify the owner for files and directories. 244 | 245 | **Note:** This defaults to `graylog` because the official Graylog package uses 246 | that account to run the server. Only change it if you know what you are doing. 247 | 248 | ##### `group` 249 | 250 | This setting is used to specify the group for files and directories. 251 | 252 | **Note:** This defaults to `graylog` because the official Graylog package uses 253 | that account to run the server. Only change it if you know what you are doing. 254 | 255 | ##### `ensure` 256 | 257 | This setting is used to configure if the Graylog service should be running or 258 | not. It defaults to `running`. 259 | 260 | Available options: `running`, 'stopped' 261 | 262 | ##### `enable` 263 | 264 | This setting is used to configure if the Graylog service should be enabled. 265 | It defaults to `true`. 266 | 267 | ##### `java_initial_heap_size` 268 | 269 | Sets the initial Java heap size (-Xms) for Graylog. Defaults to `1g`. 270 | 271 | ##### `java_max_heap_size` 272 | 273 | Sets the maximum Java heap size (-Xmx) for Graylog. Defaults to `1g`. 274 | 275 | ##### `java_opts` 276 | 277 | Additional java options for Graylog. Defaults to ``. 278 | 279 | ##### `restart_on_package_upgrade` 280 | 281 | This setting restarts the `graylog-server` service if the os package is upgraded. 282 | It defaults to `false`. 283 | 284 | ## Limitations 285 | 286 | Supported Graylog versions: 287 | 288 | * 5.x 289 | 290 | Supported platforms: 291 | 292 | * Ubuntu/Debian 293 | * RedHat/CentOS 294 | 295 | ## Development 296 | You can test this module by using the associated PDK commands. 297 | 298 | ```bash 299 | pdk validate # Ensure code style conforms to recommendations 300 | pdk test unit --parallel # Run unit tests (in parallel) 301 | 302 | # 303 | # Acceptance (litmus) tests, requires docker 304 | # 305 | pdk bundle exec rake 'litmus:provision_list[default]' 306 | pdk bundle exec rake 'litmus:install_agent' 307 | pdk bundle exec rake 'litmus:install_module' 308 | pdk bundle exec rake 'litmus:acceptance:parallel' 309 | pdk bundle exec rake 'litmus:tear_down' 310 | ``` 311 | 312 | Please see the [CONTRIBUTING.md](CONTRIBUTING.md) and [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md) 313 | files for further details. 314 | 315 | ### Release New Version 316 | 317 | 1. Update and commit CHANGELOG 318 | 1. Bump version via `bundle exec rake -f Rakefile.release module:bump:minor` (or major/patch) 319 | 1. Commit `metadata.json` 320 | 1. Test build with `bundle exec rake -f Rakefile.release module:build` 321 | 1. Tag release with `bundle exec rake -f Rakefile.release module:tag` 322 | 1. Push release to PuppetForge with `bundle exec -f Rakefile.release rake module:push` 323 | 1. Push commits and tags to GitHub with `git push --follow-tags` 324 | -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'bundler' 4 | require 'puppet_litmus/rake_tasks' if Gem.loaded_specs.key? 'puppet_litmus' 5 | require 'puppetlabs_spec_helper/rake_tasks' 6 | require 'puppet-syntax/tasks/puppet-syntax' 7 | require 'github_changelog_generator/task' if Gem.loaded_specs.key? 'github_changelog_generator' 8 | require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings' 9 | 10 | def changelog_user 11 | return unless Rake.application.top_level_tasks.include? "changelog" 12 | returnVal = nil || JSON.load(File.read('metadata.json'))['author'] 13 | raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil? 14 | puts "GitHubChangelogGenerator user:#{returnVal}" 15 | returnVal 16 | end 17 | 18 | def changelog_project 19 | return unless Rake.application.top_level_tasks.include? "changelog" 20 | 21 | returnVal = nil 22 | returnVal ||= begin 23 | metadata_source = JSON.load(File.read('metadata.json'))['source'] 24 | metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z}) 25 | 26 | metadata_source_match && metadata_source_match[1] 27 | end 28 | 29 | raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil? 30 | 31 | puts "GitHubChangelogGenerator project:#{returnVal}" 32 | returnVal 33 | end 34 | 35 | def changelog_future_release 36 | return unless Rake.application.top_level_tasks.include? "changelog" 37 | returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version'] 38 | raise "unable to find the future_release (version) in metadata.json" if returnVal.nil? 39 | puts "GitHubChangelogGenerator future_release:#{returnVal}" 40 | returnVal 41 | end 42 | 43 | PuppetLint.configuration.send('disable_relative') 44 | 45 | 46 | if Gem.loaded_specs.key? 'github_changelog_generator' 47 | GitHubChangelogGenerator::RakeTask.new :changelog do |config| 48 | raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? 49 | config.user = "#{changelog_user}" 50 | config.project = "#{changelog_project}" 51 | config.future_release = "#{changelog_future_release}" 52 | config.exclude_labels = ['maintenance'] 53 | config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." 54 | config.add_pr_wo_labels = true 55 | config.issues = false 56 | config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB" 57 | config.configure_sections = { 58 | "Changed" => { 59 | "prefix" => "### Changed", 60 | "labels" => ["backwards-incompatible"], 61 | }, 62 | "Added" => { 63 | "prefix" => "### Added", 64 | "labels" => ["enhancement", "feature"], 65 | }, 66 | "Fixed" => { 67 | "prefix" => "### Fixed", 68 | "labels" => ["bug", "documentation", "bugfix"], 69 | }, 70 | } 71 | end 72 | else 73 | desc 'Generate a Changelog from GitHub' 74 | task :changelog do 75 | raise < 1.15' 84 | condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')" 85 | EOM 86 | end 87 | end 88 | 89 | -------------------------------------------------------------------------------- /Rakefile.release: -------------------------------------------------------------------------------- 1 | require 'puppet_blacksmith/rake_tasks' 2 | Blacksmith::RakeTask.new do |t| 3 | t.tag_pattern = "v%s" 4 | t.tag_sign = true 5 | t.tag_message_pattern = "Tag v%s" 6 | end 7 | -------------------------------------------------------------------------------- /data/common.yaml: -------------------------------------------------------------------------------- 1 | --- {} 2 | -------------------------------------------------------------------------------- /files/RPM-GPG-KEY-graylog: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP PUBLIC KEY BLOCK----- 2 | Version: GnuPG v1 3 | 4 | mQENBFOPNl0BCADchW1E+WBds4CV+PMowuPn6yWdVIStj3+JcNxML8Bo8J1NtbLw 5 | GI4iPHNP9KiPROFfLRmARLF7d3/AtGoXh8BaTKjkJCBtBq/uQbmvcJojASpMg+/P 6 | 7Ot2f+V8KGiTiOCsLcWKvxa6AIwHWatqclBZhmUgPzAGKQfXBd/7v0w+H07nMAzb 7 | RlJbJ/v8LYQloXaqaGXJduYBrzJ0l7g+lKJXs4A9TEMazO7dwlxE0v0YSL+fsKRx 8 | axo/Vyu1okkw0njR2wnB4xUtnPeJmdfumm5+4eMIV0pgBUYRCIbbiybjF88HLH3c 9 | KdOHi7LXkhvqP+niwn5N/wvtWNEJpZ4wbhYhABEBAAG0HlRPUkNIIEdtYkggPHBh 10 | Y2thZ2VzQHRvcmNoLnNoPokBOAQTAQIAIgUCU482XQIbAwYLCQgHAwIGFQgCCQoL 11 | BBYCAwECHgECF4AACgkQ1EwdjbFgbyILuwf/TyqXT/hahK1z/M/LPwmHoLxi8OTA 12 | fvk907WSQJ71GM9H0HsJRUtsNVGDu/tmRdIDl04vWDZS0Y39SF6aopOtYc1py3lS 13 | CcPrPLYtmCiRRMXuENp2K9Uo9RlDnM18M0WpZp7UYhYEX7JjM4IXm396+rPEM+Ia 14 | voJ3VHEq1er6eDhA7sLiRPHKOn92XYfnLRcY7Q+KsOAtzunpGEsycwu39yXeEFR1 15 | DnCw6Ym13dvtfbR138fbIfoQ+RxwexcJ4Fo6SyKdYMlMgjGYmyJcLRWvdNkDIP9p 16 | B0pRn/8zEuxqCN77Pbx7rlLTqXa1XAPsBI6NbA/kvdWl0MDZ+mzSYKFlZQ== 17 | =+gAB 18 | -----END PGP PUBLIC KEY BLOCK----- 19 | -------------------------------------------------------------------------------- /files/graylog-keyring.gpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Graylog2/puppet-graylog/c9e63da56a5149e7d3a4ca9a21ab4f9bb6fba33d/files/graylog-keyring.gpg -------------------------------------------------------------------------------- /hiera.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | version: 5 3 | 4 | defaults: # Used for any hierarchy level that omits these keys. 5 | datadir: data # This path is relative to hiera.yaml's directory. 6 | data_hash: yaml_data # Use the built-in YAML backend. 7 | 8 | hierarchy: 9 | - name: "osfamily/major release" 10 | paths: 11 | # Used to distinguish between Debian and Ubuntu 12 | - "os/%{facts.os.name}/%{facts.os.release.major}.yaml" 13 | - "os/%{facts.os.family}/%{facts.os.release.major}.yaml" 14 | # Used for Solaris 15 | - "os/%{facts.os.family}/%{facts.kernelrelease}.yaml" 16 | - name: "osfamily" 17 | paths: 18 | - "os/%{facts.os.name}.yaml" 19 | - "os/%{facts.os.family}.yaml" 20 | - name: 'common' 21 | path: 'common.yaml' 22 | -------------------------------------------------------------------------------- /manifests/init.pp: -------------------------------------------------------------------------------- 1 | class graylog { 2 | fail('Do not use the "graylog" class directly, use the "graylog::server" class!') 3 | } 4 | -------------------------------------------------------------------------------- /manifests/params.pp: -------------------------------------------------------------------------------- 1 | class graylog::params { 2 | $major_version = '6.1' 3 | $package_name = 'graylog-server' 4 | $package_version = 'installed' 5 | 6 | $repository_release = 'stable' 7 | 8 | $default_config = { 9 | 'bin_dir' => '/usr/share/graylog-server/bin', 10 | 'data_dir' => '/var/lib/graylog-server', 11 | 'plugin_dir' => '/usr/share/graylog-server/plugin', 12 | 'message_journal_dir' => '/var/lib/graylog-server/journal', 13 | 'is_leader' => true, 14 | } 15 | 16 | $server_user = 'graylog' 17 | $server_group = 'graylog' 18 | 19 | $java_initial_heap_size = '1g' 20 | $java_max_heap_size = '1g' 21 | $java_opts = '' 22 | } 23 | -------------------------------------------------------------------------------- /manifests/repository.pp: -------------------------------------------------------------------------------- 1 | class graylog::repository ( 2 | $version = $graylog::params::major_version, 3 | $url = undef, 4 | $proxy = undef, 5 | $release = $graylog::params::repository_release, 6 | ) inherits graylog::params { 7 | anchor { 'graylog::repository::begin': } 8 | 9 | if $url == undef { 10 | $graylog_repo_url = $facts['os']['family'] ? { 11 | 'debian' => 'https://downloads.graylog.org/repo/debian/', 12 | 'redhat' => "https://downloads.graylog.org/repo/el/${release}/${version}/\$basearch/", 13 | default => fail("${facts['os']['family']} is not supported!"), 14 | } 15 | } else { 16 | $graylog_repo_url = $url 17 | } 18 | 19 | case $facts['os']['family'] { 20 | 'debian': { 21 | class { 'graylog::repository::apt': 22 | url => $graylog_repo_url, 23 | release => $release, 24 | version => $version, 25 | proxy => $proxy, 26 | } 27 | } 28 | 'redhat': { 29 | class { 'graylog::repository::yum': 30 | url => $graylog_repo_url, 31 | proxy => $proxy, 32 | } 33 | } 34 | default: { 35 | fail("${facts['os']['family']} is not supported!") 36 | } 37 | } 38 | anchor { 'graylog::repository::end': } 39 | } 40 | -------------------------------------------------------------------------------- /manifests/repository/apt.pp: -------------------------------------------------------------------------------- 1 | class graylog::repository::apt ( 2 | $url, 3 | $release, 4 | $version, 5 | $proxy, 6 | ) { 7 | $apt_transport_package = 'apt-transport-https' 8 | $gpg_file = '/etc/apt/trusted.gpg.d/graylog-keyring.gpg' 9 | $package_sources = [ 10 | 'downloads.graylog.org', 11 | 'graylog-downloads.herokuapp.com', 12 | 'graylog2-package-repository.s3.amazonaws.com', 13 | ] 14 | 15 | anchor { 'graylog::repository::apt::begin': } 16 | 17 | if !defined(Package[$apt_transport_package]) { 18 | ensure_packages([$apt_transport_package]) 19 | } 20 | 21 | file { $gpg_file: 22 | ensure => file, 23 | owner => 'root', 24 | group => 'root', 25 | mode => '0444', 26 | source => 'puppet:///modules/graylog/graylog-keyring.gpg', 27 | notify => Exec['apt_update'], 28 | } 29 | 30 | apt::source { 'graylog': 31 | comment => 'The official Graylog package repository', 32 | location => $url, 33 | release => $release, 34 | repos => $version, 35 | include => { 36 | 'deb' => true, 37 | 'src' => false, 38 | }, 39 | require => [ 40 | File[$gpg_file], 41 | Package[$apt_transport_package], 42 | ], 43 | notify => Exec['apt_update'], 44 | } 45 | 46 | if $proxy { 47 | file { '/etc/apt/apt.conf.d/01_graylog_proxy': 48 | ensure => file, 49 | } 50 | # Each file_line resource will append http or https proxy info for its specified source into the 01_graylog_proxy file. 51 | # If a line already exists for that source, and doesn't match the provided proxy param, that line will be replaced. 52 | # If a line does not exist for that source, the provided info will be appended. 53 | $package_sources.each |String $source| { 54 | file_line { "Acquire::http::proxy::${source}": 55 | path => '/etc/apt/apt.conf.d/01_graylog_proxy', 56 | match => "Acquire::http::proxy::${source}", 57 | line => "Acquire::http::proxy::${source} \"${proxy}\";", 58 | require => File['/etc/apt/apt.conf.d/01_graylog_proxy'], 59 | before => Apt::Source['graylog'], 60 | } 61 | file_line { "Acquire::https::proxy::${source}": 62 | path => '/etc/apt/apt.conf.d/01_graylog_proxy', 63 | match => "Acquire::https::proxy::${source}", 64 | line => "Acquire::https::proxy::${source} \"${proxy}\";", 65 | require => File['/etc/apt/apt.conf.d/01_graylog_proxy'], 66 | before => Apt::Source['graylog'], 67 | } 68 | } 69 | } 70 | else { 71 | file { '/etc/apt/apt.conf.d/01_graylog_proxy': 72 | ensure => file, 73 | } 74 | # If proxy parameter has not been provided, remove any existing graylog package sources from the 01_graylog_proxy file (if 75 | # it exists) 76 | file_line { 'Remove graylog config from apt proxy file': 77 | ensure => absent, 78 | path => '/etc/apt/apt.conf.d/01_graylog_proxy', 79 | match => 'graylog', 80 | match_for_absence => true, 81 | multiple => true, 82 | before => Apt::Source['graylog'], 83 | } 84 | } 85 | 86 | anchor { 'graylog::repository::apt::end': } 87 | 88 | Anchor['graylog::repository::apt::begin'] 89 | -> Exec['apt_update'] 90 | -> Anchor['graylog::repository::apt::end'] 91 | -> Anchor['graylog::repository::end'] 92 | } 93 | -------------------------------------------------------------------------------- /manifests/repository/yum.pp: -------------------------------------------------------------------------------- 1 | class graylog::repository::yum ( 2 | $url, 3 | $proxy, 4 | ) { 5 | $gpg_file = '/etc/pki/rpm-gpg/RPM-GPG-KEY-graylog' 6 | 7 | file { $gpg_file: 8 | ensure => file, 9 | owner => 'root', 10 | group => 'root', 11 | mode => '0444', 12 | source => 'puppet:///modules/graylog/RPM-GPG-KEY-graylog', 13 | } 14 | yumrepo { 'graylog': 15 | descr => 'The official Graylog package repository', 16 | baseurl => $url, 17 | gpgkey => "file://${gpg_file}", 18 | gpgcheck => true, 19 | enabled => true, 20 | require => File[$gpg_file], 21 | proxy => $proxy, 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /manifests/server.pp: -------------------------------------------------------------------------------- 1 | class graylog::server ( 2 | $package_name = $graylog::params::package_name, 3 | $package_version = $graylog::params::package_version, 4 | Hash $config = undef, 5 | $user = $graylog::params::server_user, 6 | $group = $graylog::params::server_group, 7 | $ensure = running, 8 | $enable = true, 9 | $java_initial_heap_size = $graylog::params::java_initial_heap_size, 10 | $java_max_heap_size = $graylog::params::java_max_heap_size, 11 | $java_opts = $graylog::params::java_opts, 12 | Boolean $restart_on_package_upgrade = false, 13 | ) inherits graylog::params { 14 | if $config == undef { 15 | fail('Missing "config" setting!') 16 | } 17 | 18 | # Check mandatory settings 19 | unless 'password_secret' in $config { 20 | fail('Missing "password_secret" config setting!') 21 | } 22 | if 'root_password_sha2' in $config { 23 | if length($config['root_password_sha2']) < 64 { 24 | fail('The root_password_sha2 parameter does not look like a SHA256 checksum!') 25 | } 26 | } else { 27 | fail('Missing "root_password_sha2" config setting!') 28 | } 29 | 30 | $data = merge($graylog::params::default_config, $config) 31 | 32 | $notify = $restart_on_package_upgrade ? { 33 | true => Service['graylog-server'], 34 | default => undef, 35 | } 36 | 37 | anchor { 'graylog::server::start': } 38 | anchor { 'graylog::server::end': } 39 | 40 | package { $package_name: 41 | ensure => $package_version, 42 | notify => $notify, 43 | } 44 | 45 | file { '/etc/graylog/server/server.conf': 46 | ensure => file, 47 | owner => $user, 48 | group => $group, 49 | mode => '0640', 50 | content => Sensitive(template("${module_name}/server/graylog.conf.erb")), 51 | } 52 | 53 | case $facts['os']['family'] { 54 | 'debian': { 55 | file { '/etc/default/graylog-server': 56 | ensure => file, 57 | owner => $user, 58 | group => $group, 59 | mode => '0640', 60 | content => epp("${module_name}/server/environment.epp", 61 | { 62 | 'java_initial_heap_size' => $java_initial_heap_size, 63 | 'java_max_heap_size' => $java_max_heap_size, 64 | 'java_opts' => $java_opts 65 | }), 66 | } 67 | } 68 | 'redhat': { 69 | file { '/etc/sysconfig/graylog-server': 70 | ensure => file, 71 | owner => $user, 72 | group => $group, 73 | mode => '0640', 74 | content => epp("${module_name}/server/environment.epp", 75 | { 76 | 'java_initial_heap_size' => $java_initial_heap_size, 77 | 'java_max_heap_size' => $java_max_heap_size, 78 | 'java_opts' => $java_opts 79 | }), 80 | } 81 | } 82 | default: { 83 | fail("${facts['os']['family']} is not supported!") 84 | } 85 | } 86 | 87 | service { 'graylog-server': 88 | ensure => $ensure, 89 | enable => $enable, 90 | hasstatus => true, 91 | hasrestart => true, 92 | } 93 | 94 | Anchor['graylog::server::start'] 95 | ->Package[$package_name] 96 | ->File['/etc/graylog/server/server.conf'] 97 | ~>Service['graylog-server'] 98 | ->Anchor['graylog::server::end'] 99 | } 100 | -------------------------------------------------------------------------------- /metadata.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "graylog-graylog", 3 | "version": "2.1.0", 4 | "author": "Graylog, Inc.", 5 | "summary": "Install and configure a Graylog system", 6 | "license": "Apache-2.0", 7 | "source": "https://github.com/Graylog2/puppet-graylog", 8 | "project_page": "https://github.com/Graylog2/puppet-graylog", 9 | "issues_url": "https://github.com/Graylog2/puppet-graylog/issues", 10 | "dependencies": [ 11 | { 12 | "name": "puppetlabs/stdlib", 13 | "version_requirement": ">= 4.16.0 < 10.0.0" 14 | }, 15 | { 16 | "name": "puppetlabs/apt", 17 | "version_requirement": ">= 2.2.2 < 11.0.0" 18 | } 19 | ], 20 | "operatingsystem_support": [ 21 | { 22 | "operatingsystem": "CentOS", 23 | "operatingsystemrelease": [ 24 | "7.0", 25 | "8.0" 26 | ] 27 | }, 28 | { 29 | "operatingsystem": "OracleLinux", 30 | "operatingsystemrelease": [ 31 | "8", 32 | "9" 33 | ] 34 | }, 35 | { 36 | "operatingsystem": "Rocky", 37 | "operatingsystemrelease": [ 38 | "8", 39 | "9" 40 | ] 41 | }, 42 | { 43 | "operatingsystem": "AlmaLinux", 44 | "operatingsystemrelease": [ 45 | "8", 46 | "9" 47 | ] 48 | }, 49 | { 50 | "operatingsystem": "Ubuntu", 51 | "operatingsystemrelease": [ 52 | "18.04", 53 | "20.04", 54 | "22.04", 55 | "24.04" 56 | ] 57 | }, 58 | { 59 | "operatingsystem": "Debian", 60 | "operatingsystemrelease": [ 61 | "9", 62 | "10", 63 | "11", 64 | "12" 65 | ] 66 | } 67 | ], 68 | "requirements": [ 69 | { 70 | "name": "puppet", 71 | "version_requirement": ">= 7.0.0 < 9.0.0" 72 | } 73 | ], 74 | "tags": [ 75 | "graylog2", 76 | "graylog", 77 | "logging", 78 | "logs", 79 | "events", 80 | "elasticsearch", 81 | "opensearch", 82 | "mongodb" 83 | ], 84 | "pdk-version": "3.0.0", 85 | "template-url": "pdk-default#3.0.0", 86 | "template-ref": "tags/3.0.0-0-g056e50d" 87 | } 88 | -------------------------------------------------------------------------------- /pdk.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | ignore: [] 3 | -------------------------------------------------------------------------------- /provision.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | default: 3 | provisioner: docker 4 | images: 5 | - litmusimage/ubuntu:22.04 6 | - litmusimage/debian:11 7 | - litmusimage/debian:12 8 | - litmusimage/rockylinux:8 9 | - litmusimage/rockylinux:9 10 | - litmusimage/almalinux:8 11 | - litmusimage/almalinux:9 12 | debian: 13 | provisioner: docker 14 | images: 15 | - litmusimage/ubuntu:22.04 16 | - litmusimage/debian:11 17 | - litmusimage/debian:12 18 | redhat: 19 | provisioner: docker 20 | images: 21 | - litmusimage/rockylinux:8 22 | - litmusimage/rockylinux:9 23 | - litmusimage/almalinux:8 24 | - litmusimage/almalinux:9 25 | single: 26 | provisioner: docker 27 | images: 28 | - litmusimage/ubuntu:22.04 29 | -------------------------------------------------------------------------------- /spec/acceptance/integration_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'spec_helper_acceptance' 4 | 5 | describe 'init class' do 6 | context 'applying graylog server class works' do 7 | let(:pp) do 8 | <<-CODE 9 | class { 'graylog::repository': 10 | version => '6.1' 11 | } 12 | -> class { 'graylog::server': 13 | config => { 14 | 'password_secret' => 'super secret secret', 15 | 'root_password_sha2' => '9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08', 16 | } 17 | } 18 | CODE 19 | end 20 | 21 | it 'behaves idempotently' do 22 | idempotent_apply(pp) 23 | end 24 | 25 | if os[:family] == 'redhat' 26 | 27 | # Ensure the yum repo exists and is enabled 28 | describe yumrepo('graylog') do 29 | it { is_expected.to exist } 30 | it { is_expected.to be_enabled } 31 | end 32 | 33 | # Ensure the package is found 34 | describe command('dnf -q search graylog-server') do 35 | its(:stdout) { is_expected.to match(%r{Name Exactly Matched: graylog\-server}) } 36 | its(:exit_status) { is_expected.to eq 0 } 37 | end 38 | 39 | describe file('/etc/sysconfig/graylog-server') do 40 | it { is_expected.to be_file } 41 | its(:content) { is_expected.to match(%r{\-Xms1g}) } 42 | its(:content) { is_expected.to match(%r{\-Xmx1g}) } 43 | its(:content) { is_expected.to match(%r{GRAYLOG_SERVER_ARGS=""}) } 44 | end 45 | elsif ['debian', 'ubuntu'].include?(os[:family]) 46 | 47 | # Ensure the repo exists on the filesystem 48 | describe file('/etc/apt/sources.list.d/graylog.list') do 49 | it { is_expected.to be_file } 50 | its(:content) { is_expected.to match(%r{https://downloads.graylog.org/repo/debian}) } 51 | end 52 | 53 | # Ensure the package is found 54 | describe command('apt-cache search graylog-server') do 55 | its(:stdout) { is_expected.to match(%r{graylog-server - Graylog server}) } 56 | its(:exit_status) { is_expected.to eq 0 } 57 | end 58 | 59 | # Ensure the environment vars file is present on disk and looks correct 60 | describe file('/etc/default/graylog-server') do 61 | it { is_expected.to be_file } 62 | its(:content) { is_expected.to match(%r{\-Xms1g}) } 63 | its(:content) { is_expected.to match(%r{\-Xmx1g}) } 64 | its(:content) { is_expected.to match(%r{GRAYLOG_SERVER_ARGS=""}) } 65 | end 66 | end 67 | 68 | describe package('graylog-server') do 69 | it { is_expected.to be_installed } 70 | end 71 | 72 | describe file('/etc/graylog/server/server.conf') do 73 | it { is_expected.to be_file } 74 | its(:content) { is_expected.to match(%r{root_password_sha2\s\=\s[a-f0-9]{64}}) } 75 | end 76 | end 77 | end 78 | -------------------------------------------------------------------------------- /spec/classes/init_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'spec_helper' 4 | 5 | describe 'graylog' do 6 | on_supported_os.each do |os, os_facts| 7 | context "on #{os}" do 8 | let(:facts) { os_facts } 9 | 10 | it { 11 | is_expected.to compile.and_raise_error(%r{use the \"graylog::server\" class}) 12 | } 13 | end 14 | end 15 | end 16 | -------------------------------------------------------------------------------- /spec/classes/params_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'spec_helper' 4 | 5 | describe 'graylog::params' do 6 | on_supported_os.each do |os, os_facts| 7 | context "on #{os}" do 8 | let(:facts) { os_facts } 9 | 10 | it { is_expected.to compile.with_all_deps } 11 | end 12 | end 13 | end 14 | -------------------------------------------------------------------------------- /spec/classes/repository_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'spec_helper' 4 | 5 | describe 'graylog::repository' do 6 | on_supported_os.each do |os, os_facts| 7 | context "on #{os}" do 8 | let(:facts) { os_facts } 9 | 10 | it { is_expected.to compile.with_all_deps } 11 | 12 | case os_facts[:os]['family'] 13 | when 'Debian' 14 | it { 15 | is_expected.to contain_class('graylog::repository::apt') 16 | } 17 | it { 18 | is_expected.to contain_package('apt-transport-https') 19 | } 20 | it { 21 | is_expected.to contain_file('/etc/apt/trusted.gpg.d/graylog-keyring.gpg') 22 | .with_ensure('file') 23 | .with_owner('root') 24 | .with_group('root') 25 | .with_mode('0444') 26 | .with_source('puppet:///modules/graylog/graylog-keyring.gpg') 27 | .that_notifies('Exec[apt_update]') 28 | } 29 | it { 30 | is_expected.to contain_apt__source('graylog') 31 | .with_ensure('present') 32 | .with_comment('The official Graylog package repository') 33 | .with_location('https://downloads.graylog.org/repo/debian/') 34 | .with_release('stable') 35 | .with_repos('6.1') 36 | .with_include({ 'deb' => true, 'src' => false }) 37 | .that_requires( 38 | [ 39 | 'File[/etc/apt/trusted.gpg.d/graylog-keyring.gpg]', 40 | 'Package[apt-transport-https]', 41 | ], 42 | ) 43 | .that_notifies('Exec[apt_update]') 44 | } 45 | it { 46 | is_expected.to contain_file('/etc/apt/apt.conf.d/01_graylog_proxy') 47 | .with_ensure('file') 48 | } 49 | it { 50 | is_expected.to contain_file_line('Remove graylog config from apt proxy file') 51 | .with_ensure('absent') 52 | .with_path('/etc/apt/apt.conf.d/01_graylog_proxy') 53 | .with_match('graylog') 54 | .with_match_for_absence(true) 55 | .with_multiple(true) 56 | } 57 | when 'RedHat' 58 | it { 59 | is_expected.to contain_class('graylog::repository::yum') 60 | } 61 | it { 62 | is_expected.to contain_file('/etc/pki/rpm-gpg/RPM-GPG-KEY-graylog') 63 | .with_ensure('file') 64 | .with_owner('root') 65 | .with_group('root') 66 | .with_mode('0444') 67 | .with_source('puppet:///modules/graylog/RPM-GPG-KEY-graylog') 68 | } 69 | it { 70 | is_expected.to contain_yumrepo('graylog') 71 | .with_descr('The official Graylog package repository') 72 | .with_baseurl('https://downloads.graylog.org/repo/el/stable/6.1/$basearch/') 73 | .with_enabled(true) 74 | .with_gpgcheck(true) 75 | .that_requires(['File[/etc/pki/rpm-gpg/RPM-GPG-KEY-graylog]']) 76 | } 77 | end 78 | end 79 | end 80 | end 81 | -------------------------------------------------------------------------------- /spec/classes/server_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'spec_helper' 4 | 5 | describe 'graylog::server' do 6 | on_supported_os.each do |os, os_facts| 7 | context "on #{os}" do 8 | let(:facts) { os_facts } 9 | let(:params) do 10 | { 11 | 'config' => { 12 | 'password_secret' => 'super secret secret', 13 | 'root_password_sha2' => '9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08', 14 | } 15 | } 16 | end 17 | 18 | # Test that the class doesn't error when given expected params 19 | it { is_expected.to compile.with_all_deps } 20 | 21 | # Ensure that the class has the graylog-server package and that it is 22 | # installed 23 | it { 24 | is_expected.to contain_package('graylog-server') 25 | .with_ensure('installed') 26 | } 27 | 28 | # Tests that the server config is managed and has expected content 29 | it { 30 | is_expected.to contain_file('/etc/graylog/server/server.conf') 31 | .with_ensure('file') 32 | .with_owner('graylog') 33 | .with_group('graylog') 34 | .with_mode('0640') 35 | .with_content(%r{password_secret = super secret secret}) 36 | .with_content(%r{root_password_sha2\s\=\s[a-f0-9]{64}}) 37 | } 38 | 39 | # Ensure that the java params are being managed and contain expected 40 | # content 41 | case os_facts[:os]['family'] 42 | when 'Debian' 43 | it { 44 | is_expected.to contain_file('/etc/default/graylog-server') 45 | .with_ensure('file') 46 | .with_owner('graylog') 47 | .with_group('graylog') 48 | .with_mode('0640') 49 | .with_content(%r{-Xms1g}) 50 | .with_content(%r{-Xmx1g}) 51 | } 52 | when 'RedHat' 53 | it { 54 | is_expected.to contain_file('/etc/sysconfig/graylog-server') 55 | .with_ensure('file') 56 | .with_owner('graylog') 57 | .with_group('graylog') 58 | .with_mode('0640') 59 | .with_content(%r{-Xms1g}) 60 | .with_content(%r{-Xmx1g}) 61 | } 62 | end 63 | 64 | # Ensure that the service is being managed 65 | it { 66 | is_expected.to contain_service('graylog-server') 67 | .with_ensure('running') 68 | .with_enable(true) 69 | .with_hasstatus(true) 70 | .with_hasrestart(true) 71 | } 72 | end 73 | 74 | context "on #{os} without password_secret" do 75 | let(:facts) { os_facts } 76 | let(:params) do 77 | { 78 | 'config' => { 79 | 'root_password_sha2' => '9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08', 80 | } 81 | } 82 | end 83 | 84 | it { 85 | is_expected.to compile.and_raise_error(%r{Missing .*?password_secret}) 86 | } 87 | end 88 | 89 | context "on #{os} without root_password_sha2" do 90 | let(:facts) { os_facts } 91 | let(:params) do 92 | { 93 | 'config' => { 94 | 'password_secret' => 'super secret secret', 95 | } 96 | } 97 | end 98 | 99 | it { 100 | is_expected.to compile.and_raise_error(%r{Missing .*root_password_sha2}) 101 | } 102 | end 103 | 104 | context "on #{os} with invalid root_password_sha2" do 105 | let(:facts) { os_facts } 106 | let(:params) do 107 | { 108 | 'config' => { 109 | 'password_secret' => 'super secret secret', 110 | 'root_password_sha2' => 'this is an invalid hash', 111 | } 112 | } 113 | end 114 | 115 | it { 116 | is_expected.to compile.and_raise_error(%r{root_password_sha2 parameter does not look like a SHA256 checksum}) 117 | } 118 | end 119 | end 120 | end 121 | -------------------------------------------------------------------------------- /spec/default_facts.yml: -------------------------------------------------------------------------------- 1 | # Use default_module_facts.yml for module specific facts. 2 | # 3 | # Facts specified here will override the values provided by rspec-puppet-facts. 4 | --- 5 | networking: 6 | ip: "172.16.254.254" 7 | ip6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" 8 | mac: "AA:AA:AA:AA:AA:AA" 9 | is_pe: false 10 | -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | RSpec.configure do |c| 4 | c.mock_with :rspec 5 | end 6 | 7 | require 'puppetlabs_spec_helper/module_spec_helper' 8 | require 'rspec-puppet-facts' 9 | 10 | require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb')) 11 | 12 | include RspecPuppetFacts 13 | 14 | default_facts = { 15 | puppetversion: Puppet.version, 16 | facterversion: Facter.version, 17 | } 18 | 19 | default_fact_files = [ 20 | File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml')), 21 | File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml')), 22 | ] 23 | 24 | default_fact_files.each do |f| 25 | next unless File.exist?(f) && File.readable?(f) && File.size?(f) 26 | 27 | begin 28 | require 'deep_merge' 29 | default_facts.deep_merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true)) 30 | rescue StandardError => e 31 | RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" 32 | end 33 | end 34 | 35 | # read default_facts and merge them over what is provided by facterdb 36 | default_facts.each do |fact, value| 37 | add_custom_fact fact, value, merge_facts: true 38 | end 39 | 40 | RSpec.configure do |c| 41 | c.default_facts = default_facts 42 | c.before :each do 43 | # set to strictest setting for testing 44 | # by default Puppet runs at warning level 45 | Puppet.settings[:strict] = :warning 46 | Puppet.settings[:strict_variables] = true 47 | end 48 | c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT'] 49 | c.after(:suite) do 50 | RSpec::Puppet::Coverage.report!(0) 51 | end 52 | 53 | # Filter backtrace noise 54 | backtrace_exclusion_patterns = [ 55 | %r{spec_helper}, 56 | %r{gems}, 57 | ] 58 | 59 | if c.respond_to?(:backtrace_exclusion_patterns) 60 | c.backtrace_exclusion_patterns = backtrace_exclusion_patterns 61 | elsif c.respond_to?(:backtrace_clean_patterns) 62 | c.backtrace_clean_patterns = backtrace_exclusion_patterns 63 | end 64 | end 65 | 66 | # Ensures that a module is defined 67 | # @param module_name Name of the module 68 | def ensure_module_defined(module_name) 69 | module_name.split('::').reduce(Object) do |last_module, next_module| 70 | last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module, false) 71 | last_module.const_get(next_module, false) 72 | end 73 | end 74 | 75 | # 'spec_overrides' from sync.yml will appear below this line 76 | -------------------------------------------------------------------------------- /spec/spec_helper_acceptance.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'puppet_litmus' 4 | require 'spec_helper_acceptance_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_acceptance_local.rb')) 5 | 6 | PuppetLitmus.configure! 7 | -------------------------------------------------------------------------------- /templates/server/environment.epp: -------------------------------------------------------------------------------- 1 | <%- | String $java_initial_heap_size = '1g', String $java_max_heap_size = '1g', String $java_opts = "" | -%> 2 | # Path to the java executable. 3 | #JAVA=/usr/bin/java 4 | 5 | # Default Java options for heap and garbage collection. 6 | GRAYLOG_SERVER_JAVA_OPTS="-Xms<%= $java_initial_heap_size %> -Xmx<%= $java_max_heap_size %> -XX:NewRatio=1 -server -XX:+ResizeTLAB -XX:-OmitStackTraceInFastThrow" 7 | 8 | # Avoid endless loop with some TLSv1.3 implementations. 9 | GRAYLOG_SERVER_JAVA_OPTS="$GRAYLOG_SERVER_JAVA_OPTS -Djdk.tls.acknowledgeCloseNotify=true" 10 | 11 | # Additional java opts 12 | GRAYLOG_SERVER_JAVA_OPTS="$GRAYLOG_SERVER_JAVA_OPTS <%= $java_opts %>" 13 | 14 | # Pass some extra args to graylog-server. (i.e. "-d" to enable debug mode) 15 | GRAYLOG_SERVER_ARGS="" 16 | 17 | # Program that will be used to wrap the graylog-server command. Useful to 18 | # support programs like authbind. 19 | GRAYLOG_COMMAND_WRAPPER="" 20 | -------------------------------------------------------------------------------- /templates/server/graylog.conf.erb: -------------------------------------------------------------------------------- 1 | # WARNING: Maintained by Puppet, manual changes will be lost! 2 | 3 | <%= @data.keys.sort.map {|k| "#{k} = #{@data[k]}" }.join("\n") %> 4 | --------------------------------------------------------------------------------