This commit is contained in:
2024-08-07 16:58:05 +02:00
parent d535ed41ac
commit f0d3f994d5
+6 -6
View File
@@ -13,7 +13,7 @@ Other optional environments can be arbitrarily created and immediately used unde
At https://puppet01.psi.ch/ , a small web app to delete server side certificates is made available. The authentication uses LDAP against the AD, but access rights are granted from the /etc/httpd/conf.d/ssl.conf
# Branches
## Branches
You can create a branch to develop new code from the master branch of the puppet repository. To test the code, a directory with the same name as the branch can be created at puppet01:/srv/puppet/code/dev/envs/ . Upon creating the directory, preprod gets rsynced in here. If the branch alrady exists and if it's to be pulled, that can be done via the command:
@@ -27,11 +27,11 @@ This can then be tested on any controlled host by running:
puppet agent -t --environment=xyz
```
# Merge Process
## Merge Process
Merge meetings are usually held weekly. To record the meeting a https://git.psi.ch/linux-infra/org/wikis/meeting_reports/YYYY-MM-DD page is to be created based on the https://git.psi.ch/linux-infra/org/wikis/merge-meeting-guidelines template.
# Modules
## Modules
The modules, which are not part of the base repo are to be pulled into /srv/puppet/code/dev/envs/(pre)prod/code/modules/
@@ -47,13 +47,13 @@ The solution is to always run librarian with the lock file removed:
This way the latest commit will be pulled for all incorrectly defined modules.
# Hiera / data-xxx
## Hiera / data-xxx
The data-xxx repositories have a webhook configured that points to http://puppet01.psi.ch/events/dataupdate
The triggered webhook code can be found on puppet01 at /var/www/webhook/app/webhook.py
This webhook checks out the data repositories in /srv/puppet/data
# PuppetDB
## PuppetDB
To be able to talk to the PuppetDB we need a (client) certificate (including the key) accepted by the Puppet server
for authentication. On Puppet-enabled nodes the node's certificate works, i.e.:
@@ -74,7 +74,7 @@ There are several API endpoints that can be queried, e.g. `/pdb/query/v4` (note
`/` at the end), or `/pdb/query/v4/nodes`.
## Examples
### Examples
```bash
# define a function to simplify the queries