Find file
Fetching contributors…
Cannot retrieve contributors at this time
74 lines (58 sloc) 2.36 KB

Puppet Sync

This project provides a script to synchronize you manifests from a GIT
repository to your Puppet master.


   puppet-sync -b BRANCH [options]
   puppet-sync -s [options]
    -b, --branch BRANCH     Mandatory; specify the git branch to clone.
    -d, --deploy DIR        Specify the directory to deploy to.
    -D, --delete            Remove the specified branch from the deployment directory.
    -r, --repository URL    Git url for the repository.
    -s, --submodules-enabled SUBMODULES Comma-separated list of submodules to
                                        update. If not specified, all submodules
                                        in the repo will be updated.
    Common options:
    -V, --version           Display the script version.
    -v, --verbose           Be more verbose.
    -h, --help              Show this message

To sync a specific branch, to specific location, from a specific repository run the
script with the following arguments:

  puppet-sync --branch master \
              --deploy /etc/puppet/environments \
              --repository ssh+git://git/puppet.git

Git Hook

I usually call this script from a GIT hook. If your GIT repository is located
on a different server as your Puppet master, you will need to ensure that
a certain user can login to your Puppet server, without manual interactions.
I use the “puppet” user for this purpose.

  # change to the user and generate a key
  sudo -u puppet ssh-keygen -t rsa -b 4096 -f ~puppet/.ssh/id_rsa

  # copy the public key file to your puppetmaster server (where you have already
  # created the puppet user)
  ssh server 'cat - >> ~puppet/.ssh/authorized_keys' < ~puppet/.ssh/

Now you need to add the following to the Git hook file:

  # File: /git/puppet.git/hooks/post-update

  SSH_ARGS="-i /path/to/privatekey"

  while read oldrev newrev refname
    BRANCH=`echo $refname | sed -n 's/^refs\/heads\///p'`
    [ "$newrev" -eq 0 ] 2> /dev/null && DELETE='--delete' || DELETE=''

      --branch "$BRANCH" \
      --repository "$REPO" \
      --deploy "$DEPLOY" \