Showing with 72 additions and 23 deletions.

+9 −0 CHANGELOG.md

+2 −0 README.md

+21 −21 REFERENCE.md

+32 −0 lib/facter/pe_status_check.rb

+1 −1 metadata.json

+7 −1 spec/acceptance/pe_status_check_spec.rb
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,15 @@
 
 All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org).
 
+## [v2.6.0](https://github.com/puppetlabs/puppetlabs-pe_status_check/tree/v2.6.0) (2023-01-23)
+
+[Full Changelog](https://github.com/puppetlabs/puppetlabs-pe_status_check/compare/v2.5.1...v2.6.0)
+
+### Added
+
+- \(SUP-3703\) Add indicator S0044 node\_terminus is the PE classifier [\#181](https://github.com/puppetlabs/puppetlabs-pe_status_check/pull/181) ([taikaa](https://github.com/taikaa))
+- \(SUP-3696\) Added S0043 to determine whether there are nodes with Puppet agent versions ahead of the primary server [\#180](https://github.com/puppetlabs/puppetlabs-pe_status_check/pull/180) ([taikaa](https://github.com/taikaa))
+
 ## [v2.5.1](https://github.com/puppetlabs/puppetlabs-pe_status_check/tree/v2.5.1) (2022-11-10)
 
 [Full Changelog](https://github.com/puppetlabs/puppetlabs-pe_status_check/compare/v2.5.0...v2.5.1)

diff --git a/README.md b/README.md
@@ -266,6 +266,8 @@ Refer  below for next steps when any indicator reports a `false`.
 | S0040        | Determines if PE is collecting system metrics.                    | If system metrics are not collected by default, the sysstat package is not installed on the impacted PE infrastructure component. Install the package and set the parameter `puppet_enterprise::enable_system_metrics_collection` to true. [See the documentation.](https://puppet.com/docs/pe/latest/getting_support_for_pe.html#puppet_metrics_collector)                                                                   | After system metrics are configured, you do not see any files in `/var/log/sa` or if the `/var/log/sa` directory does not exist, open a Support ticket.                                                 |
 | S0041        | Determines if the pxp broker on a compiler  has an established connection to another pxp broker  | To resolve a connection issue from a compiler to a pcp broker examine the following log `/var/log/puppetlabs/puppetserver/pcp-broker.log` for an explanation, Compilers should be attempting to make a connection to port 8143 on the primary server, ssl can not be terminated on a network appliance and must passthrough directly to the primary server. Ensure the connnection attempt is not to another compiler in the pool            | If unable to make a connection to a broker, raise a ticket with the support team quoting S0041 and attaching the file `/var/log/puppetlabs/puppetserver/pcp-broker.log` along with the conclusions of your investigation so far            |
 | S0042        |Determines if the pxp-agent has an established connection to a pxp broker                   | Ensure the pxp-agent service is running. Check S0002 can make that determination. if running check  `/var/log/puppetlabs/pxp-agent/pxp-agent.log` (on *nix) or `C:/ProgramData/PuppetLabs/pxp-agent/var/log/pxp-agent.log` (on Windows), for connection issues, first ensuring the agent is connecting to the proper endpoint, for example, a compiler and not the primary. This fact can also be used as a target filter for running tasks, ensuring time is not wasted sending instructions to agents not connected to a broker                   | If unable to make a connection to a broker, raise a ticket with the support team quoting S0042 and attaching the file  `/var/log/puppetlabs/pxp-agent/pxp-agent.log` (on *nix) or `C:/ProgramData/PuppetLabs/pxp-agent/var/log/pxp-agent.log` (on Windows), along with the conclusions of your investigation so far             |
+| S0043        |Determines if there are nodes with Puppet agent versions ahead of the primary server                    | Agent nodes should not be running Puppet agent versions ahead of infrastructure nodes. Instead consider upgrading PE so that PE package management contains the desired Puppet agent version. See the [upgrading PE](https://puppet.com/docs/pe/latest/upgrading_pe.html) and [upgrading agents](https://puppet.com/docs/latest/upgrading_agents.html) documentation for more information.                 | If you are unable to determine why the indicator is evaluating to `false` or have questions about Puppet agent versions, open a support ticket and reference S0043.            |
+| S0044        |Determines if Puppet Servers are using the the PE classifier for the node data plugin (node terminus)                    | Due to performance optimizations, it is recommended to use the PE classifier plugin instead of external node classifier (ENC) scripts or applications. See the [node_terminus configuration setting documentation](https://www.puppet.com/docs/puppet/7/configuration.html#node-terminus) for more information.                 | If you have additional questions about the node_terminus configuration setting, open a support ticket and reference S0044.            |
 
 ### Fact: agent_status_check
 

diff --git a/REFERENCE.md b/REFERENCE.md
@@ -7,14 +7,14 @@
 ### Classes
 
 * [`pe_status_check`](#pe_status_check): This class should be enabled if you wish Puppet to notify when pe_status_check indicators are not at optimal values
-* [`pe_status_check::agent_status_enable`](#pe_status_checkagent_status_enable): Enables the execution of agent_status_check fact
+* [`pe_status_check::agent_status_enable`](#pe_status_check--agent_status_enable): Enables the execution of agent_status_check fact
 
 ### Plans
 
-* [`pe_status_check::agent_summary`](#pe_status_checkagent_summary): Summary report if the state of agent_status_check on each node
+* [`pe_status_check::agent_summary`](#pe_status_check--agent_summary): Summary report if the state of agent_status_check on each node
 Uses the facts task to get the current status from each node
 and produces a summary report in JSON
-* [`pe_status_check::infra_summary`](#pe_status_checkinfra_summary): Summary report if the state of pe_status check on each node
+* [`pe_status_check::infra_summary`](#pe_status_check--infra_summary): Summary report if the state of pe_status check on each node
 Uses the facts task to get the current status from each node
 and produces a summary report in JSON
 
@@ -37,17 +37,17 @@ include pe_status_check
 
 The following parameters are available in the `pe_status_check` class:
 
-* [`indicator_exclusions`](#indicator_exclusions)
+* [`indicator_exclusions`](#-pe_status_check--indicator_exclusions)
 
-##### <a name="indicator_exclusions"></a>`indicator_exclusions`
+##### <a name="-pe_status_check--indicator_exclusions"></a>`indicator_exclusions`
 
 Data type: `Array[String[1]]`
 
 List of disabled indicators, place any indicator ids you do not wish to report on in this list
 
 Default value: `[]`
 
-### <a name="pe_status_checkagent_status_enable"></a>`pe_status_check::agent_status_enable`
+### <a name="pe_status_check--agent_status_enable"></a>`pe_status_check::agent_status_enable`
 
 Adding this class will enable the execution of the agent_status_check fact,
 This allows the fact to be targeted to a specific agent or group of agents
@@ -64,19 +64,19 @@ include pe_status_check::agent_status_enable
 
 The following parameters are available in the `pe_status_check::agent_status_enable` class:
 
-* [`agent_status_enabled`](#agent_status_enabled)
+* [`agent_status_enabled`](#-pe_status_check--agent_status_enable--agent_status_enabled)
 
-##### <a name="agent_status_enabled"></a>`agent_status_enabled`
+##### <a name="-pe_status_check--agent_status_enable--agent_status_enabled"></a>`agent_status_enabled`
 
 Data type: `Boolean`
 
 Flag to enable or disable agent_status_check fact
 
-Default value: ``true``
+Default value: `true`
 
 ## Plans
 
-### <a name="pe_status_checkagent_summary"></a>`pe_status_check::agent_summary`
+### <a name="pe_status_check--agent_summary"></a>`pe_status_check::agent_summary`
 
 Summary report if the state of agent_status_check on each node
 Uses the facts task to get the current status from each node
@@ -86,27 +86,27 @@ and produces a summary report in JSON
 
 The following parameters are available in the `pe_status_check::agent_summary` plan:
 
-* [`targets`](#targets)
-* [`indicator_exclusions`](#indicator_exclusions)
+* [`targets`](#-pe_status_check--agent_summary--targets)
+* [`indicator_exclusions`](#-pe_status_check--agent_summary--indicator_exclusions)
 
-##### <a name="targets"></a>`targets`
+##### <a name="-pe_status_check--agent_summary--targets"></a>`targets`
 
 Data type: `Optional[TargetSpec]`
 
 A comma seprated list of FQDN's of Puppet agent nodes
 Defaults to using a PuppetDB query to identify nodes
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="indicator_exclusions"></a>`indicator_exclusions`
+##### <a name="-pe_status_check--agent_summary--indicator_exclusions"></a>`indicator_exclusions`
 
 Data type: `Array[String[1]]`
 
 List of disabled indicators, place any indicator ids you do not wish to report on in this list
 
 Default value: `[]`
 
-### <a name="pe_status_checkinfra_summary"></a>`pe_status_check::infra_summary`
+### <a name="pe_status_check--infra_summary"></a>`pe_status_check::infra_summary`
 
 Summary report if the state of pe_status check on each node
 Uses the facts task to get the current status from each node
@@ -116,19 +116,19 @@ and produces a summary report in JSON
 
 The following parameters are available in the `pe_status_check::infra_summary` plan:
 
-* [`targets`](#targets)
-* [`indicator_exclusions`](#indicator_exclusions)
+* [`targets`](#-pe_status_check--infra_summary--targets)
+* [`indicator_exclusions`](#-pe_status_check--infra_summary--indicator_exclusions)
 
-##### <a name="targets"></a>`targets`
+##### <a name="-pe_status_check--infra_summary--targets"></a>`targets`
 
 Data type: `Optional[TargetSpec]`
 
 A comma seprated list of FQDN's of Puppet infrastructure agent nodes
 Defaults to using a PuppetDB query to identify nodes
 
-Default value: ``undef``
+Default value: `undef`
 
-##### <a name="indicator_exclusions"></a>`indicator_exclusions`
+##### <a name="-pe_status_check--infra_summary--indicator_exclusions"></a>`indicator_exclusions`
 
 Data type: `Array[String[1]]`
 

diff --git a/lib/facter/pe_status_check.rb b/lib/facter/pe_status_check.rb
@@ -500,4 +500,36 @@
     Facter.debug(e.backtrace)
     { S0042: false }
   end
+
+  chunk(:S0043) do
+    # Are there nodes with Puppet agent versions ahead of the primary server's agent version
+    next unless ['primary'].include?(Facter.value('pe_status_check_role'))
+    primary_agent_version = Gem::Version.new(Facter.value(:aio_agent_version))
+    response = PEStatusCheck.http_get('/analytics/v1/collections/snapshots', 8140)
+    if response
+      # assume the indicator should be true unless we encounter a higher version number in the API response
+      no_versions_greater_than_primary = true
+      begin
+        versions = response.dig(0, 'aio-agent-versions', 'value')
+        versions.each do |version|
+          next unless Gem::Version.new(version.dig('version')) > primary_agent_version
+          # upon the first occurence of a higher version number set the indicator to false and break
+          no_versions_greater_than_primary = false
+          break
+        end
+      rescue StandardError
+        { S0043: false }
+      end
+      { S0043: no_versions_greater_than_primary }
+    else
+      # no response from the analytics API
+      { S0043: false }
+    end
+  end
+
+  chunk(:S0044) do
+    next unless ['primary', 'legacy_primary', 'replica', 'pe_compiler', 'legacy_compiler'].include?(Facter.value('pe_status_check_role'))
+    classifier_is_node_terminus = (Puppet.settings.set_in_section(:node_terminus, :master) == 'classifier') || (Puppet.settings.set_in_section(:node_terminus, :server) == 'classifier')
+    { S0044: classifier_is_node_terminus }
+  end
 end
diff --git a/metadata.json b/metadata.json
@@ -1,6 +1,6 @@
 {
   "name": "puppetlabs-pe_status_check",
-  "version": "2.5.1",
+  "version": "2.6.0",
   "author": "Marty Ewings",
   "summary": "A Puppet Enterprise Module to Promote Preventative Maintenance and Self Service",
   "license": "Apache-2.0",

diff --git a/spec/acceptance/pe_status_check_spec.rb b/spec/acceptance/pe_status_check_spec.rb
@@ -16,7 +16,7 @@
     # Test Confirms all facts are false which is another indicator the class is performing correctly
     describe 'check no pe_status_check fact is false' do
       it 'if idempotent all facts should be true' do
-        expect(host_inventory['facter']['pe_status_check'].size).to eq(37)
+        expect(host_inventory['facter']['pe_status_check'].size).to eq(39)
         expect(host_inventory['facter']['pe_status_check'].filter { |_k, v| !v }).to be_empty
       end
     end
@@ -345,6 +345,12 @@ class {'pe_status_check':
         expect(result.stdout).to match(%r{false})
         run_shell('systemctl start pe-orchestration-services')
       end
+      it 'if S0044 conditions for false are met' do
+        run_shell('puppet config set --section master node_terminus exec')
+        result = run_shell('facter -p pe_status_check.S0044')
+        expect(result.stdout).to match(%r{false})
+        run_shell('puppet config set --section master node_terminus classifier')
+      end
     end
   end
 end