(SUP-2817) Consider the distributed architecture of PE_XL and make log scope configurable

.devcontainer/README.md

@@ -0,0 +1,34 @@
+# devcontainer
+
+
+For format details, see https://aka.ms/devcontainer.json. 
+
+For config options, see the README at:
+https://github.com/microsoft/vscode-dev-containers/tree/v0.140.1/containers/puppet
+
+``` json
+{
+	"name": "Puppet Development Kit (Community)",
+	"dockerFile": "Dockerfile",
+
+	// Set *default* container specific settings.json values on container create.
+	"settings": {
+		"terminal.integrated.shell.linux": "/bin/bash"
+	},
+
+	// Add the IDs of extensions you want installed when the container is created.
+	"extensions": [
+		"puppet.puppet-vscode",
+		"rebornix.Ruby"
+	]
+
+	// Use 'forwardPorts' to make a list of ports inside the container available locally.
+	"forwardPorts": [],
+
+	// Use 'postCreateCommand' to run commands after the container is created.
+	"postCreateCommand": "pdk --version",
+}
+```
+
+
+

.devcontainer/devcontainer.json

@@ -1,23 +1,17 @@
-// For format details, see https://aka.ms/devcontainer.json. For config options, see the README at:
-// https://github.com/microsoft/vscode-dev-containers/tree/v0.140.1/containers/puppet
 {
 	"name": "Puppet Development Kit (Community)",
 	"dockerFile": "Dockerfile",
 
-	// Set *default* container specific settings.json values on container create.
 	"settings": {
-		"terminal.integrated.shell.linux": "/bin/bash"
+		"terminal.integrated.profiles.linux": {
+			"bash": {
+				"path": "bash",
+			}
+		}
 	},
 
-	// Add the IDs of extensions you want installed when the container is created.
 	"extensions": [
 		"puppet.puppet-vscode",
 		"rebornix.Ruby"
 	]
-
-	// Use 'forwardPorts' to make a list of ports inside the container available locally.
-	// "forwardPorts": [],
-
-	// Use 'postCreateCommand' to run commands after the container is created.
-	// "postCreateCommand": "pdk --version",
 }

.pdkignore

@@ -27,6 +27,7 @@
 /inventory.yaml
 /spec/fixtures/litmus_inventory.yaml
 /appveyor.yml
+/.editorconfig
 /.fixtures.yml
 /Gemfile
 /.gitattributes

.sync.yml

@@ -28,12 +28,12 @@ spec/spec_helper.rb:
 .gitpod.yml:
   unmanaged: false
 .github/workflows/auto_release.yml:
-  unmanaged: false
+  unmanaged: true
 .github/workflows/spec.yml:
   checks: 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop'
-  unmanaged: false
+  unmanaged: true
 .github/workflows/release.yml:
-  unmanaged: false
+  unmanaged: true
 .travis.yml:
   delete: true
 Rakefile:

README.md

@@ -49,14 +49,14 @@ Software required for the proper functioning of the RSAN will be deployed on the
 - derdanne/nfs (>= 2.1.5)
 - puppetlabs/postgresql (>= 6.6.0)
 - puppetlabs/puppet_metrics_dashboard (>= 2.3.0)
-- puppetlabs/stdlib (>= 4.5.0 < 7.0.0)
+- puppetlabs/stdlib (>= 4.5.0 < 8.1.0)
 - puppetlabs/concat (>= 1.1.2 < 7.0.0)
 - puppetlabs/transition (>= 0.1.0 < 1.0.0)
 - herculesteam/augeasproviders_core (>= 2.1.5 < 4.0.0)
 - herculesteam/augeasproviders_shellvar (>= 1.2.0 < 5.0.0)
 - puppetlabs/apt (>= 2.0.0 < 8.0.0)
-- puppet-grafana (>= 3.0.0 < 7.0.0)
-- puppet-telegraf (>= 2.0.0 < 4.0.0)
+- puppet-grafana (>= 3.0.0 < 10.0.0)
+- puppet-telegraf (>= 2.0.0 < 5.0.0)
 - puppetlabs-apt (>= 4.3.0 < 8.0.0)
 - puppetlabs-inifile (>= 2.0.0 < 5.0.0)
 - puppetlabs-puppetserver_gem (>= 1.1.1 < 3.0.0)

Rakefile

@@ -43,6 +43,7 @@ end
 
 PuppetLint.configuration.send('disable_relative')
 
+
 if Bundler.rubygems.find_name('github_changelog_generator').any?
   GitHubChangelogGenerator::RakeTask.new :changelog do |config|
     raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil?

manifests/exporter.pp

@@ -1,6 +1,7 @@
 # Sets up target nodes with nessary services and access for RSAN
 # When Applied to the Infrastruture Agent Node group, 
-# Will dynamically configure all matching nodes to allow access to key elements of Puppet Enterprise to the RSAN node
+# Will dynamically configure all matching nodes to allow
+#access to key elements of Puppet Enterprise to the RSAN node
 # @param [Array] rsan_importer_ips
 #   An array of rsan ip addresses
 #   Defaults to the output of a PuppetDB query
@@ -12,8 +13,14 @@
 #   The postgres group PE uses the default is pg_user
 # @param [Optional[String]] pg_psql_path
 #   The path to the postgres binary in pe
-# @param [Boolean] nfsmount
-#   Trigger to turn NFS Mounts On Or Off
+# @param [Boolean] nfsmount_log
+#   Trigger to turn NFS Mounts for logging On Or Off
+# @param [Boolean] nfsmount_etc
+#   Trigger to turn NFS Mounts for /etc/puppetlabs On Or Off
+# @param [Boolean] nfsmount_opt
+#   Trigger to turn NFS Mounts for /opt/puppetlabs On Or Off
+# @param [Optional[Enum]] logdir
+#   Allows the scope of logging to be narrowed
 # @example
 #   include rsan::exporter
 class rsan::exporter (
@@ -22,11 +29,15 @@
   Optional[String] $pg_user = 'pe-postgres',
   Optional[String] $pg_group = $pg_user,
   Optional[String] $pg_psql_path = '/opt/puppetlabs/server/bin/psql',
-  Boolean $nfsmount = true,
+  Enum['/var/log/', '/var/log/puppetlabs/'] $logdir = '/var/log/',
+  Boolean $nfsmount_log = true,
+  Boolean $nfsmount_etc = true,
+  Boolean $nfsmount_opt= true,
 ){
 
 ########################1.  Export Logging Function######################
-# Need to determine automatically the Network Fact IP for the RSAN::importer node automatically, applies to all infrastructure nodes
+# Need to determine automatically the Network Fact IP for the 
+#RSAN::importer node automatically, applies to all infrastructure nodes
 #########################################################################
 
 
@@ -36,12 +47,24 @@
   }
 
 
-  $ensure = $nfsmount ? {
+  $ensure_log = $nfsmount_log ? {
+    true  => 'mounted',
+    false => 'absent',
+  }
+
+  $ensure_etc = $nfsmount_etc ? {
+    true  => 'mounted',
+    false => 'absent',
+  }
+
+
+    $ensure_opt = $nfsmount_opt ? {
     true  => 'mounted',
     false => 'absent',
   }
 
 
+
 # Convert the array of RSAN IP address into an list of clients with options for the NFS export.
 # This reduce will return a string of space deliminated IP addresses with the NFS options.
 # For example, the output for ['1.2.3.4'] is " 1.2.3.4(ro,insecure,async,no_root_squash)"
@@ -53,22 +76,22 @@
   }
   $clients = "${_rsan_clients} localhost(ro)"
 
-  nfs::server::export{ '/var/log/':
-    ensure      => $ensure,
+  nfs::server::export{ $logdir:
+    ensure      => $ensure_log,
     clients     => $clients,
     mount       => "/var/pesupport/${facts['fqdn']}/log",
     options_nfs => 'tcp,nolock,rsize=32768,wsize=32768,soft,noatime,actimeo=3,retrans=1',
     nfstag      => 'rsan',
   }
   nfs::server::export{ '/opt/puppetlabs/':
-    ensure      => $ensure,
+    ensure      => $ensure_opt,
     clients     => $clients,
     mount       => "/var/pesupport/${facts['fqdn']}/opt",
     options_nfs => 'tcp,nolock,rsize=32768,wsize=32768,soft,noatime,actimeo=3,retrans=1',
     nfstag      => 'rsan',
   }
   nfs::server::export{ '/etc/puppetlabs/':
-    ensure      => $ensure,
+    ensure      => $ensure_etc,
     clients     => $clients,
     mount       => "/var/pesupport/${facts['fqdn']}/etc",
     options_nfs => 'tcp,nolock,rsize=32768,wsize=32768,soft,noatime,actimeo=3,retrans=1',
@@ -80,12 +103,13 @@
   # include puppet_metrics_dashboard::profile::master::install
   ###################################################################
 
-  if $facts['pe_server_version'] != undef {
+  if $facts['pe_server_version'] != undef and $trusted['extensions']['1.3.6.1.4.1.34380.1.1.9812'] != 'puppet/puppetdb-database' {
     include puppet_metrics_dashboard::profile::master::install
   }
 
   #####################3. RSANpostgres command access ######################
-  # Determine if node is pe_postgres host and conditionally apply Select Access for the RSAN node cert to all PE databases
+  # Determine if node is pe_postgres host and conditionally apply 
+  # Select Access for the RSAN node cert to all PE databases
   # and conditionally apply include puppet_metrics_dashboard::profile::master::postgres_access
   ######################################################################
 
@@ -127,7 +151,17 @@
         $postgres_version = '9.4'
       }
 
+  # Due to the advent of PE_XL different postgres instances contain different schemas
+  # this conditional compensates by checking for pe_xl role facts
+
+    if $trusted['extensions']['1.3.6.1.4.1.34380.1.1.9812'] == 'puppet/puppetdb-database' {
+      $dbs = ['pe-puppetdb']
+    } elsif $trusted['extensions']['1.3.6.1.4.1.34380.1.1.9812'] == 'puppet/server' {
+      $dbs = ['pe-activity', 'pe-classifier', 'pe-inventory', 'pe-rbac', 'pe-orchestrator']
+    } else {
       $dbs = ['pe-activity', 'pe-classifier', 'pe-inventory', 'pe-puppetdb', 'pe-rbac', 'pe-orchestrator']
+    }
+
       $dbs.each |$db|{
         pe_postgresql::server::database_grant { "CONNECT to rsan for ${db}":
           privilege => 'CONNECT',

manifests/remove_exporter.pp

@@ -1,6 +1,7 @@
 # @summary disables and removes services and components enabled by the exporter class
 #
-# In the event RSAN should be uninstalled on all or some of the exporter nodes, this will stop NFS service, and remove the database components if applied to a postgres node
+# In the event RSAN should be uninstalled on all or some of the exporter nodes,
+# this will stop NFS service, and remove the database components if applied to a postgres node
 #
 # @example
 #   include rsan::remove_exporter

metadata.json

@@ -22,7 +22,7 @@
     },
     {
       "name": "puppetlabs/stdlib",
-      "version_requirement": ">= 6.5.0 < 7.0.0"
+      "version_requirement": ">= 6.5.0 < 9.0.0"
     }
   ],
   "operatingsystem_support": [
@@ -61,7 +61,7 @@
       "version_requirement": ">= 6.16.0 < 8.0.0"
     }
   ],
-  "pdk-version": "2.1.0",
+  "pdk-version": "2.3.0",
   "template-url": "https://github.com/puppetlabs/pdk-templates#main",
-  "template-ref": "heads/main-0-ge04486b"
+  "template-ref": "tags/2.3.0-0-g8aaceff"
 }

pdk.yaml

@@ -0,0 +1,2 @@
+---
+ignore: []

spec/spec_helper.rb

@@ -48,6 +48,18 @@
   c.after(:suite) do
     RSpec::Puppet::Coverage.report!(0)
   end
+
+  # Filter backtrace noise
+  backtrace_exclusion_patterns = [
+    %r{spec_helper},
+    %r{gems},
+  ]
+
+  if c.respond_to?(:backtrace_exclusion_patterns)
+    c.backtrace_exclusion_patterns = backtrace_exclusion_patterns
+  elsif c.respond_to?(:backtrace_clean_patterns)
+    c.backtrace_clean_patterns = backtrace_exclusion_patterns
+  end
 end
 
 # Ensures that a module is defined

tasks/supportuser.sh

@@ -1,4 +1,5 @@
 #!/bin/sh
+# shellcheck disable=2046
 
 # Puppet Task Name: supportuser
 #