Update logic for PE 2015.x (again)

Some day I will get this right.

It looks like leaving the keys/ directory and hiera.yaml in the codedir
on recent puppet versions causes issues. Also the confdir/datadir
default needs to change on recent versions of puppet. So a major release
is needed :(

.fixtures.yml

@@ -3,3 +3,4 @@ fixtures:
     "hiera": "#{source_dir}"
   repositories:
     "stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib.git"
+    "inifile": "git://github.com/puppetlabs/puppetlabs-inifile.git"

CHANGELOG.md

@@ -1,6 +1,28 @@
 # Change log
 All notable changes to this project will be documented in this file.
 
+## [2.0.0]
+### Changes:
+- eyaml keys/ directory moved from `/etc/puppetlabs/code/keys` to
+  `/etc/puppetlabs/puppet/keys` on PE > 3.x. You should move you keys directory
+  when upgrading.
+- `hiera::hiera_yaml` default changed from `/etc/puppetlabs/code/hiera.yaml` to
+  `/etc/puppetlabs/puppet/hiera.yaml` on Puppet >= 4.x. The hiera\_yaml puppet
+  config setting in puppet.conf should be updated when upgrading; see
+  `hiera::puppet_conf_manage`
+- `hiera::datadir` default changed from `/etc/puppetlabs/puppet/hieradata` to
+  `/etc/puppetlabs/code/environments/%{::environment}/hieradata` on puppet
+  versions >= 4. Verify that this is your prefered value when upgrading.
+
+### Features:
+- No longer using exec resources to install eyaml on puppet versions >= 4!
+- Add `hiera::puppet_conf_manage` parameter to manage `hiera_conf` puppet.conf setting
+- Add `hiera::keysdir` parameter for putting the keys somewhere other than $confdir/keys
+
+### Bugfixes:
+- Fix hiera.yaml and keys/ directory being overwritten by file sync on PE 2015.x
+- Fix eyaml package provider detection on puppet versions >= 4
+
 ## [1.4.1] - 2016-01-08
 ### Bugfixes:
 - Fix rubocop linting
@@ -98,6 +120,7 @@ All notable changes to this project will be documented in this file.
 ### Bugfixes:
 - Only ensure datadir if it does not have `%{.*}`
 
+[2.0.0]: https://github.com/hunner/puppet-hiera/compare/1.4.1...2.0.0
 [1.4.1]: https://github.com/hunner/puppet-hiera/compare/1.4.0...1.4.1
 [1.4.0]: https://github.com/hunner/puppet-hiera/compare/1.3.2...1.4.0
 [1.3.2]: https://github.com/hunner/puppet-hiera/compare/1.3.1...1.3.2

Gemfile

@@ -1,15 +1,20 @@
 source "https://rubygems.org"
 
+if puppetversion = ENV['PUPPET_GEM_VERSION']
+  gem 'puppet', puppetversion, :require => false
+else
+  gem 'puppet', :require => false
+end
+
 group :test do
   gem "rake"
-  gem "puppet", ENV['PUPPET_GEM_VERSION'] || '~> 3.8.0'
-  gem "rspec", '< 3.2.0'
-  gem "rspec-puppet", :git => 'https://github.com/rodjek/rspec-puppet.git'
+  gem "rspec"
+  gem "rspec-puppet"
   gem "puppetlabs_spec_helper"
   gem "metadata-json-lint"
   gem "rspec-puppet-facts"
-  gem 'rubocop', '0.33.0'
-  gem 'simplecov', '>= 0.11.0'
+  gem 'rubocop'
+  gem 'simplecov'
   gem 'simplecov-console'
 
   gem "puppet-lint-absolute_classname-check"

README.md

@@ -25,9 +25,10 @@ This module configures [Hiera](https://github.com/puppetlabs/hiera) for Puppet.
 - /etc/hiera.yaml for symlink
 
 ### Setup requirements
-If you are using Puppet Enterprise and the eyaml backend, you will need the [puppetlabs-pe_gem](https://forge.puppetlabs.com/puppetlabs/pe_gem) module to install the eyaml gem using PE's gem command. If you are using a PE version with puppetserver (3.7 and later) you will also need the [puppetlabs-pe_puppetserver_gem](https://forge.puppetlabs.com/puppetlabs/pe_puppetserver_gem) module.
-
-Otherwise you just need puppet.
+If you are using the eyaml backend on:
+* Puppet Enterprise 3.3 or earlier then you will need the [puppetlabs-pe_gem](https://forge.puppetlabs.com/puppetlabs/pe_gem) module to install the eyaml gem using PE's gem command.
+* Puppet Enterprise 3.7 or 3.8 then you will need the [puppetlabs-pe_puppetserver_gem](https://forge.puppetlabs.com/puppetlabs/pe_puppetserver_gem) module.
+* Puppet Enterprise 2015.x or FOSS puppetserver then you will need the [puppetlabs-puppetserver_gem](https://forge.puppetlabs.com/puppetlabs/puppetserver_gem) module.
 
 ### Beginning with hiera
 
@@ -118,6 +119,7 @@ The following parameters are available for the hiera class:
   Default: `['yaml']`
 * `hiera_yaml`  
   The path to the hiera config file.  
+  **Note**: Due to a bug, hiera.yaml is not placed in the codedir. Your puppet.conf `hiera_config` setting must match the configured value; see also `hiera::puppet_conf_manage`
   Default:
     * `'/etc/puppet/hiera.yaml'` for Puppet Open Source
     * `'/etc/puppetlabs/puppet/hiera.yaml'` for Puppet Enterprise
@@ -128,7 +130,8 @@ The following parameters are available for the hiera class:
   The path to the directory where hiera will look for databases.  
   Default:
     * `'/etc/puppet/hieradata'` for Puppet Open Source
-    * `'/etc/puppetlabs/puppet/hieradata'` for Puppet Enterprise
+    * `'/etc/puppetlabs/puppet/hieradata'` for PE Puppet < 4
+    * `'/etc/puppetlabs/code/environments/%{::environment}/hieradata'` for Puppet >= 4
 * `datadir_manage`  
   Whether to create and manage the datadir as a file resource.  
   Default: `true`
@@ -143,7 +146,7 @@ The following parameters are available for the hiera class:
     * `'puppet'` for Puppet Open Source
     * `'pe-puppet'` for Puppet Enterprise
 * `eyaml`  
-  Whether to install, configure, and enable [the eyaml backend][eyaml].  
+  Whether to install, configure, and enable [the eyaml backend][eyaml]. Also see the provider and masterservice parameters.  
   Default: `false`
 * `eyaml_datadir`  
   The path to the directory where hiera will look for databases with the eyaml backend.  
@@ -155,8 +158,8 @@ The following parameters are available for the hiera class:
   The version of hiera-eyaml to install. Accepts 'installed', 'latest', '2.0.7', etc  
   Default: `undef`
 * `confdir`  
-  The path to Puppet's confdir.  
-  Default:
+  The path to Puppet's confdir.
+  Default: `$::settings::confdir` which should be the following:
     * `'/etc/puppet'` for Puppet Open Source
     * `'/etc/puppetlabs/puppet'` for Puppet Enterprise
 * `logger`  
@@ -182,6 +185,20 @@ The following parameters are available for the hiera class:
   Arbitrary YAML content to append to the end of the hiera.yaml config file.  
   This is useful for configuring backend-specific parameters.  
   Default: `''`
+* `keysdir`
+  Directory for hiera to manage for eyaml keys.
+  Default: `$confdir/keys`
+* `puppet_conf_manage`
+  Whether to manage the puppet.conf `hiera_config` value or not.
+  Default: `true`
+* `provider`  
+  Which provider to use to install hiera-eyaml. Can be `puppetserver_gem` (PE 2015.x), `pe_puppetserver_gem` (PE 3.7 and 3.8), `pe_gem` (PE pre-3.7), `puppet_gem` (FOSS using puppet's gem), or `gem` (FOSS using system's gem)
+  **Note**: hunner-hiera cannot detect FOSS puppetserver AIO and you must pass `provider => 'puppetserver_gem'` for that to work. See also masterservice.
+  Default: Depends on puppet version detected as specified above.
+* `masterservice`  
+  The service name of the master to restart after package installation or hiera.yaml changes.  
+  **Note**: You must pass `masterservice => 'puppetserver'` for FOSS puppetserver  
+  Default: 'pe-puppetserver' for PE 2015.x, otherwise 'puppetmaster'
 
 [eyaml]: https://github.com/TomPoulton/hiera-eyaml
 

manifests/eyaml.pp

@@ -10,16 +10,16 @@
 #
 # Copyright (C) 2014 Terri Haber, unless otherwise noted.
 #
-class hiera::eyaml (
-  $provider      = $hiera::provider,
-  $owner         = $hiera::owner,
-  $group         = $hiera::group,
-  $cmdpath       = $hiera::cmdpath,
-  $confdir       = $hiera::confdir,
-  $create_keys   = $hiera::create_keys,
-  $eyaml_version = $hiera::eyaml_version,
-  $gem_source    = $hiera::gem_source,
-) inherits hiera::params {
+class hiera::eyaml {
+  $provider      = $hiera::provider
+  $owner         = $hiera::owner
+  $group         = $hiera::group
+  $cmdpath       = $hiera::cmdpath
+  $confdir       = $hiera::confdir
+  $create_keys   = $hiera::create_keys
+  $_keysdir      = $hiera::_keysdir
+  $eyaml_version = $hiera::eyaml_version
+  $gem_source    = $hiera::gem_source
 
   $package_ensure = $eyaml_version ? {
     undef   => 'installed',
@@ -28,8 +28,6 @@
   if $provider == 'pe_puppetserver_gem' {
     Exec {
       path => [
-        '/opt/puppetlabs/server/bin',
-        '/opt/puppetlabs/puppet/bin',
         '/opt/puppet/bin',
         '/usr/bin',
         '/bin',
@@ -41,57 +39,64 @@
       Exec['install puppetserver gem hiera-eyaml'],
     ]
 
-    if $::pe_server_version {
-      # PE 2015
-      $vendored_gem_creates = '/opt/puppetlabs/puppet/bin/eyaml'
-      $puppetserver_gem_creates = '/opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml'
-    } else {
-      $vendored_gem_creates = '/opt/puppet/bin/eyaml'
-      $puppetserver_gem_creates = '/var/opt/lib/pe-puppet-server/jruby-gems/bin/eyaml'
-    }
-
     # The puppetserver gem wouldn't install the commandline util, so we do
-    # that here
-    #XXX Pre-puppet 4.0.0 version (PUP-1073)
+    # that here (PUP-1073)
     #BUG This can't actually update the gem version if already installed.
     if $eyaml_version and $eyaml_version =~ /^\d+\.\d+\.\d+$/ {
       $gem_flag = "--version ${eyaml_version}"
     } else {
       $gem_flag = undef
     }
-    #XXX Post-puppet 4.0.0
-    #package { 'hiera-eyaml command line':
-    #  ensure   => installed,
-    #  name     => 'hiera-eyaml',
-    #  provider => 'pe_gem',
-    #  source   => $gem_source,
-    #}
 
     exec { 'install ruby gem hiera-eyaml':
       command => "gem install hiera-eyaml ${gem_flag}",
-      creates => $vendored_gem_creates,
+      creates => '/opt/puppet/bin/eyaml',
     }
 
     exec { 'install puppetserver gem hiera-eyaml':
       command => "puppetserver gem install hiera-eyaml ${gem_flag}",
-      creates => $puppetserver_gem_creates,
-      notify  => Service[$hiera::master_service],
+      creates => '/var/opt/lib/pe-puppet-server/jruby-gems/bin/eyaml',
     }
+    $master_subscribe = Exec['install puppetserver gem hiera-eyaml']
+  } elsif $provider == 'puppetserver_gem' {
+    $hiera_package_depedencies = [
+      Package['hiera-eyaml'],
+      Package['puppetserver hiera-eyaml'],
+    ]
+    package { 'puppetserver hiera-eyaml':
+      ensure   => $package_ensure,
+      name     => 'hiera-eyaml',
+      provider => $provider,
+      source   => $gem_source,
+    }
+    package { 'hiera-eyaml':
+      ensure   => $package_ensure,
+      provider => 'puppet_gem',
+      source   => $gem_source,
+    }
+    $master_subscribe = [
+      Package['hiera-eyaml'],
+      Package['puppetserver hiera-eyaml']
+    ]
   } else {
     $hiera_package_depedencies = Package['hiera-eyaml']
     package { 'hiera-eyaml':
       ensure   => $package_ensure,
       provider => $provider,
       source   => $gem_source,
     }
+    $master_subscribe = Package['hiera-eyaml']
+  }
+  Service <| title == $hiera::master_service |> {
+    subscribe +> $master_subscribe,
   }
 
   File {
     owner => $owner,
     group => $group,
   }
 
-  file { "${confdir}/keys":
+  file { $_keysdir:
     ensure => directory,
   }
 

manifests/init.pp

@@ -39,28 +39,35 @@
 # Copyright (C) 2014 Terri Haber, unless otherwise noted.
 #
 class hiera (
-  $hierarchy       = [],
-  $backends        = ['yaml'],
-  $hiera_yaml      = $hiera::params::hiera_yaml,
-  $create_symlink  = true,
-  $datadir         = $hiera::params::datadir,
-  $datadir_manage  = true,
-  $owner           = $hiera::params::owner,
-  $group           = $hiera::params::group,
-  $provider        = $hiera::params::provider,
-  $eyaml           = false,
-  $eyaml_datadir   = undef,
-  $eyaml_extension = undef,
-  $confdir         = $hiera::params::confdir,
-  $logger          = 'console',
-  $cmdpath         = $hiera::params::cmdpath,
-  $create_keys     = true,
-  $gem_source      = undef,
-  $eyaml_version   = undef,
-  $merge_behavior  = undef,
-  $extra_config    = '',
-  $master_service  = $hiera::params::master_service,
+  $hierarchy          = [],
+  $backends           = ['yaml'],
+  $hiera_yaml         = $hiera::params::hiera_yaml,
+  $create_symlink     = true,
+  $datadir            = $hiera::params::datadir,
+  $datadir_manage     = true,
+  $owner              = $hiera::params::owner,
+  $group              = $hiera::params::group,
+  $provider           = $hiera::params::provider,
+  $eyaml              = false,
+  $eyaml_datadir      = undef,
+  $eyaml_extension    = undef,
+  $confdir            = $hiera::params::confdir,
+  $puppet_conf_manage = true,
+  $logger             = 'console',
+  $cmdpath            = $hiera::params::cmdpath,
+  $create_keys        = true,
+  $keysdir            = undef,
+  $gem_source         = undef,
+  $eyaml_version      = undef,
+  $merge_behavior     = undef,
+  $extra_config       = '',
+  $master_service     = $hiera::params::master_service,
 ) inherits hiera::params {
+  if $keysdir {
+    $_keysdir = $keysdir
+  } else {
+    $_keysdir = "${confdir}/keys"
+  }
   File {
     owner => $owner,
     group => $group,
@@ -91,6 +98,7 @@
   # - $datadir
   # - $eyaml_real_datadir
   # - $eyaml_extension
+  # - $_keysdir
   # - $confdir
   # - $merge_behavior
   # - $extra_config
@@ -105,9 +113,24 @@
       target => $hiera_yaml,
     }
   }
+  if $puppet_conf_manage {
+    ini_setting { 'puppet.conf hiera_config main section' :
+      ensure  => present,
+      path    => "${confdir}/puppet.conf",
+      section => 'main',
+      setting => 'hiera_config',
+      value   => $hiera_yaml,
+    }
+    $master_subscribe = [
+      File[$hiera_yaml],
+      Ini_setting['puppet.conf hiera_config main section'],
+    ]
+  } else {
+    $master_subscribe = File[$hiera_yaml]
+  }
 
   # Restart master service
   Service <| title == $master_service |> {
-    subscribe +> File[$hiera_yaml],
+    subscribe +> $master_subscribe,
   }
 }