.gitignore

@@ -0,0 +1,5 @@
+Gemfile.lock
+/vendor
+/.bundle
+/spec/fixtures
+/pkg

CHANGELOG.md

@@ -0,0 +1,75 @@
+# Change log
+All notable changes to this project will be documented in this file.
+
+## [Unreleased][unreleased]
+### Bugfixes:
+
+## [1.2.0] - 2015-03-05
+### Features:
+- Added `hiera::create_keys` param to disable pkcs7 key generation with
+  hiera-eyaml
+- Added `hiera::gem_source` param to specify source of hiera-eyaml gem
+- Added `hiera::eyaml_version` param to specify the version of eyaml
+
+### Bugfixes:
+- Change Modulefile to metadata.json
+- Add validation on `merge_behavior` param
+- Make it kind of work on PE 3.7 (pe-puppetserver must still be restarted after
+  the gem is installed)
+
+## [1.1.1] - 2014-11-21
+### Bugfixes:
+- Correct handling of `cmdpath` (using an array of paths instead of hardcoded
+  path). Also adds `cmdpath` parameter
+- Fix permissions on private key (604 was a typo)
+- Add "Managed by puppet" header
+
+## [1.1.0] - 2014-10-15
+### Features:
+- Added `eyaml`, `eyaml_datadir`, & `eyaml_extension` parameters to hiera class
+  for configuring hiera-eyaml
+- Added `hiera::datadir_manage` parameter to disable datadir management
+- Added `hiera::logger` parameter to change logger
+- Added `hiera::merge_behavior` parameter to change the hash merge behavior
+- Added some spec tests
+- Added new readme
+
+### Bugfixes:
+- Correct datadir regex `{}` matching
+
+## [1.0.2] - 2014-05-01
+- Remove swap files from package
+
+## [1.0.1] - 2014-03-25
+### Bugfixes:
+- Readme tweak
+- Use template instance variables to remove warnings
+
+## [1.0.0] - 2014-02-27
+### Features:
+- `backends` parameter for an array of hiera backends
+- `extra_config` parameter for a string of extra yaml config
+
+### Bugfixes:
+- Correct the yaml formatting
+
+## [0.3.1] - 2013-06-17
+### Bugfixes:
+- Docs!
+
+## [0.3.0] - 2013-06-17
+### Features:
+- PE + POSS support
+
+### Bugfixes:
+- Only ensure datadir if it does not have `%{.*}`
+
+[unreleased]: https://github.com/hunner/puppet-hiera/compare/1.2.0...master
+[1.2.0]: https://github.com/hunner/puppet-hiera/compare/1.1.1...1.2.0
+[1.1.1]: https://github.com/hunner/puppet-hiera/compare/1.1.0...1.1.1
+[1.1.0]: https://github.com/hunner/puppet-hiera/compare/1.0.2...1.1.0
+[1.0.2]: https://github.com/hunner/puppet-hiera/compare/1.0.1...1.0.2
+[1.0.1]: https://github.com/hunner/puppet-hiera/compare/1.0.0...1.0.1
+[1.0.0]: https://github.com/hunner/puppet-hiera/compare/0.3.1...1.0.0
+[0.3.1]: https://github.com/hunner/puppet-hiera/compare/0.3.0...0.3.1
+[0.3.0]: https://github.com/hunner/puppet-hiera/compare/0.2.1...0.3.0

LICENCE

@@ -0,0 +1,9 @@
+Copyright (c) 2015, Hunter Haugen
+All rights reserved.
+Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+
+1) Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+
+2) Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

README.md

@@ -26,7 +26,7 @@ This module configures [Hiera](https://github.com/puppetlabs/hiera) for Puppet.
 - /etc/hiera.yaml for symlink
 
 ### Setup requirements
-If you are using Puppet Enterprise and the eyaml backend, you will need the [puppetlabs-pe_gem](https://forge.puppetlabs.com/puppetlabs/pe_gem) module to install the eyaml gem using PE's gem command.
+If you are using Puppet Enterprise and the eyaml backend, you will need the [puppetlabs-pe_gem](https://forge.puppetlabs.com/puppetlabs/pe_gem) module to install the eyaml gem using PE's gem command. If you are using a PE version with puppetserver (3.7 and later) you will also need the [puppetlabs-pe_puppetserver_gem](https://forge.puppetlabs.com/puppetlabs/pe_puppetserver_gem) module.
 
 Otherwise you just need puppet.
 
@@ -111,38 +111,81 @@ The resulting output in /etc/puppet/hiera.yaml:
 
 The following parameters are available for the hiera class:
 
-#### `hierarchy`
-Configures the hiera hierarchy. Default is []
-#### `backends`
-Configures the list of backends. Default is ['yaml']
-#### `hiera_yaml`
-Configures the path to hiera.yaml
-#### `datadir`
-Configures the path to the hieradata directory.
-#### `datadir_manage`
-Enables/disables the datadir file resource
-#### `owner`
-Sets the owner of the managed files and directories.
-#### `group`
-Sets the group of the managed files and directories.
-#### `eyaml`
-Enables/disables the eyaml backend. Default true
-#### `eyaml_datadir`
-Configures the eyaml data directory. Default is the same as datadir
-#### `eyaml_extension`
-Configures the eyaml file extension. No default
-#### `confdir`
-Configures the directory for puppet's confdir.
-#### `logger`
-Configures the hiera logger. Default is 'console'
-#### `merge_behavior`
-Configures the hiera merge behavior (e.g. for deep merges). No default
-#### `extra_config`
-Accepts arbitrary content to add to the end of hiera.yaml
+* `hierarchy`  
+  The hiera hierarchy.  
+  Default: `[]`
+* `backend`  
+  The list of backends.  
+  Default: `['yaml']`
+* `hiera_yaml`  
+  The path to the hiera config file.  
+  Default:
+    * `'/etc/puppet/hiera.yaml'` for Puppet Open Source
+    * `'/etc/puppetlabs/puppet/hiera.yaml'` for Puppet Enterprise
+* `datadir`  
+  The path to the directory where hiera will look for databases.  
+  Default:
+    * `'/etc/puppet/hieradata'` for Puppet Open Source
+    * `'/etc/puppetlabs/puppet/hieradata'` for Puppet Enterprise
+* `datadir_manage`  
+  Whether to create and manage the datadir as a file resource.  
+  Default: `true`
+* `owner`  
+  The owner of managed files and directories.  
+  Default:
+    * `'puppet'` for Puppet Open Source
+    * `'pe-puppet'` for Puppet Enterprise
+* `group`  
+  The group owner of managed files and directories.  
+  Default:
+    * `'puppet'` for Puppet Open Source
+    * `'pe-puppet'` for Puppet Enterprise
+* `eyaml`  
+  Whether to install, configure, and enable [the eyaml backend][eyaml].  
+  Default: `false`
+* `eyaml_datadir`  
+  The path to the directory where hiera will look for databases with the eyaml backend.  
+  Default: same as `datadir`
+* `eyaml_extension`  
+  The file extension for the eyaml backend.  
+  Default: `undef`, backend defaults to `'.eyaml'`
+* `eyaml_version`  
+  The version of hiera-eyaml to install. Accepts 'installed', 'latest', '2.0.7', etc  
+  Default: `undef`
+* `confdir`  
+  The path to Puppet's confdir.  
+  Default:
+    * `'/etc/puppet'` for Puppet Open Source
+    * `'/etc/puppetlabs/puppet'` for Puppet Enterprise
+* `logger`  
+  Which hiera logger to use.  
+  **Note**: You need to manage any package/gem dependencies yourself.  
+  Default: `undef`, hiera defaults to `'console'`
+* `cmdpath`  
+  Search paths for command binaries, like the `eyaml` command.  
+  The default should cover most cases.  
+  Default: `['/opt/puppet/bin', '/usr/bin', '/usr/local/bin']`
+* `create_keys`  
+  Whether to create pkcs7 keys and manage key files for hiera-eyaml.  
+  This is useful if you need to distribute a pkcs7 key pair.  
+  Default: `true`
+* `gem_source`  
+  An alternate gem source for installing hiera-eyaml.  
+  Default: `undef`, uses gem backend default
+* `merge_behavior`  
+  Which hiera merge behavior to use.  
+  **Note**: You need to manage any package/gem dependencies yourself.  
+  Default: `undef`, hiera defaults to `'native'`
+* `extra_config`  
+  Arbitrary YAML content to append to the end of the hiera.yaml config file.  
+  This is useful for configuring backend-specific parameters.  
+  Default: `''`
+
+[eyaml]: https://github.com/TomPoulton/hiera-eyaml
 
 ## Limitations
 
-Unknown.
+The pe-puppetserver service must be restarted after hiera-eyaml is installed; this module will not do it for you. The `eyaml_version` parameter does not currently modify the eyaml version of the command-line gem on pe-puppetserver.
 
 ## Development
 

manifests/eyaml.pp

@@ -11,48 +11,77 @@
 # Copyright (C) 2014 Terri Haber, unless otherwise noted.
 #
 class hiera::eyaml (
-  $provider = $hiera::params::provider,
-  $owner    = $hiera::owner,
-  $group    = $hiera::group,
-  $cmdpath  = $hiera::cmdpath,
-  $confdir  = $hiera::confdir
+  $provider      = $hiera::params::provider,
+  $owner         = $hiera::owner,
+  $group         = $hiera::group,
+  $cmdpath       = $hiera::cmdpath,
+  $confdir       = $hiera::confdir,
+  $create_keys   = $hiera::create_keys,
+  $eyaml_version = $hiera::eyaml_version,
+  $gem_source    = $hiera::gem_source,
 ) inherits hiera::params {
 
+  $package_ensure = $eyaml_version ? {
+    undef   => 'installed',
+    default => $eyaml_version,
+  }
   package { 'hiera-eyaml':
-    ensure   => installed,
+    ensure   => $package_ensure,
     provider => $provider,
+    source   => $gem_source,
+  }
+  if $provider == 'pe_puppetserver_gem' {
+    # The puppetserver gem wouldn't install the commandline util, so we do
+    # that here
+    #XXX Pre-puppet 4.0.0 version (PUP-1073)
+    #BUG This can't actually update the gem version if already installed.
+    if $eyaml_version =~ /^\d+\.\d+\.\d+$/ {
+      $gem_flag = "--version ${eyaml_version}"
+    } else {
+      $gem_flag = undef
+    }
+    exec { 'install pe_gem':
+      command => "/opt/puppet/bin/gem install hiera-eyaml ${gem_flag}",
+      creates => '/opt/puppet/bin/eyaml',
+    }
+    #XXX Post-puppet 4.0.0
+    #package { 'hiera-eyaml command line':
+    #  ensure   => installed,
+    #  name     => 'hiera-eyaml',
+    #  provider => 'pe_gem',
+    #  source   => $gem_source,
+    #}
   }
 
-  file { "${confdir}/keys":
-    ensure => directory,
-    owner  => $owner,
-    group  => $group,
-    before => Exec['createkeys'],
+  File {
+    owner => $owner,
+    group => $group
   }
 
-  exec { 'createkeys':
-    user    => $owner,
-    cwd     => $confdir,
-    command => 'eyaml createkeys',
-    path    => $cmdpath,
-    creates => "${confdir}/keys/private_key.pkcs7.pem",
-    require => Package['hiera-eyaml'],
+  file { "${confdir}/keys":
+    ensure => directory,
   }
 
+  if ( $create_keys == true ) {
+    exec { 'createkeys':
+      user    => $owner,
+      cwd     => $confdir,
+      command => 'eyaml createkeys',
+      path    => $cmdpath,
+      creates => "${confdir}/keys/private_key.pkcs7.pem",
+      require => [ Package['hiera-eyaml'], File["${confdir}/keys"] ]
+    }
 
-  file { "${confdir}/keys/private_key.pkcs7.pem":
-    ensure  => file,
-    mode    => '0600',
-    owner   => $owner,
-    group   => $group,
-    require => Exec['createkeys'],
-  }
+    file { "${confdir}/keys/private_key.pkcs7.pem":
+      ensure  => file,
+      mode    => '0600',
+      require => Exec['createkeys'],
+    }
 
-  file { "${confdir}/keys/public_key.pkcs7.pem":
-    ensure  => file,
-    mode    => '0644',
-    owner   => $owner,
-    group   => $group,
-    require => Exec['createkeys'],
+    file { "${confdir}/keys/public_key.pkcs7.pem":
+      ensure  => file,
+      mode    => '0644',
+      require => Exec['createkeys'],
+    }
   }
 }