Class: Puppet::Application::Lookup

Inherits:

Puppet::Application

• Object
• Puppet::Application
• Puppet::Application::Lookup

Defined in:

lib/puppet/application/lookup.rb

Constant Summary

RUN_HELP =

_("Run 'puppet lookup --help' for more details").freeze

DEEP_MERGE_OPTIONS =

'--knock-out-prefix, --sort-merged-arrays, and --merge-hash-arrays'.freeze

TRUSTED_INFORMATION_FACTS =

["hostname", "domain", "fqdn", "clientcert"].freeze

Constants inherited from Puppet::Application

DOCPATTERN

Constants included from Util

Util::ALNUM, Util::ALPHA, Util::AbsolutePathPosix, Util::AbsolutePathWindows, Util::DEFAULT_POSIX_MODE, Util::DEFAULT_WINDOWS_MODE, Util::ESCAPED, Util::HEX, Util::HttpProxy, Util::PUPPET_STACK_INSERTION_FRAME, Util::RESERVED, Util::RFC_3986_URI_REGEX, Util::UNRESERVED, Util::UNSAFE

Constants included from Util::POSIX

Util::POSIX::LOCALE_ENV_VARS, Util::POSIX::USER_ENV_VARS

Constants included from Util::SymbolicFileMode

Util::SymbolicFileMode::SetGIDBit, Util::SymbolicFileMode::SetUIDBit, Util::SymbolicFileMode::StickyBit, Util::SymbolicFileMode::SymbolicMode, Util::SymbolicFileMode::SymbolicSpecialToBit

Instance Attribute Summary

Attributes inherited from Puppet::Application

#command_line, #options

Instance Method Summary

• #app_defaults ⇒ Object
• #generate_scope ⇒ Object
• #help ⇒ Object
• #main ⇒ Object
• #retrieve_node_facts(node, given_facts) ⇒ Object
• #setup ⇒ Object
• #setup_logs ⇒ Object
• #setup_terminuses ⇒ Object
• #summary ⇒ Object

Methods inherited from Puppet::Application

[], available_application_names, banner, clear!, clear?, clear_everything_for_tests, #configure_indirector_routes, controlled_run, #deprecate, #deprecated?, environment_mode, exit, find, get_environment_mode, #handle_logdest_arg, #handlearg, #initialize, #initialize_app_defaults, interrupted?, #log_runtime_environment, #name, option, option_parser_commands, #parse_options, #preinit, restart!, restart_requested?, #run, #run_command, run_mode, #set_log_level, stop!, stop_requested?, try_load_class

Methods included from Util

absolute_path?, benchmark, chuser, clear_environment, create_erb, default_env, deterministic_rand, deterministic_rand_int, exit_on_fail, format_backtrace_array, format_puppetstack_frame, get_env, get_environment, logmethods, merge_environment, path_to_uri, pretty_backtrace, replace_file, resolve_stackframe, rfc2396_escape, safe_posix_fork, set_env, skip_external_facts, symbolizehash, thinmark, uri_encode, uri_query_encode, uri_to_path, uri_unescape, which, withenv, withumask

Methods included from Util::POSIX

#get_posix_field, #gid, groups_of, #idfield, #methodbyid, #methodbyname, #search_posix_field, #uid

Methods included from Util::SymbolicFileMode

#display_mode, #normalize_symbolic_mode, #symbolic_mode_to_int, #valid_symbolic_mode?

Constructor Details

This class inherits a constructor from Puppet::Application

Instance Method Details

#app_defaults ⇒ Object

# File 'lib/puppet/application/lookup.rb', line 62

def app_defaults
  super.merge({
    :facts_terminus => 'yaml'
  })
end

#generate_scope ⇒ Object

# File 'lib/puppet/application/lookup.rb', line 341

def generate_scope
  if options[:node]
    node = options[:node]
  else
    node = Puppet[:node_name_value]

    # If we want to lookup the node we are currently on
    # we must returning these settings to their default values
    Puppet.settings[:facts_terminus] = 'facter'
  end

  fact_file = options[:fact_file]

  if fact_file
    if fact_file.end_with?('.json')
      given_facts = Puppet::Util::Json.load_file(fact_file)
    elsif fact_file.end_with?('.yml', '.yaml')
      given_facts = Puppet::Util::Yaml.safe_load_file(fact_file)
    else
      given_facts = Puppet::Util::Json.load_file_if_valid(fact_file)
      given_facts = Puppet::Util::Yaml.safe_load_file_if_valid(fact_file) unless given_facts
    end

    unless given_facts.instance_of?(Hash)
      raise _("Incorrectly formatted data in %{fact_file} given via the --facts flag (only accepts yaml and json files)") % { fact_file: fact_file }
    end

    if TRUSTED_INFORMATION_FACTS.any? { |key| given_facts.key? key }
      unless TRUSTED_INFORMATION_FACTS.all? { |key| given_facts.key? key }
        raise _("When overriding any of the %{trusted_facts_list} facts with %{fact_file} "\
          "given via the --facts flag, they must all be overridden.") % { fact_file: fact_file ,trusted_facts_list: TRUSTED_INFORMATION_FACTS.join(',')}
      end
    end
  end

  unless node.is_a?(Puppet::Node) # to allow unit tests to pass a node instance
    facts = retrieve_node_facts(node, given_facts)
    ni = Puppet::Node.indirection
    tc = ni.terminus_class
    if options[:compile]
      if tc == :plain
        node = ni.find(node, facts: facts, environment: Puppet[:environment])
      else
        begin
          service = Puppet.runtime[:http]
          session = service.create_session
          cert = session.route_to(:ca)

          _, x509 = cert.get_certificate(node)
          cert = OpenSSL::X509::Certificate.new(x509)
          Puppet::SSL::Oids.register_puppet_oids
          trusted = Puppet::Context::TrustedInformation.remote(true, facts.values['certname'] || node, Puppet::SSL::Certificate.from_instance(cert))
          Puppet.override(trusted_information: trusted) do
            node = ni.find(node, facts: facts, environment: Puppet[:environment])
          end
        rescue
          Puppet.warning _("CA is not available, the operation will continue without using trusted facts.")
          node = ni.find(node, facts: facts, environment: Puppet[:environment])
        end
      end
    else
      ni.terminus_class = :plain
      node = ni.find(node, facts: facts, environment: Puppet[:environment])
      ni.terminus_class = tc
    end
  else
    node.add_extra_facts(given_facts) if given_facts
  end
  node.environment = Puppet[:environment] if Puppet.settings.set_by_cli?(:environment)
  node.add_server_facts(Puppet::Node::ServerFacts.load)
  Puppet[:code] = 'undef' unless options[:compile]
  compiler = Puppet::Parser::Compiler.new(node)
  if options[:node]
    Puppet::Util.skip_external_facts do
      compiler.compile { |catalog| yield(compiler.topscope); catalog }
    end
  else
    compiler.compile { |catalog| yield(compiler.topscope); catalog }
  end
end

#help ⇒ Object

# File 'lib/puppet/application/lookup.rb', line 106

def help
  "\npuppet-lookup(8) -- \#{summary}\n========\n\nSYNOPSIS\n--------\nDoes Hiera lookups from the command line.\n\nSince this command needs access to your Hiera data, make sure to run it on a\nnode that has a copy of that data. This usually means logging into a Puppet\nServer node and running 'puppet lookup' with sudo.\n\nThe most common version of this command is:\n\n'puppet lookup <KEY> --node <NAME> --environment <ENV> --explain'\n\nUSAGE\n-----\npuppet lookup [--help] [--type <TYPESTRING>] [--merge first|unique|hash|deep]\n[--knock-out-prefix <PREFIX-STRING>] [--sort-merged-arrays]\n[--merge-hash-arrays] [--explain] [--environment <ENV>]\n[--default <VALUE>] [--node <NODE-NAME>] [--facts <FILE>]\n[--compile]\n[--render-as s|json|yaml|binary|msgpack] <keys>\n\nDESCRIPTION\n-----------\nThe lookup command is a CLI for Puppet's 'lookup()' function. It searches your\nHiera data and returns a value for the requested lookup key, so you can test and\nexplore your data. It is a modern replacement for the 'hiera' command.\nLookup uses the setting for global hiera.yaml from puppet's config,\nand the environment to find the environment level hiera.yaml as well as the\nresulting modulepath for the environment (for hiera.yaml files in modules).\nHiera usually relies on a node's facts to locate the relevant data sources. By\ndefault, 'puppet lookup' uses facts from the node you run the command on, but\nyou can get data for any other node with the '--node <NAME>' option. If\npossible, the lookup command will use the requested node's real stored facts\nfrom PuppetDB; if PuppetDB isn't configured or you want to provide arbitrary\nfact values, you can pass alternate facts as a JSON or YAML file with '--facts\n<FILE>'.\n\nIf you're debugging your Hiera data and want to see where values are coming\nfrom, use the '--explain' option.\n\nIf '--explain' isn't specified, lookup exits with 0 if a value was found and 1\notherwise. With '--explain', lookup always exits with 0 unless there is a major\nerror.\n\nYou can provide multiple lookup keys to this command, but it only returns a\nvalue for the first found key, omitting the rest.\n\nFor more details about how Hiera works, see the Hiera documentation:\nhttps://puppet.com/docs/puppet/latest/hiera_intro.html\n\nOPTIONS\n-------\n\n* --help:\nPrint this help message.\n\n* --explain\nExplain the details of how the lookup was performed and where the final value\ncame from (or the reason no value was found).\n\n* --node <NODE-NAME>\nSpecify which node to look up data for; defaults to the node where the command\nis run. Since Hiera's purpose is to provide different values for different\nnodes (usually based on their facts), you'll usually want to use some specific\nnode's facts to explore your data. If the node where you're running this\ncommand is configured to talk to PuppetDB, the command will use the requested\nnode's most recent facts. Otherwise, you can override facts with the '--facts'\noption.\n\n* --facts <FILE>\nSpecify a .json or .yaml file of key => value mappings to override the facts\nfor this lookup. Any facts not specified in this file maintain their\noriginal value.\n\n* --environment <ENV>\nLike with most Puppet commands, you can specify an environment on the command\nline. This is important for lookup because different environments can have\ndifferent Hiera data. This environment will be always be the one used regardless\nof any other factors.\n\n* --merge first|unique|hash|deep:\nSpecify the merge behavior, overriding any merge behavior from the data's\nlookup_options. 'first' returns the first value found. 'unique' appends\neverything to a merged, deduplicated array. 'hash' performs a simple hash\nmerge by overwriting keys of lower lookup priority. 'deep' performs a deep\nmerge on values of Array and Hash type. There are additional options that can\nbe used with 'deep'.\n\n* --knock-out-prefix <PREFIX-STRING>\nCan be used with the 'deep' merge strategy. Specifies a prefix to indicate a\nvalue should be removed from the final result.\n\n* --sort-merged-arrays\nCan be used with the 'deep' merge strategy. When this flag is used, all\nmerged arrays are sorted.\n\n* --merge-hash-arrays\nCan be used with the 'deep' merge strategy. When this flag is used, hashes\nWITHIN arrays are deep-merged with their counterparts by position.\n\n* --explain-options\nExplain whether a lookup_options hash affects this lookup, and how that hash\nwas assembled. (lookup_options is how Hiera configures merge behavior in data.)\n\n* --default <VALUE>\nA value to return if Hiera can't find a value in data. For emulating calls to\nthe 'lookup()' function that include a default.\n\n* --type <TYPESTRING>:\nAssert that the value has the specified type. For emulating calls to the\n'lookup()' function that include a data type.\n\n* --compile\nPerform a full catalog compilation prior to the lookup. If your hierarchy and\ndata only use the $facts, $trusted, and $server_facts variables, you don't\nneed this option; however, if your Hiera configuration uses arbitrary\nvariables set by a Puppet manifest, you might need this option to get accurate\ndata. No catalog compilation takes place unless this flag is given.\n\n* --render-as s|json|yaml|binary|msgpack\nSpecify the output format of the results; \"s\" means plain text. The default\nwhen producing a value is yaml and the default when producing an explanation\nis s.\n\nEXAMPLE\n-------\nTo look up 'key_name' using the Puppet Server node's facts:\n$ puppet lookup key_name\n\nTo look up 'key_name' using the Puppet Server node's arbitrary variables from a manifest, and \nclassify the node if applicable:\n$ puppet lookup key_name --compile\n\nTo look up 'key_name' using the Puppet Server node's facts, overridden by facts given in a file:\n$ puppet lookup key_name --facts fact_file.yaml\n\nTo look up 'key_name' with agent.local's facts:\n$ puppet lookup --node agent.local key_name\n\nTo get the first value found for 'key_name_one' and 'key_name_two'\nwith agent.local's facts while merging values and knocking out\nthe prefix 'foo' while merging:\n$ puppet lookup --node agent.local --merge deep --knock-out-prefix foo key_name_one key_name_two\n\nTo lookup 'key_name' with agent.local's facts, and return a default value of\n'bar' if nothing was found:\n$ puppet lookup --node agent.local --default bar key_name\n\nTo see an explanation of how the value for 'key_name' would be found, using\nagent.local's facts:\n$ puppet lookup --node agent.local --explain key_name\n\nCOPYRIGHT\n---------\nCopyright (c) 2015 Puppet Inc., LLC Licensed under the Apache 2.0 License\n\n\n  HELP\nend\n"

#main ⇒ Object

# File 'lib/puppet/application/lookup.rb', line 272

def main
  keys = command_line.args

  #unless options[:node]
  #  raise "No node was given via the '--node' flag for the scope of the lookup.\n#{RUN_HELP}"
  #end

  if (options[:sort_merged_arrays] || options[:merge_hash_arrays] || options[:prefix]) && options[:merge] != 'deep'
    raise _("The options %{deep_merge_opts} are only available with '--merge deep'\n%{run_help}") % { deep_merge_opts: DEEP_MERGE_OPTIONS, run_help: RUN_HELP }
  end

  use_default_value = !options[:default_value].nil?
  merge_options = nil

  merge = options[:merge]
  unless merge.nil?
    strategies = Puppet::Pops::MergeStrategy.strategy_keys
    unless strategies.include?(merge.to_sym)
      strategies = strategies.map {|k| "'#{k}'"}
      raise _("The --merge option only accepts %{strategies}, or %{last_strategy}\n%{run_help}") % { strategies: strategies[0...-1].join(', '), last_strategy: strategies.last, run_help: RUN_HELP }
    end

    if merge == 'deep'
      merge_options = {'strategy' => 'deep',
        'sort_merged_arrays' => !options[:sort_merged_arrays].nil?,
        'merge_hash_arrays' => !options[:merge_hash_arrays].nil?}

      if options[:prefix]
        merge_options['knockout_prefix'] = options[:prefix]
      end

    else
      merge_options = {'strategy' => merge}
    end
  end

  explain_data = !!options[:explain]
  explain_options = !!options[:explain_options]
  only_explain_options = explain_options && !explain_data
  if keys.empty?
    if only_explain_options
      # Explain lookup_options for lookup of an unqualified value.
      keys = Puppet::Pops::Lookup::GLOBAL
    else
      raise _('No keys were given to lookup.')
    end
  end
  explain = explain_data || explain_options

  # Format defaults to text (:s) when producing an explanation and :yaml when producing the value
  format = options[:render_as] || (explain ? :s : :yaml)
  renderer = Puppet::Network::FormatHandler.format(format)
  raise _("Unknown rendering format '%{format}'") % { format: format } if renderer.nil?

  generate_scope do |scope|
    lookup_invocation = Puppet::Pops::Lookup::Invocation.new(scope, {}, {}, explain ? Puppet::Pops::Lookup::Explainer.new(explain_options, only_explain_options) : nil)
    begin
      type = options.include?(:type) ? Puppet::Pops::Types::TypeParser.singleton.parse(options[:type], scope) : nil
      result = Puppet::Pops::Lookup.lookup(keys, type, options[:default_value], use_default_value, merge_options, lookup_invocation)
      puts renderer.render(result) unless explain
    rescue Puppet::DataBinding::LookupError => e
      lookup_invocation.report_text { e.message }
      exit(1) unless explain
    end
    puts format == :s ? lookup_invocation.explainer.explain : renderer.render(lookup_invocation.explainer.to_hash) if explain
  end
  exit(0)
end

#retrieve_node_facts(node, given_facts) ⇒ Object

# File 'lib/puppet/application/lookup.rb', line 422

def retrieve_node_facts(node, given_facts)
  facts = Puppet::Node::Facts.indirection.find(node, :environment => Puppet.lookup(:current_environment))

  facts = Puppet::Node::Facts.new(node, {}) if facts.nil?
  facts.add_extra_values(given_facts) if given_facts

  if facts.values.empty?
    raise _("No facts available for target node: %{node}") % { node: node}
  end
  facts
end

#setup ⇒ Object

# File 'lib/puppet/application/lookup.rb', line 86

def setup
  setup_logs

  exit(Puppet.settings.print_configs ? 0 : 1) if Puppet.settings.print_configs?

  if options[:node]
    Puppet::Util.skip_external_facts do
      Puppet.settings.use :main, :server, :ssl, :metrics
    end
  else
    Puppet.settings.use :main, :server, :ssl, :metrics
  end

  setup_terminuses
end

#setup_logs ⇒ Object

# File 'lib/puppet/application/lookup.rb', line 68

def setup_logs
  # This sets up logging based on --debug or --verbose if they are set in `options`
  set_log_level

  # This uses console for everything that is not a compilation
  Puppet::Util::Log.newdestination(:console)
end

#setup_terminuses ⇒ Object

# File 'lib/puppet/application/lookup.rb', line 76

def setup_terminuses
  require_relative '../../puppet/file_serving/content'
  require_relative '../../puppet/file_serving/metadata'

  Puppet::FileServing::Content.indirection.terminus_class = :file_server
  Puppet::FileServing::Metadata.indirection.terminus_class = :file_server

  Puppet::FileBucket::File.indirection.terminus_class = :file
end

#summary ⇒ Object

# File 'lib/puppet/application/lookup.rb', line 102

def summary
  _("Interactive Hiera lookup")
end