Dennis Camera
edcac70b2a
[explorer/machine_type] Reimplement
2021-08-05 13:52:51 +02:00
841ebb9b88
Merge branch 'fix/explorer/os_version/old-freebsd' into 'master'
...
explorer/os_version: fix for FreeBSD < 10.0 (again)
See merge request ungleich-public/cdist!1017
2021-08-05 10:26:33 +02:00
39dcb41349
Merge branch 'fix/explorer/os_version/legacy-macosx' into 'master'
...
explorer/os_version: Fix for legacy Mac OS X versions
See merge request ungleich-public/cdist!1018
2021-08-05 10:25:17 +02:00
d37772f3ea
Merge branch 'fix/type/__update_alternatives/dry-run' into 'master'
...
update alternatives: fixes for dry runs and non-English systems
See merge request ungleich-public/cdist!1016
2021-08-05 10:23:29 +02:00
49a9bcdf93
Merge branch 'fix/explorer/memory/gt-2g' into 'master'
...
explorer/memory: fix conversion of large numbers (>= 2GiB)
See merge request ungleich-public/cdist!1015
2021-08-05 10:23:20 +02:00
Dennis Camera
2a0c073d40
[explorer/os_version] Fix for legacy Mac OS X versions
2021-08-04 21:55:56 +02:00
Dennis Camera
bbcc81a984
[type/__update_alternatives] Fix for non-English locales
...
Since update-alternatives(1) is localized, screen scraping its output breaks
if the locale is set to non-English.
2021-08-04 21:44:04 +02:00
Dennis Camera
0b3b47396f
[type/__update_alternatives] dry-run fixes
2021-08-04 21:39:39 +02:00
Dennis Camera
a7d6481a7d
[type/__update_alternatives] Secure cdist-defined environment variables with :?
2021-08-04 21:38:21 +02:00
Dennis Camera
83fe6e9f5b
[explorer/memory] Fix conversion of large numbers (>= 2GiB)
...
At least mawk uses scientific notation when using print for
numbers >=2^31 (INT_MAX of a signed 32-bit int).
`printf "%.f\n"` works around this.
2021-08-04 20:45:14 +02:00
Dennis Camera
e108cbc205
[explorer/os_version] Ubuntu: fall back to os-release/lsb-release files
2021-08-04 20:44:17 +02:00
Dennis Camera
53334fb4eb
[explorer/os_version] Fix for FreeBSD < 10.0 (again)
2021-08-04 19:50:10 +02:00
4156fea900
[filesystem] Add ubuntu as supported distribution.
2021-07-28 12:56:39 +02:00
Dennis Camera
fed01ded83
[cdist.log] Define custom log functions on logging.Logger
...
Define out custom logger functions on logging.Logger so that they are passed on
to all other loggers.
Also, the logger functions need to take a self argument so that they can log on
the corrent Logger.
2021-07-22 11:28:48 +02:00
bf0c355fe7
Merge branch 'feature/explorer/os_version/devuan-ceres' into 'master'
...
explorer/os_version: Convert Devuan ceres to version number
See merge request ungleich-public/cdist!1008
2021-07-20 06:37:40 +02:00
Dennis Camera
24c9406ea0
[explorer/os_version] Convert Devuan ceres to version number
...
Conversion of Devuan ceres to version numbers is done based on Devuan codenames.
The version number is the version number of the final release - 0.01.
Analogous to Debian.
2021-07-19 12:14:20 +02:00
8b160841ad
Merge branch 'apt-pin-type' into 'master'
...
New type: __apt_pin - manage apt pinning
See merge request ungleich-public/cdist!1005
2021-07-18 17:44:04 +02:00
46b5c24cd2
use $__remote_exec for RSYNC_RSH
2021-07-18 16:25:00 +03:00
0e611af2a6
[__rsync] rewrite
2021-07-17 11:44:09 +03:00
Darko Poljak
65c43d3c1d
Fix docs code block errors
2021-07-10 21:02:27 +02:00
b8f601ee15
Merge branch 'rsync-ssh-multiplex' into 'master'
...
__rsync: Use $__remote_exec and thus the ssh multiplexing
See merge request ungleich-public/cdist!1001
2021-07-08 08:05:52 +02:00
cf0032d667
add messaging and exit earlier
2021-07-07 21:28:00 +03:00
7a5896acfa
add --onchange, fix shellcheck
2021-07-07 21:23:25 +03:00
485283f2e5
new type: __sed
2021-07-07 20:47:22 +03:00
166b58aeea
Fix typo in distro names...
2021-07-05 15:32:27 +02:00
521241d741
Refine docs even more
2021-07-05 15:28:05 +02:00
be92731c5c
Shell check quoting
...
We're actually echo-ing the command, hence the escape in front of the
quotes - the issue Shellcheck alludes too would actually occur, had the
escaping bakcslashes been omitted.
2021-07-05 12:44:09 +01:00
d8da298cdf
Merge branch '__snakeoil_cert' into 'master'
...
new type: __snakeoil_cert
See merge request ungleich-public/cdist!1002
2021-07-05 08:59:59 +02:00
fnux
44eeb4bbfc
Merge branch 'scanner' into 'master'
...
usable cdist scan
See merge request ungleich-public/cdist!993
2021-07-05 07:44:28 +02:00
30ba796d06
new type: __snakeoil_cert
2021-07-02 10:09:38 +03:00
6528fd1c77
Merge branch 'feature/type/__debconf_set_selections/state-explorer' into 'master'
...
__debconf set selections: Add state explorer
See merge request ungleich-public/cdist!999
2021-07-02 06:49:24 +02:00
60753ddfcc
fix shellcheck
2021-07-01 14:42:10 +03:00
d937d53f3d
Add quotes to rsync command
2021-06-28 18:09:35 +01:00
2db40d8d70
Use $__remote_exec and thus the ssh multiplexing
2021-06-28 12:54:20 +02:00
7b3f268df2
[__download] improvements
...
1. post download checksum verification
2. detect hashes without prefix
3. add optional --destination
4. updated man
2021-06-22 16:36:30 +03:00
b726697e07
Add documentation
2021-06-11 15:05:33 +01:00
a3102022e1
More sensible defaults; reword debian-only error message
2021-06-11 15:05:17 +01:00
Dennis Camera
6ede76b08b
[type/__debconf_set_selections] man.rst: Fix line break in AUTHORS
2021-06-08 16:20:55 +02:00
Dennis Camera
d596986af8
[type/__pyvenv] Fix group explorer
2021-05-31 09:06:52 +02:00
d2ce55ea6e
Merge branch '__git_fix_group_explorer' into 'master'
...
[__git] fix group explorer
See merge request ungleich-public/cdist!992
2021-05-29 11:20:20 +02:00
b8733c65f5
[scanner] fix minor CLI handling and --list bugs / typo
2021-05-26 11:26:35 +02:00
75c71f69c1
[scanner] pycodestyle compliance
2021-05-26 10:18:12 +02:00
503a06ed28
[__git] fix group explorer
...
group name from numberic id wasn't resolved correctly.
try to use getent and fallback to reading /etc/group directly.
2021-05-23 13:35:33 +03:00
81b426e4e2
[__letsencrypt_cert] Revamp explorers, add locking.
...
Closes #839
See merge request ungleich-public/cdist!976
This patch joins all explorers in one to avoid starting multiple remote python
processes and uses a cdist-specific lock in /tmp/certbot.cdist.lock with a
60 seconds timeout.
2021-05-10 12:10:01 +02:00
a696f3cf00
[__letsencrypt_cert] Revamp explorers, add locking.
...
This would fix #839
Certbot uses locking [1] even for read-only operations and does not properly
use exit codes, which means that sometimes it would print:
"Another instance of Certbot is already running" and exit with success.
However, the previous explorers would take that as the certificate being absent
and would trigger code generation.
The issue was made worse by having many explorers running certbot, so for N
certificates, we'd run certbot N*4 times, potentially "in parallel".
[1]: https://certbot.eff.org/docs/using.html#id5
This patch joins all explorers in one to avoid starting multiple remote python
processes and uses a cdist-specific lock in /tmp/certbot.cdist.lock with a
60 seconds timeout.
It has been tested with certbot 0.31.0 and 0.17 that the:
from certbot.main import main
trick works. It is somewhat well documented so it can be somewhat relied upon.
2021-05-10 12:10:00 +02:00
c00c8c2012
[__apt_key*] Deprecate __apt_key_uri and improve __apt_key
...
Previously this type was falling back to using the deprecated apt-key(8) by
checking for existence of files/directories on the controller host in
gencode-remote.
Adding `--use-deprecated-apt-key` as an explicit boolean serves two purposes:
1. It prevents fallbacks that might end up doing the wrong thing
(as was the case)
2. It allows for a simple way to remove keys from the keyring that were
previously added with apt-key(8) to /etc/apt/trusted.gpg
This parameter is added marked as deprecated as is only intended use is to
migrate to directory-based keyrings as recommended by Debian for a few releases.
It will be removed when Debian 11 stops being supported.
During the review process of this merge request, it was noted that the state of
PGP Key Servers is somewhat suboptimal, that the examples encouraged bad
practise (it is trivial to produce collisions for short key IDs), and that
this use does not require the Web of Trust, but instead only the public key
that is signing the repository.
That is why this also adds `--source` as an argument allowing for in-type or
in-manifest provision of such public keys by the type/manifest maintainer and
the use of Key Servers is still supported, but discouraged.
2021-05-10 12:08:22 +02:00
Dennis Camera
a42ebc7a78
[type/__debconf_set_selections] Synchronise objects
...
Works around locking error:
debconf: DbDriver "config": /var/cache/debconf/config.dat is locked by another process: Resource temporarily unavailable
2021-04-27 19:46:07 +02:00
Dennis Camera
9cf19388ab
[type/__debconf_set_selections] Send message about each debconf setting that is changed
2021-04-26 16:47:44 +02:00
Dennis Camera
a4122882f2
[type/__debconf_set_selections] Add state explorer
...
…and to make it work, replace --file with --line.
--file is deprecated because it does not work with the state explorer as the
contents of the file are not available on the target.
2021-04-26 16:39:51 +02:00
2232435c22
[scanner] initial documentation
...
Note: still needs to patch main cdist(1) manpage
2021-04-26 14:39:26 +02:00
3a9dd5b166
[scanner] add minimal (non-configurable) config mode
2021-04-26 12:09:55 +02:00
92fff7cb77
[scanner] fix crash on --list with name mapper provided
2021-04-26 12:09:44 +02:00
Dennis Camera
0f05f38384
[type/__postgres_role] Treat --password '' like no --password
2021-04-25 20:01:36 +02:00
Dennis Camera
0d33407b18
[type/__postgres_database] Proper quoting in state explorer
2021-04-25 20:01:36 +02:00
Dennis Camera
8296051653
[type/__postgres_extension] Add state explorer
2021-04-25 20:01:36 +02:00
Dennis Camera
3cf93249c3
[type/__postgres_extension] Include postgres_user explorer from __postgres_conf
2021-04-25 20:01:36 +02:00
Dennis Camera
beb8da6d5f
[type/__postgres_role] Include postgres_user explorer from __postgres_conf
2021-04-25 20:01:36 +02:00
Dennis Camera
58b279a8d0
[type/__postgres_database] Improve quoting
2021-04-25 20:01:36 +02:00
Dennis Camera
6ac8cbf98f
[type/__postgres_database] Include postgres_user explorer from __postgres_conf
2021-04-25 20:01:36 +02:00
71d79ed6ee
Merge branch 'feature/type/__postgres_conf' into 'master'
...
__postgres_conf: new type
See merge request ungleich-public/cdist!972
2021-04-25 15:49:19 +02:00
13e2ad175f
[scanner] add host class, name mapper and pre-config logic
2021-04-25 12:45:34 +02:00
bb24d632d6
[scanner] implement the --list flag
2021-04-22 10:20:49 +02:00
a4464209b6
[scanner] add minimal error handling, consolidate CLI args processing
2021-04-22 09:31:06 +02:00
acf9bf91f1
[scanner] error to stderr and exit when scapy is not available
2021-04-22 08:55:14 +02:00
Dennis Camera
1c047353a9
[bin/cdist] Fix Python version check
2021-04-17 09:57:10 +02:00
Dennis Camera
19bf37be1a
[type/__postgres_conf] Update man.rst
2021-04-15 15:56:15 +02:00
Dennis Camera
686e4f0f2d
[type/__postgres_conf] Reverse state logic (decide based on source first)
2021-04-15 15:50:03 +02:00
Dennis Camera
bef1433ba3
[type/__postgres_conf] Accept empty values
2021-04-15 15:50:03 +02:00
Dennis Camera
12c2995494
[type/__postgres_conf] Implement complex state compare logic
2021-04-15 15:50:02 +02:00
Dennis Camera
e0416403c4
[type/__postgres_conf] Add psql_conf_source function to state explorer
2021-04-15 15:50:02 +02:00
Dennis Camera
2ccc03fef1
[type/__postgres_conf] Add psql_conf_cmp function to state explorer
2021-04-15 15:50:02 +02:00
Dennis Camera
92b8942a8c
[type/__postgres_conf] Add psql_exec function to state explorer
2021-04-15 15:50:02 +02:00
d2eec60668
[__download] make --sum optional
2021-04-11 23:16:00 +03:00
Darko Poljak
750c71fb5a
Minor refactoring and remove code duplication
2021-04-07 10:25:26 +02:00
Darko Poljak
199effb7ef
Improve unfinished object requirements bool check
...
When we need only boolean value for unfinished object requirements then
we don't need to determine the whole list of unfinished objects.
2021-04-06 19:35:14 +02:00
ce79a2069c
Merge branch 'fix/type/__pyvenv/numeric-owner' into 'master'
...
__pyvenv: Fix if --owner / --group is numeric
See merge request ungleich-public/cdist!988
2021-04-01 15:36:02 +02:00
c981f654f1
Merge branch 'fix/type/__git/numeric-owner' into 'master'
...
__git: Fix if --owner / --group is numeric
See merge request ungleich-public/cdist!987
2021-04-01 15:35:46 +02:00
Darko Poljak
4c2d273f07
Unify string formatting
...
Use one way of string formatting: replace old `%` style with new `str.format`.
Resolve #855 .
2021-03-31 08:19:34 +02:00
Darko Poljak
f984a918b9
Fix log message string formatting
...
Use logging message format with args, instead of direct `%` or `str.format`.
Resolve #855 .
2021-03-31 08:19:28 +02:00
Dennis Camera
985252585c
[type/__pyvenv] Fix if --owner / --group is numeric
...
Before, if --owner and/or --group was numeric, gencode-remote would generate
`chown` code every time.
2021-03-30 13:26:21 +02:00
Dennis Camera
167c2ad7ea
[type/__git] Fix if --owner / --group is numeric
...
Before, if --owner and/or --group was numeric, gencode-remote would generate
`chown` code every time.
2021-03-30 13:24:56 +02:00
Darko Poljak
7a0b697f4c
Implement maintaining object relationship graph
...
For each object maintain parent-child relationship graph, i.e. list of
parent objects ('parents' property) and list of children objects ('children'
property).
Objects without parent(s) are objects specified in init manifest.
Objects without children are object of types that do not reuse other types.
2021-03-30 12:09:59 +02:00
c55397766e
Merge branch 'feature/type/__sshd_config/whitelist-openbmc' into 'master'
...
__sshd_config: Whitelist OpenBMC
See merge request ungleich-public/cdist!980
2021-03-12 08:20:35 +01:00
Dennis Camera
e47c4dd8a4
[type/__sshd_config] Whitelist OpenBMC in manifest
2021-03-11 14:17:44 +01:00
Dennis Camera
fb19f34266
[type/__ssh_authorized_key] Only grep if file exists
2021-03-09 21:15:26 +01:00
Steven Armstrong
ea0126dd81
Make local state dir available to custom remote scripts
...
Signed-off-by: Steven Armstrong <steven@icarus.ethz.ch>
2021-03-05 16:11:49 +01:00
1bc0d912bf
Merge branch 'fix/type/__pyvenv/man-typo' into 'master'
...
__pyvenv: Fix user example
See merge request ungleich-public/cdist!978
2021-03-02 09:28:50 +01:00
Dennis Camera
8ef19d47f6
[type/__pyvenv] Fix example (--user -> --owner)
2021-03-01 17:59:45 +01:00
dc66efa690
Fix shellcheck issues
2021-02-23 11:59:09 +00:00
1a74470c4d
__apt_pin: Always use $__object_id as preferences.d filename
2021-02-23 09:43:02 +00:00
0734288483
First draft of __apt_pin
2021-02-23 09:43:02 +00:00
6358885d26
Merge branch 'feature/__package_pip/extras' into 'master'
...
__package_pip: add optional (extra) dependencies
See merge request ungleich-public/cdist!975
2021-02-23 06:27:09 +01:00
b3a9c907ad
Merge branch '__letsencrypt_cert-fix-hooks' into 'master'
...
[__letsencrypt_cert] Fix various issues with hooks.
Closes #853
See merge request ungleich-public/cdist!977
2021-02-22 09:09:45 +01:00
e854db096e
Merge branch 'fix/type/__postgres_role/implement-alter' into 'master'
...
__postgres_role: implement modification of roles
See merge request ungleich-public/cdist!973
2021-02-22 08:58:58 +01:00
d1f45d3524
__package_pip: corrected typo in man
...
.. by fully replacing it with a smaller sentence.
2021-02-19 09:03:56 +01:00
Dennis Camera
0835f414a5
[type/__postgres_conf] Extract PostgreSQL service user detection to separate explorer
2021-02-16 16:03:23 +01:00
2ce1fce767
__package_pip: match package names case insensitive
...
Pip matches them insensitive, so we need to do the same to avoid
problems by saying extras are not installed but already is there in
place.
2021-02-15 16:17:46 +01:00
951712740f
__package_pip: update man.rst
...
Adjusted comments for `explorer/extras` and updated the man page for the
new behaviour of updating the extras.
2021-02-12 13:42:51 +01:00
a9d7dfb2ed
__package_pip: split extra 'all' to a list of all extras
...
This will fix if a package will be upgraded from some extras to all
extras. Previously, it will not work because some dependencies of 'all'
are already installed, so the feature 'all' is already installed.
Now, it will use a list of all extras to iterate over them separatly. This
will result it will never install all extras via `[all]`, but rather
`[foo,bar]`.
2021-02-12 09:17:02 +01:00
7398382890
__package_pip: fix shellcheck
...
Useless `cat $file`, use `< $file` instead.
2021-02-11 23:12:10 +01:00