Yumrepo gpgcheck puppet-lint check
The most recent in my recent series of puppet-lint plugins, the yumrepo gpgcheck enabled check, will mostly be of interest to security conscious Linux users who use a yum or dnf based package manager....
View ArticlePuppet-lint world writable files check
On a *nix system a world writable file is one that anyone can write to. This is often undesirable, especially in production, where who can write to certain files should be limited and enabled with...
View ArticlePuppet integration tests in (about) seven minutes
While puppet-lint and rspec-puppet (thanks to Tim Sharpe) will help ensure your Puppet code is both clean and produces what you’d expect in the compiled catalog there are times when you’ll want to go...
View ArticleSpecialising validate_re with wrapper functions in Puppet
Once your puppet code base reaches a certain size you’ll often have a number of validate_ functions testing parameters and configuration values for compliance with local rules and requirements. These...
View ArticlePuppet Lint 2.0 Upgrade
With the recent puppet-lint 2.0 release it seemed a good time to bump the version we use at $WORK and see what’d changed. In theory it was as simple as changing the version in our Gemfile and ideally...
View ArticlePuppet Lint Plugins - 2.0 Upgrade and new repo
After the recent puppet-lint 2.0 release and the success of our puppet-lint 2.0 upgrade at work it felt like the right moment to claw some time back and update my own (11!) puppet-lint plugins to allow...
View ArticleRemoving 'magic numbers' and times from your Puppet manifests
In a large Puppet code base you’ll eventually end up with a scattering of time based ‘magic numbers‘ such as cache expiry numbers, zone file ttls and recurring job schedules. You’ll typically find...
View ArticlePuppet 3.7 File Function Improvements
Puppet’s always had a couple of little inconsistencies when it comes to the file and template functions. The file function has always been able to search for multiple files and return the contents of...
View ArticleFacter: Ansible facts in Puppet
Have you ever needed to access Ansible facts from inside Puppet? well, if you ever need to, you can use the basic ansible_facts custom fact.# make sure you have ansible installed $ sudo puppet resource...
View ArticleSimple Puppet Module Testing with Dockunit
I’ve recently begun to look at replacing as much of my custom puppet tooling as possible with third-party, open source, code. As part of this I’m planning to update my old libvirt testing...
View ArticlePuppet validate_json_schema function
A few projects ago we had a JSON app with quite a fiddly config file that was undergoing rapid iteration. Although we never deployed an invalid JSON config we hit a couple of snags with config files...
View ArticleIntroducing the Deprecate function
A fair while ago I wrote aDeprecation Warnings From Puppet Resources blog post and metaparameter for adding expiry information to your manifests -file { '/ec/cron.d/remove_foos':ensure =>...
View ArticleNo symbolic file modes - puppet-lint check
Modern versions of Puppet allow you to specify the mode of a file resource in one of two ways, either as a traditional octal value or the (newer addition) symbolic file modes. Although these may seem...
View ArticleDuplicate class parameters check for puppet-lint
In versions of Puppet under 3.8.5 it’s been possible to have the same parameter name specified multiple times in a class definition without error. Although allowed it was a little misleading as only...
View ArticleNo cron resources - customisable puppet-lint check
Sometimes there are certain puppet resource types that you don’t want to include in your code base. In my case it was cron but in yours it could be the more line originated augeas or the horribly named...
View ArticleYumrepo gpgcheck puppet-lint check
The most recent in my recent series of puppet-lint plugins, theyumrepo gpgcheck enabled check, will mostly be of interest to security conscious Linux users who use ayum or dnf based package manager. In...
View ArticlePuppet-lint world writable files check
On a *nix system a world writable file is one that anyone can write to. This is often undesirable, especially in production, where who can write to certain files should be limited and enabled with...
View ArticlePuppet integration tests in (about) seven minutes
While puppet-lint and rspec-puppet (thanks to Tim Sharpe) will help ensure your Puppet code is both clean and produces what you’d expect in the compiled catalog there are times when you’ll want to go...
View ArticleSpecialising validate_re with wrapper functions in Puppet
Once your puppet code base reaches a certain size you’ll often have a number of validate_ functions testing parameters and configuration values for compliance with local rules and requirements. These...
View ArticlePuppet Lint 2.0 Upgrade
With the recentpuppet-lint 2.0 release it seemed a good time to bump the version we use at $WORK and see what’d changed. In theory it was as simple as changing the version in ourGemfile and ideally...
View Article