Version information
This version is compatible with:
- Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
- Puppet >= 4.7.0 < 6.0.0
- , , , , , , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'simp-simplib', '3.10.1'
Learn more about managing modules with a PuppetfileDocumentation
Table of Contents
- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with simplib
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Development - Guide for contributing to the module
This is a SIMP module
This module is a component of the System Integrity Management Platform, a compliance-management framework built on Puppet.
If you find any issues, they can be submitted to our JIRA.
Module Description
simp/simplib provides a standard library of resources for SIMP modules. It adds the following resources to Puppet:
- Data Types
- Custom Types and Providers
- Facts
- Functions
- Puppet Extensions
- Puppet 3 Functions
- Stages
Setup
What simplib affects
simplib contains data types, custom types and providers, facts, functions, and a class that expands Puppet Stdlib stages.
Setup Requirements
Agents will need to enable pluginsync
.
Usage
Please see reference for usage.
Full documentation can be found in the module docs
Reference
A list of things provided by simplib is below.
Please reference the doc/
directory in the top level of the repo or the code
itself for more detailed documentation.
Facts
- acpid_enabled - Return true if ACPI is available on the system
- boot_dir_uuid - Return the UUID of the partition holding the boot directory
- cmdline - Returns the contents of
/proc/cmdline
as a hash - cpuinfo - Returns the contents of
/proc/cpuinfo
as a hash - defaultgateway - Return the default gateway of the system
- defaultgatewayiface - Return the default gw interface of the system
- fips_ciphers - Returns a list of available OpenSSL ciphers
- fips_enabled - Determine whether FIPS is enabled on this system
- fullrun - Determine whether to do an intensive run
- gdm_version - Return the version of GDM that is installed
- grub_version - Return the grub version installed on the system
- init_systems - Return a list of all init systems present on the system
- ipa - Return a hash containing the IPA domain and server to which a host is connected
- ipv6_enabled - Return true if IPv6 is enabled and false if not
- login_defs - Return the contents of
/etc/login.defs
as a hash with downcased keys - prelink - Returns a hash containing prelink status
- reboot_required - Returns a hash of 'name' => 'reason' entries
- root_dir_uuid - Return the UUID of the partition holding the
/
directory - runlevel - Return the current system runlevel
- shmall - Return the value of shmall from sysctl
- simplib_sysctl - Return hash of sysctl values that are relevant to SIMP
- simp_puppet_settings - Returns a hash of all Puppet settings on a node
- tmp_mounts - This fact provides information about
/tmp
,/var/tmp
, and/dev/shm
should they be present on the system - uid_min - Return the minimum uid allowed
Functions
- simplib::assert_metadata
- simplib::deprecation
- simplib::filtered
- simplib::gen_random_password
- simplib::inspect
- simplib::ip_to_cron
- simplib::ipaddresses
- simplib::join_mount_opts
- simplib::knockout
- simplib::ldap::domain_to_dn
- simplib::lookup
- simplib::nets2cidr
- simplib::nets2ddq
- simplib::parse_hosts
- simplib::passgen
- simplib::rand_cron
- simplib::strip_ports
- simplib::to_integer
- simplib::to_string
- simplib::validate_array_member
- simplib::validate_between
- simplib::validate_bool
- simplib::validate_deep_hash
- simplib::validate_net_list
- simplib::validate_port
- simplib::validate_re_array
- simplib::validate_sysctl_value
- simplib::validate_uri_list
simplib::assert_metadata
Fails a puppet catalog compile if the client system is not compatible
with the module's metadata.json
Arguments:
module_name
module nameoptions
(Optional) Hash of behavior modifiers for the function
options
can be set globally (for all classes that use this
function) via hieradata and has the following keys:
-
enable
If set tofalse
disable all validation -
os
Options for OS validation to be done. Valid keys:-
validate
Whether to validate the OS settings -
options
OS validation options. Valid keys:-
release_match
Type of OS release matching to be done. Valid values:none
No match on minor release (default)full
Full release must matchmajor
Only the major release must match
-
-
Returns: nil
Example:
simplib::assert_metadata('mymodule')
simplib::deprecation
Function to print deprecation warnings, logging a warning once for a given key.
Messages can be enabled if the SIMPLIB_LOG_DEPRECATIONS environment variable is set to 'true'.
Arguments:
key
Uniqueness key, which is used to dedupe messagesmessage
Message to be printed, file and line info will be appended if available.
Returns: nil
Example:
simplib::deprecation('simplib::foo','simplib::foo is deprecated and will be removed in a future version')
# Writes message to log if SIMPLIB_LOG_DEPRECATIONS is true.
simplib::filtered
Hiera v5 backend that takes a list of allowed hiera key names, and only returns results from the underlying backend function that match those keys.
This allows hiera data to be delegated to end users in a multi-tenant environment, without allowing them the ability to override every hiera data point (and potentially break systems).
simplib::gen_random_password
Generates a random password string.
Terminates catalog compilation if the password cannot be created within allotted time.
Arguments:
-
length
Length of the string to return -
complexity
(Optional) The types of characters to be used in the password; valid values:0
Use only Alphanumeric characters (safest)1
Use Alphanumeric characters and reasonably safe symbols2
Use any printable ASCII characters
-
complex_only
(Optional) Use only the characters explicitly added by the complexity rules -
timeout_seconds
(Optional) Maximum time allotted to generate the password; a value of 0 disables the timeout
Returns: String
Generated password
Raises: RuntimeError
if password cannot be created within allotted
time
simplib::ipaddresses
Return an array of all IP addresses known to be associated with the client, optionally excluding local addresses.
Arguments:
only_remote
(Optional) Whether to exclude local addresses from the return value (e.g., '127.0.0.1').
Returns: Array
simplib::inspect
Prints the passed variable's Ruby type and value for debugging purposes.
This uses a Notify
resource to print the information during the
client run.
Arguments:
-
var_name
The actual name of the variable, fully scoped, as aString
. -
output_type
(Optional) The format that you wish to use to display the output during the run.- Valid values are
json
,oneline_json
andyaml
. json
andyaml
result in multi-line message content.oneline_json
results in single-line message content.
- Valid values are
Returns: nil
Example:
class my_test(
String $var1,
Hash $var2
)
{
simplib::inspect('var1')
simplib::inspect('var2')
...
}
simplib::ip_to_cron
Transforms an IP address to one or more interval values for cron
.
This can be used to avoid starting a certain cron job at the same
time on all servers.
Arguments:
-
occurs
(Optional) The occurrence within an interval, i.e., the number of values to be generated for the interval. -
max_value
(Optional) The maximum value for the interval. The values generated will be in the inclusive range [0, max_value]. -
algorithm
(Optional) Valid values areip_mod
andsha256
-
ip_mod
: The modulus of the IP number is used as the basis for the returned values. This algorithm works well to create cron job intervals for multiple hosts, when the number of hosts exceeds themax_value
and the hosts have largely, linearly- assigned IP addresses. -
sha256
: A random number generated using the IP address string is the basis for the returned values. This algorithm works well to create cron job intervals for multiple hosts, when the number of hosts is less than themax_value
or the hosts do not have linearly-assigned IP addresses.
-
-
ip
(Optional) The IP address to use as the basis for the generated values. Whennil
, theipaddress
fact (IPv4) is used.
Returns: Array[Integer]
Array of integers suitable for use in the
minute
or hour
cron field.
Examples:
Generate one value for the minute
cron interval:
simplib::ip_to_cron()
Generate 2 values for the hour
cron interval, using the 'sha256'
algorithm and a provided IP address:
simplib::ip_to_cron(2,23,'sha256','10.0.23.45')
simplib::join_mount_opts
Merge two sets of mount
options in a reasonable fashion. The second set will
always override the first.
Arguments:
system_mount_opts
System mount optionsnew_mount_opts
New mount options, which will overridesystem_mount_opts
when there are conflicts
Returns: String
simplib::knockout
Uses the knockout prefix of --
to remove elements from an array.
Arguments:
array
The array to work on
Returns: Array
Example:
array = [
'ssh',
'sudo',
'--ssh',
]
$result = simplib::knockout(array)
#
# returns $result = [ 'sudo' ]
simplib::ldap::domain_to_dn
Generates an LDAP Base DN from a domain.
Arguments:
domain
(Optional) The DNS domain name, defaults todomain
factdowncase_attributes
(Optional) Whether to downcase the LDAP attributes
Returns: String
Examples:
Generate a LDAP Base DN with uppercase attributes:
$ldap_dn = simplib::ldap::domain_to_dn('test.local')
# returns $ldap_dn = 'DC=test,DC=local'
Generate a LDAP Base DN with lowercase attributes:
$ldap_dn = simplib::ldap::domain_to_dn('test.local', true)
# returns $ldap_dn = 'dc=test,dc=local'
simplib::lookup
A function for falling back to global scope variable lookups when the
Puppet 4 lookup()
function cannot find a value.
While lookup()
will stop at the back-end data sources,
simplib::lookup()
will check the global scope first to see if the
variable has been defined.
This means that you can pre-declare a class and/or use an ENC and look up the variable whether it is declared this way or via Hiera or some other back-end.
Arguments:
param
The parameter you wish to look up.options
(Optional) Hash of options for regularlookup()
This must follow the syntax rules for the Puppetlookup( [\<NAME\>], \<OPTIONS HASH\> )
version oflookup()
. No other formats are supported!
Returns: Any
The value that is found in the system for the passed
parameter
Examples:
# No defaults
simplib::lookup('foo::bar::baz')
# With a default
simplib::lookup('foo::bar::baz', { 'default_value' => 'Banana' })
# With a typed default
simplib::lookup('foo::bar::baz', { 'default_value' => 'Banana', 'value_type' => String })
simplib::nets2cidr
Take an input list of networks and returns an equivalent Array
in
CIDR notation.
- Hostnames are passed through untouched.
- Terminates catalog compilation if any input item is not a valid network or hostname.
Arguments:
networks_list
List of 1 or more networks in a single string (separated by whitespace, commas, or semicolons) or an array of strings.
Returns Array[String]
Array of networks in CIDR notation
Example:
$foo = [ '1.2.0.0/255.255.0.0',
'2001:db8:85a3::8a2e:370:0/112',
'1.2.3.4',
'myhost.test.local' ]
$cidrs = nets2cidr($foo)
#
# returns $cidrs = [ '1.2.0.0/16',
# '2001:db8:85a3::8a2e:370:0/112',
# '1.2.3.4',
# 'myhost.test.local'
# ]
simplib::nets2ddq
Tranforms a list of networks into an equivalent array in dotted quad notation.
- CIDR networks are converted to dotted quad notation networks.
- IP addresses and hostnames are left untouched.
- Terminates catalog compilation if any input item is not a valid network or hostname.
Arguments:
networks
List of 1 or more networks in a single string (separated by whitespace, commas, or semicolons) or an array of strings.
Returns: Array[String]
Converted input
Raises: RuntimeError if any input item is not a valid network or hostname
Example:
# Convert Array input
$foo = [ '10.0.1.0/24',
'10.0.2.0/255.255.255.0',
'10.0.3.25',
'myhost' ]
$bar = simplib::nets2ddq($foo)
#
# returns $bar = [ '10.0.1.0/255.255.255.0',
# '10.0.2.0/255.255.255.0',
# '10.0.3.25',
# 'myhost' ]
simplib::parse_hosts
Convert an Array
of items that may contain port numbers or protocols
into a structured Hash
of host information.
-
Works with Hostnames as well as IPv4 and IPv6 addresses.
-
IPv6 addresses will be returned normalized with square brackets around them for clarity.
-
Terminates catalog compilation if
- A valid network or hostname cannot be extracted from all input items.
- Any input item that contains a port specifies an invalid port.
Arguments:
hosts
Array of host entries, where each entry may contain a protocol or both a protocol and port
Returns: Hash
Structured Hash of the host information
Raises: RuntimeError
if any input item that contains a port
specifies an invalid port
Example:
# Input with multiple host formats:
simplib::parse_hosts([ '1.2.3.4',
'http://1.2.3.4',
'https://1.2.3.4:443' ])
# Returns:
# {
# '1.2.3.4' => {
# :ports => ['443'],
# :protocols => {
# 'http' => [],
# 'https' => ['443']
# }
# }
# }
simplib::passgen
Generates/retrieves a random password string or its hash for a passed identifier.
- Uses
Puppet.settings[:vardir]/simp/environments/$environment/simp_autofiles/gen_passwd/
as the destination directory for password storage. - The minimum length password that this function will return is
8
characters. - Terminates catalog compilation if the password storage directory cannot be created/accessed by the Puppet user, the password cannot be created in the allotted time, or files not owned by the Puppet user are present in the password storage directory.
Arguments:
-
identifier
UniqueString
to identify the password usage. -
modifier_hash
(Optional) Hash which may contain any of the following options:-
last
Whether to return the last generated password -
length
Length of the new password -
hash
Whether to return a hash of the password, instead of the password itself. Valid values are:false
true
which is equivalent tosha256
md5
,sha256
sha512
-
complexity
The types of characters to be used in the password; valid values:0
Use only Alphanumeric characters (safest)1
Use Alphanumeric characters and reasonably safe symbols2
Use any printable ASCII characters
-
Returns: String
Password specified
Examples:
# Run simplib::passgen for the first time for an identifier. This
# generates a length 34 password, stores it, and returns it in plain text.
$password = simplib::passgen('myfavpasswd',{'length'=> 34})
# Request a password hash. Since a password already exists for this
# identifier, retrieves the existing password and returns the hash of it.
$password_hash = simplib::passgen('myfavpasswd',{ hash => 'sha256' })
simplib::rand_cron
Transforms an input string to one or more interval values for cron
.
This can be used to avoid starting a certain cron job at the same
time on all servers.
Arguments:
-
modifier
The input string to use as the basis for the generated values -
algorithm
Randomization algorithm to apply to transform the input string; valid values areip_mod
andsha256
-
ip_mod
: The modulus of the IP number is used as the basis for the returned values. This algorithm works well to create cron job intervals for multiple hosts, when the number of hosts exceeds themax_value
and the hosts have largely, linearly- assigned IP addresses. -
sha256
: A random number generated using the IP address string is the basis for the returned values. This algorithm works well to create cron job intervals for multiple hosts, when the number of hosts is less than themax_value
or the hosts do not have linearly-assigned IP addresses.
-
-
occurs
(Optional) The occurrence within an interval -
max_value
(Optional) The maximum value for the interval
Returns: Array[Integer]
Array of integers suitable for use
in the minute
or hour
cron field
Examples:
# Generate one value for the `minute` cron interval using using sha256
simplib::rand_cron('myhost.test.local','sha256')
# Generate 2 values for the `hour` cron interval, using the
# 'ip_mod' algorithm
simplib::rand_cron('10.0.6.78', 'ip_mod', 2, 23)
simplib::strip_ports
Extract list of unique hostnames and/or IP addresses from an Array
of hosts, each of which may may contain protocols and/or port numbers
Terminates catalog compilation if
- A valid network or hostname cannot be extracted from all input items.
- Any input item that contains a port specifies an invalid port.
Arguments:
hosts
Array of hosts which may contain protocols and port numbers
Returns: Array
Non-port portion of hostnames
Raises: RuntimeError
if any input item that contains a port
specifies an invalid port
Example:
$foo = ['https://mysite.net:8443',
'http://yoursite.net:8081',
'https://theirsite.com']
$bar = strip_ports($foo)
# results $bar = ['mysite.net','yoursite.net','theirsite.com']
simplib::to_integer
Converts the argument into an Integer.
Terminates catalog compilation if the argument's class
does not respond to the to_i()
Ruby method.
Arguments:
input
Item to be converted
Returns: Integer
Raises: RuntimeError
if any input
does not implement a
to_i()
method
simplib::to_string
Converts the argument into a String.
Arguments:
input
Item to be converted
Returns: String
simplib::validate_array_member
Validate that an single input is a member of another Array
or an
Array
input is a subset of another Array
.
- The comparison can optionally ignore the case of
String
elements. - Terminates catalog compilation if validation fails.
Arguments:
input
The input to find in the target array.target
The array to search.modifier
(Optional) If 'i' ignores case.
Returns: nil
Raises: RuntimeError if input
is not found in target
Examples:
# Passing:
simplib::validate_array_member('foo',['foo','bar'])
simplib::validate_array_member('foo',['FOO','BAR'],'i')
# Failing, causing compilation to abort:
simplib::validate_array_member(['foo','bar'],['FOO','BAR','BAZ'])
simplib::validate_between
Validate that the first value is between the second and third values numerically.
- The range is inclusive.
- Terminates catalog compilation if validation fails.
Arguments:
value
Value to validatemin_value
Minimum value that is validmax_value
Maximum value that is valid
Returns: nil
Raises: RuntimeError
if validation fails
Examples:
# Passing:
simplib::validate_between('-1', -3, 0)
simplib::validate_between(7, 0, 60)
simplib::validate_between(7.6, 7.1, 8.4)
# Failing, causing compilation to abort:
simplib::validate_between('-1', 0, 3)
simplib::validate_between(0, 1, 60)
simplib::validate_between(7.6, 7.7, 8.4)
simplib::validate_bool
Validate that all passed values are either true
, 'true',
false
or 'false'.
Terminates catalog compilation if validation fails.
Arguments:
values_to_validate
The value to validate.
Returns: nil
Raises: RuntimeError
if validation fails
Examples:
# Passing:
$iamtrue = true
simplib::validate_bool(true)
simplib::validate_bool("false")
simplib::validate_bool("true")
simplib::validate_bool(true, 'true', false, $iamtrue)
# Failing, causing compilation to abort:
simplib::validate_bool('True')
simplib::validate_bool('FALSE')
simplib::validate_deep_hash
Perform a deep validation on two passed Hashes
.
- All keys must be defined in the reference
Hash
that is being validated against. - Unknown keys in the
Hash
being compared will cause a failure in validation - All values in the final leaves of the 'reference 'Hash' must be a String, Boolean, or nil.
- All values in the final leaves of the
Hash
being compared must support ato_s()
method. - Terminates catalog compilation if validation fails.
Arguments:
-
reference
Reference Hash to validate against. Keys at all levels of the hash define the structure of the hash and the value at each final leaf in the hash tree contains a regular expression string, a boolean or nil for value validation:-
When the validation value is a regular expression string, the string representation of the
to_check
value (from theto_s()
method) will be compared to the regular expression contained in the reference string. -
When the validation value is a Boolean, the string representation of the
to_check
value will be compared with the string representation of the Boolean (as provided by theto_s()
method). -
When the validation value is a
nil
or 'nil', no value validation will be done for the key. -
When the
to_check
value contains anArray
of values for a key, the validation for that key will be applied to each element in that array.
-
-
to_check
Hash to validate against the reference
Returns: nil
Raises: RuntimeError
if validation fails
Examples:
# Passing:
reference = {
'foo' => {
'bar' => {
#NOTE: Use quotes for regular expressions instead of '/'
'baz' => '^\d+$',
'abc' => '^\w+$',
'def' => nil
},
'baz' => {
'qrs' => false
'xyz' => '^true|false$'
}
}
}
to_check = {
'foo' => {
'bar' => {
'baz' => ['123', 45]
'abc' => [ 'these', 'are', 'words' ],
'def' => 'Anything will work here!'
},
'baz' => {
'qrs' => false
'xyz' => true
}
}
}
simplib::validate_deep_hash(reference, to_check)
# Failing, causing compilation to abort:
reference => { 'foo' => '^\d+$' }
to_check => { 'foo' => 'abc' }
simplib::validate_deep_hash(reference, to_check)
simplib::validate_port
Validates whether each passed argument contains valid port(s).
- Each argument can be an individual string, individual integer, or an array containing strings and/or integers.
- Each port, numerically, must be in the range [1, 65535].
- Terminates catalog compilation if validation fails.
Arguments:
port_args
A port or array of ports.
Returns: nil
Raises: RuntimeError
if validation fails
Examples:
# Passing
$port = '10541'
$ports = [5555, 7777, 1, 65535]
simplib::validate_port($port)
simplib::validate_port($ports)
simplib::validate_port($port, $ports)
# Failing, causing compilation to abort:
simplib::validate_port('0')
simplib::validate_port(65536)
simplib::validate_net_list
Validate that a passed list (Array
or single String
) of networks
is filled with valid IP addresses, network addresses (CIDR notation),
or hostnames.
- Hostnames are checked per RFC 1123.
- Ports appended with a colon
:
are allowed for hostnames and individual IP addresses. - Terminates catalog compilation if validation fails.
Arguments:
net_list
1 or more network to be validated.str_match
(Optional) Stringified regular expression (regex without the//
delimiters)
Returns: nil
Raises: RuntimeError
if validation fails
Examples:
# Passing
$trusted_nets = '10.10.10.0/24'
simplib::validate_net_list($trusted_nets)
$trusted_nets = '1.2.3.5:400'
simplib::validate_net_list($trusted_nets)
$trusted_nets = 'ALL'
simplib::validate_net_list($trusted_nets,'^(%any|ALL)$')
# Failing, causing compilation to abort:
$trusted_nets = '10.10.10.0/24,1.2.3.4'
simplib::validate_net_list($trusted_nets)
$trusted_nets = 'bad stuff'
simplib::validate_net_list($trusted_nets)
simplib::validate_re_array
Perform simple validation of a String
, or Array
of Strings
,
against one or more regular expressions.
- Derived from the Puppet Labs stdlib
validate_re()
- Terminates catalog compilation if validation fails.
Arguments:
input
String to be validatedregex
Stringified regular expression (regex without the//
delimiters)err_msg
(Optional) error message to emit upon failure
Returns: nil
Raises: RuntimeError
if validation fails
Examples:
# Passing
simplib::validate_re_array('one', '^one$')
# Failing, causing compilation to abort:
simplib::validate_re_array('one', '^two')
# Failing with a custom error message
simplib::validate_re_array($::puppetversion, '^2.7',
'The $puppetversion fact value does not match 2.7')
simplib::validate_sysctl_value
Validate that the passed value is correct for the passed sysctl
key.
- If a key is not known, simply returns that the value is valid.
- Terminates catalog compilation if validation fails.
Arguments:
key
sysctl
setting whose value is to be validatedvalue
Value to be validated
Returns: nil
Raises: RuntimeError
if validation fails
simplib::validate_uri_list
Validate that a passed list (Array
or single String
) of URIs is
valid according to Ruby's URI parser.
- Caution: No scheme (protocol type) validation is done if the
scheme_list
parameter is not set. - Terminates catalog compilation if validation fails.
Arguments:
uri
URI to be validated.scheme_list
(Optional) List of schemes (protocol types) allowed for the URI.
Returns: nil
Raises: RuntimeError
if validation fails
Examples:
# Passing:
$uris = [http://foo.bar.baz:1234','ldap://my.ldap.server']
simplib::validate_uri_list($uris)
$uris = ['ldap://my.ldap.server','ldaps://my.ldap.server']
simplib::validate_uri_list($uris,['ldap','ldaps'])
Puppet Extensions
The following methods are Puppet extensions in the PuppetX::SIMP::Simplib
namespace:
PuppetX::SIMP::Simplib::hostname?
Determine whether the passed value is a valid hostname, optionally postpended with ':\<number>' or '/\<number>'.
NOTE: This returns true for an IPv4 address, as it conforms to RFC 1123.
Arguments:
obj
Input to be assessed
Returns: Boolean
false
if obj
is not comprised of ASCII
letters (upper or lower case), digits, hypens (except at the
beginning and end), and dots (except at beginning and end),
excluding an optional, trailing ':\<number>' or '/\<number>'
Examples:
# Returns true
PuppetX::SIMP::Simplib.hostname?('hostname.me.com')
PuppetX::SIMP::Simplib.hostname?('hostname.me.com:5454')
# Returns false
PuppetX::SIMP::Simplib.hostname?('-hostname.me.com')
PuppetX::SIMP::Simplib::hostname_only?
Determine whether the passed value is a valid hostname.
NOTE: This returns true for an IPv4 address, as it conforms to RFC 1123.
Arguments:
obj
Input to be assessed
Returns: Boolean
false
if obj
is not comprised of ASCII
letters (upper or lower case), digits, hypens (except at the
beginning and end), and dots (except at beginning and end)
Examples:
# Returns true
PuppetX::SIMP::Simplib.hostname_only?('hostname.me.com')
# Returns false
PuppetX::SIMP::Simplib.hostname_only?('-hostname.me.com')
PuppetX::SIMP::Simplib.hostname_only?('hostname.me.com:5454')
PuppetX::SIMP::Simplib::human_sort
Sort a list of values based on usual human sorting semantics.
Arguments:
obj
Enumerable object to be sorted
Returns: Sorted object
PuppetX::SIMP::Simplib::split_port
Split input string into a [ host, port ] pair
Arguments:
host_string
String to be split into host and port
Returns: Array[ host, port ]
Host and port pair
* Returns ``[ nil, nil ]`` if ``host_string`` is ``nil`` or
an empty string
* Returns ``[ host_string, nil ]`` if ``host_string`` is
a CIDR address or contains no port
* Port returned is a string
Examples:
PuppetX::SIMP::Simplib.split_port('myhost.name:5656')
# returns ['myhost.name','5656']
PuppetX::SIMP::Simplib.split_port['192.165.3.9']
# returns ['192.165.3.9',nil]
PuppetX::SIMP::Simplib.split_port['192.165.3.9/24']
# returns ['192.164.3.9/24',nil]
PuppetX::SIMP::Simplib.split_port('[2001:0db8:85a3:0000:0000:8a2e:0370]:'))
# returns ['[2001:0db8:85a3:0000:0000:8a2e:0370]',nil]
Puppet 3 Functions
Many of these functions have been deprecated and will be removed in
a future release. Do not use these functions in new code.
Instead, use the newer, environment-safe functions described in
Functions. Also, wherever possible, replace the existing
use of these functions with strongly-type parameters, Puppet functions,
or the newer simplib
functions.
When simplib
replacement exists for a function, it will be noted
in the function's description.
- array_include
- array_size
- array_union
- bracketize
- deep_merge
- filtered
- generate_reboot_msg
- get_ports
- h2n
- host_is_me
- inspect
- ip_is_me
- ip_to_cron
- ipaddresses
- join_mount_opts
- localuser
- mapval
- nets2cidr
- nets2ddq
- parse_hosts
- passgen
- rand_cron
- simp_version
- slice_array
- strip_ports
- to_integer
- to_string
- validate_array_member
- validate_array_of_hashes
- validate_between
- validate_bool_simp
- validate_deep_hash
- validate_float
- validate_integer
- validate_macaddress
- validate_net_list
- validate_port
- validate_re_array
- validate_sysctl_value
- validate_umask
- validate_uri_list
array_include
Determine if the first passed array contains the contents of another array or string.
Example:
$arr_x = [ 'foo', 'bar' ]
$arr_y = [ 'foo', 'baz', 'bar' ]
if array_include($arr_x, $arr_y) {
notice('this will be printed')
}
if array_include($arr_x, 'bar') {
notice('this will be printed')
}
if array_include($arr_x, 'baz') {
notice('this will not be printed')
}
Returns: boolean
array_size
Returns the number of elements in an array. If a string is passed, simply returns '1'.
This is in contrast to the Puppet Labs stdlib 'size' function which returns the size of an array or the length of a string when called.
Returns: integer
array_union
Return the union of two arrays.
Example:
$arr_x = ['1','2']
$arr_y = ['2','3','4']
$res = array_union($arr_x, $arr_y)
$res contains: ['1','2','3','4']
Returns: array
bracketize
Add brackets to IP addresses and arrays of IP addresses based on the rules for bracketing IPv6 addresses. Ignore anything that doesn't look like an IPv6 address.
Returns: string
or array
deep_merge
Perform a deep merge on two passed hashes.
This code is shamelessly stolen from the guts of ActiveSupport::CoreExtensions::Hash::DeepMerge and munged together with the Puppet Labs stdlib 'merge' function.
Returns: hash
filtered
This function is deprecated and has been replaced by simplib::filtered.
data_hash variant
Hiera v5 backend that takes a list of allowed hiera key names, and only returns results from the underlying backend function that match those keys.
This allows hiera data to be delegated to end users in a multi-tenant environment without allowing them the ability to override every hiera data point (and potentially break systems)
Usage:
---
version: 5 # Specific version of hiera we are using, required for v4 and v5
defaults: # Used for any hierarchy level that omits these keys.
datadir: "data" # This path is relative to hiera.yaml's directory.
data_hash: "yaml_data" # Use the built-in YAML backend.
hierarchy: # Each hierarchy consists of multiple levels
- name: "OSFamily"
path: "osfamily/%{facts.osfamily}.yaml"
- name: "datamodules"
data_hash: simplib::filtered
datadir: "delegated-data"
paths:
- "%{facts.sitename}/osfamily/%{facts.osfamily}.yaml"
- "%{facts.sitename}/os/%{facts.operatingsystem}.yaml"
- "%{facts.sitename}/host/%{facts.fqdn}.yaml"
- "%{facts.sitename}/common.yaml"
options:
function: yaml_data
filter:
- profiles::ntp::servers
- profiles::.*
- name: "Common"
path: "common.yaml"
Returns: hash
generate_reboot_msg
Generate a reboot message from a passed hash.
Requires a hash of the following form:
{
'id' => 'reason',
'id2' => 'reason2',
...
}
Will return a message such as:
A system reboot is required due to:
id => reason
id2 => reason2
Returns: hash
get_ports
Take an array of items that may contain port numbers and appropriately return the port portion. Works with hostnames, IPv4, and IPv6.
$foo = ['https://mysite.net:8443','http://yoursite.net:8081']
$bar = strip_ports($foo)
$bar contains: ['8443','8081']
Returns: array
h2n
Return an IP address for the passed hostname.
Returns: string
host_is_me
Detect if a local system identifier Hostname/IP address is contained in the passed whitespace delimited list. Whitespace and comma delimiters and passed arrays are accepted. 127.0.0.1 and ::1 are never matched, use 'localhost' or 'localhost6' for that if necessary.
Returns: boolean
inspect
This function is deprecated and has been replaced by simplib::inspect.
Prints out Puppet warning messages that displays the contents of the passed variable.
This is mainly meant for debugging purposes.
ipaddresses
This function is deprecated and has been replaced by simplib::ipaddresses.
Return an array of all IP addresses known to be associated with the client. If an argument is passed, and is not false, then only return non-local addresses.
Returns: array
ip_is_me
Detect if an IP address is contained in the passed whitespace delimited list.
Returns: boolean
ip_to_cron
This function is deprecated and has been replaced by simplib::ip_to_cron.
Provides a "random" value to cron based on the passed integer value. Used to avoid starting a certain cron job at the same time on all servers. If used with no parameters, it will return a single value between 0-59. first argument is the occurrence within a timeframe, for example if you want it to run 2 times per hour the second argument is the timeframe, by default its 60 minutes, but it could also be 24 hours etc
Pulled from: http://projects.puppetlabs.com/projects/puppet/wiki/Cron_Patterns/8/diff Author: ohadlevy@gmail.com License: None
Example:
ip_to_cron() - returns one value between 0..59
ip_to_cron(2) - returns an array of two values between 0..59
ip_to_cron(2,24) - returns an array of two values between 0..23
Returns: integer
or array
join_mount_opts
This function is deprecated and has been replaced by simplib::join_mount_opts.
Merge two sets of 'mount' options in a reasonable fashion. The second set will always override the first.
Returns: string
localuser
Pull a pre-set password from a password list and return an array of user details associated with the passed hostname.
If the password starts with the string '\$1\$' and the length is 34 characters, then it will be assumed to be an MD5 hash to be directly applied to the system.
If the password is in plain text form, then it will be hashed and stored back into the source file for future use. The plain text version will be commented out in the file.
Arguments:
filename
Path to the file containing the local usershostname
Host that you are trying to match against
Returns: array
mapval
Pull a mapped value from a text file. Must provide a Ruby regex!.
Returns: string
nets2cidr
This function is deprecated and has been replaced by simplib::nets2cidr.
Convert an array of networks into CIDR notation
Returns: array
nets2ddq
This function is deprecated and has been replaced by simplib::nets2ddq.
Convert an array of networks into dotted quad notation
Returns: array
parse_hosts
This function is deprecated and has been replaced by simplib::parse_hosts.
Take an array of items that may contain port numbers or protocols and return the host information, ports, and protocols. Works with hostnames, IPv4, and IPv6.
Example:
parse_hosts([ '1.2.3.4', '<http://1.2.3.4>', '<https://1.2.3.4:443>' ])
Returns: '1.2.3.4' => {
ports => ['443'],
protocols => {
'http' => [],
'https' => ['443']
}
}
NOTE
IPv6 addresses will be returned normalized with square brackets
Returns: hash
passgen
This function is deprecated and has been replaced by simplib::passgen.
Generates a random password string for a passed identifier. Uses Puppet[:environmentpath]/\$environment/simp_autofiles/gen_passwd/ as the destination directory.
The minimum length password that this function will return is 6
characters.
Arguments: identifier, <modifier hash>; in that order.
<modifier hash> may contain any of the following options:
- 'last' => false(*) or true
* Return the last generated password
- 'length' => Integer
* Length of the new password
- 'hash' => false(*), true, md5, sha256 (true), sha512
* Return a hash of the password instead of the password itself.
- 'complexity' => 0(*), 1, 2
* 0 => Use only Alphanumeric characters in your password (safest) 1 =>
* Add reasonably safe symbols 2 => Printable ASCII
If no, or an invalid, second argument is provided then it will return the
currently stored string.
Returns: string
rand_cron
This function is deprecated and has been replaced by simplib::rand_cron.
Provides a "random" value to cron based on the passed integer value. Used to avoid starting a certain cron job at the same time on all servers. If used with no parameters, it will return a single value between 0-59 first argument is the occurrence within a timeframe, for example if you want it to run 2 times per hour the second argument is the timeframe, by default its 60 minutes, but it could also be 24 hours etc
Based on: http://projects.puppetlabs.com/projects/puppet/wiki/Cron_Patterns/8/diff Author: ohadlevy@gmail.com License: None Posted
Example:
int_to_cron('100') - returns one value between 0..59 based on the value 100
int_to_cron(100,2) - returns an array of two values between 0..59 based on the value 100
int_to_cron(100,2,24) - returns an array of two values between 0..23 based on the value 100
Returns: integer
or array
simp_version
Return the version of SIMP that this server is running.
Returns: string
slice_array
Split an array into an array of arrays that contain groupings of 'max_length' size. This is similar to 'each_slice' in newer versions of Ruby.
* Options *
to_slice => The array to slice. This will be flattened if necessary.
max_length => The maximum length of each slice.
split_char => An optional character upon which to count sub-elements
as multiples. Only one per subelement is supported.
Returns: array of arrays
strip_ports
This function is deprecated and has been replaced by simplib::strip_ports.
Take an array of items that may contain port numbers and appropriately return the non-port portion. Works with hostnames, IPv4, and IPv6.
$foo = ['https://mysite.net:8443',
'http://yoursite.net:8081',
'https://theirsite.com']
$bar = strip_ports($foo)
$bar contains: ['https://mysite.net','http://yoursite.net','theirsite.com']
Returns: array
to_integer
This function is deprecated and has been replaced by simplib::to_integer.
Converts the argument into an Integer.
Only works if the passed argument responds to the to_i()
Ruby method.
Returns: integer
to_string
This function is deprecated and has been replaced by simplib::to_string.
Converts the argument into a String.
Only works if the passed argument responds to the to_s()
Ruby method.
Returns: string
validate_array_of_hashes
Validate that the passed argument is either an empty array or an array that only contains hashes.
Examples:
validate_array_of_hashes([{'foo' => 'bar'}]) # => OK
validate_array_of_hashes([]) # => OK
validate_array_of_hashes(['FOO','BAR']) # => BAD
Returns: boolean
validate_array_member
This function is deprecated and has been replaced by simplib::validate_array_member
Validate that the first string (or array) passed is a member of the second array passed. An optional third argument of i can be passed, which ignores the case of the objects inside the array.
Examples:
validate_array_member('foo',['foo','bar']) # => true
validate_array_member('foo',['FOO','BAR']) # => false
#Optional 'i' as third object, ignoring case of FOO and BAR#
validate_array_member('foo',['FOO','BAR'],'i') # => true
Returns: boolean
validate_between
This function is deprecated and has been replaced by simplib::validate_between
Validate that the first value is between the second and third values numerically.
This is a pure Ruby comparison, not a human comparison.
Returns: boolean
validate_bool_simp
This function is deprecated and has been replaced by simplib::validate_bool
Validate that all passed values are either true or false. Abort catalog compilation if any value fails this check.
Modified from the stdlib validate_bool to handle the strings 'true' and 'false'.
The following values will pass:
$iamtrue = true
validate_bool(true)
validate_bool("false")
validate_bool("true")
validate_bool(true, 'true', false, $iamtrue)
The following values will fail, causing compilation to abort:
$some_array = [ true ]
validate_bool($some_array)
Returns: boolean
validate_deep_hash
This function is deprecated and has been replaced by simplib::validate_deep_hash
Perform a deep validation on two passed hashes.
The first hash is the one to validate against, and the second is the one being validated. The first hash (i.e. the source) exists to define a valid structure and potential regular expression to validate against, or to skip an entry. Arrays of values will match each entry to the given regular expression. Below are examples of a source hash and a hash to compare against it:
'source' = {
'foo' => {
'bar' => {
#NOTE: Use single quotes for regular expressions
'baz' => '^\d+$',
'abc' => '^\w+$',
'def' => nil #NOTE: not 'nil' in quotes
},
'baz' => {
'xyz' => '^true|false$'
}
}
}
'to_check' = {
'foo' => {
'bar' => {
'baz' => '123',
'abc' => [ 'these', 'are', 'words' ],
'def' => 'Anything will work here!'
},
'baz' => {
'xyz' => 'false'
}
}
This fails because we expect the value of 'foo' to be a series of digits, not letters.
Additionally, all keys must be defined in the source hash that is being validated against. Unknown keys in the hash being compared will cause a
Returns: boolean
validate_float
Validates whether the passed argument is a float.
Returns: boolean
validate_integer
Validates whether the passed argument is an integer.
Returns: boolean
validate_macaddress
This function is deprecated and has been replaced by
Simplib::Macaddress
data type.
Validate that all passed values are valid MAC addresses.
The following values will pass:
$macaddress = 'CA:FE:BE:EF:00:11'
validate_macaddress($macaddress)
validate_macaddress($macaddress,'00:11:22:33:44:55')
validate_macaddress([$macaddress,'00:11:22:33:44:55'])
Returns: boolean
validate_port
This function is deprecated and has been replaced by simplib::validate_port
Validates whether the passed argument is a valid port (i.e. between 1 - 65535).
The following values will pass:
$port = '10541'
$ports = ['5555', '7777', '1', '65535']
validate_port($port)
validate_port($ports)
validate_port('11', '22')
The following values will not pass:
validate_port('0')
validate_port('65536')
Returns: boolean
validate_net_list
This function is deprecated and has been replaced by simplib::validate_net_list
Validate that a passed list (Array or single String) of networks is filled with valid IP addresses or hostnames. Hostnames are checked per RFC 1123. Ports appended with a colon (:) are allowed.
There is a second, optional argument that is a regex of strings that should be ignored from the list. Omit the beginning and ending '/' delimiters.
The following values will pass:
$trusted_nets = ['10.10.10.0/24','1.2.3.4','1.3.4.5:400']
validate_net_list($trusted_nets)
$trusted_nets = '10.10.10.0/24'
validate_net_list($trusted_nets)
$trusted_nets = ['10.10.10.0/24','1.2.3.4','any','ALL']
validate_net_list($trusted_nets,'^(any|ALL)$')
The following values will fail:
$trusted_nets = '10.10.10.0/24,1.2.3.4'
validate_net_list($trusted_nets)
$trusted_nets = 'bad stuff'
validate_net_list($trusted_nets)
Returns: boolean
validate_re_array
This function is deprecated and has been replaced by simplib::validate_re_array
Perform simple validation of a string, or array of strings, against one or more regular expressions. The first argument of this function should be a string to test, and the second argument should be a stringified regular expression (without the // delimiters) or an array of regular expressions. If none of the regular expressions match the string passed in, compilation will abort with a parse error.
If a third argument is specified, this will be the error message raised and seen by the user.
The following strings will validate against the regular expressions:
validate_re_array('one', '^one$')
validate_re_array('one', [ '^one','^two' ])
validate_re_array(['one','two'], [ '^one', '^two' ])
The following strings will fail to validate, causing compilation to abort:
validate_re_array('one', [ '^two', '^three' ])
A helpful error message can be returned like this:
validate_re_array($::puppetversion, '^2.7', 'The $puppetversion fact
value does not match 2.7')
Returns: boolean
validate_sysctl_value
This function is deprecated and has been replaced by simplib::validate_sysctl_value
Validate that the passed value is correct for the passed sysctl key.
If a key is not know, simply returns that the value is valid.
Example:
Returns: boolean
validate_umask
This function is deprecated and has been replaced by
Simplib::Umask
data type.
Validate that the passed value is a valid umask string.
Examples:
$val = '0077' validate_umask($val) # => OK
$val = '0078' validate_umask($val) # => BAD
Returns: boolean
validate_uri_list
This function is deprecated and has been replaced by simplib::validate_uri_list
Usage: validate_uri_list([LIST],[])
Validate that a passed list (Array or single String) of URIs is valid according to Ruby's URI parser.
The following values will pass:
$uris = [http://foo.bar.baz:1234','ldap://my.ldap.server']
validate_uri_list($uris)
$uris = ['ldap://my.ldap.server','ldaps://my.ldap.server']
validate_uri_list($uris,['ldap','ldaps'])
Returns: boolean
Types
ftpusers
Adds all system users to the named file, preserving any other entries currently in the file.
Example:
# This will add all users in /etc/passwd with uid < 500
# and 'nobody' and 'jim' to the file '/etc/ftpusers'
#
ftpusers { '/etc/ftpusers':
min_id => 500,
always_deny => ['nobody', 'jim'],
require => File['/etc/ftpusers']
}
init_ulimit
This type is for systems that do not support systemd
.
Updates the ulimit
settings in init scripts.
Examples:
# limit long name
init_ulimit { 'rsyslog':
ensure => 'present',
limit_type => 'both'
item => 'max_open_files',
value => 'unlimited'
}
# limit short name
init_ulimit { 'rsyslog':
item => 'n',
value => 'unlimited'
}
prepend_file_line
Prepends a whole line to a file, if the file does not already contain the line.
Example:
file_prepend_line { 'sudo_rule':
path => '/etc/sudoers',
line => '%admin ALL=(ALL) ALL',
}
reboot_notify
Notifies users when a system reboot is required.
- This type creates a file with contents that provide a summary of the reasons why the system requires a reboot.
- This type will only register entries on refresh. Any other use of the type will not report the necessary reboot.
- A reboot notification will be printed at each Puppet run until the system is successfully rebooted
Examples:
reboot_notify { 'selinux':
reason => 'A reboot is required to completely modify selinux state',
subscribe => Selinux_state['set_selinux_state']
}
runlevel
Changes the system runlevel by re-evaluating the inittab
or systemd
link.
Examples:
# Set the current level and the default level to mulit-user
runlevel { '3': persist => true, }
# Set the current level to graphical
runlevel { 'graphical':
persist => false
}
script_umask
Alters the umask settings in the passed file, if a umask line exists.
Examples:
script_umask { '/usr/local/myscript.sh':
umask => 077
}
simp_file_line
Ensures that a given line is contained within a file. The implementation matches the full line, including whitespace at the beginning and end. If the line is not contained in the given file, Puppet will add the line to ensure the desired state. Multiple resources may be declared to manage multiple lines in the same file.
This is an enhancement to the stdlib file_line
that allows for the
following additional options:
prepend
Whether to prepend the line instead of appending it, if not using thematch
option.deconflict
Whether to not execute if there is a file resource that already manipulates the content of the target file.
Examples:
# This will add both lines to /etc/sudoers
simp_file_line { 'sudo_rule':
path => '/etc/sudoers',
line => '%sudo ALL=(ALL) ALL',
}
simp_file_line { 'sudo_rule_nopw':
path => '/etc/sudoers',
line => '%sudonopw ALL=(ALL) NOPASSWD: ALL',
}
# This will not add the line
file { '/tmp/myfile':
content => 'junk content',
}
simp_file_line { 'junk':
path => '/tmp/myfile',
line => 'What a beautiful day'
}
# This will add the line
file { '/tmp/myfile':
content => 'junk content',
replace => false
}
simp_file_line { 'junk':
path => '/tmp/myfile',
line => 'What a beautiful day'
}
Data Types
The following Puppet 4 compatible Data Types have been added for convenience and validation across the SIMP code base.
-
Simplib::Domain
- Valid DNS domain names (RFC 3696, Section 2). Examples:
example.com
- Valid DNS domain names (RFC 3696, Section 2). Examples:
-
Simplib::Domainlist
- List of valid domains (RFC 3696, Section 2)
-
Simplib::EmailAddress
- Simple e-mail address validator. Examples:
foo@bar.com
- Simple e-mail address validator. Examples:
-
Simplib::Host
- A single Host or an IP Address. Examples:
1.2.3.4
my-host.com
- A single Host or an IP Address. Examples:
-
Simplib::Host::Port
- A single Host or an IP Address with a Port. Examples:
1.2.3.4:80
my-host.com:443
- A single Host or an IP Address with a Port. Examples:
-
Simplib::Hostname
- A hostname, Unicode hostnames are not currently supported.
Examples:
my-host.com
aa.bb
- A hostname, Unicode hostnames are not currently supported.
Examples:
-
Simplib::Hostname::Port
- A single Hostname with a Port. Examples:
my-host.com:443
- A single Hostname with a Port. Examples:
-
Simplib::IP
- An IP Address. Examples:
1.2.3.4
2001:0db8:85a3:0000:0000:8a2e:0370:7334
- An IP Address. Examples:
-
Simplib::IP::CIDR
- An IPv4 or IPv6 Address with a CIDR Subnet. Examples:
1.2.3.4/24
2001:0db8:85a3:0000:0000:8a2e:0370:7334/96
- An IPv4 or IPv6 Address with a CIDR Subnet. Examples:
-
Simplib::IP::Port
- An IP Address (V4 or V6) with a Port. Examples:
1.2.3.4:80
[2001:db8:85a3:8d3:1319:8a2e:370:7348]:443
- An IP Address (V4 or V6) with a Port. Examples:
-
Simplib::IP::V4
- An IPv4 Address. Examples:
1.2.3.4
- An IPv4 Address. Examples:
-
Simplib::IP::V4::CIDR
- An IPv4 Address with a CIDR Subnet. Examples:
1.2.3.4/24
- An IPv4 Address with a CIDR Subnet. Examples:
-
Simplib::IP::V4::DDQ
- An IPv4 Address with a Dotted Quad Subnet. Examples:
1.2.3.4/255.255.0.0
- An IPv4 Address with a Dotted Quad Subnet. Examples:
-
Simplib::IP::V4::Port
- An IPv4 Address with an attached Port. Examples:
1.2.3.4:443
- An IPv4 Address with an attached Port. Examples:
-
Simplib::IP::V6
- An IPv6 Address. Examples:
::1
2001:0db8:85a3:0000:0000:8a2e:0370:7334
[::1]
[2001:0db8:85a3:0000:0000:8a2e:0370:7334]
- An IPv6 Address. Examples:
-
Simplib::IP::V6::Base
- A regular IPv6 Address. Examples:
::1
2001:0db8:85a3:0000:0000:8a2e:0370:7334
- A regular IPv6 Address. Examples:
-
Simplib::IP::V6::Bracketed
- A bracketed IPv6 Address. Examples:
[::1]
[2001:0db8:85a3:0000:0000:8a2e:0370:7334]
- A bracketed IPv6 Address. Examples:
-
Simplib::IP::V6::CIDR
- An IPv6 address with a CIDR subnet. Examples:
2001:0db8:85a3:0000:0000:8a2e:0370:7334/96
- An IPv6 address with a CIDR subnet. Examples:
-
Simplib::IP::V6::Port
- An IPv6 address with an attached Port. Examples:
[2001:0db8:85a3:0000:0000:8a2e:0370:7334]:443
- An IPv6 address with an attached Port. Examples:
-
Simplib::Macaddress
- A MAC address. Examples:
CA:FE:BE:EF:00:11
ca:fe:be:ef:00:11
- A MAC address. Examples:
-
Simplib::Netlist
- An Array of network-relevant entries
- Hostname
- IPv4
- IPv4 with Subnet
- IPv4 with Port
- IPv6
- IPv4 with Subnet
- IPv4 with Port
- An Array of network-relevant entries
-
Simplib::Netlist::Host
- An Array of Hosts
- Hostname
- IPv4
- IPv6
- An Array of Hosts
-
Simplib::Netlist::IP
- An Array of IP Addresses
- IPv4
- IPv6
- An Array of IP Addresses
-
Simplib::Netlist::IP::V4
- An Array of IPv4 Addresses
-
Simplib::Netlist::IP::V6
- An Array of IPv6 Addresses
-
Simplib::Netlist::Port
- An Array of Hosts with Ports
-
Simplib::PackageEnsure
- Valid
ensure
values for aPackage
resource. Examples:absent
latest
- Valid
-
Simplib::Port
- A Port Number
-
Simplib::Port::Dynamic
- Port in the unprivileged port range [49152, 65535]
-
Simplib::Port::Random
- Port
0
which has different behaviors but usually binds to a random port
- Port
-
Simplib::Port::System
- Port in the system privileged port range [1, 1024]
-
Simplib::Port::User
- Port available to users in the unprivileged port ranges [1025, 49151] and [49153, 65534]
-
Simplib::Puppet::Metadata::OS_support
- The 'operating_support' data structure in a Puppet module's
metadata.json
- The 'operating_support' data structure in a Puppet module's
-
Simplib::Serverdistribution
- Valid options for a Puppet server distribution
PC1
PE
- Valid options for a Puppet server distribution
-
Simplib::Syslog::CFacility
- A syslog log facility, in the form expected by
syslog(3)
. Examples:LOG_KERN
LOG_LOCAL6
- A syslog log facility, in the form expected by
-
Simplib::Syslog::CPriority
- A syslog log priority, in the form expected by
syslog(3)
. Examples:LOG_KERN.LOG_INFO
LOG_LOCAL6.LOG_WARNING
- A syslog log priority, in the form expected by
-
Simplib::Syslog::CSeverity
- A syslog log severity, in the form expected by
syslog(3)
. Examples:LOG_INFO
LOG_WARNING
- A syslog log severity, in the form expected by
-
Simplib::Syslog::Facility
- A syslog log facility, in either all uppercase or all lowercase..
Examples:
kern
local6
LOCAL6
- A syslog log facility, in either all uppercase or all lowercase..
Examples:
-
Simplib::Syslog::LowerFacility
- A syslog log facility, in all lowercase. Examples:
auth
local4
- A syslog log facility, in all lowercase. Examples:
-
Simplib::Syslog::UpperFacility
- A syslog log facility, in all uppercase. Examples:
MAIL
LOCAL7
- A syslog log facility, in all uppercase. Examples:
-
Simplib::Syslog::Severity
- A syslog severity level, in either all uppercase or all lowercase.
Examples:
info
WARNING
- A syslog severity level, in either all uppercase or all lowercase.
Examples:
-
Simplib::Syslog::LowerSeverity
- A syslog severity level, in all lowercase. Examples:
info
emerg
- A syslog severity level, in all lowercase. Examples:
-
Simplib::Syslog::UpperSeverity
- A syslog severity level, in all uppercase. Examples:
DEBUG
WARNING
- A syslog severity level, in all uppercase. Examples:
-
Simplib::Syslog::Priority
- A syslog priority destination, in format 'facility.severity' and
in either all uppercase or all lowercase. This type only accepts
the keyword facilities and severities. Examples:
mail.info
KERN.EMERG
- A syslog priority destination, in format 'facility.severity' and
in either all uppercase or all lowercase. This type only accepts
the keyword facilities and severities. Examples:
-
Simplib::Syslog::LowerPriority
- A syslog priority destination, in format 'facility.severity' and
in only all lowercase. This type only accepts the keyword
facilities and severities. Examples:
mail.info
user.err
- A syslog priority destination, in format 'facility.severity' and
in only all lowercase. This type only accepts the keyword
facilities and severities. Examples:
-
Simplib::Syslog::UpperPriority
- A syslog priority destination, in format 'facility.severity' and
in only all uppercase. This type only accepts the keyword
facilities and severities. Examples:
SYSLOG.WARNING
AUTHPRIV.INFO
- A syslog priority destination, in format 'facility.severity' and
in only all uppercase. This type only accepts the keyword
facilities and severities. Examples:
-
Simplib::Umask
- A valid Umask
-
Simplib::URI
- A valid URI string (lightly sanity checked)
Stages
simplib::stages
are added to ensure that anyone using the stdlib
stages are not
tripped up by any SIMP modules that may enable, or disable, various system,
components; particularly ones that require a reboot.
Added Stages:
simp_prep
-> Comes beforestdlib
'ssetup
stagesimp_finalize
-> Comes afterstdlib
'sdeploy
stage
Development
Please read our Contribution Guide and visit our Developer Wiki
If you find any issues, they can be submitted to our JIRA.
Reference
Table of Contents
Classes
simplib::reboot_notify
: This is a simple controller class for global settings related to the 'reboot_notify' custom typesimplib::stages
: This class expands on the Puppet Stdlib stages to add a few levels that we found necessary when developing various SIMP modules that had glob
Defined types
simplib::install
: Manage packages based on Hash input This has been created as a Defined Type so that it can be properly referenced in manifest ordering
Resource types
ftpusers
: Adds all system users to the named file, preserving any other entries currently in the file.init_ulimit
: Please use thesystemd
module for systems that supportsystemd
Updateulimit
settings in init scripts. The resource name does hprepend_file_line
: Type that can prepend whole a line to a file if it does not already contain it. Example: file_prepend_line { 'sudo_rule': path => '/etc/sreboot_notify
: Notifies users when a system reboot is required. This type creates a file at $target the contents of which provide a summary of the reasonsrunlevel
: Changes the system runlevel by re-evaluating the inittab or systemd link. Arguments: name - the runlevel to evaluate for the system persiscript_umask
: Alters the umask settings in the passed file.simp_file_line
: Ensures that a given line is contained within a file. The implementation matches the full line, including whitespace at the beginning and en
Functions
array_include
: Determine if the first passed array contains the contents of another array or string.array_size
: Returns the number of elements in anArray
. If aString
is passed, simply returns1
. This is in contrast to the Puppet Labsstdlib
array_union
: Return the union of twoArrays
.bracketize
: Add brackets to IP addresses andArrays
of IP addresses based on the rules for bracketing IPv6 addresses. Ignore anything that does not lodeep_merge
: Perform a deep merge on two passedHashes
. This code is shamelessly stolen from the guts of `ActiveSupport::CoreExtensions::Hash::DeepMerggenerate_reboot_msg
: Generate a reboot message from a passedHash
. Requires aHash
of the following form: ``ruby { 'id' => 'reason', 'id2' => 'reason2'get_ports
: Take anArray
of items that may containport
numbers and appropriately return theport
portion. Works with hostnames, IPv4, and IPv6.h2n
: Takes a singlehostname
and returns the associated IP address if it can determine it. If it cannot be determined, simply returns the passehost_is_me
: Detect if a local system identifier Hostname/IP address is contained in the passed whitespace delimited list. Whitespace and comma delimiterinspect
: Prints out Puppet warning messages that display the passed variable. This is mainly meant for debugging purposes.ip_is_me
: Detect if an IP address is contained in the passed whitespace delimitedString
.ip_to_cron
: Provides a "random" value tocron
based on the passedInteger
value. Used to avoid starting a certain cron job at the same time on all sipaddresses
: Return anArray
of all IP addresses known to be associated with the client. If an argument is passed, and is notfalse
, then only returnjoin_mount_opts
: Merge two sets ofmount
options in a reasonable fashion. The second set will always override the first.localuser
: Pull a pre-set password from a password list and return anarray
of user details associated with the passed hostname. If the password starmapval
: This function pulls a mapped value from a text file with the format:<key> | <value>
Only the last value matched will be returnednets2cidr
: Take an inputArray
of networks and returns an equivalentArray
in CIDR notation. It can also accept aString
separated by spaces, comnets2ddq
: Take an inputArray
of networks and returns an equivalentArray
in Dotted Quad notation. It can also accept aString
separated by spacparse_hosts
: Take anArray
of items that may contain port numbers or protocols and return the host information, ports, and protocols. Works with Hostnapassgen
: Generates a random password string for a passed identifier. UsesPuppet[:vardir]/simp/environments/$environment/simp_autofiles/gen_passwd/
rand_cron
: Provides a 'random' value tocron
based on the passedInteger
value. Used to avoid starting a certaincron
job at the same time on allsimp_version
: Return the version of SIMP that this server is runningsimplib::assert_metadata
: Fails a compile if the client system is not compatible with the module'smetadata.json
simplib::deprecation
: Function to print deprecation warnings, logging a warning once for a given key. Messages can be enabled if the SIMPLIB_LOG_DEPRECATIONS envisimplib::filtered
: Hiera v5 backend that takes a list of allowed hiera key names, and only returns results from the underlying backend function that match thosesimplib::gen_random_password
: Generates a random password string. Terminates catalog compilation if the password cannot be created in the allotted time.simplib::hash_to_opts
: Turn a hash into a options string, for use in a shell commandsimplib::inspect
: Prints the passed variable's Ruby type and value for debugging purposes This uses aNotify
resource to print the information during thesimplib::ip_to_cron
: Transforms an IP address to one or more interval values forcron
. This can be used to avoid starting a certain cron job at the same timesimplib::ipaddresses
: Return anArray
of all IP addresses known to be associated with the client, optionally excluding local addresses.simplib::join_mount_opts
: Merge two sets ofmount
options in a reasonable fashion, giving precedence to the second set.simplib::knockout
: uses the knockout prefix of '--' to remove elements from an array.simplib::ldap::domain_to_dn
: Generates a LDAP Base DN from a domainsimplib::lookup
: A function for falling back to global scope variable lookups when the Puppet 4lookup()
function cannot find a value. Whilelookup()
simplib::mock_data
: A mock data functionsimplib::module_exist
: Determines if a module exists in the current environmentsimplib::nets2cidr
: Take an input list of networks and returns an equivalentArray
in CIDR notation. Hostnames are passed through untouched. Terminates casimplib::nets2ddq
: Tranforms a list of networks into an equivalent array in dotted quad notation. * CIDR networks are converted to dotted quad notation networksimplib::parse_hosts
: Convert anArray
of items that may contain port numbers or protocols into a structuredHash
of host information. * Works with Hostnamessimplib::passgen
: Generates/retrieves a random password string or its hash for a passed identifier. * Uses `Puppet.settings[:vardir]/simp/environments/$envirosimplib::rand_cron
: Transforms an input string to one or more interval values forcron
. This can be used to avoid starting a certain cron job at the same timsimplib::strip_ports
: Extract list of unique hostnames and/or IP addresses from anArray
of hosts, each of which may may contain protocols and/or port numbers Tsimplib::to_integer
: Converts the argument into anInteger
. Terminates catalog compilation if the argument's class does not respond to theto_i()
Ruby methodsimplib::to_string
: Converts the argument into aString
.simplib::validate_array_member
: Validate that an single input is a member of anotherArray
or anArray
input is a subset of anotherArray
. * The comparison can optionsimplib::validate_between
: Validate that the first value is between the second and third values numerically. The range is inclusive. Terminates catalog compilation ifsimplib::validate_bool
: Validate that all passed values are eithertrue
, 'true',false
or 'false'. Terminates catalog compilation if validation fails.simplib::validate_deep_hash
: Perform a deep validation on two passedHashes
. All keys must be defined in the referenceHash
that is being validated against. Unsimplib::validate_net_list
: Validate that a passed list (Array
or singleString
) of networks is filled with valid IP addresses, network addresses (CIDR notation), orsimplib::validate_port
: Validates whether each passed argument contains valid port(s). * Each element of each argument must, numerically, be in the range [1, 6553simplib::validate_re_array
: Perform simple validation of aString
, orArray
ofStrings
, against one or more regular expressions. * Derived from the Puppet Labs stsimplib::validate_sysctl_value
: Validate that the passed value is correct for the passedsysctl
key. If a key is not known, assumes the value is valid. Terminates catsimplib::validate_uri_list
: Validate that a passed list (Array
or singleString
) of URIs is valid according to Ruby's URI parser. * Caution: No scheme (protocolsimplib_deprecation
: Function to print deprecation warnings for 3.X functions. The first argument is the uniqueness key, which allows deduping of messages. The seslice_array
: Split anArray
into an array of arrays that contain groupings ofmax_length
size. This is similar toeach_slice
in newer versions of Rustrip_ports
: Take anArray
of items that may contain port numbers and appropriately return the non-port portion. Works with hostnames, IPv4, and IPv6.to_integer
: Converts the argument into anInteger
. Only works if the passed argument responds to theto_i()
Ruby method.to_string
: Converts the argument into aString
. Only works if the passed argument responds to theto_s()
Ruby method.validate_array_member
: Validate that the firstString
(orArray
) passed is a member of the secondArray
passed. An optional third argument of i can be passed,validate_array_of_hashes
: Validate that the passed argument is either an emptyArray
or anArray
that only containsHashes
.validate_between
: Validate that the first value is between the second and third values numerically. This is a pure Ruby comparison, not a human comparisonvalidate_bool_simp
: Validate that all passed values are eithertrue
orfalse
. Abort catalog compilation if any value fails this check. Modified from the stvalidate_deep_hash
: Perform a deep validation on two passedHashes
. The firstHash
is the one to validate against, and the second is the one being validatedvalidate_float
: Validates whether or not the passed argument is a floatvalidate_integer
: Validates that the passed argument is anInteger
.validate_macaddress
: Validate that all passed values are valid MAC addresses.validate_net_list
: Validate that a passed list (Array
or singleString
) of networks is filled with valid IP addresses or hostnames. Hostnames are checked pevalidate_port
: Validates whether or not the passed argument is a valid port (i.e. between1
-65535
).validate_re_array
: Perform simple validation of aString
, orArray
ofStrings
, against one or more regular expressions. The first argument of this functiovalidate_sysctl_value
: Validate that the passed value is correct for the passedsysctl
key. If a key is not known, simply returns that the value is valid.validate_umask
: Validate that the passedString
is a validumask
validate_uri_list
: Usage: validate_uri_list([LIST],[<VALID_SCHEMES>]) Validate that a passed list (Array
or singleString
) of URIs is valid according to Ru
Classes
simplib::reboot_notify
This is a simple controller class for global settings related to the 'reboot_notify' custom type
Parameters
The following parameters are available in the simplib::reboot_notify
class.
log_level
Data type: Simplib::PuppetLogLevel
The Puppet log_level to use when generating output
To change the level of the reboot_notify messages add this class to the class list in hiera and set simplib::reboot_notify::log_level to the level you want.
- Set to log_level to
debug
if you wish to disable output unless you're running in debug mode.
Default value: 'notice'
simplib::stages
This class expands on the Puppet Stdlib stages to add a few levels that we found necessary when developing various SIMP modules that had global ramifications.
Primarily, we wanted to ensure that anyone using the stdlib stages was not tripped up by any of our modules that may enable, or disable, various system, components; particularly ones that require a reboot.
Added Stages:
simp_prep
-> Comes before stdlib'ssetup
simp_finalize
-> Comes after stdlib'sdeploy
Defined types
simplib::install
Manage packages based on Hash input
This has been created as a Defined Type so that it can be properly referenced in manifest ordering
Parameters
The following parameters are available in the simplib::install
defined type.
packages
Data type: Hash[String[1], Optional[Hash]]
Hash of the packages to install
- If just a key is provided, will apply
package_ensure
to the item - A value may be provided to the package name key that will be passed along as the arguments for resource creation.
- A special entry called
defaults
can be provided that will set the default package options for all packages in theHash
@example Adding a package to be installed simplib::install({ 'my_package' => undef })
defaults
Data type: Hash[String[1], String[1]]
A Hash
of default parameters to apply to all $packages
- This will be overridden by any options applied to individual packages
@example Adding some packages with defaults simplib::install(
# The package list
{
'pkg1' => {
'ensure' => 'installed'
},
'pkg2' => undef
},
# The defaults
{
'ensure' => 'latest',
'configfiles' => 'replace'
}
)
Default value: { 'ensure' => 'present' }
Resource types
ftpusers
Adds all system users to the named file, preserving any other entries currently in the file.
Properties
The following properties are available in the ftpusers
type.
to_write
Ignored, auto-populated from /etc/passwd
Default value: default
Parameters
The following parameters are available in the ftpusers
type.
name
namevar
The file to which to write the values
min_id
The UID below which all values will be considered system users
Default value: 500
always_deny
Entries to always add to the file
Default value: ['nobody','nfsnobody']
init_ulimit
Please use the systemd
module for systems that support systemd
Update ulimit
settings in init scripts.
The resource name does have to be unique but is meaningless.
Valid limit_type
names are:
- b|socket_buffer_size
- c|max_core_size
- d|max_data_segment
- e|max_nice
- f|max_file_size
- i|max_pending_signals
- l|max_memory_lock_size
- m|max_resident_set_size
- n|max_open_files (default)
- p|max_queue_size
- r|max_real_time_pri
- s|max_stack_size
- t|max_cpu_time
- u|max_num_procs
- v|max_virt_memory
- x|max_file_locks
- T|max_threads
All of these are explained in the ulimit
section of bash_builtins(1)
The parameter names are taken from the descriptive field names used in
limits.conf
.
Examples
Long Names
init_ulimit { 'rsyslog':
ensure => 'present',
limit_type => 'both'
item => 'max_open_files',
value => 'unlimited'
}
Short Names
init_ulimit { 'rsyslog':
item => 'n',
value => 'unlimited'
}
Properties
The following properties are available in the init_ulimit
type.
ensure
Valid values: present, absent
The basic property that the resource should be in.
Default value: present
value
Valid values: hard, soft, unlimited, /^\d+$/
The value to which to set the new limit.
Parameters
The following parameters are available in the init_ulimit
type.
name
A unique name for the resource
target
namevar
The service that will be modified. If you specify a full path, that will be used instead.
limit_type
Valid values: soft, hard, both
The limit type: hard|soft|both
Default value: both
item
namevar
The system limit resource to modify
Default value: max_open_files
prepend_file_line
Type that can prepend whole a line to a file if it does not already contain it.
Example:
file_prepend_line { 'sudo_rule': path => '/etc/sudoers', line => '%admin ALL=(ALL) ALL', }
Properties
The following properties are available in the prepend_file_line
type.
ensure
Valid values: present
The basic property that the resource should be in.
Default value: present
Parameters
The following parameters are available in the prepend_file_line
type.
name
namevar
arbitrary name used as identity
line
The line to be prepended to the path.
path
File to possibly prepend a line to.
reboot_notify
Notifies users when a system reboot is required.
This type creates a file at $target the contents of which provide a summary of the reasons why the system requires a reboot.
NOTE: This type will only register entries on refresh. Any other use of the type will not report the necessary reboot.
A reboot notification will be printed at each puppet run until the system is successfully rebooted.
Properties
The following properties are available in the reboot_notify
type.
ensure
Valid values: present, absent
The basic property that the resource should be in.
Default value: present
Parameters
The following parameters are available in the reboot_notify
type.
name
namevar
The item that is being modified that requires a reboot
reason
An optional reason for rebooting
Default value: modified
control_only
Valid values: true
, false
, yes, no
This resource is only for control and should not add an item to the notification list
You may only have ONE resource with this set to true
in your catalog
Default value: false
log_level
Valid values: alert, crit, debug, notice, emerg, err, info, warning
Set the message log level for notifications
This is only active with :control_only set to true
Default value: notice
runlevel
Changes the system runlevel by re-evaluating the inittab or systemd link. Arguments:
name
- the runlevel to evaluate for the system
persist
- boolean value that determines whether or not to set as the default runlevel of the system
Example:
runlevel { '3': persist => true, }
Properties
The following properties are available in the runlevel
type.
level
Valid values: /^[1-5]$/, rescue, multi-user, graphical, default
The target runlevel of the system. Defaults to what is specified in :name
Default value: default
persist
Valid values: true
, false
Whether or not to save the runlevel as default.
Default value: true
Parameters
The following parameters are available in the runlevel
type.
name
Valid values: /^[1-5]$/, rescue, multi-user, graphical
namevar
The target runlevel of the system
transition_timeout
Valid values: /^\d+$/
How many seconds to wait for a runlevel switch before failing
Default value: 60
script_umask
Alters the umask settings in the passed file.
Properties
The following properties are available in the script_umask
type.
umask
Valid values: /^[0-7]{3,4}$/
The umask that should be set in the target file.
Default value: 077
Parameters
The following parameters are available in the script_umask
type.
name
namevar
The file to alter.
simp_file_line
Ensures that a given line is contained within a file. The implementation matches the full line, including whitespace at the beginning and end. If the line is not contained in the given file, Puppet will add the line to ensure the desired state. Multiple resources may be declared to manage multiple lines in the same file.
Example:
simp_file_line { 'sudo_rule':
path => '/etc/sudoers',
line => '%sudo ALL=(ALL) ALL',
}
simp_file_line { 'sudo_rule_nopw':
path => '/etc/sudoers',
line => '%sudonopw ALL=(ALL) NOPASSWD: ALL',
}
In this example, Puppet will ensure both of the specified lines are contained in the file /etc/sudoers.
This is an enhancement to the stdlib file_line that allows for the following additional options:
- prepend => [binary] Prepend the line instead of appending it if not using 'match'
- deconflict => [binary] Do not execute if there is a file resource that already manipulates the content of the target file.
Properties
The following properties are available in the simp_file_line
type.
ensure
Valid values: present, absent
The basic property that the resource should be in.
Default value: present
Parameters
The following parameters are available in the simp_file_line
type.
name
namevar
An arbitrary name used as the identity of the resource.
match
An optional regular expression to run against existing lines in the file. If a match is found, we replace that line rather than adding a new line.
line
The line to be added to the file located by the path parameter.
path
The file Puppet will ensure contains the line specified by the line parameter.
deconflict
Valid values: true
, false
Do not execute this type if there is a file type that already manages the content of the target file unless $replace == false
Default value: false
prepend
Valid values: true
, false
Prepend the line to the file if not using match
Default value: false
Functions
array_include
Type: Ruby 3.x API
Determine if the first passed array contains the contents of another array or string.
array_include()
Determine if the first passed array contains the contents of another array or string.
Returns: Boolean
array_size
Type: Ruby 3.x API
Returns the number of elements in an Array
. If a String
is passed,
simply returns 1
.
This is in contrast to the Puppet Labs stdlib
size()
function which
returns the size of an Array
or the length of a String
when called.
array_size()
Returns the number of elements in an Array
. If a String
is passed,
simply returns 1
.
This is in contrast to the Puppet Labs stdlib
size()
function which
returns the size of an Array
or the length of a String
when called.
Returns: Integer
array_union
Type: Ruby 3.x API
Return the union of two Arrays
.
array_union()
Return the union of two Arrays
.
Returns: Array
bracketize
Type: Ruby 3.x API
Add brackets to IP addresses and Arrays
of IP addresses based on the
rules for bracketing IPv6 addresses.
Ignore anything that does not look like an IPv6 address.
bracketize()
Add brackets to IP addresses and Arrays
of IP addresses based on the
rules for bracketing IPv6 addresses.
Ignore anything that does not look like an IPv6 address.
Returns: Variant[String, Array[String]]
deep_merge
Type: Ruby 3.x API
Perform a deep merge on two passed Hashes
.
This code is shamelessly stolen from the guts of
ActiveSupport::CoreExtensions::Hash::DeepMerge
and munged together with
the Puppet Labs stdlib
merge()
function.
deep_merge()
Perform a deep merge on two passed Hashes
.
This code is shamelessly stolen from the guts of
ActiveSupport::CoreExtensions::Hash::DeepMerge
and munged together with
the Puppet Labs stdlib
merge()
function.
Returns: Hash
generate_reboot_msg
Type: Ruby 3.x API
Generate a reboot message from a passed Hash
.
Requires a Hash
of the following form:
ruby { 'id' => 'reason', 'id2' => 'reason2', ... }
Will return a message such as:
A system reboot is required due to: id => reason id2 => reason2
generate_reboot_msg()
Generate a reboot message from a passed Hash
.
Requires a Hash
of the following form:
ruby { 'id' => 'reason', 'id2' => 'reason2', ... }
Will return a message such as:
A system reboot is required due to: id => reason id2 => reason2
Returns: Strin
Strin
get_ports
Type: Ruby 3.x API
Take an Array
of items that may contain port
numbers and
appropriately return the port
portion. Works with hostnames, IPv4,
and IPv6.
get_ports()
Take an Array
of items that may contain port
numbers and
appropriately return the port
portion. Works with hostnames, IPv4,
and IPv6.
Returns: Array[Strin
Array[Strin
h2n
Type: Ruby 3.x API
Takes a single hostname
and returns the associated IP address if it
can determine it.
If it cannot be determined, simply returns the passed hostname.
h2n()
Takes a single hostname
and returns the associated IP address if it
can determine it.
If it cannot be determined, simply returns the passed hostname.
Returns: Stri
Stri
host_is_me
Type: Ruby 3.x API
Detect if a local system identifier Hostname/IP address is contained in the passed whitespace delimited list.
Whitespace and comma delimiters and passed Arrays
are accepted.
127.0.0.1
and ::1
are never matched, use localhost
or
localhost6
for that if necessary.
host_is_me()
Detect if a local system identifier Hostname/IP address is contained in the passed whitespace delimited list.
Whitespace and comma delimiters and passed Arrays
are accepted.
127.0.0.1
and ::1
are never matched, use localhost
or
localhost6
for that if necessary.
Returns: Variant[String, Arra
Variant[String, Arra
inspect
Type: Ruby 3.x API
Prints out Puppet warning messages that display the passed variable.
This is mainly meant for debugging purposes.
inspect()
Prints out Puppet warning messages that display the passed variable.
This is mainly meant for debugging purposes.
Returns: N
N
ip_is_me
Type: Ruby 3.x API
Detect if an IP address is contained in the passed whitespace delimited
String
.
ip_is_me()
Detect if an IP address is contained in the passed whitespace delimited
String
.
Returns: Boole
Boole
ip_to_cron
Type: Ruby 3.x API
Provides a "random" value to cron
based on the passed Integer
value.
Used to avoid starting a certain cron job at the same time on all servers.
If used with no parameters, it will return a single value between 0-59
first argument is the occurrence within a timeframe, for example if you
want it to run 2
times per hour the second argument is the timeframe,
by default its 60 minutes
, but it could also be 24 hours
etc...
Pulled from: http://projects.puppetlabs.com/projects/puppet/wiki/Cron_Patterns/8/diff
- Author: ohadlevy@gmail.com
- License: None
ip_to_cron()
Provides a "random" value to cron
based on the passed Integer
value.
Used to avoid starting a certain cron job at the same time on all servers.
If used with no parameters, it will return a single value between 0-59
first argument is the occurrence within a timeframe, for example if you
want it to run 2
times per hour the second argument is the timeframe,
by default its 60 minutes
, but it could also be 24 hours
etc...
Pulled from: http://projects.puppetlabs.com/projects/puppet/wiki/Cron_Patterns/8/diff
- Author: ohadlevy@gmail.com
- License: None
Returns: Variant[Integer[0,59], Array[Integer[0,59], Integer[0,23]]]
ipaddresses
Type: Ruby 3.x API
Return an Array
of all IP addresses known to be associated with the
client.
If an argument is passed, and is not false
, then only return
non-local addresses.
ipaddresses()
Return an Array
of all IP addresses known to be associated with the
client.
If an argument is passed, and is not false
, then only return
non-local addresses.
Returns: Array[Strin
Array[Strin
join_mount_opts
Type: Ruby 3.x API
Merge two sets of mount
options in a reasonable fashion.
The second set will always override the first.
join_mount_opts()
Merge two sets of mount
options in a reasonable fashion.
The second set will always override the first.
Returns: Array[Strin
Array[Strin
localuser
Type: Ruby 3.x API
Pull a pre-set password from a password list and return an array
of
user details associated with the passed hostname.
If the password starts with the string $1$
and the length is 34
characters, then it will be assumed to be an MD5
hash to be directly
applied to the system.
If the password is in plain text form, then it will be hashed and stored back into the source file for future use. The plain text version will be commented out in the file.
Lines beginning with the #
symbol are ignored and commas ,
are not
allowed in usernames or hostnames though any characters are allowed in
passwords.
homedir
is the home directory of the user and is optional. By default,
the system will choose the home directory.
The function will return a String
with the following contents:
[attr]<username>,MD5-based password hash with random salt
Hostname Ruby regular expressions are fully supported. The following formats are allowed:
- /regex/opts,
- /regex/,
- regex,
- *.,
- fqdn,
localuser(Stdlib::Absolutepath $filename, Any $hostname)
Pull a pre-set password from a password list and return an array
of
user details associated with the passed hostname.
If the password starts with the string $1$
and the length is 34
characters, then it will be assumed to be an MD5
hash to be directly
applied to the system.
If the password is in plain text form, then it will be hashed and stored back into the source file for future use. The plain text version will be commented out in the file.
Lines beginning with the #
symbol are ignored and commas ,
are not
allowed in usernames or hostnames though any characters are allowed in
passwords.
homedir
is the home directory of the user and is optional. By default,
the system will choose the home directory.
The function will return a String
with the following contents:
[attr]<username>,MD5-based password hash with random salt
Hostname Ruby regular expressions are fully supported. The following formats are allowed:
- /regex/opts,
- /regex/,
- regex,
- *.,
- fqdn,
Returns: String
filename
Data type: Stdlib::Absolutepath
path to the file containing the local users
hostname
Data type: Any
host that you are trying to match against
mapval
Type: Ruby 3.x API
This function pulls a mapped value from a text file with the format:
<key> | <value>
Only the last value matched will be returned
mapval(String $regex, Stdlib::Absolutepath $filename)
This function pulls a mapped value from a text file with the format:
<key> | <value>
Only the last value matched will be returned
Returns: Stri
Stri
regex
Data type: String
Ruby regular expression that will be mapped.
Do not add starting ^
or ending $
filename
Data type: Stdlib::Absolutepath
The filename from which to pull the value
nets2cidr
Type: Ruby 3.x API
Take an input Array
of networks and returns an equivalent Array
in
CIDR notation.
It can also accept a String
separated by spaces, commas, or semicolons.
nets2cidr(Variant[Array[String], String] $networks)
Take an input Array
of networks and returns an equivalent Array
in
CIDR notation.
It can also accept a String
separated by spaces, commas, or semicolons.
Returns: Variant[Array[String], Strin
Variant[Array[String], Strin
networks
Data type: Variant[Array[String], String]
nets2ddq
Type: Ruby 3.x API
Take an input Array
of networks and returns an equivalent Array
in
Dotted Quad notation.
It can also accept a String
separated by spaces, commas, or semicolons.
nets2ddq(Variant[Array[String], String] $networks)
Take an input Array
of networks and returns an equivalent Array
in
Dotted Quad notation.
It can also accept a String
separated by spaces, commas, or semicolons.
Returns: Variant[Array[String], Strin
Variant[Array[String], Strin
networks
Data type: Variant[Array[String], String]
parse_hosts
Type: Ruby 3.x API
Take an Array
of items that may contain port numbers or protocols and
return the host information, ports, and protocols.
Works with Hostnames as well as IPv4 and IPv6 addresses.
NOTE: IPv6 addresses will be returned normalized with square brackets around them for clarity.
parse_hosts()
Take an Array
of items that may contain port numbers or protocols and
return the host information, ports, and protocols.
Works with Hostnames as well as IPv4 and IPv6 addresses.
NOTE: IPv6 addresses will be returned normalized with square brackets around them for clarity.
Returns: Array[Strin
Array[Strin
passgen
Type: Ruby 3.x API
Generates a random password string for a passed identifier.
Uses Puppet[:vardir]/simp/environments/$environment/simp_autofiles/gen_passwd/
as the destination directory.
The minimum length password that this function will return is 6
characters.
Arguments: identifier, ; in that order.
passgen(String $identifier, Hash $modifier_hash)
Generates a random password string for a passed identifier.
Uses Puppet[:vardir]/simp/environments/$environment/simp_autofiles/gen_passwd/
as the destination directory.
The minimum length password that this function will return is 6
characters.
Arguments: identifier, ; in that order.
Returns: Stri
Stri
identifier
Data type: String
Unique String
to identify the password usage
modifier_hash
Data type: Hash
May contain any of the following options:
-
last
=>false
(*) ortrue
- Return the last generated password
-
length
=>Integer
- Length of the new password
-
hash
=>false
(*),true
,md5
,sha256
(true),sha512
- Return a
Hash
of the password instead of the password itself.
- Return a
-
complexity
=>0
(*),1
,2
0
=> Use only Alphanumeric characters in your password (safest)1
=> Add reasonably safe symbols2
=> Printable ASCII
private options:
-
password
=> contains the string representation of the password to hash (used for testing) -
salt
=> contains the string literal salt to use (used for testing) -
complex_only
=> use only the characters explicitly added by the complexity rules (used for testing)
If no, or an invalid, second argument is provided then it will return
the currently stored String
.
rand_cron
Type: Ruby 3.x API
Provides a 'random' value to cron
based on the passed Integer
value.
Used to avoid starting a certain cron
job at the same time on all
servers.
If used with no parameters, it will return a single value between 0-59
first argument is the occurrence within a timeframe, for example if you
want it to run 2
times per hour the second argument is the timeframe,
by default its 60
minutes, but it could also be 24
hours etc
Based on: http://projects.puppetlabs.com/projects/puppet/wiki/Cron_Patterns/8/diff
- Author: ohadlevy@gmail.com
- License: None Posted
rand_cron(String $modifier, Integer $occurs, Integer $scope)
Provides a 'random' value to cron
based on the passed Integer
value.
Used to avoid starting a certain cron
job at the same time on all
servers.
If used with no parameters, it will return a single value between 0-59
first argument is the occurrence within a timeframe, for example if you
want it to run 2
times per hour the second argument is the timeframe,
by default its 60
minutes, but it could also be 24
hours etc
Based on: http://projects.puppetlabs.com/projects/puppet/wiki/Cron_Patterns/8/diff
- Author: ohadlevy@gmail.com
- License: None Posted
Returns: Variant[Integer[0,59], Array[Integer[0,59], Integer[0,23]]]
modifier
Data type: String
Input range modifier
occurs
Data type: Integer
How many values to return
scope
Data type: Integer
Top range of randomly generated number
simp_version
Type: Ruby 3.x API
Return the version of SIMP that this server is running
simp_version()
Return the version of SIMP that this server is running
Returns: Stri
Stri
simplib::assert_metadata
Type: Puppet Language
Fails a compile if the client system is not compatible with the module's
metadata.json
`simplib::assert_metadata(String[1] $module_name, Optional[Struct[{
os => Optional[Struct[{
validate => Optional[Boolean],
options => Struct[{
release_match => Enum['none','full','major']
}]
}]]
}]] $options = simplib::lookup('simplib::assert_metadata::options', { 'default_value' => undef }))`
Fails a compile if the client system is not compatible with the module's
metadata.json
Returns: None
module_name
Data type: String[1]
The name of the module that should be checked
options
Data type: Optional[Struct[{ os => Optional[Struct[{ validate => Optional[Boolean], options => Struct[{ release_match => Enum['none','full','major'] }] }]] }]]
Behavior modifiers for the function
- Can be set using
simplib::assert_metadata::options
in thelookup
stack
Options
- enable => If set to
false
disable all validation - os
- validate => Whether or not to validate the OS settings
- options
- release_match
- none -> No match on minor release (default)
- full -> Full release must match
- major -> Only the major release must match
- release_match
simplib::deprecation
Type: Ruby 4.x API
Function to print deprecation warnings, logging a warning once for a given key.
Messages can be enabled if the SIMPLIB_LOG_DEPRECATIONS environment variable is set to 'true'
simplib::deprecation(String $key, String $message)
Function to print deprecation warnings, logging a warning once for a given key.
Messages can be enabled if the SIMPLIB_LOG_DEPRECATIONS environment variable is set to 'true'
Returns: Nil
key
Data type: String
Uniqueness key, which is used to dedupe messages.
message
Data type: String
Message to be printed, to which file and line information will be appended, if available.
simplib::filtered
Type: Ruby 4.x API
Hiera v5 backend that takes a list of allowed hiera key names, and only returns results from the underlying backend function that match those keys.
This allows hiera data to be delegated to end users in a multi-tenant environment without allowing them the ability to override every hiera data point (and potentially break systems)
simplib::filtered(Hash $options, Puppet::LookupContext $context)
The simplib::filtered function.
Returns: Hash
options
Data type: Hash
context
Data type: Puppet::LookupContext
simplib::filtered(String $key, Hash $options, Puppet::LookupContext $context)
The simplib::filtered function.
Returns: Hash
key
Data type: String
options
Data type: Hash
context
Data type: Puppet::LookupContext
simplib::gen_random_password
Type: Ruby 4.x API
Generates a random password string.
Terminates catalog compilation if the password cannot be created in the allotted time.
simplib::gen_random_password(Integer[8] $length, Optional[Integer[0,2]] $complexity, Optional[Boolean] $complex_only, Optional[Variant[Integer[0],Float[0]]] $timeout_seconds)
Generates a random password string.
Terminates catalog compilation if the password cannot be created in the allotted time.
Returns: String
Generated password
Raises:
RuntimeError
if password cannot be created within allotted time
length
Data type: Integer[8]
Length of the new password.
complexity
Data type: Optional[Integer[0,2]]
Specifies the types of characters to be used in the password
0
=> Use only Alphanumeric characters (safest)1
=> Use Alphanumeric characters and reasonably safe symbols2
=> Use any printable ASCII characters
complex_only
Data type: Optional[Boolean]
Use only the characters explicitly added by the complexity rules
timeout_seconds
Data type: Optional[Variant[Integer[0],Float[0]]]
Maximum time allotted to generate the password; a value of 0 disables the timeout
simplib::hash_to_opts
Type: Puppet Language
Turn a hash into a options string, for use in a shell command
`simplib::hash_to_opts(Hash[String,Variant[Array,String,Numeric,Boolean,Undef]] $input, Struct[{
Optional[connector] => String[1],
Optional[prefix] => String[1],
Optional[repeat] => Enum['comma','repeat'],
Optional[delimiter] => String[1],
}] $opts = {})`
Turn a hash into a options string, for use in a shell command
Returns: String
input
Data type: Hash[String,Variant[Array,String,Numeric,Boolean,Undef]]
Input hash, with Strings as keys and either a String, Array, Numeric, Boolean, or Undef as a value.
opts
Data type: Struct[{ Optional[connector] => String[1], Optional[prefix] => String[1], Optional[repeat] => Enum['comma','repeat'], Optional[delimiter] => String[1], }]
Options hash. It only takes 3 keys, none of them required:
connector
: String that joins each key and value pair. Defaults to '='prefix
: String that prefixes each key value pair. Defaults to '--'delimiter
: When a value is an array, the string that is used to deliminate each item. Defaults to ','repeat
: Whether to return array values as a deliminated string, or by repeating the option with each unique value
simplib::inspect
Type: Puppet Language
Prints the passed variable's Ruby type and value for debugging purposes
This uses a Notify
resource to print the information during the client
run.
class my_test( String $var1, Hash $var2 ) { simplib::inspect('var1') simplib::inspect('var2') ... }
simplib::inspect(String $var_name, Enum['json','yaml', 'oneline_json'] $output_type = 'json')
Prints the passed variable's Ruby type and value for debugging purposes
This uses a Notify
resource to print the information during the client
run.
class my_test( String $var1, Hash $var2 ) { simplib::inspect('var1') simplib::inspect('var2') ... }
Returns: None
var_name
Data type: String
The actual name of the variable, fully scoped, as a String
output_type
Data type: Enum['json','yaml', 'oneline_json']
The format that you wish to use to display the output during the run. 'json' and 'yaml' result in multi-line message content. 'oneline_json' results in single-line message content.
simplib::ip_to_cron
Type: Ruby 4.x API
Transforms an IP address to one or more interval values for cron
.
This can be used to avoid starting a certain cron job at the same
time on all servers.
simplib::ip_to_cron(Optional[Integer[1]] $occurs, Optional[Integer[1]] $max_value, Optional[IpToCronAlgorithm] $algorithm, Optional[Simplib::IP] $ip)
Transforms an IP address to one or more interval values for cron
.
This can be used to avoid starting a certain cron job at the same
time on all servers.
Returns: Array[Integer]
Array of integers suitable for use in the
minute
or hour
cron field.
occurs
Data type: Optional[Integer[1]]
The occurrence within an interval, i.e., the number of values to be generated for the interval.
max_value
Data type: Optional[Integer[1]]
The maximum value for the interval. The values generated will be in the inclusive range [0, max_value].
algorithm
Data type: Optional[IpToCronAlgorithm]
When 'ip_mod', the modulus of the IP number is used as the basis
for the returned values. This algorithm works well to create
cron job intervals for multiple hosts, when the number of hosts
exceeds the max_value
and the hosts have largely, linearly-
assigned IP addresses.
When 'sha256', a random number generated using the IP address
string is the basis for the returned values. This algorithm
works well to create cron job intervals for multiple hosts,
when the number of hosts is less than the max_value
or the
hosts do not have linearly-assigned IP addresses.
ip
Data type: Optional[Simplib::IP]
The IP address to use as the basis for the generated values.
When nil
, the 'ipaddress' fact (IPv4) is used.
simplib::ipaddresses
Type: Ruby 4.x API
Return an Array
of all IP addresses known to be associated with the
client, optionally excluding local addresses.
simplib::ipaddresses(Optional[Boolean] $only_remote)
Return an Array
of all IP addresses known to be associated with the
client, optionally excluding local addresses.
Returns: Array[String]
List of IP addresses for the client
only_remote
Data type: Optional[Boolean]
Whether to exclude local addresses from the return value (e.g., '127.0.0.1').
simplib::join_mount_opts
Type: Ruby 4.x API
Merge two sets of mount
options in a reasonable fashion, giving
precedence to the second set.
simplib::join_mount_opts(Array[String] $system_mount_opts, Array[String] $new_mount_opts)
Merge two sets of mount
options in a reasonable fashion, giving
precedence to the second set.
Returns: String
Merged options string in which new_mount_opts
mount options take precedence; options are comma delimited
system_mount_opts
Data type: Array[String]
System mount options
new_mount_opts
Data type: Array[String]
New mount options, which will override
system_mount_opts
when there are conflicts
simplib::knockout
Type: Puppet Language
uses the knockout prefix of '--' to remove elements from an array.
simplib::knockout(Array $array)
uses the knockout prefix of '--' to remove elements from an array.
Returns: Array
Resulting array.
array
Data type: Array
The array to knockout
simplib::ldap::domain_to_dn
Type: Puppet Language
Generates a LDAP Base DN from a domain
simplib::ldap::domain_to_dn(String $domain = $facts['domain'], Boolean $downcase_attributes = false)
Generates a LDAP Base DN from a domain
Returns: String
domain
Data type: String
The domain to convert, defaults to the domain
fact
downcase_attributes
Data type: Boolean
Whether to downcase the LDAP attributes
- Different tools have bugs where they cannot, handle both upcased and downcased LDAP attribute elements
simplib::lookup
Type: Ruby 4.x API
A function for falling back to global scope variable lookups when the
Puppet 4 lookup()
function cannot find a value.
While lookup()
will stop at the back-end data sources,
simplib::lookup()
will check the global scope first to see if the
variable has been defined.
This means that you can pre-declare a class and/or use an ENC and look up the variable whether it is declared this way or via Hiera or some other back-end.
simplib::lookup(String $param, Optional[Any] $options)
A function for falling back to global scope variable lookups when the
Puppet 4 lookup()
function cannot find a value.
While lookup()
will stop at the back-end data sources,
simplib::lookup()
will check the global scope first to see if the
variable has been defined.
This means that you can pre-declare a class and/or use an ENC and look up the variable whether it is declared this way or via Hiera or some other back-end.
Returns: Any
The value that is found in the system for the passed
parameter.
param
Data type: String
The parameter that you wish to look up
options
Data type: Optional[Any]
Hash of options for regular lookup()
- This must follow the syntax rules for the
Puppet
lookup( [<NAME>], <OPTIONS HASH> )
version oflookup()
- No other formats are supported!
simplib::mock_data
Type: Ruby 4.x API
A mock data function
simplib::mock_data(Hash $options, Puppet::LookupContext $context)
The simplib::mock_data function.
Returns: Any
options
Data type: Hash
context
Data type: Puppet::LookupContext
simplib::mock_data(String $key, Hash $options, Puppet::LookupContext $context)
The simplib::mock_data function.
Returns: Any
key
Data type: String
options
Data type: Hash
context
Data type: Puppet::LookupContext
simplib::module_exist
Type: Ruby 4.x API
Determines if a module exists in the current environment
simplib::module_exist(String[1] $module_name)
Determines if a module exists in the current environment
Returns: Boolean
Whether or not the module exists in the current environment
module_name
Data type: String[1]
The module name to check
simplib::nets2cidr
Type: Ruby 4.x API
Take an input list of networks and returns an equivalent Array
in
CIDR notation.
- Hostnames are passed through untouched.
- Terminates catalog compilation if any input item is not a valid network or hostname.
simplib::nets2cidr(String $network_list)
The simplib::nets2cidr function.
Returns: Array[String]
Array of networks in CIDR notation
network_list
Data type: String
List of 1 or more networks separated by spaces, commas, or semicolons
simplib::nets2cidr(Array $networks)
The simplib::nets2cidr function.
Returns: Array[String]
Array of networks in CIDR notation
networks
Data type: Array
Array of networks
simplib::nets2ddq
Type: Ruby 4.x API
Tranforms a list of networks into an equivalent array in dotted quad notation.
- CIDR networks are converted to dotted quad notation networks. IP addresses and hostnames are left untouched.
- Terminates catalog compilation if any input item is not a valid network or hostname.
simplib::nets2ddq(Array $networks)
The simplib::nets2ddq function.
Returns: Array[String]
Converted input
networks
Data type: Array
The networks to convert
simplib::nets2ddq(String $networks_string)
The simplib::nets2ddq function.
Returns: Array[String]
Converted input
networks_string
Data type: String
String containing the list of networks to convert; list elements are separated by spaces, commas or semicolons.
simplib::parse_hosts
Type: Ruby 4.x API
Convert an Array
of items that may contain port numbers or protocols
into a structured Hash
of host information.
-
Works with Hostnames as well as IPv4 and IPv6 addresses.
-
IPv6 addresses will be returned normalized with square brackets around them for clarity.
-
Terminates catalog compilation if
- A valid network or hostname cannot be extracted from all input items.
- Any input item that contains a port specifies an invalid port.
simplib::parse_hosts(Array[String[1],1] $hosts)
Convert an Array
of items that may contain port numbers or protocols
into a structured Hash
of host information.
-
Works with Hostnames as well as IPv4 and IPv6 addresses.
-
IPv6 addresses will be returned normalized with square brackets around them for clarity.
-
Terminates catalog compilation if
- A valid network or hostname cannot be extracted from all input items.
- Any input item that contains a port specifies an invalid port.
Returns: Hash
Structured Hash of the host information
Raises:
RuntimeError
if a valid network or hostname cannot be extracted from all input itemsRuntimeError
if any input item that contains a port specifies an invalid port
hosts
Data type: Array[String[1],1]
Array of host entries, where each entry may contain a protocol or both a protocol and port
simplib::passgen
Type: Ruby 4.x API
Generates/retrieves a random password string or its hash for a passed identifier.
- Uses
Puppet.settings[:vardir]/simp/environments/$environment/simp_autofiles/gen_passwd/
as the destination directory for password storage. - The minimum length password that this function will return is
8
characters. - Terminates catalog compilation if the password storage directory cannot be created/accessed by the Puppet user, the password cannot be created in the allotted time, or files not owned by the Puppet user are present in the password storage directory.
simplib::passgen(String[1] $identifier, Optional[Hash] $modifier_hash)
Generates/retrieves a random password string or its hash for a passed identifier.
- Uses
Puppet.settings[:vardir]/simp/environments/$environment/simp_autofiles/gen_passwd/
as the destination directory for password storage. - The minimum length password that this function will return is
8
characters. - Terminates catalog compilation if the password storage directory cannot be created/accessed by the Puppet user, the password cannot be created in the allotted time, or files not owned by the Puppet user are present in the password storage directory.
Returns: String
Password or password hash specified. If no
modifier_hash
or an invalid modifier_hash
is provided,
it will return the currently stored/generated password.
identifier
Data type: String[1]
Unique String
to identify the password usage.
modifier_hash
Data type: Optional[Hash]
Options Hash
. May include any
of the following options:
last
=>false
(*) ortrue
- Return the last generated password
length
=>Integer
- Length of the new password
hash
=>false
(*),true
,md5
,sha256
(true),sha512
- Return a
Hash
of the password instead of the password itself
- Return a
complexity
=>0
(*),1
,2
private options:* `0` => Use only Alphanumeric characters in your password (safest) * `1` => Add reasonably safe symbols * `2` => Printable ASCII
password
=> contains the string representation of the password to hash (used for testing)salt
=> contains the string literal salt to use (used for testing)complex_only
=> use only the characters explicitly added by the complexity rules (used for testing)
simplib::rand_cron
Type: Ruby 4.x API
Transforms an input string to one or more interval values for cron
.
This can be used to avoid starting a certain cron job at the same
time on all servers.
simplib::rand_cron(String $modifier, RandCronAlgorithm $algorithm, Optional[Integer[1]] $occurs, Optional[Integer[1]] $max_value)
Transforms an input string to one or more interval values for cron
.
This can be used to avoid starting a certain cron job at the same
time on all servers.
Returns: Array[Integer]
Array of integers suitable for use in the
minute
or hour
cron field.
modifier
Data type: String
The input string to use as the basis for the generated values.
algorithm
Data type: RandCronAlgorithm
Randomization algorithm to apply to transform the input string.
When 'sha256', a random number generated from the input string
via sha256 is used as the basis for the returned values.
If the input string is an IP address, this algorithm works well to
create cron job intervals for multiple hosts, when the number
of hosts is less than the max_value
or the hosts do not have
linearly-assigned IP addresses.
When 'ip_mod' and the input string is an IP address, the modulus
of the numeric IP is used as the basis for the returned values.
This algorithm works well to create cron job intervals for
multiple hosts, when the number of hosts exceeds the max_value
and the hosts have linearly-assigned IP addresses.
When 'ip_mod' and the input string is not an IP address, for backward compatibility, the crc32 of the input string will be used as the basis for the returned values.
When 'crc32', the crc32 of the input string will be used as the basis for the returned values.
occurs
Data type: Optional[Integer[1]]
The occurrence within an interval, i.e., the number of values to
be generated for the interval. Defaults to 1
.
max_value
Data type: Optional[Integer[1]]
The maximum value for the interval. The values generated will
be in the inclusive range [0, max_value]. Defaults to 60
for
use in the minute
cron field.
simplib::strip_ports
Type: Ruby 4.x API
Extract list of unique hostnames and/or IP addresses from an Array
of hosts, each of which may may contain protocols and/or port numbers
Terminates catalog compilation if
- A valid network or hostname cannot be extracted from all input items.
- Any input item that contains a port specifies an invalid port.
simplib::strip_ports(Array[String[1],1] $hosts)
Extract list of unique hostnames and/or IP addresses from an Array
of hosts, each of which may may contain protocols and/or port numbers
Terminates catalog compilation if
- A valid network or hostname cannot be extracted from all input items.
- Any input item that contains a port specifies an invalid port.
Returns: Array[String]
Non-port portion of hostnames
Raises:
RuntimeError
if any input item that contains a port specifies an invalid port
hosts
Data type: Array[String[1],1]
List of hosts which may contain protocols and port numbers.
simplib::to_integer
Type: Ruby 4.x API
Converts the argument into an Integer
.
Terminates catalog compilation if the argument's class
does not respond to the to_i()
Ruby method.
simplib::to_integer(Any $input)
Converts the argument into an Integer
.
Terminates catalog compilation if the argument's class
does not respond to the to_i()
Ruby method.
Returns: Integer
Converted input
input
Data type: Any
The argument to convert into an Integer
simplib::to_string
Type: Ruby 4.x API
Converts the argument into a String
.
simplib::to_string(Any $input)
Converts the argument into a String
.
Returns: String
Converted input
input
Data type: Any
The argument to convert into a String
simplib::validate_array_member
Type: Ruby 4.x API
Validate that an single input is a member of another Array
or an
Array
input is a subset of another Array
.
- The comparison can optionally ignore the case of
String
elements. - Terminates catalog compilation if validation fails.
simplib::validate_array_member(Variant[SimpleTypes,Array[SimpleTypes]] $input, Array[SimpleTypes] $target, Optional[Enum['i']] $modifier)
Validate that an single input is a member of another Array
or an
Array
input is a subset of another Array
.
- The comparison can optionally ignore the case of
String
elements. - Terminates catalog compilation if validation fails.
Returns: Nil
Raises:
RuntimeError
if validation fails
input
Data type: Variant[SimpleTypes,Array[SimpleTypes]]
Input to find within the target
target
Data type: Array[SimpleTypes]
modifier
Data type: Optional[Enum['i']]
Modification to be made to the comparison operation. Currently, 'i', string case invariance is the only supported modifier.
simplib::validate_between
Type: Ruby 4.x API
Validate that the first value is between the second and third values numerically. The range is inclusive.
Terminates catalog compilation if validation fails.
simplib::validate_between(Variant[String[1],Numeric] $value, Numeric $min_value, Numeric $max_value)
Validate that the first value is between the second and third values numerically. The range is inclusive.
Terminates catalog compilation if validation fails.
Returns: Nil
Raises:
RuntimeError
if validation fails
value
Data type: Variant[String[1],Numeric]
Value to validate
min_value
Data type: Numeric
Minimum value that is valid
max_value
Data type: Numeric
Maximum value that is valid
simplib::validate_bool
Type: Ruby 4.x API
Validate that all passed values are either true
, 'true',
false
or 'false'.
Terminates catalog compilation if validation fails.
simplib::validate_bool(Variant[String,Boolean] *$values_to_validate)
Validate that all passed values are either true
, 'true',
false
or 'false'.
Terminates catalog compilation if validation fails.
Returns: Nil
Raises:
RuntimeError
if validation fails
*values_to_validate
Data type: Variant[String,Boolean]
One or more values to validate
simplib::validate_deep_hash
Type: Ruby 4.x API
Perform a deep validation on two passed Hashes
.
- All keys must be defined in the reference
Hash
that is being validated against. - Unknown keys in the
Hash
being compared will cause a failure in validation - All values in the final leaves of the 'reference 'Hash' must be a String, Boolean, or nil.
- All values in the final leaves of the
Hash
being compared must support a to_s() method. - Terminates catalog compilation if validation fails.
simplib::validate_deep_hash(Hash $reference, Hash $to_check)
Perform a deep validation on two passed Hashes
.
- All keys must be defined in the reference
Hash
that is being validated against. - Unknown keys in the
Hash
being compared will cause a failure in validation - All values in the final leaves of the 'reference 'Hash' must be a String, Boolean, or nil.
- All values in the final leaves of the
Hash
being compared must support a to_s() method. - Terminates catalog compilation if validation fails.
Returns: Nil
Raises:
RuntimeError
if validation fails
reference
Data type: Hash
Hash to validate against. Keys at all levels of the hash define the structure of the hash and the value at each final leaf in the hash tree contains a regular expression string, a boolean or nil for value validation:
-
When the validation value is a regular expression string, the string representation of the to_check value (from the to_s() method) will be compared to the regular expression contained in the reference string.
-
When the validation value is a Boolean, the string representation of the to_check value will be compared with the string representation of the Boolean (as provided by the to_s() method).
-
When the validation value is a
nil
or 'nil', no value validation will be done for the key. -
When the to_check value contains an
Array
of values for a key, the validation for that key will be applied to each element in that array.
to_check
Data type: Hash
Hash to be validated against the reference
simplib::validate_net_list
Type: Ruby 4.x API
Validate that a passed list (Array
or single String
) of networks
is filled with valid IP addresses, network addresses (CIDR notation),
or hostnames.
- Hostnames are checked per RFC 1123.
- Ports appended with # a colon
:
are allowed for hostnames and individual IP addresses. - Terminates catalog compilation if validation fails.
simplib::validate_net_list(String $net, Optional[String] $str_match)
The simplib::validate_net_list function.
Returns: Nil
net
Data type: String
Single network to be validated.
str_match
Data type: Optional[String]
Stringified regular expression (regex without
the //
delimiters)
simplib::validate_net_list(Array[String] $net_list, Optional[String] $str_match)
The simplib::validate_net_list function.
Returns: Nil
net_list
Data type: Array[String]
Array
of networks to be validated.
str_match
Data type: Optional[String]
Stringified regular expression (regex without
the //
delimiters)
simplib::validate_port
Type: Ruby 4.x API
Validates whether each passed argument contains valid port(s).
- Each element of each argument must, numerically, be in the range [1, 65535].
- Terminates catalog compilation if validation fails.
simplib::validate_port(Variant[String[1],Integer,StringOrIntegerArray] *$port_args)
Validates whether each passed argument contains valid port(s).
- Each element of each argument must, numerically, be in the range [1, 65535].
- Terminates catalog compilation if validation fails.
Returns: Nil
Raises:
RuntimeError
if validation fails
*port_args
Data type: Variant[String[1],Integer,StringOrIntegerArray]
Arguments each of which contain either an individual port or an array of ports.
simplib::validate_re_array
Type: Ruby 4.x API
Perform simple validation of a String
, or Array
of Strings
,
against one or more regular expressions.
- Derived from the Puppet Labs stdlib validate_re.
- Terminates catalog compilation if validation fails.
simplib::validate_re_array(String $input, String $regex, Optional[String] $err_msg)
The simplib::validate_re_array function.
Returns: Nil
input
Data type: String
String to be validated
regex
Data type: String
Stringified regex expression (regex without the //
delimiters)
err_msg
Data type: Optional[String]
Optional error message to emit upon failure
simplib::validate_re_array(String $input, Array $regex_list, Optional[String] $err_msg)
The simplib::validate_re_array function.
Returns: Nil
input
Data type: String
String to be validated
regex_list
Data type: Array
Array of stringified regex expressions (
regexes without the //
delimiters)
err_msg
Data type: Optional[String]
Optional error message to emit upon failure
simplib::validate_re_array(Array $inputs, String $regex, Optional[String] $err_msg)
The simplib::validate_re_array function.
Returns: Nil
inputs
Data type: Array
Array of strings to be validated
regex
Data type: String
Stringified regex expression (regex without the //
delimiters)
err_msg
Data type: Optional[String]
Optional error message to emit upon failure
simplib::validate_re_array(Array $inputs, Array $regex_list, Optional[String] $err_msg)
The simplib::validate_re_array function.
Returns: Nil
inputs
Data type: Array
Array of strings to be validated
regex_list
Data type: Array
Array of stringified regex expressions (
regexes without the //
delimiters)
err_msg
Data type: Optional[String]
Optional error message to emit upon failure
simplib::validate_sysctl_value
Type: Ruby 4.x API
Validate that the passed value is correct for the passed sysctl
key.
- If a key is not known, assumes the value is valid.
- Terminates catalog compilation if validation fails.
simplib::validate_sysctl_value(String $key, String $value)
Validate that the passed value is correct for the passed sysctl
key.
- If a key is not known, assumes the value is valid.
- Terminates catalog compilation if validation fails.
Returns: Nil
Raises:
RuntimeError
upon validation failure
key
Data type: String
sysctl setting whose value is to be validated
value
Data type: String
Value to be validated
simplib::validate_uri_list
Type: Ruby 4.x API
Validate that a passed list (Array
or single String
) of URIs is
valid according to Ruby's URI parser.
- Caution: No scheme (protocol type) validation is done if the
scheme_list
parameter is not set. - Terminates catalog compilation if validation fails.
simplib::validate_uri_list(String[1] $uri, Optional[Array[String]] $scheme_list)
The simplib::validate_uri_list function.
Returns: Nil
uri
Data type: String[1]
URI to be validated.
scheme_list
Data type: Optional[Array[String]]
List of schemes (protocol types) allowed for the URI.
simplib::validate_uri_list(Array[String[1],1] $uri_list, Optional[Array[String]] $scheme_list)
The simplib::validate_uri_list function.
Returns: Nil
uri_list
Data type: Array[String[1],1]
1 or more URIs to be validated.
scheme_list
Data type: Optional[Array[String]]
List of schemes (protocol types) allowed for the URI.
simplib_deprecation
Type: Ruby 3.x API
Function to print deprecation warnings for 3.X functions. The first argument is the uniqueness key, which allows deduping of messages. The second argument is the message to be printed. Messages can be enabled if the SIMPLIB_LOG_DEPRECATIONS environment variable is set to 'true'.
simplib_deprecation()
Function to print deprecation warnings for 3.X functions. The first argument is the uniqueness key, which allows deduping of messages. The second argument is the message to be printed. Messages can be enabled if the SIMPLIB_LOG_DEPRECATIONS environment variable is set to 'true'.
Returns: Nil
slice_array
Type: Ruby 3.x API
Split an Array
into an array of arrays that contain groupings of
max_length
size. This is similar to each_slice
in newer versions of
Ruby.
slice_array(Array $to_slice, Integer $max_length, String[1,1] $split_char)
Split an Array
into an array of arrays that contain groupings of
max_length
size. This is similar to each_slice
in newer versions of
Ruby.
Returns: Array[Array[Any]
Array[Array[Any]
to_slice
Data type: Array
The array to slice. This will be flattened if necessary.
max_length
Data type: Integer
The maximum length of each slice.
split_char
Data type: String[1,1]
An optional character upon which to count sub-elements as multiples. Only one per subelement is supported.
strip_ports
Type: Ruby 3.x API
Take an Array
of items that may contain port numbers and appropriately
return the non-port portion. Works with hostnames, IPv4, and IPv6.
strip_ports(Array[String] $hosts)
Take an Array
of items that may contain port numbers and appropriately
return the non-port portion. Works with hostnames, IPv4, and IPv6.
Returns: Array[Str
Array[Str
hosts
Data type: Array[String]
Array
of hostnames which may contain port numbers.
to_integer
Type: Ruby 3.x API
Converts the argument into an Integer
.
Only works if the passed argument responds to the to_i()
Ruby method.
to_integer(Any $input)
Converts the argument into an Integer
.
Only works if the passed argument responds to the to_i()
Ruby method.
Returns: Any
[
input
Data type: Any
The argument to convert into an Integer
to_string
Type: Ruby 3.x API
Converts the argument into a String
.
Only works if the passed argument responds to the to_s()
Ruby method.
to_string(Any $input)
Converts the argument into a String
.
Only works if the passed argument responds to the to_s()
Ruby method.
Returns: Any
input
Data type: Any
The argument to convert into a String
validate_array_member
Type: Ruby 3.x API
Validate that the first String
(or Array
) passed is a member of the
second Array
passed. An optional third argument of i can be passed,
which ignores the case of the objects inside the Array
.
validate_array_member()
Validate that the first String
(or Array
) passed is a member of the
second Array
passed. An optional third argument of i can be passed,
which ignores the case of the objects inside the Array
.
Returns: Boolean
validate_array_of_hashes
Type: Ruby 3.x API
Validate that the passed argument is either an empty Array
or an
Array
that only contains Hashes
.
validate_array_of_hashes()
Validate that the passed argument is either an empty Array
or an
Array
that only contains Hashes
.
Returns: Boolean
validate_between
Type: Ruby 3.x API
Validate that the first value is between the second and third values numerically.
This is a pure Ruby comparison, not a human comparison.
validate_between()
Validate that the first value is between the second and third values numerically.
This is a pure Ruby comparison, not a human comparison.
Returns: Boolean
validate_bool_simp
Type: Ruby 3.x API
Validate that all passed values are either true
or false
.
Abort catalog compilation if any value fails this check.
Modified from the stdlib validate_bool to handle the strings true
and
false
.
validate_bool_simp()
Validate that all passed values are either true
or false
.
Abort catalog compilation if any value fails this check.
Modified from the stdlib validate_bool to handle the strings true
and
false
.
Returns: Nil
validate_deep_hash
Type: Ruby 3.x API
Perform a deep validation on two passed Hashes
.
The first Hash
is the one to validate against, and the second is the
one being validated. The first Hash
(i.e. the source) exists to define
a valid structure and potential regular expression to validate against, or
nil
top skip an entry.
Arrays
of values will match each entry to the given regular expression.
All keys must be defined in the source Hash
that is being validated
against.
Unknown keys in the Hash
being compared will cause a failure in
validation
validate_deep_hash()
Perform a deep validation on two passed Hashes
.
The first Hash
is the one to validate against, and the second is the
one being validated. The first Hash
(i.e. the source) exists to define
a valid structure and potential regular expression to validate against, or
nil
top skip an entry.
Arrays
of values will match each entry to the given regular expression.
All keys must be defined in the source Hash
that is being validated
against.
Unknown keys in the Hash
being compared will cause a failure in
validation
Returns: Nil
validate_float
Type: Ruby 3.x API
Validates whether or not the passed argument is a float
validate_float()
Validates whether or not the passed argument is a float
Returns: N
N
validate_integer
Type: Ruby 3.x API
Validates that the passed argument is an Integer
.
validate_integer()
Validates that the passed argument is an Integer
.
Returns: N
N
validate_macaddress
Type: Ruby 3.x API
Validate that all passed values are valid MAC addresses.
validate_macaddress()
Validate that all passed values are valid MAC addresses.
Returns: Nil
validate_net_list
Type: Ruby 3.x API
Validate that a passed list (Array
or single String
) of networks is
filled with valid IP addresses or hostnames. Hostnames are checked per
RFC 1123. Ports appended with a colon :
are allowed.
There is a second, optional argument that is a regex of Strings
that
should be ignored from the list. Omit the beginning and ending /
delimiters.
validate_net_list()
Validate that a passed list (Array
or single String
) of networks is
filled with valid IP addresses or hostnames. Hostnames are checked per
RFC 1123. Ports appended with a colon :
are allowed.
There is a second, optional argument that is a regex of Strings
that
should be ignored from the list. Omit the beginning and ending /
delimiters.
Returns: Nil
validate_port
Type: Ruby 3.x API
Validates whether or not the passed argument is a valid port
(i.e. between 1
- 65535
).
validate_port()
Validates whether or not the passed argument is a valid port
(i.e. between 1
- 65535
).
Returns: N
N
validate_re_array
Type: Ruby 3.x API
Perform simple validation of a String
, or Array
of Strings
,
against one or more regular expressions. The first argument of
this function should be a String
to test, and the second argument
should be a stringified regular expression (without the //
delimiters) or an Array
of regular expressions. If none of the regular
expressions match the string passed in, compilation will abort with a parse
error.
If a third argument is specified, this will be the error message raised and seen by the user.
validate_re_array()
Perform simple validation of a String
, or Array
of Strings
,
against one or more regular expressions. The first argument of
this function should be a String
to test, and the second argument
should be a stringified regular expression (without the //
delimiters) or an Array
of regular expressions. If none of the regular
expressions match the string passed in, compilation will abort with a parse
error.
If a third argument is specified, this will be the error message raised and seen by the user.
Returns: Nil
validate_sysctl_value
Type: Ruby 3.x API
Validate that the passed value is correct for the passed sysctl
key.
If a key is not known, simply returns that the value is valid.
validate_sysctl_value()
Validate that the passed value is correct for the passed sysctl
key.
If a key is not known, simply returns that the value is valid.
Returns: Nil
validate_umask
Type: Ruby 3.x API
Validate that the passed String
is a valid umask
validate_umask()
Validate that the passed String
is a valid umask
Returns: Nil
validate_uri_list
Type: Ruby 3.x API
Usage: validate_uri_list([LIST],[<VALID_SCHEMES>])
Validate that a passed list (Array
or single String
) of URIs is
valid according to Ruby's URI parser.
validate_uri_list()
Usage: validate_uri_list([LIST],[<VALID_SCHEMES>])
Validate that a passed list (Array
or single String
) of URIs is
valid according to Ruby's URI parser.
Returns: Nil
Types in this module release
- Fri Jul 27 2018 Trevor Vaughan tvaughan@onyxpoint.com - 3.10.1-0
- Added timeout for changing runlevels based on issues discovered in the field
- Fixed bugs in the EL6 runlevel persistence where, in some cases, the runlevel line might not get written to /etc/inittab
- Wed Jul 18 2018 Lucas Yamanishi lucas.yamanishi@onyxpoint.com - 3.10.1-0
- Add support for Puppet 5
- Add support for Oracle Linux
- Tue Jun 19 2018 Trevor Vaughan tvaughan@onyxpoint.com - 3.10.0-0
- Added a function
module_exist
that will return whether or not a module exists in the current environment. - Fixed an issue in the 'runlevel' provider where the actual runlevel would not be changed at execution time
- Thu Jun 14 2018 dforste dforste@users.noreply.github.com - 3.10.0-0
- Fixed bug in cmdline face where duplicate parameters would be ignored
- Duplicate parameters now turn the value of the parameter into an array
- Fri Jun 01 2018 Trevor Vaughan tvaughan@onyxpoint.com - 3.10.0-0
- Add a 'simplib::install' defined type that allows users to provide a Hash of
packages to install along with a Hash of defaults to apply to those packages
and override each package configuration if necessary.
- This was originally created by Nick Miller nick.miller@onyxpoint.com
- Thu May 03 2018 Nick Miller nick.miller@onyxpoint.com - 3.10.0-0
- Add
simplib::hash_to_opts
which turns a hash into a string. Useful for generating commands.
- Mon Apr 30 2018 Trevor Vaughan tvaughan@onyxpoint.com - 3.9.1-0
- Made the
init_ulimit
custom type safe forpuppet generate types
- Fixed a typo in the composite namevar for
init_ulimit
- The following changes allow users to disable reboot notify messages
- Adds two parameters :log_level and :control_only to the 'reboot_notify'
custom type.
- :log_level => Set the Puppet log level of the generated message
- :control_only => Indicate that this entry should not be added to the generated file
- Added a
Simplib::PuppetLogLevel
Data Type - Added a 'reboot_control_metadata' section to the on-system record file
- Added a
simplib::reboot_notify
class to allow for ease of global metadata manipulation.
- Adds two parameters :log_level and :control_only to the 'reboot_notify'
custom type.
- Fixed file paths that were not Windows compatible
- Improved error handling in
reboot_notify
and fixed a few small bugs - Improved some tests
- Fri Jan 19 2018 Trevor Vaughan tvaughan@onyxpoint.com - 3.9.0-0
- Updated the simplib::ldap::domain_to_dn function to allow users to choose whether they want to upcase or downcase the LDAP attributes to work around different system bugs
- Updated min_uid fact for OEL and Scientific Linux
- Updated tests
- Mon Jan 15 2018 Liz Nemsick lnemsick.simp@gmail.com - 3.9.0-0
- Add a 'prelink' fact that indicates whether prelink has been enabled
- Wed Jan 03 2018 Liz Nemsick lnemsick.simp@gmail.com - 3.9.0-0
- Add an 'ipa' fact that provides the IPA domain and server to which a host is connected, when the host is joined to the IPA domain.
- Wed Dec 13 2017 Trevor Vaughan tvaughan@onyxpoint.com - 3.9.0-0
- Added a 'login_defs' structured fact that returns a hash of all values in '/etc/login.defs' with a default 'uid_min' and 'gid_min'
- Fri Dec 08 2017 Chris Tessmer chris.tessmer@onyxpoint.com - 3.9.0-0
- Add data types Simplib::Domain and Simplib::Domainlist
- Re-enabled unit-style data type spec tests for Puppet 4.10
- Wed Nov 15 2017 Liz Nemsick lnemsick.simp@gmail.com - 3.8.0-0
- Disable simplib deprecation warnings by default
- Mon Nov 06 2017 Liz Nemsick lnemsick.simp@gmail.com - 3.8.0-0
- Convert a subset of Puppet 3 functions to Puppet 4 and emit a
simplib deprecation warning when the Puppet 3 versions are called:
- simplib::nets2ddq() replaces deprecated nets2ddq().
- simplib::validate_array_member() replaces deprecated validate_array_member()
- simplib::validate_between() replaces deprecated validate_between(). The new version fails validation, instead of returning false. This behavior consistent with both how the method is used by SIMP modules and the error behavior of all other simplib validate functions.
- simplib::validate_bool() replaces deprecated validate_bool_simp()
- simplib::validate_deep_hash replaced validate_deep_hash.
- In simplib::validate_deep_hash, fixed validate_deep_hash bug in which unknown keys in the Hash to check were not detected.
- Mon Nov 06 2017 Jason Balicki sakodak@gmail.com - 3.8.0-0
- Fixes split failure when "findmnt" does not exist on Linux
- Thu Oct 26 2017 Liz Nemsick lnemsick.simp@gmail.com - 3.7.0-0
- Add Simplib::Macaddress data type
- Convert a subset of Puppet 3 functions to Puppet 4 and emit a
simplib deprecation warning when the Puppet 3 versions are called:
- simplib::join_mount_opts() replaces deprected join_mount_opts()
- simplib::nets2cidr() replaces deprecated nets2cidr()
- simplib::validate_re_array() replaces deprecated validate_re_array()
- simplib::validate_sysctl_value() replaces deprecated validate_sysctl_value()
- Deprecate validate_umask(), advising the user to convert to the Simplib::Umask data type
- Deprecate validate_macaddresses(), advising the user to convert to the Simplib::Macaddress data type
- Fix bug in which simplib_deprecation() used the wrong environment variable.
- Tue Sep 26 2017 Trevor Vaughan tvaughan@onyxpoint.com - 3.6.0-0
- Convert all 'sysctl' 'kernel.shm*' entries to Strings
- shmall and shmmax were causing Facter and newer versions of Puppet to crash
- See FACT-1732 for additional information
- Add Puppet function
simplib::assert_metadata_os()
- Add data type
Simplib::Puppet::Metadata::OS_support
- Mon Sep 11 2017 Liz Nemsick lnemsick.simp@gmail.com - 3.5.0-0
- Convert a subset of Puppet 3 functions to Puppet 4 and emit a
simplib deprecation warning when the Puppet 3 versions are called:
- simplib::ip_to_cron() replaces deprecated ip_to_cron()
- simplib::rand_cron() replaces deprecated rand_cron()
- Add algorithm options to simplib::ip_to_cron() and simplib::rand_cron() to allow the user to select the transformation algorithm, instead of defaulting to an IP number modulus, when the entity to be transformed is an IP address. The IP number modulus algorithm produces undesirable clustering when used to randomize IP addresses in a system for which the number of IPs to be transformed is less than the range over which the randomization is requested.
- Tue Aug 15 2017 Liz Nemsick lnemsick.simp@gmail.com - 3.5.0-0
- Add simplib-specific deprecation functions for both Puppet 3 functions (simplib_deprecation()) and Puppet 4 functions (simplib::deprecation()).
- Convert a subset of Puppet 3 functions to Puppet 4 and emit a
simplib deprecation warning when the Puppet 3 versions are called:
- simplib::inspect() replaces deprecated inspect()
- simplib::ipaddresses() replaces deprecated ipaddresses()
- simplib::parse_hosts() replaces deprecated parse_hosts()
- simplib::passgen() replaces deprecated passgen()
- simplib::strip_ports() replaces deprecated strip_ports()
- simplib::to_integer() replaces deprecated to_integer()
- simplib::to_string() replaces deprecated to_string()
- simplib::validate_uri_list() replaces deprecated validate_uri_list()
- simplib::validate_net_list() replaces deprecated validate_net_list()
- simplib::validate_port() replaces deprecated validate_port()
- Add single-line json output option to simplib::inspect()
- Thu Aug 03 2017 Trevor Vaughan tvaughan@onyxpoint.com - 3.5.0-0
- Added a 'simplib::assert_metadata_os' function that will fail the compile if the passed module does not support the operating systems defined in the module's metadata.json.
- Thu Aug 03 2017 Nick Markowski nmarkowski@keywcorp.com - 3.5.0-0
- The fips_ciphers fact returns nil if the openssl binary is not available
- Sun Jul 23 2017 Trevor Vaughan tvaughan@onyxpoint.com - 3.5.0-0
- Updated puppet-strings documentation
- Updated CONTRIBUTING.md
- Tue Jul 18 2017 Dylan Cochran dylan.cochran@onyxpoint.com - 3.5.0-0
- Fix ipv6_enabled fact, so that it is confined only to linux systems
- Tue Jun 13 2017 Nick Markowski nmarkowski@keywcorp.com - 3.4.0-0
- Due to lack of support for knockout_prefix for arrays in older versions of Puppet, simp::knockout functionality has been moved to simplib::knockout because multiple modules are using the function.
- A wrapper has been put around simp::knockout for backwards-compatibility in our code.
- Update puppet requirement in metadata.json
- Sat Jun 10 2017 Dylan Cochran dylan.cochran@onyxpoint.com - 3.4.0-0
- Fix fullrun fact so it's confined to linux systems
- Thu May 18 2017 Nick Miller nick.miller@onyxpoint.com - 3.4.0-0
- Add data type for catalyst
package_ensure
- Thu Apr 27 2017 Trevor Vaughan tvaughan@onyxpoint.com - 3.4.0-0
- Added a pre and post stage that wrap around the stdlib stages to ensure that all SIMP components have proper buffers around the rest of the stdlib stages that other users might be using.
- Added a
simplib_sysctl
fact to provide values that are particularly relevant to SIMP installations. - Fixed a bug in the
puppet_settings
fact in the case wherefacter
was run standalone - Added a 'root_dir_uuid' fact so that it can be compared against the
/boot
partition in the fips module. Facter used to have a data structure of all mountpoints but it was removed for performance reasons.
- Wed Apr 12 2017 Liz Nemsick lnemsick.simp@gmail.com - 3.4.0-0
- Use the standard ip utility to determine default gateway information, instead of the netstat utility. This removes a dependency on the net-tools package.
- Fri Apr 07 2017 Dylan Cochran dylan.cochran@onyxpoint.com - 3.3.0-0
- Change case of simplib::ldap::domain_to_dn to be upper case
- Fri Apr 07 2017 Trevor Vaughan tvaughan@onyxpoint.com - 3.3.0-0
- Added a 'simplib::inspect' debugging function for dumping parameters during Puppet runs.
- Sun Mar 25 2017 Lucas Yamanishi lucas.yamanishi@onyxpoint.com - 3.2.2-0
- Use PATH lookup for simp_version's rpm call
- Mon Mar 20 2017 Liz Nemsick lnemsick.simp@gmail.com - 3.2.1-0
- move passgen to Puppet[:vardir]
-
Thu Mar 15 2017 Dylan Cochran dylan.cochran@onyxpoint.com - 3.2.1-0
- move passgen to /var/simp
-
Wed Mar 01 2017 Ryan Russel-Yates ryan.russel-yates@onyxpoint.com - 3.2.1-0
- updated Readme
-
Fri Jan 27 2017 Nick Miller nick.miller@onyxpoint.com - 3.2.0
- Added openssl_ciphers fact to list avaiable OpenSSL ciphers
- Fri Jan 20 2017 Dylan Cochran dylan.cochran@onyxpoint.com - 3.2.0-0
- Added type for the server distribution of puppet being used
- Fri Jan 13 2017 Trevor Vaughan tvaughan@onyxpoint.com - 3.2.0-0
- Added a simplib::ldap::domain_to_dn function for generating a reasonable Base DN from the domain fact
- Mon Jan 09 2017 Dylan Cochran dylan.cochran@onyxpoint.com - 3.2.0-0
- fixed how passgen generated salts to restrict it to non-special characters
- Mon Jan 02 2017 Trevor Vaughan tvaughan@onyxpoint.com - 3.1.0-0
- Added additional syslog data types and added tests for all syslog data types
- Syslog::CFacility
- Syslog::CPriority
- Syslog::CSeverity
- Sat Dec 24 2016 Trevor Vaughan tvaughan@onyxpoint.com - 3.1.0-0
- Added types to cover entries with Ports
- Host::Port
- Hostname::Port
- Netlist::Port
- IP::Port
- Added IP::CIDR type
- Tue Dec 20 2016 Nick Miller nick.miller@onyxpoint.com - 3.0.0-0
- NOTE: THIS MODULE CONTAINS NO MORE CLASSES OR MANIFESTS
- Migrated content in manifests and templates to other modules.
- See SIMP-1679 for details
- Mon Dec 19 2016 Nick Miller nick.miller@onyxpoint.com - 2.1.0-0
- Added new types:
- SyslogFacility
- SyslogLevel
- Wed Dec 07 2016 Trevor Vaughan tvaughan@onyxpoint.com - 2.1.0-0
- Added a set of Data Types
- EmailAddress
- Host (Single IP or Hostname)
- Hostname
- Hostname
- IP
- IP::V4
- IP::V4::CIDR
- IP::V4::DDQ
- IP::V4::Port (with port)
- IP::V6
- IP::V6::Base (Regular IPv6)
- IP::V6::Bracketed (IPv6 with Brackets)
- IP::V6::CIDR
- IP::V6::Port (with port)
- Netlist
- Netlist::IP
- Netlist::IP::V4
- Netlist::IP::V6
- Port (any of the below)
- Port::Dynamic (49152-65535)
- Port::Random (0)
- Port::System (1-1024)
- Port::User (1025-49151)
- URI
- Added a simplib::lookup() function that returns a globally scoped variable if it exists before calling the traditional lookup() function.
- Tue Nov 29 2016 Nick Miller nick.miller@onyxpoint.com - 2.0.0-0
- Renamed the file containing the puppet_settings fact to deconflict with
puppetlabs/puppetlabs-stdlib. They don't create any facts with the name
puppet_settings
, so this works for now.
- Mon Nov 21 2016 Chris Tessmer chris.tessmer@onyxpoint.com - 2.0.0-0
- Updated to compliance_markup version 2
- Wed Nov 16 2016 Trevor Vaughan tvaughan@onyxpoint.com - 2.0.0-0
- Rewrite the
puppet_settings
fact to fix several issues
- Fri Oct 14 2016 Liz Nemsick lnemsick.simp@gmail.com - 2.0.0-0
- Fix errors when validate_net_list uses regex strings and is validating IPv6.
- Thu Oct 13 2016 Nick Markowski nmarkowski@keywcorp.com - 2.0.0-0
- EL 7 machines now default nsswitch hosts to 'files','myhostname','dns' in an attempt to mitigate https://bugs.centos.org/view.php?id=10635
- Wed Oct 12 2016 Trevor Vaughan tvaughan@onyxpoint.com - 2.0.0-0
- Updated to use the version of 'simpcat' that does not conflict with 'puppetlabs/concat'.
- Removed the 'has_clustering' fact since it is no longer used in SIMP
- Added a 'puppet_settings' fact that will provide a hash of all puppet settings on the client system.
- Tue Oct 11 2016 Lucas Yamanishi lucas.yamanishi@onyxpoint.com - 1.3.3-0
- Prior to this
named::resolv
made reference toService['named']
, causing errors in cases where the named servce was not called "named." This commit changes the reference toClass['named']
to abstract out the service name and any other potential starup quirks.
- Thu Aug 25 2016 Trevor Vaughan tvaughan@onyxpoint.com - 1.3.1-0
- Update to provide the option to pass the 'gid' option to the /proc mount so that a specific group can be allowed to see the full process tree.
- Thu Aug 11 2016 Lucas Yamanishi lucas.yamanishi@onyxpoint.com - 1.3.0-0
- Mitigate CVE-2016-5696 via sysctl
- Fri Jul 29 2016 Trevor Vaughan tvaughan@onyxpoint.com - 1.2.7-0
- Fixed the acceptance tests
- Fri Jul 08 2016 Nick Miller nick.miller@onyxpoint.com - 1.2.6-0
- Updated the readme
- Updated to use the new packaging format
- Mon Jun 27 2016 Nick Miller nick.miller@onyxpoint.com - 1.2.5-0
- Added logic to ensure the tmpwatch package is installed on EL6 systems
- Thu Jun 09 2016 Nick Markowski nmarkowski@keywcorp.com - 1.2.4-0
- Added the gdm_version facts from xwindows and confined it on the existence of the gdm binary.
- Thu Apr 14 2016 Trevor Vaughan tvaughan@onyxpoint.com - 1.2.3-0
- The nsswitch.conf logic has been updated to work properly between SSSD and non-SSSD systems.
- Tue Apr 12 2016 Kendall Moore kendall.moore@onyxpoint.com - 1.2.2-1
- Fixed deprecation warning in custom types
- Mon Mar 21 2016 Nick Markowski nmarkowski@keywcorp.com - 1.2.2-0
- Fixed sssd/ldap logic in nsswitch.conf
- Sat Mar 19 2016 Trevor Vaughan tvaughan@onyxpoint.comm - 1.2.1-0
- Migrated use_simp_pki to a global catalyst.
- Mon Mar 14 2016 Trevor Vaughan tvaughan@onyxpoint.com - 1.2.0-0
- Updated to use SSSD for EL6.7+
- Mon Mar 14 2016 Nick Markowski nmarkowski@keywcorp.com - 1.1.0-1
- Modified nsswitch template to reference private _use_sssd and _use_ldap logic, exclusively.
- Thu Mar 10 2016 Trevor Vaughan tvaughan@onyxpoint.com - 1.1.0-0
- Ensure that the validate_between() function can handle string/integer combinations.
- Add a to_integer() function which converts the passed argument to an integer.
- Converted to Semantic Versioning 2.0.0
- Fri Mar 04 2016 Nick Markowski nmarkowski@keywcorp.com - 1.0.1-4
- Updated the localusers function to be compatible with multiple versions of ruby, and fixed a bug in the return value.
- Mon Feb 29 2016 Trevor Vaughan tvaughan@onyxpoint.com - 1.0.1-3
- Added a to_string() function which simply converts the passed argument to a string. This has been added to both pass linting and allow for the case where you know you need a string and you want to make sure that is known.
- Fri Feb 19 2016 Ralph Wright ralph.wright@onyxpoint.com - 1.0.1-2
- Added compliance function support
- Tue Feb 02 2016 Chris Tessmer chris.tessmer@onyxpoint.com - 1.0.1-1
- Removed
os_bugfixes
andbugfix1049656
.
- Fri Jan 08 2016 Chris Tessmer chris.tessmer@onyxpoint.com - 1.0.1-0
- Confined Linux facts that were causing errors during Windows agent runs
- Thu Dec 24 2015 Trevor Vaughan tvaughan@onyxpoint.com - 1.0.0-3
- Removed the simp_enabled fact as it is not needed.
- Thu Dec 17 2015 Nick Markowski nmarkowski@keywcorp.com - 1.0.0-2
- CCE-18455-6, CCE-3562-6 disable ipv6. Ipv6 remains enabled at the kernel level, but is functionally disabled via sysctl when ipv6_enabled = false.
- Thu Dec 10 2015 Nick Markowski nmarkowski@keywcorp.com - 1.0.0-1
- CCE-4241-6 Single user mode is now password protected.
- Added a simp_enabled fact to return true if the 'simp' class is in the catalog.
- Thu Nov 19 2015 Trevor Vaughan tvaughan@onyxpoint.com - 1.0.0-0
- Added validate_uri_list function
- Ensure that nsswitch works properly for SSSD
- Add sudoers support for SSSD and nsswitch
- Fri Nov 13 2015 Chris Tessmer chris.tessmer@onyxpoint.com - 1.0.0-0
- Imported manifests/ template/ and files/ assets from pupmod-common
- manifests/ assets from pupmod-functions are deprecated and will not be imported
- All tests pass; first version is rolled up
- Tue Oct 13 2015 Chris Tessmer chris.tessmer@onyxpoint.com - 0.1.0-0
- Initial rollup of lib/ assets from legacy modules simp-common and simp-functions
simplib - A collection of common SIMP functions, facts, and puppet code Per Section 105 of the Copyright Act of 1976, these works are not entitled to domestic copyright protection under US Federal law. The US Government retains the right to pursue copyright protections outside of the United States. The United States Government has unlimited rights in this software and all derivatives thereof, pursuant to the contracts under which it was developed and the License under which it falls. --- Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.