|
50 | 50 | runs-on: ubuntu-24.04 |
51 | 51 | strategy: |
52 | 52 | fail-fast: false |
53 | | - matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} |
| 53 | + matrix: ${{ fromJson(needs.setup_matrix.outputs.matrix) }} |
54 | 54 |
|
55 | 55 | steps: |
56 | 56 |
|
@@ -96,74 +96,94 @@ jobs: |
96 | 96 | puts "master_uri=#{t["uri"]}" |
97 | 97 | ' >> $GITHUB_OUTPUT |
98 | 98 |
|
99 | | - # === FIXED STEP: run classifier API via Bash on the master === |
100 | | - - name: Classify PE Master with pe_repo::platform (via classifier API) |
| 99 | + # 1) Warm up services BEFORE classification (2 quick runs) |
| 100 | + - name: Warm up PE master (first convergence) |
101 | 101 | env: |
102 | 102 | BOLT_GEM: "1" |
103 | 103 | shell: bash |
| 104 | + run: | |
| 105 | + MASTER='${{ steps.pe-master.outputs.master_uri }}' |
| 106 | + MASTER=${MASTER//\"/}; MASTER=${MASTER//\'/} |
| 107 | + for i in 1 2; do |
| 108 | + echo "puppet agent -t (warm-up run $i) on $MASTER" |
| 109 | + bundle exec bolt command run "/opt/puppetlabs/bin/puppet agent -t || true" \ |
| 110 | + -i spec/fixtures/litmus_inventory.yaml --targets "$MASTER" |
| 111 | + sleep 10 |
| 112 | + done |
| 113 | +
|
| 114 | + # 2) Classify master with the pe_repo platform using RBAC token |
| 115 | + - name: Classify PE Master with pe_repo::platform (via RBAC token) |
| 116 | + env: |
| 117 | + BOLT_GEM: "1" |
| 118 | + # Optional: override if your plan uses a different admin password |
| 119 | + PE_ADMIN_PASSWORD: "Puppetlabs123!" |
| 120 | + shell: bash |
104 | 121 | run: | |
105 | 122 | MASTER='${{ steps.pe-master.outputs.master_uri }}' |
106 | 123 | MASTER=${MASTER//\"/}; MASTER=${MASTER//\'/} |
107 | 124 | if [[ -z "$MASTER" ]]; then echo "Empty master target"; exit 1; fi |
108 | 125 |
|
109 | | - # Map matrix platform (e.g. ubuntu-2204-lts) -> ubuntu-22.04-amd64 -> ubuntu_2204_amd64 |
| 126 | + # Map matrix platform -> PE platform tag -> class suffix |
110 | 127 | INPUT="${{ matrix.platform }}" # ubuntu-2204-lts |
111 | 128 | OS="${INPUT%%-*}" # ubuntu |
112 | 129 | VER="${INPUT#*-}" ; VER="${VER%-lts}" # 2204 |
113 | 130 | TAG="${OS}-${VER:0:2}.${VER:2:2}-amd64" # ubuntu-22.04-amd64 |
114 | 131 | SUFFIX="${TAG//-/_}" ; SUFFIX="${SUFFIX//./}" # ubuntu_2204_amd64 |
115 | 132 | CLASS="pe_repo::platform::${SUFFIX}" |
116 | | - echo "Classifying master with: ${CLASS}" |
| 133 | + echo "Classifying master with: ${CLASS} for tag ${TAG}" |
117 | 134 |
|
118 | | - # Run the remote script with /bin/bash -lc so 'pipefail' and '<<<' work |
119 | | - bundle exec bolt command run "CLASS=${CLASS} /bin/bash -lc ' |
| 135 | + bundle exec bolt command run "/bin/bash -lc ' |
120 | 136 | set -euo pipefail |
121 | | - CERT=\$(/opt/puppetlabs/bin/puppet config print hostcert) |
122 | | - KEY=\$(/opt/puppetlabs/bin/puppet config print hostprivkey) |
123 | | - CACERT=/etc/puppetlabs/puppet/ssl/certs/ca.pem |
124 | | - # 1) Find PE Master group id |
125 | | - GROUPS=\$(curl -s --cert \"\$CERT\" --key \"\$KEY\" --cacert \"\$CACERT\" https://localhost:4433/classifier-api/v1/groups) |
126 | | - ID=\$(/opt/puppetlabs/puppet/bin/ruby -rjson -e \"g=JSON.parse(STDIN.read); pe=g.find{|x| x[\\\"name\\\"]==\\\"PE Master\\\"} or abort(\\\"PE Master group not found\\\"); puts pe[\\\"id\\\"]\" <<< \"\$GROUPS\") |
127 | | - echo \"PE Master group id: \$ID\" |
128 | | -
|
129 | | - # 2) Merge the class into the group classes and POST |
130 | | - CURR=\$(curl -s --cert \"\$CERT\" --key \"\$KEY\" --cacert \"\$CACERT\" https://localhost:4433/classifier-api/v1/groups/\$ID) |
131 | | - UPDATED=\$(/opt/puppetlabs/puppet/bin/ruby -rjson -e \"g=JSON.parse(STDIN.read); g[\\\"classes\\\"] ||= {}; g[\\\"classes\\\"][ENV[\\\"CLASS\\\"]] ||= {}; puts({\\\"id\\\"=>g[\\\"id\\\"],\\\"classes\\\"=>g[\\\"classes\\\"]}.to_json)\" <<< \"\$CURR\") |
132 | | -
|
133 | | - curl -s -X POST --cert \"\$CERT\" --key \"\$KEY\" --cacert \"\$CACERT\" \ |
134 | | - -H \"Content-Type: application/json\" \ |
135 | | - -d \"\$UPDATED\" \ |
136 | | - https://localhost:4433/classifier-api/v1/groups/\$ID >/dev/null |
| 137 | + export PATH=/opt/puppetlabs/bin:/opt/puppetlabs/puppet/bin:\$PATH |
| 138 | +
|
| 139 | + # Obtain/refresh an RBAC token (retry a few times while services settle) |
| 140 | + for i in {1..10}; do |
| 141 | + if /opt/puppetlabs/bin/puppet-access show >/dev/null 2>&1; then |
| 142 | + break |
| 143 | + fi |
| 144 | + /opt/puppetlabs/bin/puppet-access login \ |
| 145 | + --lifetime 30m \ |
| 146 | + -u admin -p \"${PE_ADMIN_PASSWORD}\" && break || sleep 6 |
| 147 | + done |
| 148 | + TOKEN=\$(/opt/puppetlabs/bin/puppet-access show || true) |
| 149 | + if [[ -z \"\$TOKEN\" ]]; then |
| 150 | + echo \"Failed to obtain RBAC token\" >&2 |
| 151 | + exit 1 |
| 152 | + fi |
| 153 | +
|
| 154 | + # Fetch PE Master group id |
| 155 | + GROUPS=\$(curl -sS -k -H \"X-Authentication: \$TOKEN\" https://localhost:4433/classifier-api/v1/groups) |
| 156 | + ID=\$(ruby -rjson -e \"g=JSON.parse(STDIN.read); pe=g.find{|x| x['name']=='PE Master'} or abort('PE Master group not found'); puts pe['id']\" <<< \"\$GROUPS\") |
| 157 | +
|
| 158 | + # Merge class into group |
| 159 | + CURR=\$(curl -sS -k -H \"X-Authentication: \$TOKEN\" https://localhost:4433/classifier-api/v1/groups/\$ID) |
| 160 | + UPDATED=\$(CLASS=\"${CLASS}\" ruby -rjson -e \"g=JSON.parse(STDIN.read); g['classes']||={}; g['classes'][ENV['CLASS']]||={}; puts({'id'=>g['id'],'classes'=>g['classes']}.to_json)\" <<< \"\$CURR\") |
| 161 | + curl -sS -k -X POST -H \"X-Authentication: \$TOKEN\" -H 'Content-Type: application/json' \ |
| 162 | + -d \"\$UPDATED\" https://localhost:4433/classifier-api/v1/groups/\$ID >/dev/null |
137 | 163 | '" -i spec/fixtures/litmus_inventory.yaml --targets "$MASTER" |
138 | 164 |
|
| 165 | + # 3) Converge master again so pe_repo materializes platform content |
139 | 166 | - name: Converge PE master (stabilize services & pe_repo) |
140 | 167 | env: |
141 | 168 | BOLT_GEM: "1" |
142 | 169 | shell: bash |
143 | 170 | run: | |
144 | 171 | MASTER='${{ steps.pe-master.outputs.master_uri }}' |
145 | 172 | MASTER=${MASTER//\"/}; MASTER=${MASTER//\'/} |
146 | | - if [[ -z "$MASTER" ]]; then echo "Empty master target"; exit 1; fi |
147 | | -
|
148 | | - for i in 1 2; do |
149 | | - echo "Puppet agent run $i on master..." |
150 | | - bundle exec bolt command run "puppet agent -t || true" \ |
151 | | - -i spec/fixtures/litmus_inventory.yaml \ |
152 | | - --targets "$MASTER" |
153 | | - sleep 10 |
154 | | - done |
| 173 | + echo "puppet agent -t (post-classification) on $MASTER" |
| 174 | + bundle exec bolt command run "/opt/puppetlabs/bin/puppet agent -t || true" \ |
| 175 | + -i spec/fixtures/litmus_inventory.yaml --targets "$MASTER" |
155 | 176 |
|
| 177 | + # Verify the agent packages folder exists for your platform |
156 | 178 | INPUT="${{ matrix.platform }}" # ubuntu-2204-lts |
157 | 179 | OS="${INPUT%%-*}" # ubuntu |
158 | 180 | VER="${INPUT#*-}" ; VER="${VER%-lts}" # 2204 |
159 | 181 | TAG="${OS}-${VER:0:2}.${VER:2:2}-amd64" # ubuntu-22.04-amd64 |
160 | | -
|
161 | 182 | bundle exec bolt command run \ |
162 | | - "PEV=\$(facter -p pe_server_version 2>/dev/null || echo '2023.8.5'); \ |
| 183 | + "/bin/bash -lc 'PEV=\$(facter -p pe_server_version 2>/dev/null || echo 2023.8.5); \ |
163 | 184 | test -d /opt/puppetlabs/server/data/packages/public/\$PEV/${TAG} || \ |
164 | | - (echo 'Missing pe_repo packages for ${TAG}'; ls -ld /opt/puppetlabs/server/data/packages/public/*; exit 1)" \ |
165 | | - -i spec/fixtures/litmus_inventory.yaml \ |
166 | | - --targets "$MASTER" |
| 185 | + (echo Missing pe_repo packages for ${TAG}; ls -ld /opt/puppetlabs/server/data/packages/public/*; exit 1)'" \ |
| 186 | + -i spec/fixtures/litmus_inventory.yaml --targets "$MASTER" |
167 | 187 |
|
168 | 188 | - name: Install Agents |
169 | 189 | env: |
|
0 commit comments