diff --git a/.sync.yml b/.sync.yml deleted file mode 100644 index 518f425..0000000 --- a/.sync.yml +++ /dev/null @@ -1,61 +0,0 @@ ---- -appveyor.yml: - unmanaged: true - -.gitignore: - required: - - ---.project - -.gitlab-ci.yml: - unmanaged: true - -.travis.yml: - unmanaged: true - # docker_sets: - # - set: docker/centos-7 - # - set: docker/ubuntu-14.04 - # docker_defaults: - # bundler_args: "" - # secure: "" - # branches: - # - release - -.rubocop.yml: - default_configs: - inherit_from: .rubocop_todo.yml - require: - - rubocop-i18n - - rubocop-rspec - -Gemfile: - optional: - ':development': - - gem: puppet-lint-i18n - - gem: 'github_changelog_generator' - git: 'https://github.com/skywinder/github-changelog-generator' - ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' - condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2')" - required: - ':system_tests': - - gem: 'puppet-module-posix-system-r#{minor_version}' - platforms: ruby - - gem: 'puppet-module-win-system-r#{minor_version}' - platforms: - - mswin - - mingw - - x64_mingw - - gem: 'puppet_litmus' - platforms: - - ruby - - mswin - - mingw - - x64_mingw - condition: "ENV['PUPPET_GEM_VERSION'].nil? or ENV['PUPPET_GEM_VERSION'] !~ %r{ 5}" -Rakefile: - requires: - - puppet_pot_generator/rake_tasks - use_litmus_tasks: true - -spec/spec_helper.rb: - mock_with: ':rspec' - coverage_report: true diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md deleted file mode 100644 index 7bff0b9..0000000 --- a/CONTRIBUTING.md +++ /dev/null @@ -1,201 +0,0 @@ -# Contributing to os_patching - -:+1::tada: Welcome and thanks for considering contributing to the os_patching module :tada::+1: - -Below are some instructions to get you started doing that very thing while setting expectations around code quality as well as a few tips for making the process as easy as possible. - -### Table of Contents - -1. [Getting Started](#getting-started) -1. [Commit Checklist](#commit-checklist) -1. [Submission](#submission) -1. [More about commits](#more-about-commits) -1. [Testing](#testing) - - [Running Tests](#running-tests) -1. [Get Help](#get-help) - -## Getting Started - -- Fork the module repository on GitHub and clone to your workspace - -- Create a branch for your changes - -- Make your changes! - -## Commit Checklist - -### The Basics - -- [x] my commit is a single logical unit of work - -- [x] I have checked for unnecessary whitespace with "git diff --check" - -- [x] my commit does not include commented out code or unneeded files - -### The Content - -- [x] my commit includes tests for the bug I fixed or feature I added - -- [x] my commit includes appropriate documentation changes if it is introducing a new feature or changing existing functionality - -- [x] my code passes existing test suites - -### The Commit Message - -- [x] the first line of my commit message includes: - - - [x] an issue number (if applicable), e.g. "(MODULES-xxxx) This is the first line" - - - [x] a short description (50 characters is the soft limit, excluding ticket number(s)) - -- [x] the body of my commit message: - - - [x] is meaningful - - - [x] uses the imperative, present tense: "change", not "changed" or "changes" - - - [x] includes motivation for the change, and contrasts its implementation with the previous behavior - -## Submission - -### Pre-requisites - -- Make sure you have a [GitHub account](https://github.com/join) - -- [Create a ticket](https://github.com/albatrossflavour/puppet_os_patching/issues/new/choose) if one [does not already exist](https://github.com/albatrossflavour/puppet_os_patching/issues). - -### Push and PR - -- Push your changes to your fork - -- [Open a Pull Request](https://help.github.com/articles/creating-a-pull-request-from-a-fork/) against the repository - -## More about commits - - 1. Make separate commits for logically separate changes. - - Please break your commits down into logically consistent units - which include new or changed tests relevant to the rest of the - change. The goal of doing this is to make the diff easier to - read for whoever is reviewing your code. In general, the easier - your diff is to read, the more likely someone will be happy to - review it and get it into the code base. - - If you are going to refactor a piece of code, please do so as a - separate commit from your feature or bug fix changes. - - We also really appreciate changes that include tests to make - sure the bug is not re-introduced, and that the feature is not - accidentally broken. - - Describe the technical detail of the change(s). If your - description starts to get too long, that is a good sign that you - probably need to split up your commit into more finely grained - pieces. - - Commits which plainly describe the things which help - reviewers check the patch and future developers understand the - code are much more likely to be merged in with a minimum of - bike-shedding or requested changes. Ideally, the commit message - would include information, and be in a form suitable for - inclusion in the release notes for the version of Puppet that - includes them. - - Please also check that you are not introducing any trailing - whitespace or other "whitespace errors". You can do this by - running "git diff --check" on your changes before you commit. - - 2. Sending your patches - - To submit your changes via a GitHub pull request, we _highly_ - recommend that you have them on a topic branch, instead of - directly on "master". - It makes things much easier to keep track of, especially if - you decide to work on another thing before your first change - is merged in. - - GitHub has some pretty good - [general documentation](http://help.github.com/) on using - their site. They also have documentation on - [creating pull requests](https://help.github.com/articles/creating-a-pull-request-from-a-fork/). - - In general, after pushing your topic branch up to your - repository on GitHub, you can switch to the branch in the - GitHub UI and click "Pull Request" towards the top of the page - in order to open a pull request. - - 3. Update the related issue. - - If there is an issue associated with the change you - submitted, then you should update the ticket to include the - location of your branch, along with any other commentary you - may wish to make. - -# Testing - -## Getting Started - -The os_patching module provides [`Gemfile`](./Gemfile)s, which can tell a Ruby package manager such as [bundler](http://bundler.io/) what Ruby packages, or Gems, are required to build, develop, and test this software. - -Please make sure you have [bundler installed](http://bundler.io/#getting-started) on your system, and then use it to install all dependencies needed for this project in the project root by running - -```shell -% bundle install --path .bundle/gems -Fetching gem metadata from https://rubygems.org/........ -Fetching gem metadata from https://rubygems.org/.. -Using rake (10.1.0) -Using builder (3.2.2) --- 8><-- many more --><8 -- -Using rspec-system-puppet (2.2.0) -Using serverspec (0.6.3) -Using rspec-system-serverspec (1.0.0) -Using bundler (1.3.5) -Your bundle is complete! -Use `bundle show [gemname]` to see where a bundled gem is installed. -``` - -NOTE: some systems may require you to run this command with sudo. - -If you already have those gems installed, make sure they are up-to-date: - -```shell -% bundle update -``` - -## Running Tests - -With all dependencies in place and up-to-date, run the tests: - -### Validation Tests - -```shell -% make validate -``` - -The validation tests will ensure the metadata and code are syntactically correct and that they meet the [style guide](https://puppet.com/docs/puppet/latest/style_guide.html). This includes the YAML, JSON, EPP, ERB and ruby files. - -### Unit Tests - -```shell -% make unit -``` - -This executes all the [rspec tests](http://rspec-puppet.com/) defined in spec/classes. The tests compile catalogs using sample fact sets for each OS listed in the `metadata.json` file, providing the catalog compiles, it then validates that the resources you've defined are present in the catalog. - -rspec tests may have the same kind of dependencies as the module they are testing. Although the module defines these dependencies in its [metadata.json](./metadata.json), rspec tests define them in [.fixtures.yml](./fixtures.yml). - -### Acceptance Tests - -```shell -% make acceptance -``` - -The module also has acceptance tests, which use [litmus](https://github.com/puppetlabs/puppet_litmus). Litmus uses docker to stand up a range of environments, installs the puppet agent, applies the module and then validates that the desired results have been achieved in a single run. - - -# Get Help - -* [Puppet community slack](https://slack.puppet.com) - look for `@albatrossflavour` -* [Writing tests](https://puppet.com/docs/puppet/latest/bgtm.html#testing-your-module) -* [General GitHub documentation](http://help.github.com/) -* [GitHub pull request documentation](https://help.github.com/en/articles/creating-a-pull-request) diff --git a/README.md b/README.md index e962d86..7246e34 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,8 @@ -![](https://github.com/albatrossflavour/puppet_os_patching/actions/workflows/main.yml/badge.svg?branch=master) - # os_patching +[![CI](https://github.com/voxpupuli/puppet-os_patching/actions/workflows/main.yml/badge.svg)](https://github.com/voxpupuli/puppet-os_patching/actions/workflows/main.yml) +[![Donated by albatrossflavor](https://img.shields.io/badge/donated%20by-albatrossflavor-fb7047.svg)](#transfer-notice) + This module contains a set of tasks and custom facts to allow the automation of and reporting on operating system patching. Currently, patching works on Linux (Redhat, Suse and Debian derivatives) and Windows (Server 2008 through to 2019 have been tested). FreeBSD support is a work in progress and is currently reporting only. Under the hood, it uses the OS level tools or APIs to carry out the actual patching. That does mean that you need to be sure that your nodes can search for their updates using the native tool - e.g. You still need to manage the configuration of YUM, APT, Zypper or Windows Update. @@ -10,7 +11,7 @@ Under the hood, it uses the OS level tools or APIs to carry out the actual patch **Note** - FreeBSD support is currently limited to reporting patch state only. Actual patching will be enabled in a future release. -[The wiki](https://github.com/albatrossflavour/puppet_os_patching/wiki/Background) contains some useful background information on the module and how it works. +[The wiki](https://github.com/voxpupuli/puppet-os_patching/wiki/Background) contains some useful background information on the module and how it works. ## Description @@ -35,20 +36,23 @@ Install the module using the Puppetfile, include it on your nodes and then use t ## Usage ### Manifest + Include the module: + ```puppet include os_patching ``` More advanced usage: + ```puppet class { 'os_patching': patch_window => 'Week3', - blackout_windows => { 'End of year change freeze': - { - 'start': '2018-12-15T00:00:00+1000', - 'end': '2019-01-15T23:59:59+1000', - } + blackout_windows => { + 'End of year change freeze' => { + 'start' => '2018-12-15T00:00:00+10:00', + 'end' => '2019-01-15T23:59:59+10:00', + }, }, } ``` @@ -56,7 +60,9 @@ class { 'os_patching': In that example, the node is assigned to a "patch window", will be forced to reboot regardless of the setting specified in the task and has a blackout window defined for the period of 2018-12-15 - 2019-01-15, during which time no patching through the task can be carried out. ### Task + Run a basic patching task from the command line: + ```bash os_patching::patch_server - Carry out OS patching on the server, optionally including a reboot and/or only applying security-related updates @@ -77,6 +83,7 @@ PARAMETERS: ``` Example: + ```bash $ puppet task run os_patching::patch_server --params='{"reboot": "patched", "security_only": false}' --query="inventory[certname] { facts.os_patching.patch_window = 'Week3' and facts.os_patching.blocked = false and facts.os_patching.package_update_count > 0}" ``` @@ -266,6 +273,7 @@ If patching was blocked, the task will report similar to below: Error: Task exited: 100 Patching blocked ``` + A summary of the patch run is also written to `/var/cache/os_patching/run_history`, the last line of which is used by the `os_patching.last_run` fact. ```bash @@ -362,3 +370,9 @@ Fork, develop, submit a pull request - [Jake Rogers](https://github.com/JakeTRogers) - [Nathan Giuliani](https://github.com/nathangiuliani) - [Massimiliano Adamo](https://github.com/maxadamo) + +## Transfer Notice + +This project was originally authored by @albatrossflavour. +The maintainer preferred that Vox Pupuli take ownership of the project for future improvement and maintenance. +Existing pull requests and issues were transferred over, please fork and continue to contribute here instead of albatrossflavour/puppet_os_patching. diff --git a/REFERENCE.md b/REFERENCE.md index ef7e787..4dd8e69 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -37,11 +37,11 @@ the `os_patching` fact. class { 'os_patching': patch_window => 'Week3', reboot_override => 'always', - blackout_windows => { 'End of year change freeze': - { - 'start': '2018-12-15T00:00:00+10:00', - 'end': '2019-01-15T23:59:59+10:00', - } + blackout_windows => { + 'End of year change freeze' => { + 'start' => '2018-12-15T00:00:00+10:00', + 'end' => '2019-01-15T23:59:59+10:00', + }, }, } ``` diff --git a/metadata.json b/metadata.json index a0bf325..f05bac5 100644 --- a/metadata.json +++ b/metadata.json @@ -1,12 +1,12 @@ { - "name": "albatrossflavour-os_patching", + "name": "puppet-os_patching", "version": "0.22.0", - "author": "albatrossflavour", + "author": "Vox Pupuli", "summary": "Perform OS level patching through tasks and report on patch levels through facts", "license": "Apache-2.0", - "source": "https://github.com/albatrossflavour/puppet_os_patching", - "project_page": "https://github.com/albatrossflavour/puppet_os_patching", - "issues_url": "https://github.com/albatrossflavour/puppet_os_patching/issues", + "source": "https://github.com/voxpupuli/puppet-os_patching", + "project_page": "https://github.com/voxpupuli/puppet-os_patching", + "issues_url": "https://github.com/voxpupuli/puppet-os_patching/issues", "dependencies": [ { "name": "puppetlabs-stdlib",