Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
61 changes: 0 additions & 61 deletions .sync.yml

This file was deleted.

201 changes: 0 additions & 201 deletions CONTRIBUTING.md

This file was deleted.

30 changes: 22 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
![](https://github.com/albatrossflavour/puppet_os_patching/actions/workflows/main.yml/badge.svg?branch=master)

# os_patching

[![CI](https://github.com/voxpupuli/puppet-os_patching/actions/workflows/main.yml/badge.svg)](https://github.com/voxpupuli/puppet-os_patching/actions/workflows/main.yml)
[![Donated by albatrossflavor](https://img.shields.io/badge/donated%20by-albatrossflavor-fb7047.svg)](#transfer-notice)

This module contains a set of tasks and custom facts to allow the automation of and reporting on operating system patching. Currently, patching works on Linux (Redhat, Suse and Debian derivatives) and Windows (Server 2008 through to 2019 have been tested). FreeBSD support is a work in progress and is currently reporting only.

Under the hood, it uses the OS level tools or APIs to carry out the actual patching. That does mean that you need to be sure that your nodes can search for their updates using the native tool - e.g. You still need to manage the configuration of YUM, APT, Zypper or Windows Update.
Expand All @@ -10,7 +11,7 @@ Under the hood, it uses the OS level tools or APIs to carry out the actual patch

**Note** - FreeBSD support is currently limited to reporting patch state only. Actual patching will be enabled in a future release.

[The wiki](https://github.com/albatrossflavour/puppet_os_patching/wiki/Background) contains some useful background information on the module and how it works.
[The wiki](https://github.com/voxpupuli/puppet-os_patching/wiki/Background) contains some useful background information on the module and how it works.

## Description

Expand All @@ -35,28 +36,33 @@ Install the module using the Puppetfile, include it on your nodes and then use t
## Usage

### Manifest

Include the module:

```puppet
include os_patching
```

More advanced usage:

```puppet
class { 'os_patching':
patch_window => 'Week3',
blackout_windows => { 'End of year change freeze':
{
'start': '2018-12-15T00:00:00+1000',
'end': '2019-01-15T23:59:59+1000',
}
blackout_windows => {
'End of year change freeze' => {
'start' => '2018-12-15T00:00:00+10:00',
'end' => '2019-01-15T23:59:59+10:00',
},
},
}
```

In that example, the node is assigned to a "patch window", will be forced to reboot regardless of the setting specified in the task and has a blackout window defined for the period of 2018-12-15 - 2019-01-15, during which time no patching through the task can be carried out.

### Task

Run a basic patching task from the command line:

```bash
os_patching::patch_server - Carry out OS patching on the server, optionally including a reboot and/or only applying security-related updates

Expand All @@ -77,6 +83,7 @@ PARAMETERS:
```

Example:

```bash
$ puppet task run os_patching::patch_server --params='{"reboot": "patched", "security_only": false}' --query="inventory[certname] { facts.os_patching.patch_window = 'Week3' and facts.os_patching.blocked = false and facts.os_patching.package_update_count > 0}"
```
Expand Down Expand Up @@ -266,6 +273,7 @@ If patching was blocked, the task will report similar to below:
Error: Task exited: 100
Patching blocked
```

A summary of the patch run is also written to `/var/cache/os_patching/run_history`, the last line of which is used by the `os_patching.last_run` fact.

```bash
Expand Down Expand Up @@ -362,3 +370,9 @@ Fork, develop, submit a pull request
- [Jake Rogers](https://github.com/JakeTRogers)
- [Nathan Giuliani](https://github.com/nathangiuliani)
- [Massimiliano Adamo](https://github.com/maxadamo)

## Transfer Notice

This project was originally authored by @albatrossflavour.
The maintainer preferred that Vox Pupuli take ownership of the project for future improvement and maintenance.
Existing pull requests and issues were transferred over, please fork and continue to contribute here instead of albatrossflavour/puppet_os_patching.
10 changes: 5 additions & 5 deletions REFERENCE.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,11 +37,11 @@ the `os_patching` fact.
class { 'os_patching':
patch_window => 'Week3',
reboot_override => 'always',
blackout_windows => { 'End of year change freeze':
{
'start': '2018-12-15T00:00:00+10:00',
'end': '2019-01-15T23:59:59+10:00',
}
blackout_windows => {

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is still listed in the init.pp: https://github.com/voxpupuli/puppet_os_patching/blob/development/manifests/init.pp#L103. you will have to adjust that as well.

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i will put this into an issue, just want to sync branches now and then switch to main as default branch and delete development

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

development is the default branch atm

'End of year change freeze' => {
'start' => '2018-12-15T00:00:00+10:00',
'end' => '2019-01-15T23:59:59+10:00',
},
},
}
```
Expand Down
10 changes: 5 additions & 5 deletions metadata.json
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{
"name": "albatrossflavour-os_patching",
"name": "puppet-os_patching",
"version": "0.22.0",
"author": "albatrossflavour",
"author": "Vox Pupuli",
"summary": "Perform OS level patching through tasks and report on patch levels through facts",
"license": "Apache-2.0",
"source": "https://github.com/albatrossflavour/puppet_os_patching",
"project_page": "https://github.com/albatrossflavour/puppet_os_patching",
"issues_url": "https://github.com/albatrossflavour/puppet_os_patching/issues",
"source": "https://github.com/voxpupuli/puppet-os_patching",
"project_page": "https://github.com/voxpupuli/puppet-os_patching",
"issues_url": "https://github.com/voxpupuli/puppet-os_patching/issues",
"dependencies": [
{
"name": "puppetlabs-stdlib",
Expand Down
Loading