From 82e6790719244576adfd7aa159e7fdb01ba0edfb Mon Sep 17 00:00:00 2001 From: Justin Stoller Date: Wed, 29 May 2024 09:16:05 -0700 Subject: [PATCH] (maint) No longer apply settings catalog on start up On initialization of a JRuby instance, Puppet will compile and apply a catalog containing resources for the configured directories specified in the appropriate settings sections. The goal of this is to ensure any directories Puppet requires exist. In practice this should be managed by our packages. Attempting to apply a catalog every time a JRuby instance is unnecessary, slow, and causes race conditions when attempting to instantiate JRuby instances in parallel. --- .../ca_files_test/puppet.conf | 20 ---- .../puppet/server/log_collector.rb | 2 + .../puppetserver-lib/puppet/server/logger.rb | 2 + .../puppetserver-lib/puppet/server/logging.rb | 2 + .../puppet/server/puppet_config.rb | 9 +- .../services/master/master_service_test.clj | 97 ++++++------------- 6 files changed, 43 insertions(+), 89 deletions(-) delete mode 100644 dev-resources/puppetlabs/services/master/master_service_test/ca_files_test/puppet.conf diff --git a/dev-resources/puppetlabs/services/master/master_service_test/ca_files_test/puppet.conf b/dev-resources/puppetlabs/services/master/master_service_test/ca_files_test/puppet.conf deleted file mode 100644 index 25ac97234..000000000 --- a/dev-resources/puppetlabs/services/master/master_service_test/ca_files_test/puppet.conf +++ /dev/null @@ -1,20 +0,0 @@ -[main] -certname = localhost - -cadir = target/master-service-test/ca-files-test/ca -vardir = target/master-service-test/ca-files-test/var -ssldir = target/master-service-test/ca-files-test/ssl - -capub = target/master-service-test/ca-files-test/ca/ca_pub.pem -cakey = target/master-service-test/ca-files-test/ca/ca_key.pem -cacert = target/master-service-test/ca-files-test/ca/ca_crt.pem -localcacert = target/master-service-test/ca-files-test/ca/ca.pem -cacrl = target/master-service-test/ca-files-test/ca/ca_crl.pem -hostcrl = target/master-service-test/ca-files-test/ca/crl.pem - -hostpubkey = target/master-service-test/ca-files-test/public_keys/localhost.pem -hostprivkey = target/master-service-test/ca-files-test/private_keys/localhost.pem -hostcert = target/master-service-test/ca-files-test/certs/localhost.pem - -serial = target/master-service-test/ca-files-test/certs/serial -cert_inventory = target/master-service-test/ca-files-test/inventory.txt diff --git a/src/ruby/puppetserver-lib/puppet/server/log_collector.rb b/src/ruby/puppetserver-lib/puppet/server/log_collector.rb index 01ec5c18d..4fcf46742 100644 --- a/src/ruby/puppetserver-lib/puppet/server/log_collector.rb +++ b/src/ruby/puppetserver-lib/puppet/server/log_collector.rb @@ -1,3 +1,5 @@ +require 'puppet/util/log' + module Puppet module Server # Log to an array, just for testing. diff --git a/src/ruby/puppetserver-lib/puppet/server/logger.rb b/src/ruby/puppetserver-lib/puppet/server/logger.rb index 1ee1f02d1..db2b7194a 100644 --- a/src/ruby/puppetserver-lib/puppet/server/logger.rb +++ b/src/ruby/puppetserver-lib/puppet/server/logger.rb @@ -1,3 +1,5 @@ +require 'puppet' +require 'puppet/util' require 'puppet/server' require 'java' diff --git a/src/ruby/puppetserver-lib/puppet/server/logging.rb b/src/ruby/puppetserver-lib/puppet/server/logging.rb index 5d49059d2..de1abb8a0 100644 --- a/src/ruby/puppetserver-lib/puppet/server/logging.rb +++ b/src/ruby/puppetserver-lib/puppet/server/logging.rb @@ -1,3 +1,5 @@ +require 'puppet' +require 'puppet/util/log' require 'puppet/server/log_collector' module Puppet diff --git a/src/ruby/puppetserver-lib/puppet/server/puppet_config.rb b/src/ruby/puppetserver-lib/puppet/server/puppet_config.rb index afd1d8b90..d140afcc8 100644 --- a/src/ruby/puppetserver-lib/puppet/server/puppet_config.rb +++ b/src/ruby/puppetserver-lib/puppet/server/puppet_config.rb @@ -1,6 +1,13 @@ require 'puppet/server' require 'puppet/server/logger' require 'puppet/server/http_client' +require 'puppet/indirector/indirection' +require 'puppet/file_serving/content' +require 'puppet/file_serving/metadata' +require 'puppet/file_bucket/file' +require 'puppet/node' +require 'puppet/application_support' +require 'puppet/ssl/oids' class Puppet::Server::PuppetConfig @@ -88,8 +95,6 @@ def self.initialize_puppet(puppet_config:) Puppet.push_context(dummy_ssl_context) end - Puppet.settings.use :main, :server, :ssl, :metrics - if Puppet::Indirector::Indirection.method_defined?(:set_global_setting) Puppet::FileServing::Content.indirection.set_global_setting(:terminus_class, :file_server) Puppet::FileServing::Metadata.indirection.set_global_setting(:terminus_class, :file_server) diff --git a/test/integration/puppetlabs/services/master/master_service_test.clj b/test/integration/puppetlabs/services/master/master_service_test.clj index c800ab8e9..6f526c3d9 100644 --- a/test/integration/puppetlabs/services/master/master_service_test.clj +++ b/test/integration/puppetlabs/services/master/master_service_test.clj @@ -316,45 +316,6 @@ (+ (:duration-millis requested-instance) (:time requested-instance)))))))))))))) -(deftest ^:integration ca-files-test - (testing "CA settings from puppet are honored and the CA - files are created when the service starts up" - (let [ca-files-test-runtime-dir (str master-service-test-runtime-dir - "/ca-files-test") - ca-files-test-puppet-conf (fs/file test-resources-path - "ca_files_test/puppet.conf")] - (fs/delete-dir ca-files-test-runtime-dir) - (testutils/with-puppet-conf-files - {"puppet.conf" ca-files-test-puppet-conf} - ca-files-test-runtime-dir - (logutils/with-test-logging - (bootstrap-testutils/with-puppetserver-running - app - {:jruby-puppet {:gem-path gem-path - :server-conf-dir ca-files-test-runtime-dir - :max-active-instances 1} - :webserver {:port 8081}} - (let [jruby-service (tk-app/get-service app :JRubyPuppetService)] - (jruby-service/with-jruby-puppet - jruby-puppet jruby-service :ca-files-test - (letfn [(test-path! - [setting expected-path] - (is (= (ks/absolute-path expected-path) - (.getSetting jruby-puppet setting))) - (is (fs/exists? (ks/absolute-path expected-path))))] - - (test-path! "capub" (str ca-files-test-runtime-dir "/ca/ca_pub.pem")) - (test-path! "cakey" (str ca-files-test-runtime-dir "/ca/ca_key.pem")) - (test-path! "cacert" (str ca-files-test-runtime-dir "/ca/ca_crt.pem")) - (test-path! "localcacert" (str ca-files-test-runtime-dir "/ca/ca.pem")) - (test-path! "cacrl" (str ca-files-test-runtime-dir "/ca/ca_crl.pem")) - (test-path! "hostcrl" (str ca-files-test-runtime-dir "/ca/crl.pem")) - (test-path! "hostpubkey" (str ca-files-test-runtime-dir "/public_keys/localhost.pem")) - (test-path! "hostprivkey" (str ca-files-test-runtime-dir "/private_keys/localhost.pem")) - (test-path! "hostcert" (str ca-files-test-runtime-dir "/certs/localhost.pem")) - (test-path! "serial" (str ca-files-test-runtime-dir "/certs/serial")) - (test-path! "cert_inventory" (str ca-files-test-runtime-dir "/inventory.txt"))))))))))) - (def graphite-enabled-config {:metrics {:server-id "localhost" :reporters {:graphite {:update-interval-seconds 5000 @@ -729,34 +690,36 @@ (is (= 404 (:status resp))))))) (deftest ^:integration facts-upload-api - (bootstrap-testutils/with-puppetserver-running - app - {:jruby-puppet {:gem-path gem-path - :max-active-instances 2 ; we need 2 jruby-instances since processing the upload uses an instance - :server-code-dir test-resources-code-dir - :server-conf-dir master-service-test-runtime-dir - :server-var-dir (fs/tmpdir)}} - (let [jruby-service (tk-app/get-service app :JRubyPuppetService) - jruby-instance (jruby-testutils/borrow-instance jruby-service :facts-upload-endpoint-test) - container (:scripting-container jruby-instance)] - (try - (let [facts (.runScriptlet container "facts = Puppet::Node::Facts.new('puppet.node.test') - facts.values['foo'] = 'bar' - facts.to_json") - response (http-put "/puppet/v3/facts/puppet.node.test?environment=production" facts)] - - (testing "Puppet Server responds to PUT requests for /puppet/v3/facts" - (is (= 200 (:status response)))) - - (testing "Puppet Server saves facts to the configured facts terminus" - ;; Ensure the test is configured properly - (is (= "yaml" (.runScriptlet container "Puppet::Node::Facts.indirection.terminus_class"))) - (let [stored-facts (-> (.runScriptlet container "facts = Puppet::Node::Facts.indirection.find('puppet.node.test') - (facts.nil? ? {} : facts).to_json") - (json/parse-string))] - (is (= "bar" (get-in stored-facts ["values" "foo"])))))) - (finally - (jruby-testutils/return-instance jruby-service jruby-instance :facts-upload-endpoint-test)))))) + (let [tmpdir (fs/tmpdir)] + (fs/mkdir (str tmpdir "/yaml")) + (bootstrap-testutils/with-puppetserver-running + app + {:jruby-puppet {:gem-path gem-path + :max-active-instances 2 ; we need 2 jruby-instances since processing the upload uses an instance + :server-code-dir test-resources-code-dir + :server-conf-dir master-service-test-runtime-dir + :server-var-dir (fs/tmpdir)}} + (let [jruby-service (tk-app/get-service app :JRubyPuppetService) + jruby-instance (jruby-testutils/borrow-instance jruby-service :facts-upload-endpoint-test) + container (:scripting-container jruby-instance)] + (try + (let [facts (.runScriptlet container "facts = Puppet::Node::Facts.new('puppet.node.test') + facts.values['foo'] = 'bar' + facts.to_json") + response (http-put "/puppet/v3/facts/puppet.node.test?environment=production" facts)] + + (testing "Puppet Server responds to PUT requests for /puppet/v3/facts" + (is (= 200 (:status response)))) + + (testing "Puppet Server saves facts to the configured facts terminus" + ;; Ensure the test is configured properly + (is (= "yaml" (.runScriptlet container "Puppet::Node::Facts.indirection.terminus_class"))) + (let [stored-facts (-> (.runScriptlet container "facts = Puppet::Node::Facts.indirection.find('puppet.node.test') + (facts.nil? ? {} : facts).to_json") + (json/parse-string))] + (is (= "bar" (get-in stored-facts ["values" "foo"])))))) + (finally + (jruby-testutils/return-instance jruby-service jruby-instance :facts-upload-endpoint-test))))))) (deftest ^:integration v4-queue-limit (bootstrap-testutils/with-puppetserver-running