Use value from hiera hash in Yaml - puppet

In Hiera (Puppet 4.10), I have a YAML entry that looks like this:
xyz::some_name: "%{hiera('abc::query')}"
where the result of hiera('abc::query') is a single-element array containing a hash with one value in it:
[{data => some_value}]
What I want to do is set some_name to some_value.
I have tried
xyz::some_name: "%{hiera('abc::query.0.data')}"
and
xyz::some_name: "%{hiera('abc::query')[0][data]}"
(I can use the latter form, as ${hiera('abc::query')[0][data]} in a Puppet manifest just fine)
What's the correct way to index into a hiera lookup in a YAML file ?

Related

Is there a way to input variable values from outside to terraform main file?

Is there a way I can input variable values from outside to terraform main file. It can be a excel sheet or sql db. Is it possible to do so ?
What you can't currently do is point you cmdline at a db i.e. to replace a tfvars file, but what you can set up in Terraform is to use a number of different key value stores:
consul
https://www.terraform.io/intro/examples/consul.html
aws parameter store (using a resource or data)
https://www.terraform.io/docs/providers/aws/d/ssm_parameter.html
There are quite a number of other key/value stores to choose from but there's no zero code solution and you will end up with lots of these statements:
Setup a key in Consul to provide inputs
data "consul_keys" "input" {
key {
name = "size"
path = "tf_test/size"
default = "m1.small"
}
}
There are many ways to do that;
You can use a tfvars file with all your inputs and you can use one file customer, user, environment
You can pass the variables to terraform executable on the command line
You can define environment files prefixed wit TF_VAR_[variable]
You can use https://www.terraform.io/docs/providers/aws/d/ssm_parameter.html as suggested above
You can even store variables in DynamoDB or any other database
You can use Consult+Vault as well

Using env variables in swagger.yaml in nodejs

Trying to figure out how can i access the env variable inside swagger.yaml configuration file.
The variable can be access inside the nodejs application using process.env.VARNAME. I want to use the same variable inside swagger.yaml file.
something like
definations:
myvariabledetail: "${process.env.VARNAME}"
. I already tried different combinations including "${process.env.VARNAME}",${process.env.VARNAME},${VARNAME} etc.
YAML as a text file format doesn't know anything about environment variables. A solution would be to load the YAML and then have code that uses a regex to find the environment variables and replace them with the current values. Then finally pass that resulting string into your YAML parser.
You can use envsub:
const envsub = require('envsub');
envsub({
templateFile: `${__dirname}/input.yml`,
outputFile: '/dev/null', // or filename to save result
})
.then(({ outputContents }) => console.log(outputContents));

Access Facter hash key in Puppet

I am creating a manifest to get an Agent's partition name.
The fact $partitions shows the detail of the partition info.
{"xvda1"=>{"uuid"=>"d1697425-49d0-4c9f-9901-5f9260be8196", "size"=>"83859300", "mount"=>"/", "label"=>"cloudimg-rootfs", "filesystem"=>"ext4"}}
But, I just want to get the name part (xvda1) and use it as a variable for a configuration file.
Is there any way to filter the output in Puppet?
The fastest way to solve this would be to use the keys function from puppetlabs/stdlib: https://forge.puppet.com/puppetlabs/stdlib/readme.
keys()
Returns the keys of a hash as an array. Type: rvalue.
With that function, we can transform the output hash from Facter into an array of the keys and access its elements normally. Assuming that xvda1 is the 0th element,
Facter 2:
$variable = keys($::partitions)[0]
Facter 3:
$variable = keys($facts['partitions'])[0]

Hiera only run the first match

I would like to create a default users for all servers, but in addition of this default uses, only for specific servers I want to create in addition of the default users a specifics ones.
My problem is that when I run puppet agent -t, puppet only create the users for the first match. If the server match in - node/%{::fqdn} create only the specific users but not the default ones.
in /etc/puppet/hiera.yaml I have the follow:
:backends:
- yaml
:yaml:
:datadir: "/etc/puppet/hieradata"
:hierarchy:
- node/%{::fqdn}
- common
How I can set up hiera in order to always run the common file?
Please use hiera hash merge. Define merge behaviour in hiera.yaml, possible values are native, deep, deeper e.g:
:merge_behavior: deeper
And than just use hiera. According to documentation:
In a deeper hash merge, Hiera recursively merges keys and values in each source hash.
Here you have merge behaviour in examples.
UPDATE:
I have setup the following simple example:
hiera.yaml:
:hierarchy:
- apps
- common
:merge_behavior: deeper
apps.yaml:
test_hash:
abc1:
value: apps
abc2:
value: apps
common.yaml:
test_hash:
abc1:
value: comm
abc3:
value: comm
test_hash.pp
class test_hash
{
$normal_hash = hiera('test_hash')
$hiera_hash = hiera_hash('test_hash')
notify{ " normal: ${normal_hash}":}
notify{ " hiera : ${hiera_hash}":}
}
include test_hash
Next call puppet script puppet apply test_hash.pp
In result:
Notice: normal: {"abc1"=>{"value"=>"apps"}, "abc2"=>{"value"=>"apps"}}
Notice: hiera : {"abc1"=>{"value"=>"apps"}, "abc3"=>{"value"=>"comm"}, "abc2"=>{"value"=>"apps"}}}
UPDATE2:
You can also consider using merge function from stdlib. But probably to use it you will have to change a bit your architecture e.g:
In common define common values, in node/%{::fqdn} define node specific values, and than use it as in example:
$common_hash = hiera('something_from_common')
$node_hash = hiera('something_from_fqdn')
$merged_hash = merge($node_hash, $common_hash)
(Yes it is a bit ugly :))

Puppet: hiera hash keys based on hostname never retrieves value

I am using a Hiera hash to hold some token values which are host-specific. the keys within the hash correspond to the hostname/certname of the node(s) that'll be classified with the profile module that calls the hash value. However, when I apply the module, the value which corresponds to the hash key for the host is always null. Here's the code I'm working with.
in hiera-file.yaml
token_lookup:
host-name1: 'abcdef123'
host-name2: 'abbcde456'
and in profile.pp
$_tokens = hiera_hash('token_lookup', undef, 'hiera-file')
$_specific_token = $_tokens["${::hostname}"] <== never gets a value
I'm certain that the hostname matches the key in the hash. The question is, what's the right syntax here for getting the value from the hiera-file to populate properly? Thank you in advance for the advice.
edit: I believe I have discovered an issue when the hash key has a literal '-' character in it, as many hostnames do. I updated the hash to show keys with dashes in it, and should now ask a more specific question: I see dozens of articles about how to escape characters in the values of hashes by using double quotes, but I don't see anything - even on yaml.org - about how to escape the character if it appears as part of the key. Any tips on this issue? A YAML parser shows that this is valid syntactically, but I believe it is treating the '-' as a collection marker instead of a literal character.
Your code is correct, I test it as below, seems it didn't target the right yaml file in your environment. Check the hierarchy setting, and put the token key-value in the right place.
If I put the yaml file to global.yaml(If hiera can't find the key, it will always go to the last one in my hiera.yaml setting)
I rebuilt it with simplest setting:
$ cat /etc/hiera.yaml:
---
:backends:
- yaml
:hierarchy:
- defaults
- "%{clientcert}"
- "%{environment}"
- global
:yaml:
# datadir is empty here, so hiera uses its defaults:
# - /var/lib/hiera on *nix
# - %CommonAppData%\PuppetLabs\hiera\var on Windows
# When specifying a datadir, make sure the directory exists.
:datadir:
$ cat /var/lib/hiera/global.yaml
token_lookup:
host-name1: 'abcdef123'
host-name2: 'abbcde456'
$ cat profile.pp
$_tokens = hiera_hash('token_lookup', undef, 'hiera-file')
notice ("tokens is $_tokens")
$_specific_token = $_tokens["${::hostname}"]
notice ("token is $_specific_token ")
Then I run puppet apply, I can see the result
$ FACTER_hostname='host-name1' puppet apply profile.pp --hiera_config /etc/hiera.yaml
Notice: Scope(Class[main]): tokens is host-name1abcdef123host-name2abbcde456
Notice: Scope(Class[main]): token is abcdef123
Notice: Compiled catalog for host-name1 in environment production in 0.04 seconds
Notice: Finished catalog run in 0.07 seconds
$ FACTER_hostname='host-name2' puppet apply profile.pp --hiera_config /etc/hiera.yaml
Notice: Scope(Class[main]): tokens is host-name1abcdef123host-name2abbcde456
Notice: Scope(Class[main]): token is abbcde456
Notice: Compiled catalog for host-name2 in environment production in 0.04 seconds
Notice: Finished catalog run in 0.02 seconds
root#ac976d6d79fb:~#
I think hiera_hash is not what you want.
hiera_hash:
Uses a hash merge lookup. Expects every value in the hierarchy for a given key to be a hash, and merges the top-level keys in each hash into a single hash. Note that this does not do a deep-merge in the case of nested structures.
Change:
$_tokens = hiera_hash('token_lookup', undef, 'hiera-file')
to
$_tokens = hiera('token_lookup', {}) #it will create empty hash if it couldn't find 'token_lookup' variable.
Please also check the following example:
# /etc/puppet/hieradata/appservers.yaml
---
proxies:
- hostname: lb01.example.com
ipaddress: 192.168.22.21
- hostname: lb02.example.com
ipaddress: 192.168.22.28
# Get the structured data:
$proxies = hiera('proxies')
# Index into the structure:
$use_ip = $proxies[1]['ipaddress'] # will be 192.168.22.28

Resources