fix: replace puppetdbquery with native PQL queries (#457)

Replace deprecated dalen-puppetdbquery module with native puppetdb_query
function using PQL syntax to resolve URI.escape compatibility issues.
This is required to migrated to Puppet 8 (and kubernetes).

Changes:
- Remove dalen-puppetdbquery dependency from Puppetfile
- Replace query_nodes() calls with puppetdb_query() using PQL syntax
- Update 27 function calls across 18 Puppet manifests
- Maintain equivalent functionality with improved compatibility

Reviewed-on: #457
This commit was merged in pull request #457.
This commit is contained in:
2026-03-21 22:35:42 +11:00
parent 1d41d07b2d
commit 476c8115c5
18 changed files with 169 additions and 44 deletions
-1
View File
@@ -53,7 +53,6 @@ mod 'saz-ssh', '13.1.0'
mod 'saz-limits', '5.0.0' mod 'saz-limits', '5.0.0'
mod 'ghoneycutt-timezone', '4.0.0' mod 'ghoneycutt-timezone', '4.0.0'
mod 'ghoneycutt-puppet', '3.3.0' mod 'ghoneycutt-puppet', '3.3.0'
mod 'dalen-puppetdbquery', '3.0.1'
mod 'markt-galera', '3.1.0' mod 'markt-galera', '3.1.0'
mod 'kogitoapp-minio', '1.1.4' mod 'kogitoapp-minio', '1.1.4'
mod 'broadinstitute-certs', '3.0.1' mod 'broadinstitute-certs', '3.0.1'
+6 -1
View File
@@ -22,7 +22,12 @@ class incus::cluster (
} }
# if it is, find hosts, sort them so they dont cause changes every run # if it is, find hosts, sort them so they dont cause changes every run
$servers_array = sort(query_nodes("enc_role='${members_role}' and region='${facts['region']}'", 'networking.fqdn')) $servers_array = sort(puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${members_role}' and
certname in facts[certname] { name = 'region' and value = '${facts['region']}' }
}"
).map |$fact| { $fact['certname'] })
# else use provided array from params # else use provided array from params
}else{ }else{
+6 -1
View File
@@ -20,7 +20,12 @@ class redisha::redis (
} }
# if it is, find hosts, sort them so they dont cause changes every run # if it is, find hosts, sort them so they dont cause changes every run
$servers_array = sort(query_nodes("enc_role='${redisha_members_role}' and region='${facts['region']}'", 'networking.fqdn')) $servers_array = sort(puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${redisha_members_role}' and
certname in facts[certname] { name = 'region' and value = '${facts['region']}' }
}"
).map |$fact| { $fact['certname'] })
# else use provided array from params # else use provided array from params
}else{ }else{
+6 -1
View File
@@ -23,7 +23,12 @@ class redisha::sentinel (
} }
# if it is, find hosts, sort them so they dont cause changes every run # if it is, find hosts, sort them so they dont cause changes every run
$servers_array = sort(query_nodes("enc_role='${redisha_members_role}' and region='${facts['region']}'", 'networking.fqdn')) $servers_array = sort(puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${redisha_members_role}' and
certname in facts[certname] { name = 'region' and value = '${facts['region']}' }
}"
).map |$fact| { $fact['certname'] })
# else use provided array from params # else use provided array from params
}else{ }else{
+21 -2
View File
@@ -167,7 +167,13 @@ class stalwart (
# Query cluster members for validation # Query cluster members for validation
$cluster_query = "enc_role='${cluster_role}' and country='${facts['country']}' and region='${facts['region']}'" $cluster_query = "enc_role='${cluster_role}' and country='${facts['country']}' and region='${facts['region']}'"
$cluster_members_raw = query_nodes($cluster_query, 'networking.fqdn') $cluster_members_raw = puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${cluster_role}' and
certname in facts[certname] { name = 'country' and value = '${facts['country']}' } and
certname in facts[certname] { name = 'region' and value = '${facts['region']}' }
}"
).map |$fact| { $fact['certname'] }
$cluster_members = $cluster_members_raw ? { $cluster_members = $cluster_members_raw ? {
undef => [], undef => [],
default => $cluster_members_raw, default => $cluster_members_raw,
@@ -180,7 +186,20 @@ class stalwart (
# Query HAProxy nodes for proxy trusted networks # Query HAProxy nodes for proxy trusted networks
$haproxy_query = "enc_role='${haproxy_role}' and country='${facts['country']}' and region='${facts['region']}'" $haproxy_query = "enc_role='${haproxy_role}' and country='${facts['country']}' and region='${facts['region']}'"
$haproxy_members_raw = query_nodes($haproxy_query, 'networking.ip') $haproxy_members_raw = puppetdb_query(
"facts[certname,value] {
name = 'networking' and
certname in facts[certname] {
name = 'enc_role' and value = '${haproxy_role}'
} and
certname in facts[certname] {
name = 'country' and value = '${facts['country']}'
} and
certname in facts[certname] {
name = 'region' and value = '${facts['region']}'
}
}"
).map |$fact| { $fact['value']['ip'] }
$haproxy_ips = $haproxy_members_raw ? { $haproxy_ips = $haproxy_members_raw ? {
undef => [], undef => [],
default => sort($haproxy_members_raw), default => sort($haproxy_members_raw),
+6 -1
View File
@@ -28,7 +28,12 @@ class profiles::consul::client (
} }
# if it is, find hosts, sort them so they dont cause changes every run # if it is, find hosts, sort them so they dont cause changes every run
$servers_array = sort(query_nodes("enc_role='${members_role}' and region='${::facts['region']}'", 'networking.fqdn')) $servers_array = sort(puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${members_role}' and
certname in facts[certname] { name = 'region' and value = '${::facts['region']}' }
}"
).map |$fact| { $fact['certname'] })
# else use provided array from params # else use provided array from params
}else{ }else{
+12 -2
View File
@@ -65,12 +65,22 @@ class profiles::consul::server (
} }
# if it is, find hosts, sort them so they dont cause changes every run # if it is, find hosts, sort them so they dont cause changes every run
$servers_array = sort(query_nodes("enc_role='${members_role}' and region='${::facts['region']}'", 'networking.fqdn')) $servers_array = sort(puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${members_role}' and
certname in facts[certname] { name = 'region' and value = '${::facts['region']}' }
}"
).map |$fact| { $fact['certname'] })
if $join_remote_regions { if $join_remote_regions {
# get all nodes in the members_role for each other region # get all nodes in the members_role for each other region
$region_to_servers = $remote_regions.reduce({}) |$memo, $region| { $region_to_servers = $remote_regions.reduce({}) |$memo, $region| {
$servers = sort(query_nodes("enc_role='${members_role}' and region='${region}'", 'networking.fqdn')) $servers = sort(puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${members_role}' and
certname in facts[certname] { name = 'region' and value = '${region}' }
}"
).map |$fact| { $fact['certname'] })
$memo + { $region => $servers } $memo + { $region => $servers }
} }
+22 -3
View File
@@ -18,9 +18,28 @@ class profiles::dns::base (
$nameserver_array = $ns_role ? { $nameserver_array = $ns_role ? {
undef => $nameservers, undef => $nameservers,
default => $use_ns ? { default => $use_ns ? {
'all' => query_nodes("enc_role='${ns_role}'", 'networking.ip'), 'all' => puppetdb_query(
'region' => query_nodes("enc_role='${ns_role}' and region=${facts['region']}", 'networking.ip'), "facts[certname,value] {
'country' => query_nodes("enc_role='${ns_role}' and country=${facts['country']}", 'networking.ip'), name = 'networking' and
certname in nodes[certname] { facts.enc_role = '${ns_role}' }
}"
).map |$fact| { $fact['value']['ip'] },
'region' => puppetdb_query(
"facts[certname,value] {
name = 'networking' and
certname in nodes[certname] {
facts.enc_role = '${ns_role}' and facts.region = '${facts['region']}'
}
}"
).map |$fact| { $fact['value']['ip'] },
'country' => puppetdb_query(
"facts[certname,value] {
name = 'networking' and
certname in nodes[certname] {
facts.enc_role = '${ns_role}' and facts.country = '${facts['country']}'
}
}"
).map |$fact| { $fact['value']['ip'] },
} }
} }
+18 -4
View File
@@ -20,9 +20,21 @@ class profiles::dns::master (
$nameservers_array = $ns_role ? { $nameservers_array = $ns_role ? {
undef => [$facts['networking']['fqdn']], undef => [$facts['networking']['fqdn']],
default => $use_ns ? { default => $use_ns ? {
'all' => sort(query_nodes("enc_role='${ns_role}'", 'networking.fqdn')), 'all' => sort(puppetdb_query(
'region' => sort(query_nodes("enc_role='${ns_role}' and region=${facts['region']}", 'networking.fqdn')), "facts[certname] { name = 'enc_role' and value = '${ns_role}' }"
'country' => sort(query_nodes("enc_role='${ns_role}' and country=${facts['country']}", 'networking.fqdn')), ).map |$fact| { $fact['certname'] }),
'region' => sort(puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${ns_role}' and
certname in facts[certname] { name = 'region' and value = '${facts['region']}' }
}"
).map |$fact| { $fact['certname'] }),
'country' => sort(puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${ns_role}' and
certname in facts[certname] { name = 'country' and value = '${facts['country']}' }
}"
).map |$fact| { $fact['certname'] }),
} }
} }
@@ -32,7 +44,9 @@ class profiles::dns::master (
$facts['networking']['fqdn'] => $facts['networking']['ip'] $facts['networking']['fqdn'] => $facts['networking']['ip']
}, },
default => $nameservers_array.reduce({}) |$acc, $fqdn| { default => $nameservers_array.reduce({}) |$acc, $fqdn| {
$result = query_nodes("networking.fqdn='${fqdn}'", 'networking.ip') $result = puppetdb_query(
"facts[certname,value] { name = 'networking' and certname = '${fqdn}' }"
).map |$fact| { $fact['value']['ip'] }
$ip = $result[0] $ip = $result[0]
$acc + { "${fqdn}." => $ip } $acc + { "${fqdn}." => $ip }
} }
+7 -2
View File
@@ -18,7 +18,12 @@ class profiles::etcd::node (
} }
# if it is, find hosts, sort them so they dont cause changes every run # if it is, find hosts, sort them so they dont cause changes every run
$servers_array = sort(query_nodes("enc_role='${members_role}' and region='${facts['region']}'", 'networking.fqdn')) $servers_array = sort(puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${members_role}' and
certname in facts[certname] { name = 'region' and value = '${facts['region']}' }
}"
).map |$fact| { $fact['certname'] })
# else use provided array from params # else use provided array from params
}else{ }else{
@@ -31,7 +36,7 @@ class profiles::etcd::node (
$initial_cluster = $servers_array.map |$fqdn| { $initial_cluster = $servers_array.map |$fqdn| {
# lookup the ip address for the current fqdn # lookup the ip address for the current fqdn
$ip = query_nodes("networking.fqdn='${fqdn}'", 'networking.ip')[0] $ip = puppetdb_query("facts[certname,value] { name = 'networking' and certname = '${fqdn}' }").map |$fact| { $fact['value']['ip'] }[0]
# construct the string for this server # construct the string for this server
"${fqdn}=https://${ip}:${peer_port}" "${fqdn}=https://${ip}:${peer_port}"
+8 -7
View File
@@ -30,13 +30,14 @@ class profiles::haproxy::dns (
} }
# if it is, find hosts, sort them so they dont cause changes every run # if it is, find hosts, sort them so they dont cause changes every run
$servers_array = sort(query_nodes( $servers_array = sort(puppetdb_query(
"enc_role='${facts['enc_role']}' and "facts[certname] {
country='${facts['country']}' and name = 'enc_role' and value = '${facts['enc_role']}' and
region='${facts['region']}' and certname in facts[certname] { name = 'country' and value = '${facts['country']}' } and
environment='${facts['environment']}'", certname in facts[certname] { name = 'region' and value = '${facts['region']}' } and
'networking.fqdn' certname in facts[certname] { name = 'environment' and value = '${facts['environment']}' }
)) }"
).map |$fact| { $fact['certname'] })
# give enough time for a few hosts to be provisioned # give enough time for a few hosts to be provisioned
if length($servers_array) >= 3 { if length($servers_array) >= 3 {
+9 -2
View File
@@ -98,8 +98,15 @@ class profiles::minio::server (
} }
# if it is, find hosts, sort them so they dont cause changes every run # if it is, find hosts, sort them so they dont cause changes every run
#$servers_array = sort(query_nodes("enc_role='${minio_members_role}'", 'networking.fqdn')) #$servers_array = sort(puppetdb_query(
$servers_array = sort(query_nodes("enc_role='${minio_members_role}' and minio_region='${minio_region}'", 'networking.fqdn')) # "facts[certname] { name = 'enc_role' and value = '${minio_members_role}' }"
#).map |$fact| { $fact['certname'] })
$servers_array = sort(puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${minio_members_role}' and
certname in facts[certname] { name = 'minio_region' and value = '${minio_region}' }
}"
).map |$fact| { $fact['certname'] })
# else use provided array from params # else use provided array from params
}else{ }else{
+15 -3
View File
@@ -26,9 +26,21 @@ class profiles::ntp::client (
$ntpserver_array = $ntp_role ? { $ntpserver_array = $ntp_role ? {
undef => $peers, undef => $peers,
default => $use_ntp ? { default => $use_ntp ? {
'all' => query_nodes("enc_role='${ntp_role}'", 'networking.fqdn'), 'all' => puppetdb_query(
'region' => query_nodes("enc_role='${ntp_role}' and region=${facts['region']}", 'networking.fqdn'), "facts[certname] { name = 'enc_role' and value = '${ntp_role}' }"
'country' => query_nodes("enc_role='${ntp_role}' and country=${facts['country']}", 'networking.fqdn'), ).map |$fact| { $fact['certname'] },
'region' => puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${ntp_role}' and
certname in facts[certname] { name = 'region' and value = '${facts['region']}' }
}"
).map |$fact| { $fact['certname'] },
'country' => puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${ntp_role}' and
certname in facts[certname] { name = 'country' and value = '${facts['country']}' }
}"
).map |$fact| { $fact['certname'] },
} }
} }
@@ -24,10 +24,13 @@ class profiles::proxmox::clusterinit {
} }
} }
$servers_array = sort(query_nodes( $servers_array = sort(puppetdb_query(
"enc_role='${membersrole}' and country='${facts['country']}' and region='${facts['region']}'", "facts[certname] {
'networking.fqdn' name = 'enc_role' and value = '${membersrole}' and
)) certname in facts[certname] { name = 'country' and value = '${facts['country']}' } and
certname in facts[certname] { name = 'region' and value = '${facts['region']}' }
}"
).map |$fact| { $fact['certname'] })
if ! $profiles::proxmox::params::pve_clusterinit_master { if ! $profiles::proxmox::params::pve_clusterinit_master {
if !empty($servers_array) { if !empty($servers_array) {
@@ -11,13 +11,14 @@ class profiles::proxmox::clusterjoin {
$root_password = $profiles::proxmox::params::root_password $root_password = $profiles::proxmox::params::root_password
# query puppetdb for list of cluster members # query puppetdb for list of cluster members
$members_array = sort(query_nodes( $members_array = sort(puppetdb_query(
"enc_role='${membersrole}' and \ "facts[certname] {
country='${facts['country']}' and \ name = 'enc_role' and value = '${membersrole}' and
region='${facts['region']}' and \ certname in facts[certname] { name = 'country' and value = '${facts['country']}' } and
pve_cluster.cluster_name='${clustername}'", certname in facts[certname] { name = 'region' and value = '${facts['region']}' } and
'networking.fqdn' certname in facts[certname] { name = 'pve_cluster' and value.cluster_name = '${clustername}' }
)) }"
).map |$fact| { $fact['certname'] })
# check if the pve kernerl is running # check if the pve kernerl is running
if $facts['kernelrelease'] == $profiles::proxmox::params::pve_kernel_release { if $facts['kernelrelease'] == $profiles::proxmox::params::pve_kernel_release {
+6 -1
View File
@@ -48,7 +48,12 @@ class profiles::sql::galera_member (
} }
# if it is, find hosts, sort them so they dont cause changes every run # if it is, find hosts, sort them so they dont cause changes every run
$servers_array = sort(query_nodes("enc_role='${galera_members_role}' and region='${facts['region']}'", 'networking.fqdn')) $servers_array = sort(puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${galera_members_role}' and
certname in facts[certname] { name = 'region' and value = '${facts['region']}' }
}"
).map |$fact| { $fact['certname'] })
# else use provided array from params # else use provided array from params
}else{ }else{
+6 -1
View File
@@ -18,7 +18,12 @@ class profiles::sql::postgresdb (
} }
# if it is, find hosts, sort them so they dont cause changes every run # if it is, find hosts, sort them so they dont cause changes every run
$servers_array = sort(query_nodes("enc_role='${members_role}' and region='${facts['region']}'", 'networking.fqdn')) $servers_array = sort(puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${members_role}' and
certname in facts[certname] { name = 'region' and value = '${facts['region']}' }
}"
).map |$fact| { $fact['certname'] })
# else use provided array from params # else use provided array from params
}else{ }else{
+6 -1
View File
@@ -29,7 +29,12 @@ class profiles::vault::server (
if $members_lookup and $members_role != undef { if $members_lookup and $members_role != undef {
# if it is, find hosts, sort them so they dont cause changes every run # if it is, find hosts, sort them so they dont cause changes every run
$servers_array = sort(query_nodes("enc_role='${members_role}' and region='${::facts['region']}'", 'networking.fqdn')) $servers_array = sort(puppetdb_query(
"facts[certname] {
name = 'enc_role' and value = '${members_role}' and
certname in facts[certname] { name = 'region' and value = '${::facts['region']}' }
}"
).map |$fact| { $fact['certname'] })
# else use provided array from params # else use provided array from params
}else{ }else{