- modules/libs/lib/facter/pve_nodelist.rb:11:5: W: [Correctable] Lint/RedundantCopDisableDirective: Unnecessary disabling of Metrics/BlockNesting.a
- site/profiles/manifests/puppet/puppetboard.pp - WARNING: there should be a single space before '=>' on line 158, column 14 on line 158 (check: space_before_arrow)
- site/profiles/manifests/consul/client.pp - WARNING: there should be a single space before '=>' on line 93, column 13 on line 93 (check: space_before_arrow)
- site/profiles/manifests/ntp/client.pp - WARNING: there should be a single space before '=>' on line 44, column 16 on line 44 (check: space_before_arrow)
- site/profiles/manifests/puppet/enc.pp - WARNING: there should be a single space before '=>' on line 14, column 11 on line 14 (check: space_before_arrow)
- site/profiles/manifests/puppet/enc.pp - WARNING: there should be a single space before '=>' on line 18, column 11 on line 18 (check: space_before_arrow)
- set max block nesting to 4
- change puppetdb::sql to using the patroni profile
- change puppetdb::api to use new patroni cluster
- remove references to puppetlabs-puppetdb managed database
- update consul rules to enable sessions
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/318
- this command will always fail, remove the systemd dropin
- create script that will run and exit with 0
- create systemd service/timer to run script daily
- ensure a database, user and credential is created for each grafana node
- ensure all databases for a region are included in a mariadb cluster
- refine params with stdlib types
- manage python script/venv to sign ssh host certificates
- add approle_id to puppetmaster eyaml files
- add class to sign ssh-rsa host keys
- add facts to check if the current principals match the desired principals
- add consul support
- enable local script checks in consul agents
- add a test DB/User for consult to verify the psql instance is running
- manage the postgresql repo and gpg key
- change profiles::puppet::agent to require Yumrepo['puppet']
- remove managed repos hieradata
- remove profiles:😋:* classes that are not required
- remove missed rebase comment
- deep merge postgresql_config_entries in common.yaml
- add postgresql_config_entries into a new hieradata/roles/infra/puppetdb/sql.yaml
- set puppetdb role to import the options
- wait for the enc_role fact to be updated and match
- move puppetdb db/api host values to common.yaml
- add vault cert altnames for consul query/service addresses
- add consul services/rules/checks
- add puppet service
- add puppetca service
- add ability to write to puppet/puppetca service in consul
- add puppet.(query,service).consul to dns_alt_names of all masters
- add puppetca.(query,service).consul to dns_alt_names of puppetca
- manage puppetserver package
- set order for puppetserver classes
- for profiles::puppet::server class:
- set param types using stdlib where possible
- set default values for all params
- move configuration data to hieradata
- wait for enc_role fact to match role
- exclude puppet::client from puppermaster nodes
- set yum::versionlock to be only for redhat family
- set puppet-agent require statement to use apt or yum
- remove requirement of downloading puppet7-release-$dist.deb
- create all paths in $base_path for vault certificate
- set correct $PATH for update-ca-certificates
- dynamically set debian release name
- split packages to install from common.yaml to os-specific
- create groups profile to manage local groups
- change sysadmin to be a member of admins group
- setup admins sudo rules
- add balancemember to puppetboard nodes
- add be_puppetboard to haproxxy
- add puppetboard.main.unkin.net to haproxy altnames
- add puppetboard to backend mapping
- change way backends are registered in haproxy
- change almalinux and epel *.repo files on nodes to use local package mirror
- add option to purge yumrepo resources, default to true
- add versionlocking to yum, enable it for puppet-agent
