h0tw1r3

require 'rspec/core'

namespace :check do
  desc "Check to ensure defined puppet code has been described in spec\n(defaults: coverage=100)"
  task :spec_described, [:coverage] do |_task, args|
    args.with_defaults(coverage: '100')
    def pluralize(string)
      string.end_with?('s') ? "#{string}es" : "#{string}s"
    end

h0tw1r3

augeas { 'puppetserver-logback-journal':
  incl => '/etc/puppetlabs/puppetserver/logback.xml',
  lens => 'Xml.lns',
  changes => [
    "defnode aref configuration/root/appender-ref[#attribute/ref='STDOUT'] ''",
    "set \$aref/#attribute/ref 'STDOUT'",
  ]
}

h0tw1r3

#!/bin/bash

#####> BEGIN: script init
set -o pipefail -o errtrace -o errexit -o nounset -o functrace

__traperror() {
    local el=${1:=??} ec=${2:=??} lc="$BASH_COMMAND"
    printf "ERROR in %s : line %d error %d\\n      [%s]\\n" "$0" "$el" "$ec" "$lc" 1>&2
    exit "${2:=1}"
}

h0tw1r3

source ENV['GEM_SOURCE'] || 'https://rubygems.org'

def location_for(place_or_version, fake_version = nil)
  git_url_regex = %r{\A(?<url>(https?|git)[:@][^#]*)(#(?<branch>.*))?}
  file_url_regex = %r{\Afile:\/\/(?<path>.*)}

  if place_or_version && (git_url = place_or_version.match(git_url_regex))
    [fake_version, { git: git_url[:url], branch: git_url[:branch], require: false }].compact
  elsif place_or_version && (file_url = place_or_version.match(file_url_regex))
    ['>= 0', { path: File.expand_path(file_url[:path]), require: false }]

h0tw1r3

# fake provide rpm dependencies
#
# requires stdlib module
#
# @param provide
#   what to provide
# @param extras
#   extra provides to add to package
#
# @example

h0tw1r3

# local resolver configuration

require 'resolv'

Facter.add('resolv') do
  setcode do
    Resolv::DNS::Config.default_config_hash
  end
end

h0tw1r3

#!/bin/bash

TMPFILE=$(mktemp)
finish() {
  rm -f "${TMPFILE}"
}
trap 'finish' EXIT

UNIQ_LINES=20

h0tw1r3

Facter.add('region_tzinfo') do
  ec2m = Facter.value(:ec2_metadata)
  # aws instances that have not been powercycled in 2+ years
  # will not have region in the metadata
  aws_zone = ec2m.dig('placement', 'availability-zone')
  iana_tz = case aws_zone
    when %r{^ap-southeast-1}
      'Asia/Singapore'
    when %r{^ap-southeast-2}
      'Australia/Sydney'

h0tw1r3

puppet plugin download --verbose
puppet facts upload --verbose

curl "https://$(puppet config print server):8140/puppet/v3/catalog/$(hostname -f)?environment=$(puppet config print environment)" \
    --cert $(puppet config print hostcert) \
    --cacert $(puppet config print localcacert) \
    --key "$(puppet config print hostprivkey)" \
    --silent | jq . > catalog.json

jq '.resources[] | select(.parameters.recurse == true )' catalog.json

h0tw1r3

exec { 'override-service-unit':
  provider    => 'shell',
  environment => ['SYSTEMD_EDITOR=tee'],
  command     => 'echo "[Service]\nPrivateTmp=no\n" | script -qefc "systemctl edit nutcracker.service" /dev/null',
  unless      => '/usr/bin/env systemctl show nutcracker.service --property=PrivateTmp | grep "=no"',
  notify      => Service['nutcracker'],
}