I haven’t updated the blog in ages and I think it’s about time that I wrote a post. I’m forever running commands that take forever to complete, I forget about them and only release they have complete once I cycle through all the windows in my tmux session. To overcome this, I wrote a super simple function that sends a desktop notification once the command completes. It also returns the exit code of the command rather than the exit code of notify-send.
I have recently started using Serverspec to test my Puppet modules actually produce the required configuration on real servers. In order to do this I have been using Vagrant and ServerSepc. The only problem is that Vagrant uses random ports and non standard SSH keys. In order to overcome this I have made a spec_helper that pulls the required information directly form Vagrant.
Update this has been merged with Serverspec
I was asked to give a demo at PuppetCamp Amsterdam and luckily it went down rather well. Over 150 people attended and I had an amazing time, as well as meeting some amazing people. The slides for the talk I gave are below:
{% speakerdeck 04cc2ab0828d0130ef4112313d142df9 >}} This is Puppet code and vagrant config used within the presentation.
After talking to a follow Puppetlabs employee [Chris][chris] and reading a blog post he has been writing about security issues related to class inheritance.
This got me thinking about ways to protect your code base against this. The following blog post explains the problem as well as a hackish method to try to protect yourself against it.
The problem Lets say that you have multiple teams managing multiple modules within your puppet infrastructure.
After working with my prompt for a few months I thought it only fixing to update my post with the changes I have made.
The update configuration is below:
function _git_prompt() { local git_status="`git status -unormal 2>&1`" if ! [[ "$git_status" =~ Not\ a\ git\ repo ]]; then if [[ "$git_status" =~ nothing\ to\ commit ]]; then local ansi=32 elif [[ "$git_status" =~ nothing\ added\ to\ commit\ but\ untracked\ files\ present ]]; then local ansi=31 else local ansi=33 fi echo -n '\[\e[0;33;'"$ansi"'m\]'"$(__git_ps1)"'\[\e[0m\]' fi } function _prompt_command() { PS1="`if [ \$?
Per my previous post, that I explained the security issue relation to using facts. A colleague of mine has found out that you can’t even trust $clientcert.
Due to this I have wrote the function below to allow you to get the actual CertName, that has been validated against the certificate.
module Puppet::Parser::Functions newfunction(:certcheck, :type => :rvalue, :doc => <<-EOS Returns the actual certname EOS ) do |arguments| return host end end This allows you to use the following Puppet code to get a variable that you can trust to identify the Puppet agent.
After using facts to designated classes and data to nodes for a number of years I recently released this could actually be a major security issue. In order to understand the problem we must firstly cover a few thing related to how facter works.
Please see update
Facts are sent to a puppet master at the beginning of a puppet run from the puppet agent. After this they are available to the dsl at top-level scope.
Introduction After working with hiera from time with every growing code bases i have decided to write a super simple function. Hiera_debug this will allow the user to create a log file with information regarding each hiera lookup. This has allowed me to find out where in my manifests i am looking up variables and what they are return on each run. Its a very simple wrapper function for hiera that will output debug information into $logidr/hiera_debug_stephensmacbook.
After reading Oliver’s blog about cool bash prompts i thought id give it a go. I wanted a way to also get feedback about my current status of my git branch.
After hacking around for ten minutes i came up with function _git_prompt() { local git_status="`git status -unormal 2>&1`" if ! [[ "$git_status" =~ Not\ a\ git\ repo ]]; then if [[ "$git_status" =~ nothing\ to\ commit ]]; then local ansi=32 elif [[ "$git_status" =~ nothing\ added\ to\ commit\ but\ untracked\ files\ present ]]; then local ansi=34 else local ansi=33 fi echo -n '\[\e[0;33;'"$ansi"'m\]'"$(__git_ps1)"'\[\e[0m\]' fi } function _prompt_command() { PS1="`if [ \$?
After purchasing two dell 720 machines for a project at work, I went around setting the machines up in a very basic Pacemaker cluster. Just one problem the network interface between the machines (crossover cable) would shut itself down. But the connection to the switches would be fine.
The only way to get it going again was a ifdowm amd ifup, after scratching my head and looking through the device driver.