From 7cf77861f10f820865524cb8de2b924c30986bae Mon Sep 17 00:00:00 2001 From: Robert Waffen Date: Wed, 17 Apr 2024 13:33:41 +0200 Subject: [PATCH 1/2] add set -e to all scripts. fixes: #85 --- .../docker-entrypoint.d/20-use-templates-initially.sh | 4 +++- puppetserver/docker-entrypoint.d/30-set-permissions.sh | 4 +++- puppetserver/docker-entrypoint.d/40-update-puppetdb-conf.sh | 2 ++ puppetserver/docker-entrypoint.d/50-set-certname.sh | 2 ++ puppetserver/docker-entrypoint.d/55-set-masterport.sh | 2 ++ puppetserver/docker-entrypoint.d/56-set-environmentpath.sh | 5 +++-- puppetserver/docker-entrypoint.d/57-set-hiera_config.sh | 5 +++-- puppetserver/docker-entrypoint.d/60-setup-autosign.sh | 2 ++ puppetserver/docker-entrypoint.d/70-set-dns-alt-names.sh | 2 ++ puppetserver/docker-entrypoint.d/83-environment-cache.sh | 4 +++- puppetserver/docker-entrypoint.d/84-enable_graphite.sh | 3 ++- puppetserver/docker-entrypoint.d/85-setup-storeconfigs.sh | 2 ++ .../docker-entrypoint.d/88-enable-cache-delete-api.sh | 4 +++- puppetserver/docker-entrypoint.d/89-csr_attributes.sh | 3 +++ puppetserver/docker-entrypoint.d/90-ca.sh | 2 ++ puppetserver/docker-entrypoint.d/99-log-config.sh | 2 ++ 16 files changed, 39 insertions(+), 9 deletions(-) diff --git a/puppetserver/docker-entrypoint.d/20-use-templates-initially.sh b/puppetserver/docker-entrypoint.d/20-use-templates-initially.sh index b37a77a71..c275e55d4 100755 --- a/puppetserver/docker-entrypoint.d/20-use-templates-initially.sh +++ b/puppetserver/docker-entrypoint.d/20-use-templates-initially.sh @@ -1,4 +1,6 @@ -#! /bin/bash +#!/bin/bash + +set -e # During build, pristine config files get copied to this directory. If # they are not in the current container, use these templates as the diff --git a/puppetserver/docker-entrypoint.d/30-set-permissions.sh b/puppetserver/docker-entrypoint.d/30-set-permissions.sh index 8fbbaab0d..9fcf936ed 100755 --- a/puppetserver/docker-entrypoint.d/30-set-permissions.sh +++ b/puppetserver/docker-entrypoint.d/30-set-permissions.sh @@ -1,4 +1,6 @@ -#! /bin/bash +#!/bin/bash + +set -e chown -R puppet:puppet /etc/puppetlabs/puppet/ chown -R puppet:puppet /opt/puppetlabs/server/data/puppetserver/ diff --git a/puppetserver/docker-entrypoint.d/40-update-puppetdb-conf.sh b/puppetserver/docker-entrypoint.d/40-update-puppetdb-conf.sh index 3cd7b35fa..b05b567cf 100755 --- a/puppetserver/docker-entrypoint.d/40-update-puppetdb-conf.sh +++ b/puppetserver/docker-entrypoint.d/40-update-puppetdb-conf.sh @@ -1,5 +1,7 @@ #!/bin/bash +set -e + if test -n "${PUPPETDB_SERVER_URLS}" ; then sed -i "s@^server_urls.*@server_urls = ${PUPPETDB_SERVER_URLS}@" /etc/puppetlabs/puppet/puppetdb.conf fi diff --git a/puppetserver/docker-entrypoint.d/50-set-certname.sh b/puppetserver/docker-entrypoint.d/50-set-certname.sh index c866222e0..c86f32d77 100755 --- a/puppetserver/docker-entrypoint.d/50-set-certname.sh +++ b/puppetserver/docker-entrypoint.d/50-set-certname.sh @@ -1,5 +1,7 @@ #!/bin/bash +set -e + if [ -n "${PUPPETSERVER_HOSTNAME}" ]; then /opt/puppetlabs/bin/puppet config set server "$PUPPETSERVER_HOSTNAME" fi diff --git a/puppetserver/docker-entrypoint.d/55-set-masterport.sh b/puppetserver/docker-entrypoint.d/55-set-masterport.sh index 197bd5e27..be8198cfc 100755 --- a/puppetserver/docker-entrypoint.d/55-set-masterport.sh +++ b/puppetserver/docker-entrypoint.d/55-set-masterport.sh @@ -1,5 +1,7 @@ #!/bin/bash +set -e + hocon() { /opt/puppetlabs/puppet/lib/ruby/vendor_gems/bin/hocon "$@" } diff --git a/puppetserver/docker-entrypoint.d/56-set-environmentpath.sh b/puppetserver/docker-entrypoint.d/56-set-environmentpath.sh index 7fb172450..6f631e89f 100755 --- a/puppetserver/docker-entrypoint.d/56-set-environmentpath.sh +++ b/puppetserver/docker-entrypoint.d/56-set-environmentpath.sh @@ -1,4 +1,5 @@ #!/bin/bash -# -puppet config set --section server environmentpath $ENVIRONMENTPATH +set -e + +puppet config set --section server environmentpath $ENVIRONMENTPATH diff --git a/puppetserver/docker-entrypoint.d/57-set-hiera_config.sh b/puppetserver/docker-entrypoint.d/57-set-hiera_config.sh index edb5e4477..4fc44c87d 100755 --- a/puppetserver/docker-entrypoint.d/57-set-hiera_config.sh +++ b/puppetserver/docker-entrypoint.d/57-set-hiera_config.sh @@ -1,4 +1,5 @@ #!/bin/bash -# -puppet config set --section server hiera_config $HIERACONFIG +set -e + +puppet config set --section server hiera_config $HIERACONFIG diff --git a/puppetserver/docker-entrypoint.d/60-setup-autosign.sh b/puppetserver/docker-entrypoint.d/60-setup-autosign.sh index 3f7c6bf1b..55fab1fc3 100755 --- a/puppetserver/docker-entrypoint.d/60-setup-autosign.sh +++ b/puppetserver/docker-entrypoint.d/60-setup-autosign.sh @@ -1,5 +1,7 @@ #!/bin/bash +set -e + # Configure puppet to use a certificate autosign script (if it exists) # AUTOSIGN=true|false|path_to_autosign.conf if test -n "${AUTOSIGN}" ; then diff --git a/puppetserver/docker-entrypoint.d/70-set-dns-alt-names.sh b/puppetserver/docker-entrypoint.d/70-set-dns-alt-names.sh index 4fae90818..cb3a52d7e 100755 --- a/puppetserver/docker-entrypoint.d/70-set-dns-alt-names.sh +++ b/puppetserver/docker-entrypoint.d/70-set-dns-alt-names.sh @@ -1,5 +1,7 @@ #!/bin/bash +set -e + # Allow setting dns_alt_names for the compilers certificate. This # setting will only have an effect when the container is started without # an existing certificate on the /etc/puppetlabs/puppet volume diff --git a/puppetserver/docker-entrypoint.d/83-environment-cache.sh b/puppetserver/docker-entrypoint.d/83-environment-cache.sh index 79904af6c..307e79a15 100755 --- a/puppetserver/docker-entrypoint.d/83-environment-cache.sh +++ b/puppetserver/docker-entrypoint.d/83-environment-cache.sh @@ -1,5 +1,7 @@ #!/bin/bash -# + +set -e + if [ -n "$PUPPETSERVER_ENVIRONMENT_TIMEOUT" ]; then echo "Settings environment_timeout to ${PUPPETSERVER_ENVIRONMENT_TIMEOUT}" puppet config set --section server environment_timeout $PUPPETSERVER_ENVIRONMENT_TIMEOUT diff --git a/puppetserver/docker-entrypoint.d/84-enable_graphite.sh b/puppetserver/docker-entrypoint.d/84-enable_graphite.sh index 9e3ea4a61..08e4147e9 100755 --- a/puppetserver/docker-entrypoint.d/84-enable_graphite.sh +++ b/puppetserver/docker-entrypoint.d/84-enable_graphite.sh @@ -1,5 +1,7 @@ #!/bin/bash +set -e + if [[ "$PUPPETSERVER_GRAPHITE_EXPORTER_ENABLED" == "true" ]]; then if [[ -n "$PUPPETSERVER_GRAPHITE_HOST" && -n "$PUPPETSERVER_GRAPHITE_PORT" ]]; then echo "Enabling graphite exporter" @@ -9,4 +11,3 @@ if [[ "$PUPPETSERVER_GRAPHITE_EXPORTER_ENABLED" == "true" ]]; then exit 99 fi fi - diff --git a/puppetserver/docker-entrypoint.d/85-setup-storeconfigs.sh b/puppetserver/docker-entrypoint.d/85-setup-storeconfigs.sh index 6ac396597..2d7a73323 100755 --- a/puppetserver/docker-entrypoint.d/85-setup-storeconfigs.sh +++ b/puppetserver/docker-entrypoint.d/85-setup-storeconfigs.sh @@ -1,5 +1,7 @@ #!/bin/sh +set -e + if [ -n "$PUPPET_STORECONFIGS_BACKEND" ]; then puppet config set storeconfigs_backend $PUPPET_STORECONFIGS_BACKEND --section master fi diff --git a/puppetserver/docker-entrypoint.d/88-enable-cache-delete-api.sh b/puppetserver/docker-entrypoint.d/88-enable-cache-delete-api.sh index a1f36bb07..a265e87f3 100755 --- a/puppetserver/docker-entrypoint.d/88-enable-cache-delete-api.sh +++ b/puppetserver/docker-entrypoint.d/88-enable-cache-delete-api.sh @@ -1,5 +1,7 @@ #!/bin/bash -# + +set -e + if [[ "$PUPPETSERVER_ENABLE_ENV_CACHE_DEL_API" == true ]]; then if [[ $(grep 'puppet-admin-api' /etc/puppetlabs/puppetserver/conf.d/auth.conf) ]]; then echo "Admin API already set" diff --git a/puppetserver/docker-entrypoint.d/89-csr_attributes.sh b/puppetserver/docker-entrypoint.d/89-csr_attributes.sh index 4b1ebfc3b..e8a38f94b 100755 --- a/puppetserver/docker-entrypoint.d/89-csr_attributes.sh +++ b/puppetserver/docker-entrypoint.d/89-csr_attributes.sh @@ -1,3 +1,6 @@ #!/bin/bash + +set -e + echo $CSR_ATTRIBUTES /opt/puppetlabs/puppet/bin/ruby /docker-entrypoint.d/89-csr_attributes.rb diff --git a/puppetserver/docker-entrypoint.d/90-ca.sh b/puppetserver/docker-entrypoint.d/90-ca.sh index 11f7b45b4..50075dcd1 100755 --- a/puppetserver/docker-entrypoint.d/90-ca.sh +++ b/puppetserver/docker-entrypoint.d/90-ca.sh @@ -1,5 +1,7 @@ #!/bin/bash +set -e + ca_running() { status=$(curl --silent --fail --insecure "https://${CA_HOSTNAME}:${CA_PORT:-8140}/status/v1/simple") test "$status" = "running" diff --git a/puppetserver/docker-entrypoint.d/99-log-config.sh b/puppetserver/docker-entrypoint.d/99-log-config.sh index bdd3563d8..cc72c47f3 100755 --- a/puppetserver/docker-entrypoint.d/99-log-config.sh +++ b/puppetserver/docker-entrypoint.d/99-log-config.sh @@ -1,5 +1,7 @@ #! /bin/sh +set -e + ### Print configuration for troubleshooting echo "System configuration values:" # shellcheck disable=SC2039 # Docker injects $HOSTNAME From 181377cf7664ec44658c657e0b134512e7c1e8ba Mon Sep 17 00:00:00 2001 From: Robert Waffen Date: Thu, 18 Apr 2024 16:10:21 +0200 Subject: [PATCH 2/2] update csr_attributes --- puppetserver/docker-entrypoint.d/89-csr_attributes.rb | 5 ++--- puppetserver/docker-entrypoint.d/89-csr_attributes.sh | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/puppetserver/docker-entrypoint.d/89-csr_attributes.rb b/puppetserver/docker-entrypoint.d/89-csr_attributes.rb index 1a5419d21..3109f31e3 100755 --- a/puppetserver/docker-entrypoint.d/89-csr_attributes.rb +++ b/puppetserver/docker-entrypoint.d/89-csr_attributes.rb @@ -5,11 +5,10 @@ begin csr_yaml = YAML.dump(JSON.load(ENV['CSR_ATTRIBUTES'])) - File.open('/etc/puppetlabs/puppet/csr_attributes.yaml', 'w') do |file| - file.write(csr_yaml) - end + File.write('/etc/puppetlabs/puppet/csr_attributes.yaml', csr_yaml) rescue => error puts "Error on reading JSON env. Terminating" + puts "Malformed JSON: #{ENV['CSR_ATTRIBUTES']}" p error.message exit 99 end diff --git a/puppetserver/docker-entrypoint.d/89-csr_attributes.sh b/puppetserver/docker-entrypoint.d/89-csr_attributes.sh index e8a38f94b..4ed871460 100755 --- a/puppetserver/docker-entrypoint.d/89-csr_attributes.sh +++ b/puppetserver/docker-entrypoint.d/89-csr_attributes.sh @@ -2,5 +2,5 @@ set -e -echo $CSR_ATTRIBUTES +echo "CSR Attributes: ${CSR_ATTRIBUTES}" /opt/puppetlabs/puppet/bin/ruby /docker-entrypoint.d/89-csr_attributes.rb