Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

e

Table of Contents

Behaviors

Image Removed

1. By default, apply_prep will:

a. Run puppet_agent::version in with default options for all targets

b. Run puppet_agent::install in with default options for all targets that don't have a Puppet agent

Image Removed


Image Added

2. By default, puppet_agent::install will:

a. Attempt to install a public internet Yum repository

b. Install the latest puppet-agent package (currently 6.7+)

c. NOT attempt to update an existing `puppet-agent` package (bolt#1208)

i.  No matter how old it is.
ii. Even without defaults, this behavior cannot be changed

Implications

  1. Behavior 1 assumes installing software from the public internet is available, permissible, and desirable

  2. If successful, Behaviors 2a + 2b permanently modify the installed software and repositories on the target OS
    1. This potentially modifies an approved baseline without appropriate controls

  3. These default behaviors are especially problematic, because they are effectively impossible to reconfigure with system or user-level defaults:
    1. Settings from the "user project directory" (~/.puppetlabs/bolt/bolt.yaml) are completely ignored when Bolt is run from an embedded or local project directory, 
    2. There is no other mechanism to provide user-level default bolt configurations.
    3. There is no mechanism to provide system-level default bolt configurations at all.