diff --git a/CHANGELOG.md b/CHANGELOG.md index dc7eaad..9d9394b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ All notable changes to this project will be documented in this file. +## Release 1.1.3 + +**Bugfixes** +- No longer logs `Puppet Unknown variable: 'reboot'` on runs outside of the patch day. + +**Improvements** +- Correctly handles multi-architecture package updates, e.g. when there is an update for both the `i686` and `x86_64` version of a package. + ## Release 1.1.2 **Bugfixes** diff --git a/functions/process_patch_groups.pp b/functions/process_patch_groups.pp index 775dcb9..a2faa04 100644 --- a/functions/process_patch_groups.pp +++ b/functions/process_patch_groups.pp @@ -39,6 +39,8 @@ function patching_as_code::process_patch_groups( repeat => $patching_as_code::patch_schedule[$active_pg]['max_runs'] } $reboot = $patching_as_code::patch_schedule[$active_pg]['reboot'] + } else { + $reboot = 'never' } } @@ -67,6 +69,8 @@ function patching_as_code::process_patch_groups( repeat => $patching_as_code::patch_schedule[$patching_as_code::high_priority_patch_group]['max_runs'] } $high_prio_reboot = $patching_as_code::patch_schedule[$patching_as_code::high_priority_patch_group]['reboot'] + } else { + $high_prio_reboot = 'never' } } diff --git a/lib/puppet/functions/patching_as_code/dedupe_arch.rb b/lib/puppet/functions/patching_as_code/dedupe_arch.rb new file mode 100644 index 0000000..f4a3b31 --- /dev/null +++ b/lib/puppet/functions/patching_as_code/dedupe_arch.rb @@ -0,0 +1,19 @@ +Puppet::Functions.create_function(:'patching_as_code::dedupe_arch') do + dispatch :dedupe_arch do + param 'Array', :patches + end + + def dedupe_arch(patches) + no_arch = patches.map { |patch| patch.sub(%r{(.noarch|.x86_64|.i386|.i686)$}, '') } + multi_arch = no_arch.group_by { |x| x }.select { |_k, v| v.size > 1 }.map(&:first) + result = patches.map do |patch| + no_arch_patch = patch.sub(%r{(.noarch|.x86_64|.i386|.i686)$}, '') + if multi_arch.include? no_arch_patch + no_arch_patch + else + patch + end + end + result.uniq + end +end diff --git a/manifests/init.pp b/manifests/init.pp index 3c927f3..14c2291 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -269,9 +269,9 @@ [] }, 'Linux' => if $bool_patch_day and $security_only and !$high_priority_only{ - $facts[$patch_fact]['security_package_updates'] + patching_as_code::dedupe_arch($facts[$patch_fact]['security_package_updates']) } elsif $bool_patch_day and !$high_priority_only{ - $facts[$patch_fact]['package_updates'] + patching_as_code::dedupe_arch($facts[$patch_fact]['package_updates']) } else { [] }, @@ -296,7 +296,7 @@ [] }, 'Linux' => if $bool_high_prio_patch_day { - $facts[$patch_fact]['package_updates'].filter |$item| { $item in $high_priority_list } + patching_as_code::dedupe_arch($facts[$patch_fact]['package_updates'].filter |$item| { $item in $high_priority_list }) } else { [] }, diff --git a/metadata.json b/metadata.json index 3a1ecb8..2ebc592 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-patching_as_code", - "version": "1.1.2", + "version": "1.1.3", "author": "puppetlabs", "summary": "Automated patching through desired state code", "license": "Apache-2.0",