Puppet code deployment can be done using the PE Client tools. The generic Puppet documentation is here

Alternatively, an auto-deploy script can run as a scheduled job as needed, please contact the ITS Puppet Infrastructure team for details at its-puppet-infra@iowa.uiowa.edu.

We currently do not have a Continuous Integration/Continuous Delivery (CI/CD) offering. Customers are free to build their own CI/CD integrations or git webhooks as needed.

Instructions specific to UI for code deployment (Linux)

Assumptions

  1. The user name on the workstation is <your HawkID>
  2. The user name with permissions to deploy an environment is <your HawkID>
  3. The home directory on the Linux workstation is set correctly via the $HOME environment variable
  4. The PE2021 server is named <your PE server>
  5. The version of PE is 2021.x.xx (you can log in to the console and see the version in the left sidebar at the bottom)
  6. Configuration of the client tools is per-user rather than system wide

Install client tools

  1. Download from https://puppet.com/try-puppet/puppet-enterprise-client-tools/
  2. Follow links for 2021.x.x
  3. Scroll to the bottom - Puppet Enterprise 2021.x.xx Client Tools
  4. Download a version appropriate for your workstation and install it

Create config files (one time step)

HOMEDIR=$HOME
PE_SERVER=<your PE server>

mkdir -p ~/.puppetlabs/client-tools/
mkdir -p ~/.puppetlabs/client-tools/ssl
curl -s -k -o ~/.puppetlabs/client-tools/ssl/ca.pem https://${PE_SERVER}:8140/puppet-ca/v1/certificate/ca

cat >~/.puppetlabs/client-tools/puppet-access.conf <<EOF
{
    "service-url": "https://${PE_SERVER}:4433/rbac-api",
    "token-file": "${HOMEDIR}/.puppetlabs/token",
    "certificate-file": "${HOMEDIR}/.puppetlabs/client-tools/ssl/ca.pem"
}
EOF

# puppet-code does not expand ~ correctly
cat >~/.puppetlabs/client-tools/puppet-code.conf <<EOF
{
"cacert": "${HOMEDIR}/.puppetlabs/client-tools/ssl/ca.pem",
"token-file": "${HOMEDIR}/.puppetlabs/token",
"service-url": "https://${PE_SERVER}:8170/code-manager"
 }
EOF

Test deployment connectivity

/opt/puppetlabs/bin/puppet-access login --lifetime 2h
Username: <your HawkID>
Password:

Access token saved to: $HOME/.puppetlabs/token
/opt/puppetlabs/bin/puppet-code deploy --dry-run
--dry-run implies --wait.
--dry-run implies --all.
Dry-run deploying all environments.
You are not authorized to deploy one of the requested Puppet environments
[
   "You are not authorized to deploy Puppet environment 'production'"
]

The authorization warning is expected for non-admin users. This just tests whether or not you can connect appropriately.

Actual deployment (typically these steps will be repeated)

# re-run puppet-access command if it has been longer than the lifetime specified above
# to deploy environment "<my environment>"
/opt/puppetlabs/bin/puppet-code deploy <my environment> --wait
Found 1 environments.
[
  {
    "deploy-signature": "fa12bd02bb6764eceddd74c486a2ea4c3d2e6a65",
    "environment": "<my environment>",
    "file-sync": {
      "code-commit": "3bbd7fd456e0a0ea029fbfcb2e565c5f58476899",
      "environment-commit": "741077e5d44d909e9d3de5dffc4defca22e8e730"
    },
    "id": 72,
    "status": "complete"
  }
]

If you have any failures deploying your specific environment, please contact the puppet team.


Instructions specific to UI for code deployment (Windows)

Assumptions

  1. The user name on the workstation is <your HawkID>
  2. The user name with permissions to deploy an environment is <your HawkID>
  3. The value of %USERPROFILE% on your windows workstation is C:\Users\<your HawkID>
  4. The PE2021 server is named <your PE server>
  5. The version of PE is 2021.x.xx (you can log in to the console and see the version in the left sidebar at the bottom)
  6. Configuration of the client tools is per-user rather than system wide

Install client tools

  1. Download from https://puppet.com/misc/pe-files/previous-releases
  2. Follow links for 2021.x.xx
  3. Scroll to the bottom - Puppet Enterprise 2021.x.xx Client Tools
  4. Download a version appropriate for your workstation and install it

Create config files (one time step)

# CMD
mkdir %USERPROFILE%\.puppetlabs\client-tools

# PowerShell
mkdir $env:userprofile\.puppetlabs\client-tools

 

Download https://<your PE server>:8140/puppet-ca/v1/certificate/ca and save it to %USERPROFILE%\.puppetlabs\client-tools\ca.pem

Create %USERPROFILE%\.puppetlabs\client-tools\puppet-access.conf with these contents (with appropriate substitutions):

{
    "service-url": "https://<your PE server>:4433/rbac-api",
    "token-file": "C:\\Users\\<HawkID>\\.puppetlabs\\token",
    "certificate-file": "C:\\Users\\<HawkID>\\.puppetlabs\\client-tools\\ca.pem"
}

Create %USERPROFILE%\.puppetlabs\client-tools\puppet-code.conf with these contents (with appropriate substitutions):

{
    "service-url": "https://<your PE server>:8170/code-manager",
    "token-file": "C:\\Users\\<HawkID>\\.puppetlabs\\token",
    "cacert": "C:\\Users\\<HawkID>\\.puppetlabs\\client-tools\\ca.pem"
}

 

Test run

Run the PE ClientTools Console app

C:\Program Files\Puppet Labs\Client\bin>puppet-access login --lifetime 2h
Enter your Puppet Enterprise credentials.
Username: <HawkID>
Password:

Access token saved to: C:\Users\<your HawkID>\.puppetlabs\token

C:\Program Files\Puppet Labs\Client\bin>puppet-code deploy --dry-run
--dry-run implies --wait.
--dry-run implies --all.
Dry-run deploying all environments.
You are not authorized to deploy one of the requested Puppet environments
[
   "You are not authorized to deploy Puppet environment 'production'"
]

The authorization warning is expected for non-admin users. This just tests whether or not you can connect appropriately.

Actual Deployment of <my environment> environment (this step will be repeated)

C:\Program Files\Puppet Labs\Client\bin>puppet-code deploy <my environment> --wait
Found 1 environments.
[
  {
    "deploy-signature": "fa12bd02bb6764eceddd74c486a2ea4c3d2e6a65",
    "environment": "<my environment>",
    "file-sync": {
      "code-commit": "8c987ac85f2d682018728595d8ee2eed7b9c7b06",
      "environment-commit": "5f351fee44c09c0a30a0b39bf76c2c7635cd1cd9"
    },
    "id": 75,
    "status": "complete"
  }
]

If you have any failures deploying your specific environment, please contact the puppet team.

Article number: 
115481
Last updated: 
January 4, 2023
Service: