faster git checkout

[mvo...@gmail.com]

Hello,

I need a faster way to get the current catalog version on the puppet server.

For example, the following script:

$ cat getcat.sh
#!/bin/sh

HOST=$HOSTNAME

curl -s --cert /etc/puppetlabs/puppet/ssl/certs/${HOST}.pem \
 --key /etc/puppetlabs/puppet/ssl/private_keys/${HOST}.pem \
 --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem \
 https://puppet:8140/puppet/v3/catalog/$HOST?environment=production

returns the complete catalog from the server. It takes around 4 secs.

I'm only interested in the version:

$ ./getcat.sh  | jq .version
"heads/devel-0-ge66985f4"

Is it possible to enhance the REST API that I can get the information faster,

eg instantly?

I'm checking if a puppet run is necessary, by comparing:

/opt/puppetlabs/puppet/public/last_run_summary.yaml

against the version on the server. For this I only need the version, not 

everything else.

best regards,

Martin

[Jason St-Cyr]

From my understanding, going to the endpoint is always going to trigger a catalog build in order to get the catalog version. For the purposes of deciding if a puppet run is necessary, do you think the data in PuppetDB could fit your need? Running something like:

GET /pdb/query/v4/catalogs?query=["=", "certname", "node.example.com"]

That should get you the last compiled catalog info, including version and code_id.

[peter...@immerda.ch]

Hi

> $ ./getcat.sh  | jq .version
> "heads/devel-0-ge66985f4"
>
> Is it possible to enhance the REST API that I can get the information
> faster,
> eg instantly?

When we updated the env, we are storing the current version into a
simple textfile, as part of the env update process.

Then we have an apache, that serves these textfiles, protected by the CA
and mTLS using the certs from puppet.

Then your curl won't go to :8140, but just :443 but you get what you
want without any compilation overhead.

~pete