Automatic syntax checking with Git hooks
It would be nice if we knew there was a syntax error in the manifest before we even committed it. You can have Puppet check the manifest using the puppet parser validate command:
ubuntu@cookbook:~/puppet$ puppet parser validate manifests/nodes.pp Error: Could not parse for environment production: Syntax error at end of file; expected '}' at /home/ubuntu/puppet/manifests/nodes.pp:3 Error: Try 'puppet help parser validate' for usage
This is especially useful because a mistake anywhere in the manifest will stop Puppet from running on any node, even on nodes that don't use that particular part of the manifest. So checking in a bad manifest can cause Puppet to stop applying updates to production for some time, until the problem is discovered, and this could potentially have serious consequences. The best way to avoid this is to automate the syntax check, by using a pre-commit hook in your version control repo.
How to do it…
Follow these steps:
In your Puppet repo, create a new
hooksdirectory:ubuntu@cookbook:~/puppet$ mkdir hooksCreate the file
hooks/check_syntax.shwith the following contents (based on a script by Puppet Labs):#!/bin/sh syntax_errors=0 error_msg=$(mktemp /tmp/error_msg.XXXXXX) if git rev-parse --quiet --verify HEAD > /dev/null then against=HEAD else # Initial commit: diff against an empty tree object against=4b825dc642cb6eb9a060e54bf8d69288fbee4904 fi # Get list of new/modified manifest and template files to check (in git index) for indexfile in `git diff-index --diff-filter=AM -- name-only --cached $against | egrep '\.(pp|erb)'` do # Don't check empty files if [ `git cat-file -s :0:$indexfile` -gt 0 ] then case $indexfile in *.pp ) # Check puppet manifest syntax git cat-file blob :0:$indexfile | puppet parser validate > $error_msg ;; *.erb ) # Check ERB template syntax git cat-file blob :0:$indexfile | erb -x -T - | ruby -c 2> $error_msg > /dev/null ;; esac if [ "$?" -ne 0 ] then echo -n "$indexfile: " cat $error_msg syntax_errors=`expr $syntax_errors + 1` fi fi done rm -f $error_msg if [ "$syntax_errors" -ne 0 ] then echo "Error: $syntax_errors syntax errors found, aborting commit." exit 1 fiSet execute permission for the
hookscript with the following command:ubuntu@cookbook:~/puppet$ chmod a+x .hooks/check_syntax.shAdd the following task to your Rakefile:
desc "Add syntax check hook to your git repo" task :add_check do here = File.dirname(__FILE__) sh "ln -s #{here}/hooks/check_syntax.sh #{here}/.git/hooks/pre-commit" puts "Puppet syntax check hook added" endRun the following command:
ubuntu@cookbook:~/puppet$ rake add_check ln -s /home/ubuntu/puppet/hooks/check_syntax.sh /home/ubuntu/puppet/.git/hooks/pre-commit Puppet syntax check hook added
How it works…
The check_syntax.sh script will prevent you from committing any files with syntax errors:
ubuntu@cookbook:~/puppet$ git commit -m "test commit" Error: Could not parse for environment production: Syntax error at '}' at line 3 Error: Try 'puppet help parser validate' for usage manifests/nodes.pp: Error: 1 syntax errors found, aborting commit.
If you add the hooks directory to your Git repo, anyone who has a checkout can run the rake add_check task and get this syntax checking behavior.
