This version is compatible with:
- Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x
- Puppet >= 5.5.10 < 7.0.0
- Oracle Enterprise Linux, RedHat, CentOS
- and 1 more. See all tasks
- Bolt Quickstart
- Contributions - Guide for contributing to the module
These tasks help interact with yum at various levels via Puppet Bolt or Puppet Enterprise tasks.
If you're a bolt aficionado, you can skip this section.
If you've never used bolt before, the easiest way to get started is with a bolt project. Bolt projects allow you to keep/organise your bolt automation in a single space. I've created a skeleton of a bolt project here: https://github.com/kinners00/bolt_sandbox.
- Download Bolt here and install
- Download/clone repo above
- Populate your own target inventory information in the
inventory.yamlfile (make sure and remove what you don't need and delete #s)
- Navigate to the
bolt_sandboxdirectory in your shell
- Install this module in your project by running
bolt module add kinners00-yum_tasks
bolt task showand
bolt plan showto find out what tasks and plans are available within this module
bolt <automation_type> show <myautomationitem>will give you more detailed info on how to use a given task or plan including required and optional parameters. Try it out by running
bolt task show yum_tasks::advisorywithin the
As projects are self contained, this command will only work when your current working directory is the
bolt_sandbox directory (if cloned) or
bolt_sandbox-master (if downloaded).
~/code/bolt_sandbox > bolt task show yum_tasks::advisory
~/code/bolt_sandbox-master > bolt task show yum_tasks::advisory
Ps. There's some learning/sample tasks and a plan included in the
bolt_sandbox that'll help you get started with building your own tasks and plans. You can start by creating tasks and plans in their relevant directories within the
If you can't execute scripts under that directory, you can pass
--tmpdir flag on your bolt command followed by your chosen directory for example
Security specific tasks leverage the
yum-security plugin. This isn't part of YUM in RHEL6 and will need to be installed before using these tasks. It should be included as standard from RHEL7 and above.
yum_tasks::advisory tasks will only work if you have the relevant security metadata repos enabled.
To the best of my knowledge, this effectively limits this task to RHEL and OEL boxes. It will look like it works on centos etc (i.e. executes successfully) but it will never "find" any security updates if the corresponding repo isn't there.
Depending on your targets user level permissions, you may have to pass
--sudo-password-prompt flags on your bolt command. You can also add
run-as: root and
sudo-password: 'mysudopassword' to your config in your
inventory.yaml file to enable you to keep your bolt command shorter/neater.
bolt task run yum_tasks::advisory -t rhel advisory="RHSA-2020:5009" --user=rheluser --password='myregularpassword' --run-as=root --sudo-password='mysudopassword'
- name: rhel
Will show all tasks that match the module name
bolt task show --filter yum_tasks
bolt task run yum_tasks::advisory -t <targets> advisory="RHSA-2020:5009"
bolt task run yum_tasks::cve -t <targets> cve="CVE-2019-20907"
bolt task run yum_tasks::security -t <targets> security=minimal
bolt task run yum_tasks::security -t <targets> security=full
bolt task run yum_tasks::install -t <targets> package="vsftpd"
bolt task run yum_tasks::remove -t <targets> package="httpd"
bolt task run yum_tasks::update -t <targets> package="httpd"
bolt task run yum_tasks::update_all -t <targets>
bolt task run yum_tasks::update_cache -t <targets> cache=clean
bolt task run yum_tasks::update_cache -t <targets> cache=update
bolt plan run yum_tasks::security_cache targets=<targets> cache=update security=minimal
bolt plan run yum_tasks::package_cache targets=<targets> cache=update package=nano
If anyone would like to contribute to the module, that would be awesome and very much welcomed.
If you're experiencing any bugs, please raise an issue below:
Issues link: https://github.com/kinners00/yum_tasks/issues
What are tasks?
Modules can contain tasks that take action outside of a desired state managed by Puppet. It’s perfect for troubleshooting or deploying one-off changes, distributing scripts to run across your infrastructure, or automating changes that need to happen in a particular order as part of an application deployment.
Tasks in this module release
What are plans?
Modules can contain plans that take action outside of a desired state managed by Puppet. It’s perfect for troubleshooting or deploying one-off changes, distributing scripts to run across your infrastructure, or automating changes that need to happen in a particular order as part of an application deployment.
All notable changes to this project will be documented in this file.
- Changed quickstart section to better enable folks to more easily get started with bolt + this module
- Updated info around elevating privilege and included examples
- Added usage info for each task and plan including warnings around elevating privilege and security metadata
- Fix example command password parameter
- Fixed grammer under elevating privilege section
yum_tasks::security_cache security + cache params now matches task equivilant - Was string now enum
yum_tasks::security_cache cache param now matches task equivilant - Was string now enum
yum_tasks::security small edit in task metadata params