Bolt

Puppet Bolt supports a variety of uses cases, but one in particular is interesting for our use, masterless Puppet catalog applies. In a masterless apply rather than obtaining the catalog from the puppet master the catalog is compiled directly from the source repository. One advantage of a masterless apply is that it can offer faster feedback on code changes, since you don’t need to commit in order to apply or noop your changes against a destination host, i.e.:

# Edit
$ vi modules/example/manifests/init.pp

# Noop to see changes
$ bolt apply --noop -t node.example.com

# Commit
$ git commit -a -m 'add example module'

Other projects which support a masterless workflow:

• supply_drop

$ wget https://apt.puppet.com/puppet-tools-release-bullseye.deb
$ sudo dpkg -i puppet-tools-release-bullseye.deb
$ sudo apt-get update
$ sudo apt-get install puppet-bolt

This module conflicts with our system module, Upstream pull request or rename our module

$ sudo find /opt/puppetlabs/bolt -depth -path '*bolt-modules/system' -exec rm -r '{}' \+

$ git clone gitlab.wikimedia.org:jhathaway/bolt-wmf.git
$ cd bolt-wmf
$ cp bolt-wmf puppet-out-grep ~/.local/bin/

Saving its output into puppet.out, so we can go through it more carefully

$ bolt-wmf -t mirror1001.wikimedia.org -- apply --noop | tee puppet.out

Use the puppet-out-grep script to remove items from the console output that you don't care about

$ puppet-out-grep Exim Nagios

1. Bolt's system modules conflicts with our system module, Upstream pull request or rename our module
2. Bolt does not preserve symlinks on files with recurse and source directories, https://github.com/puppetlabs/bolt/issues/3056
3. PuppetDB queries do not work, nor do exported resources
4. acme_chief module does not work
5. Nooping a server with Bolt will take out a Puppet lock, which would block a cron based Puppet run which began after the Bolt run