5. P E C O D E M A N A G E R S E T U P
• Create SSH keys to deploy
control-repo via r10k:
• stored on PE server
• added on GitLab (deploy keys)
• Generate token to deploy code:
• Create PE user with Code
Deployer role
• Request token as this user
• On Gitlab: copy token to
control-repo webhook
• Configure on Hiera or PE console
puppet_enterprise::profile::master
r10k_remote: <repo_url>
r10k_private_key: <private_key_path>
code_manager_auto_configure: true
7. P U P P E T C I : W H AT ?
• syntax checks
• lint checks
• commit check (danger.systems)
• site modules spec tests
• control-repo spec tests
• control-repo integration tests
• catalog diff
• verify code-deployment status
• run Puppet on canary nodes
• check canary nodes status
• trigger noop runs in production
• generate documentation
• manage code promotion
9. G I T L A B C I : W H E R E ?
• On control-repo:
• .gitlab-ci.yml
• stages
• jobs
• scripts
• tags
• On gitlab-runners:
• ssh keys to fetch modules
• tokens or credentials to access
PuppetDB, Puppet Server,
GitLab...
• gems and packages used in
jobs