When running puppet in debug mode, the following occurs, which means the "KEY" is never actually found, because it's looking for "lookup_options" and not the value of the interpolation that should be occurring...
Original uri: "http://localhost:8500/v1/kv/master/kvstore/%{::environment}/ssh_keys/__KEY__"
Querying http://localhost:8500/v1/kv/master/kvstore/dev/ssh_keys/lookup_options

While running any hiera query, this warning is generated:
WARN: 2014-08-19 21:47:40 -0400: Cannot load backend http: cannot load such file -- hiera/backend/http_backend
and no data is returned from the http backend.
If I make a symlink like so...
# ln -s /var/opt/lib/pe-puppet/lib/hiera/backend/http_backend.rb /opt/puppet/lib/ruby/site_ruby/1.9.1/hiera/backend/http_backend.rb
hiera_http works as expected and returns the correct data.
I'm using Puppet Enterprise 3.3.0 with pe-hiera 1.3.3 and pe-ruby 1.9.3
I also have ruby 1.8.7 installed on the system. Not sure if that would cause this behavior though.

Getting this error while trying to test out the http backend. I installed via puppetserver gem install hiera-http. Currently running PE 2016.1.1.

Below is a hiera test with debug output.

[root@plxlb-puppet puppet]# hiera httptest -d -c /etc/puppetlabs/puppet/hiera.yaml environment=lab
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/hiera/config.rb:78:in `rescue in block in load_backends': Cannot load backend http: cannot load such file -- hiera/backend/http_backend (RuntimeError)
        from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/hiera/config.rb:75:in `block in load_backends'
        from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/hiera/config.rb:74:in `each'
        from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/hiera/config.rb:74:in `load_backends'
        from /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/hiera.rb:47:in `initialize'
        from /usr/local/bin/hiera:232:in `new'
        from /usr/local/bin/hiera:232:in `<main>'

Below is my hiera.yaml file

---
:backends:
  - http
  - yaml

:logger: console
:merge_behavior: deeper
:deep_merge_options:
  :knockout_prefix: '--'

:hierarchy:
  - "nodes/%{clientcert}"
  - "products/%{product}/clients/%{client_id}/roles/%{role}"
  - "products/%{product}/clients/%{client_id}"
  - "products/%{product}/roles/%{role}/client_environments/%{client_environment.type}"
  - "products/%{product}/roles/%{role}"
  - "products/%{product}/common"
  - "common"

:yaml:
  :datadir: /etc/puppetlabs/code/environments/%{environment}/hieradata

# datadir is empty here, so hiera uses its defaults:
# - /etc/puppetlabs/code/environments/%{environment}/hieradata on *nix
# - %CommonAppData%\PuppetLabs\code\environments\%{environment}\hieradata on Windows
# When specifying a datadir, make sure the directory exists.

:http:
  :host: 10.X.X.X
  :port: 8080
  :output: json
  :cache_timeout: 10
  :headers:
    :Authorization: Basic AAAAAAA
  :paths:
    - /hiera/common/common

Im using mongoDB with a restAPI in front of it. Im not exactly sure whats going on and would appreciate some assistance if possible.

Trying to add hiera_http to my PE for couple days already.
But no luck :/
Already can't see where to look for the issue.

hiera-http v3
puppet pe 2017.1
lookup_http 1.0.3

Debug: Runtime environment: puppet_version=4.9.4, ruby_version=2.1.9, run_mode=agent, default_encoding=UTF-8

Only error I'm getting is:

Info: Using configured environment 'development'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Puppet::Parser::Compiler failed with error NoMethodError: undefined method `exist?' for :URI::HTTP on node i-048d3b34aa9cdce30.elastic.aws.example.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run

debug output shows nothing special
can't see anything useful in server logs as well :/

installed lookup_http like everywhere
And yes, first trying to run setup on my test node in development environment.. but have installed hiera_http module in production as well.

here is hiera config

version: 5
defaults:
  datadir: data
  data_hash: yaml_data
hierarchy:
  - name: "REST datastore"
    lookup_key: hiera_http
    uris:
      - http://localhost:5984/hiera/common
    options:
      output: json
      ignore_404: true

curl -s 'http://localhost:5984/hiera/common' | jq
{
  "_id": "common",
  "_rev": "1-7da81ab091a7992a62d9aae7281f70a8",
  "hierahttp": "hooray! it works"
}

tried uri instead of uris
tried to disable hiera 'defaults' and couple other classic yaml hierarchies leaving only hiera_http...
Nothing changes this error

What should the data retrieved from the HTTP service look like?

If there's documentation on Puppet Labs' site that answers this, could you link to it? :)

Hi Craig,
I am using your all new hiera lookup module v3.0.0.

While trying to access data residing on a PHP based script, I had some trouble to access the data when I tried to use GET parameters: https://wiki/wiki/Testpage?action=raw

The URL was properly printed in puppet lookup --explain, but I always had an error and no data for my node:

lookup_http failed wrong status line: "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>"

That led me to the cause: the URI didn't arrive with its GET parameters, as those where secretly escaped by URI.escape(context.interpolate(uri.path)). Thus my PHP script always gave me the HTML data, not the raw YAML data I wanted.

Any idead how to deal with that? I'm not that into proper Ruby coding...

Cheers,
Oliver

Hi,

I have a puppet server running on-prem with hiera_http version 5 working perfectly.

However I have the task to migrate it to a Kubernetes cluster.
I have now a new puppet server instance running on k8s and I can also already fetch my puppet code from my puppet remote repo.

The only problem now is that the same setup I did for working with hiera_http on-prem simply does not work in the k8s environment.

I used puppetlabs helm-chart to install puppet on k8s and I have correctly set the hiera configuration.

On the server pod, I manually installed hiera_http plugin (Cause I don't know yet where I'd configure that in the helm-chart, but for testing stage should be enough installing manually on the pod).

But then, I continue getting this error, and I assume it is like if the plugin is not even installed?

Has anyone successfully used hiera_http in a puppet instance running on k8s before and may have an answer to this issue?

Thank you.

We are using a CouchDB v2 backend and our document names look like this:

• companya%2Fdev
• companyb%2Fproduction
• companyc%2Fwebserver-test-01

We have a web frontend that resolves the literal %2F to a / so it looks pretty in the GUI editor. So our hierarchy uris should be something like this:

  - "http://localhost:5984/configuration/%{fqdn}"
  - "http://localhost:5984/configuration/%{ec2_tag_company}%2F%{ec2_tag_name}"
  - "http://localhost:5984/configuration/%{ec2_tag_company}%2F%{environment}"
  - "http://localhost:5984/configuration/%{ec2_tag_company}"
  - "http://localhost:5984/configuration/%{environment}"
  - "http://localhost:5984/configuration/common"

However hiera_http is turning %2F into %252F during the lookup which means the right document isn't ever found. Is there a way to have literal %2F in the uri?

Here is what I had to do to get this working in PE 2015.2

gem install lookup_http
/opt/puppetlabs/puppet/bin/gem install hiera-http
/opt/puppetlabs/puppet/bin/gem install lookup_http
# ugly part
cp /usr/lib/ruby/gems/1.8/gems/lookup_http-1.0.0/lib/lookup_http.rb /opt/puppetlabs/puppet/lib/ruby/vendor_ruby

the gem install at /opt/puppetlabs/puppet/bin/gem did not resolve the issue. I had to manually copy the file into /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/ which isn't a good solution but it works

I'm sorry to be the one to do this, but the latest release doesn't work with Ruby 1.8.7. I know this version is retired but unfortunately we're running RHEL 6 and that's the version shipped with it.

The error is:

$ hiera notif_custom_packages ::fqdn=aulab-cdm01.rim.au.gsoa
/usr/lib/ruby/gems/1.8/gems/hiera-http-1.3.0/lib/hiera/backend/http_backend.rb:157:in `periodically_clean_cache': undefined method `select!' for {}:Hash (NoMethodError)
        from /usr/lib/ruby/gems/1.8/gems/hiera-http-1.3.0/lib/hiera/backend/http_backend.rb:113:in `http_get_and_parse_with_cache'
        from /usr/lib/ruby/gems/1.8/gems/hiera-http-1.3.0/lib/hiera/backend/http_backend.rb:51:in `lookup'
        from /usr/lib/ruby/gems/1.8/gems/hiera-http-1.3.0/lib/hiera/backend/http_backend.rb:47:in `each'
        from /usr/lib/ruby/gems/1.8/gems/hiera-http-1.3.0/lib/hiera/backend/http_backend.rb:47:in `lookup'
        from /usr/lib/ruby/site_ruby/1.8/hiera/backend.rb:206:in `lookup'
        from /usr/lib/ruby/site_ruby/1.8/hiera/backend.rb:203:in `each'
        from /usr/lib/ruby/site_ruby/1.8/hiera/backend.rb:203:in `lookup'
        from /usr/lib/ruby/site_ruby/1.8/hiera.rb:60:in `lookup'
        from /usr/bin/hiera:225

The code causing this is part of commit 022b64e

The fix is quite simple, use delete_if instead of select! and reverse the logic. I will submit a pull request for this.

Hi, after moving code to lookup_http, confine_to_keys parameter isn't working.

After spending a couple of hours this morning trying to get this to work, I finally re-read the documentation and noticed the note about %{key} not being interpolated any more. As a result, at the end of my URI, I added __KEY__, but when queried with puppet lookup it returns lookup_options in place of __KEY__. Is there a way to resolve this?

I am finding that lookups are very slow, to the extent where sometimes it times out and the puppet run fails.

This could of course be down to the web server providing the json.

It does seem make an http request every time it looks up something even if it has already looked up that file during that run.

Do you have any recommendations for working around this, e.g caching?

Reading the Hiera 5 docs, it looks like I can use data interpolation to have fact lookups inside a hiera data source (https://puppet.com/docs/puppet/5.0/hiera_interpolation.html).

This doesn't seem to work with hiera-http, eg:

At the moment I am trying to do a simple test of:

class foo (
  $bar = lookup("some::path::var")
) {
  notify { 'bar':
    message => $bar
  }
}

Couchdb:

{
  "some::path::var": "%{::fqdn}"
}

But my notify output is always:

Notice: /Stage[main]/Foo::Notify[bar]/message:current_value absent, should be %{::fqdn} (noop)

Any ideas why this isn't getting resolved as the fqdn fact?

I am using couchdb and when I run a query on a boolean value if that boolean value is true it will be returned as true, if that boolean value is false it will be returned as not existing (nil). I have confirmed this is a result of this backend and not a larger hiera issue, when I ran the test with using hiera with json files it reported both true and false correctly.

I've been working in a hybrid environment with manually provisioned machines - where it's OK to manually insert/update hiera keys using versioned YAML files. And dynamically provisioned machines, where I would need to insert/update hiera keys in an non-interactive way (through an API call or database script, i.e. an scriptable way).

Is it feasible to perform hiera-http lookups only if node related criteria are met? Does scope variable could be used for this purpose? (.e.g. nodes with a specific name pattern)

Hi, I've been testing this module on my installation PE-2016-2.1 , if I'm using hiera command to make a request that is working fine but when I'm trying to use from manifests it show me an error.

Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Evaluation Error: Error while evaluating a Function Call, Cannot load backend http: no such file to load -- hiera/backend/http_backend at /etc/puppetlabs/code/environments/production/manifests/site.pp:34:3 on node XXXXXX
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run

Here is my basic site.pp

node default {
hiera_include('classes')
}

After some resesarch, I realized that the path where the library were installed is not correct for this puppet version. So I've to moved the files from /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/hiera-http-2.0.0/lib/hiera/backend to /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/hiera/backend and do the same thing for /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/lookup_http-1.0.0/lib/lookup_http.rb to /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/

After that I tested my agent and worked fine.

Are there any plans of supporting hiera 5? Puppet changed how backends are built and it definitely is much easier to build as its basically just a puppet function now:

https://docs.puppet.com/puppet/4.9/hiera_custom_backends.html
https://docs.puppet.com/puppet/4.9/hiera_custom_lookup_key.html

Deprecation is set for puppet 6 so there is plenty of time to migrate. We are not using Hiera 5 yet but I figured id at least get this open as there are some really cool features in 5 that you do not need to fully migrate over to get.

Due to the way that Hiera 5 works, parameters are no longer defaulted to GLOBAL scope. As a result, when attempting to use lookup(somestring) against an HTTP backend, like Consul for example, is either 1) ignored when this module is referenced in module-level hiera or 2) required to be in global scope to actually serve the lookups.

Putting the hiera-http lookups in global scope would cause WAY too many lookups against the HTTP backend, especially in cases where I know I don't need to lookup against the HTTP backend.

I could do lookup(mymodule::somestring) but then my URI ends up being http://example.com/path/to/uri/mymodule::somestring, and when wishing to use this with Consul, just makes it extremely messy.

I have instead modified the hiera_http.rb file to allow the context of lookup(mymodule::somestring)' to remove the scoped variable header and thus will lookup mymodule::somestringassomestring`.

This allows for my modules to determine when/how to look things up without having to confine the keys and then manage them globally. Thoughts?

Lines 29-31 below. I added line 30.
options['uri'].gsub! 'KEY', key
options['uri'].gsub!(/([^\/]*::)/, '')
result = http_get(context, options)

The 'paths' component seems to be a redundancy to the :hierachy: structure and becomes additional hierarchies to traverse. I would have expected to define a base path and then the hierarchies would be added to that structure so that:

:hierarchies:

• a
• b

:paths:

• /conf
• /moreconf

would lookup keys in:
/conf/a
/conf/b
/moreconf/a
/moreconf/b

This would mimic the process that other backends use. Just wanted your thoughts before I spent any time trying to implement this functionality? Ultimately I would be rolling this up to the hiera_consul backend, which was inspired by your work.

I'm having trouble getting this working with puppetserver-2.1.2-1.el6.noarch.

The error appears to be something to do with parsing the paths. In my hiera.yaml, I have:

:paths:
    - /hiera/%{key}

When this is parsed, the %{key} value is simply removed, not transformed into the key value, so it makes a lookup against:
/hiera/

I've logged out the data before and after the call to parse_string, and it's definitely line 50 causing the problem. Any ideas what could be causing this? I have hiera_http working fine with my old puppet server (2.7), so it must be a problem with my new server config, possibly the ruby version (2.0)?

I'm also having issues debugging this, because I have to modify my catalogue, run puppet, restart the puppetserver, run puppet again, then check the logs, any tips for debugging more efficiently?

this has happens because order_override is an empty array [] in my case. dunno where this comes from.

the following code (http_backend.rb line 52) in hiera-http inserts the empty array at position 0 in the paths array:

paths.insert(0, order_override) if order_override

if order_override is an empty array we end up with

[ [ ],"/first", "/second" ]

end the first element [] gets pass all the way down to net/http, which complains rightfully about the empty path.

as a quick fix i changed this to

paths.insert(0, order_override).flatten! if order_override

will open a pull request for this as well.

thanks
toni

Hi,

There seems to be an issue looking up keys over http with version 2.0.0.

I perform hiera lookup with 'hiera -c hiera.yaml -d keyName' and get the following error:

/usr/lib/ruby/gems/1.8/gems/hiera-http-2.0.0/lib/hiera/backend/http_backend.rb:28: warning: multiple values for a block parameter (2 for 1)
        from /usr/lib/ruby/gems/1.8/gems/hiera-http-2.0.0/lib/hiera/backend/http_backend.rb:28
/usr/lib/ruby/gems/1.8/gems/hiera-http-2.0.0/lib/hiera/backend/http_backend.rb:28: warning: multiple values for a block parameter (2 for 1)
        from /usr/lib/ruby/gems/1.8/gems/hiera-http-2.0.0/lib/hiera/backend/http_backend.rb:28
/usr/lib/ruby/gems/1.8/gems/hiera-http-2.0.0/lib/hiera/backend/http_backend.rb:28: warning: multiple values for a block parameter (2 for 1)
        from /usr/lib/ruby/gems/1.8/gems/hiera-http-2.0.0/lib/hiera/backend/http_backend.rb:28
/usr/lib/ruby/gems/1.8/gems/hiera-http-2.0.0/lib/hiera/backend/http_backend.rb:28: warning: multiple values for a block parameter (2 for 1)
        from /usr/lib/ruby/gems/1.8/gems/hiera-http-2.0.0/lib/hiera/backend/http_backend.rb:28
/usr/lib/ruby/gems/1.8/gems/hiera-http-2.0.0/lib/hiera/backend/http_backend.rb:28: warning: multiple values for a block parameter (2 for 1)
        from /usr/lib/ruby/gems/1.8/gems/hiera-http-2.0.0/lib/hiera/backend/http_backend.rb:28
/usr/lib/ruby/gems/1.8/gems/hiera-http-2.0.0/lib/hiera/backend/http_backend.rb:30:in `initialize': undefined method `merge' for []:Array (NoMethodError)
        from /usr/lib/ruby/site_ruby/1.8/hiera/backend.rb:205:in `new'
        from /usr/lib/ruby/site_ruby/1.8/hiera/backend.rb:205:in `lookup'
        from /usr/lib/ruby/site_ruby/1.8/hiera/backend.rb:203:in `each'
        from /usr/lib/ruby/site_ruby/1.8/hiera/backend.rb:203:in `lookup'
        from /usr/lib/ruby/site_ruby/1.8/hiera.rb:60:in `lookup'
        from /usr/bin/hiera:225

This doesn't happen in hiera-http version 1.4.0. I am using ruby version 1.8.7.

If a lookup fails, I only get a generic '400' error from the puppet client, and I have to go and look in the master logs to figure out which key is failing. It would be great if the client could display the name of the key which is being looked up, so that I can fix my catalog or my web service.

Use case

We are using the Hiera backend (version 1.4.0) to download YAML files for our Puppet deployment manifests.

Environment

Internally we are working with Maven (https://maven.apache.org/) and Nexus OSS (http://www.sonatype.org/nexus/go/) to develop our packages that shall be deployed by Puppet.

In Nexus, artifacts that are developed have a name suffix "-SNAPSHOT", Nexus itself uses a redirect to deliver the latest SNAPSHOT version. A URL to a SNAPSHOT artifact looks like this:
http://internal.nexus.host:8080/service/local/artifact/maven/redirect?r=snapshots&g=ecg&a=our.artifact&v=1.0.0-SNAPSHOT&e=yaml

We are running Puppet (Version 3.6.2 with Ruby 1.9) apply command with Hiera configuration file to read values from a YAML file from our Nexus. This is the command line (Windows / Batch File)

puppet apply --modulepath=\\host.intern\modules -l %LogDir%\puppetizer.log --hiera_config=yaml\our_hiera_config.yaml .\manifests\doit.pp

Our Hiera configuration file (yaml\our_hiera_config.yaml) has this configuration:

:http:
  :host: internal.nexus.host
  :port: 8080
  :output: yaml
  :failure: graceful
  :paths:
    - /service/local/artifact/maven/redirect?r=snapshots&g=ecg&a=our.artifact&v=1.0.0-SNAPSHOT&e=yaml

Error

We are getting the following log output from Puppet:

2015-07-14 13:25:12 +0200 Puppet (debug): hiera(): [hiera-http]: Lookup url_authentication from internal.nexus.host:8080/service/local/artifact/maven/redirect?r=snapshots&g=ecg&a=our.artifact&v=1.0.0-SNAPSHOT&e=yaml
2015-07-14 13:25:12 +0200 Puppet (debug): hiera(): [hiera-http]: bad http response from internal.nexus.host:8080/service/local/artifact/maven/redirect?r=snapshots&g=ecg&a=our.artifact&v=1.0.0-SNAPSHOT&e=yaml
2015-07-14 13:25:12 +0200 Puppet (debug): hiera(): HTTP response code was 307

I am able to reproduce that by running Hiera alone, command:

C:\work\hiera-3.0.1\bin>hiera some_variable --debug --config C:\users\krulls\test.yaml

setting
set RUBYLIB=C:\work\hiera-http-1.4.0\lib
to include the Hiera http backend, of course

and result:

DEBUG: 2015-07-15 13:49:17 +0200: [hiera-http]: Lookup maven_artifact_full_id_authentication from internal.nexus.host:8080/service/local/artifact/maven/redirect?r=snapshots&g=ecg&a=our.artifact&v=1.0.0-SNAPSHOT&e=yaml
DEBUG: 2015-07-15 13:49:17 +0200: [hiera-http]: bad http response from internal.nexus.host:8080/service/local/artifact/maven/redirect?r=snapshots&g=ecg&a=our.artifact&v=1.0.0-SNAPSHOT&e=yaml
DEBUG: 2015-07-15 13:49:17 +0200: HTTP response code was 307
nil

Guesses

Quoting the 'paths' entry

like

  :paths:
    - "/service/local/artifact/maven/redirect?r=snapshots&g=ecg&a=our.artifact&v=1.0.0-SNAPSHOT&e=yaml"

--> Did not succeed

Unhandled http response code

This could be a problem with the underlying handler for http request. Maybe it is not able to work correctly with the certain HTTP code 307, see :
Nexus REST redirect reference?
Issue on an ANT task
SO question regarding Nexus REST API and WGET

Trying to call the REST API through this module and want to update the agent nodes. But getting the following error:

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: lookup_http failed Bad HTTP response on node ip-XXXX.ec2.internal

Is have eyaml or GPG support something that should/could be added to this backend? I don't see a generic hiera function that could be used for decrypting paramaters brought from a custom backend.

I figure there is already transport security with SSL/TLS but having secrets encrypted in the lookup location would add an extra layer of security.

Allowing administrators to store encrypted variables in a http based backed, and allowing hiera-http to decrypt these variables before passing them to hiere would solve keeping plain text secrets in the lookup location and not require a separate hiera-http backend to be used.

I'm interested if this is the right place to impliment this feature, or if a better solution already exists.

Hi,
I'm trying to query this api -https://home-assistant.io/developers/rest_api/

# curl -s -X GET -H "Content-Type: application/json" 'http://ha.ash.lan:8123/api/states/switch.block_facebook' | json_pp 
{
   "attributes" : {
      "friendly_name" : "Block Facebook Domains"
   },
   "entity_id" : "switch.block_facebook",
   "state" : "on"
}

Since I need to look up the state for an entity_id I was thinking I should load
the entity_id raw and then process the hash in puppet.

---
:backends:
- yaml
- http

:hierarchy:
 - "hieradata/%{calling_class}"
  - hieradata/common

:yaml:
  :datadir: "/etc/puppet/environments/%{environment}"

:http:
  :host: ha.ash.lan
  :port: 8123
  :output: plain
  :cache_timeout: 20
  :paths:
  - "/api/states/%{key}"

And subsequent puppet.

$hash =  parse_json(hiera('switch.block_facebook'))

puppetmaster logs always contain:

Mar 15 20:56:43 puppet.ash.lan puppet-master[24746]: Undefined variable 'key';
Mar 15 20:56:43 puppet.ash.lan puppet-master[24746]: (file & line not available)

From the hiera command line everything is good:

# hiera -c /etc/puppet/hiera.yaml -d switch.block_facebook
DEBUG: 2017-03-15 21:01:25 +0000: Hiera YAML backend starting
DEBUG: 2017-03-15 21:01:25 +0000: Looking up switch.block_facebook in YAML backend
DEBUG: 2017-03-15 21:01:25 +0000: Looking for data source hieradata/common
DEBUG: 2017-03-15 21:01:25 +0000: Cannot find datafile /etc/puppet/environments/hieradata/common.yaml, skipping
DEBUG: 2017-03-15 21:01:25 +0000: [hiera-http]: Lookup switch.block_facebook from ha.ash.lan:8123/api/states/switch.block_facebook
DEBUG: 2017-03-15 21:01:25 +0000: [hiera-http]: Query returned data, parsing response as plain
{"attributes": {"friendly_name": "Block Facebook Domains"}, "entity_id": "switch.block_facebook", "last_changed": "2017-03-15T20:27:46.478535+00:00", "last_updated": "2017-03-15T20:27:46.478535+00:00", "state": "on"}

If I hardcode the %{key} value in the http paths then thing not working fails as below.
hiera command line still works.

puppet-master[26230]: value of hiera lookup_options must be a hash
puppet-master[26230]: value of hiera lookup_options must be a hash on node puppet.ash.lan

It does seem to just be the %{key} substitution that is not behaving itself.

If you have any suggestions , I've tried many close permutations of the above.

Hi,

Does anyone know what is causing this error in puppet agent -t runs:

Info: Retrieving locales
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Unable to find 'lookup_key' function named 'hiera_http' (file: /etc/puppetlabs/code/environments/puppetserver/hiera.yaml) on node puppet-test-xxxxx.us-east-1a.aws.internalco.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run

The hiera.yaml file is this:

# cat hiera.yaml 
---
version: 5

hierarchy:
  - name: "Hiera-HTTP lookup"
    lookup_key: hiera_http
    uris:
      - http://puppet-ca-xxxxx.us-east-1a.aws.internalco.com:5984/host/%{trusted.certname}
      - http://puppet-ca-xxxxx.us-east-1a.aws.internalco.com:5984/dc/%{facts.location}
      - http://puppet-ca-xxxxx.us-east-1a.aws.internalco.com:5984/role/%{facts.role}
    options:
      output: json
      ignore_404: true 

The gems are installed:

# gem list | grep -i lookup
lookup_http (1.0.3)
# puppetserver gem list | grep -i lookup
lookup_http (1.0.3)

It appears that the yaml_handler() method only accepts one argument, but I think it should have both (key, answer)

I am using PE 2017.3 with Hiera 5 backend along with Jenkins 2.11. I have already integrated Jenkins to Puppet with puppet pipeline plugin and it's working fine.

Issue: not able to lookup key from puppet lookup or puppet manifest. I have tried interpolating all tags but nothing worked.

[root@puppetmaster puppet]# puppet lookup test::test_hiera::myname --environment production --explain Warning: Module 'puppet_enterprise': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/pe.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/pe.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/pe.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/pe.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/pe.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/pe.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/pe.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/common.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/common.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/common.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/common.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/common.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/common.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/common.conf', must use keys qualified with the name of the module Warning: Module 'pe_repo': Value returned from data_hash function 'hocon_data', when using location '/etc/puppetlabs/enterprise/conf.d/common.conf', must use keys qualified with the name of the module Searching for "lookup_options" Module data provider for module "test" not found Searching for "test::test_hiera::myname" Global Data Provider (hiera configuration version 5) Using configuration "/etc/puppetlabs/puppet/hiera.yaml" Hierarchy entry "Jenkins data source" URI "http://myjenkins:8181/hiera/lookup?scope=jenkins&key=__KEY__" Original uri: "http://myjenkins:8181/hiera/lookup?scope=jenkins&key=__KEY__" No such key: "test::test_hiera::myname" Querying http://myjenkins:8181/hiera/lookup?scope=jenkins&key=test::test_hiera::myname URI "http://myjenkins:8181/hiera/lookup?scope=puppetmaster&key=__KEY__" Original uri: "http://myjenkins:8181/hiera/lookup?scope=%{trusted.certname}&key=__KEY__" No such key: "test::test_hiera::myname" Querying http://myjenkins:8181/hiera/lookup?scope=puppetmaster&key=test::test_hiera::myname URI "http://myjenkins:8181/hiera/lookup?scope=puppetmaster&key=__MODULE__" Original uri: "http://myjenkins:8181/hiera/lookup?scope=%{trusted.certname}&key=__MODULE__" No such key: "test::test_hiera::myname" Querying http://myjenkins:8181/hiera/lookup?scope=puppetmaster&key=test URI "http://myjenkins:8181/hiera/lookup?scope=puppetmaster&key=__CLASS__" Original uri: "http://myjenkins:8181/hiera/lookup?scope=%{trusted.certname}&key=__CLASS__" No such key: "test::test_hiera::myname" Querying http://myjenkins:8181/hiera/lookup?scope=puppetmaster&key=test::test_hiera URI "http://myjenkins:8181/hiera/lookup?scope=puppetmaster&key=__PARAMETER__" Original uri: "http://myjenkins:8181/hiera/lookup?scope=%{trusted.certname}&key=__PARAMETER__" No such key: "test::test_hiera::myname" Querying http://myjenkins:8181/hiera/lookup?scope=puppetmaster&key=myname URI "http://myjenkins:8181/hiera/lookup?scope=production&key=__KEY__" Original uri: "http://myjenkins:8181/hiera/lookup?scope=%{environment}&key=__KEY__" No such key: "test::test_hiera::myname" Querying http://myjenkins:8181/hiera/lookup?scope=production&key=test::test_hiera::myname Environment Data Provider (hiera configuration version 5) Using configuration "/etc/puppetlabs/code/environments/production/hiera.yaml" Hierarchy entry "Per-node data (yaml version)" Path "/etc/puppetlabs/code/environments/production/data/nodes/puppetmaster.yaml" Original path: "nodes/%{::trusted.certname}.yaml" Found key: "test::test_hiera::myname" value: "sharma"

The above code is able to put http query to Jenkins (logs showing 404 error) but couldn't fetch the value. it seems anything wrong at puppet server itself. please find hiera.yaml below:

`version: 5

defaults:
datadir: hieradata
data_hash: yaml_data

hierarchy:

• name: 'Jenkins data source'
  lookup_key: hiera_http
  uris:
  • "http://myjenkins:8181/hiera/lookup?scope=%{trusted.certname}&key=__KEY__"
  • "http://myjenkins:8181/hiera/lookup?scope=%{trusted.certname}&key=__MODULE__"
  • "http://myjenkins:8181/hiera/lookup?scope=%{trusted.certname}&key=__CLASS__"
  • "http://myjenkins:8181/hiera/lookup?scope=%{trusted.certname}&key=__PARAMETER__"
  • "http://myjenkins:8181/hiera/lookup?scope=%{environment}&key=__KEY__"
    options:
    output: json
    failure: graceful
    use_auth: false
    auth_user: admin
    auth_pass: xxxxx`

Please let me know if I have a mis-configuration here. I have struggled a lot to solve this but couldn't find much information on web.

Somehow adding this gem to the puppetserver ruby and including this stanza in my hiera.yaml caused PuppetDB to stop storing reports without reporting any actual errors in the logs:

  - name: "Hiera-HTTP lookup"
    lookup_key: hiera_http
    uris:
      - "http://localhost:8500/v1/kv/hiera/nodes/%{trusted.certname}__KEY__"
      - "http://localhost:8500/v1/kv/hiera/common/__KEY__"
      - "http://localhost:8500/v1/kv/hiera/__KEY__"
    options:
      output: json
      ignore_404: true
      dif: true
      dig_key: Value
      failure: graceful

I notice also that the compatibility list on the module doesn't include 16.04 and this is on a 16.04 server. Is the compatibility list accurate?

Puppet 5.5.14, PuppetDB 5.2.8 on Postgres 9.6, Puppetserver 5.3.8

Hello,

I have hiera version 1.3.4 and the most recent hiera-http plugin

After I unzip the folder, I installed it and modify hiera.yaml file :

:Backend: ['http']

:http:
:host: couchdb.address
:port: 5984
:output: json
:failure: graceful
:path:

• /dbname/%{clientcert}
• /dbname/%{environment}
• /dbname/document_name

After it I tried to run: hiera -d nameField -c path/of/hiera.yaml and its final result is nil.

Unfortunately, it seems like the plug-in is not recognize by hiera and it search only yaml files.

Help please!
Thanks,
Bar.

When the values from interpolated variables require escaping in order to be assembled into valid URIs, it is impossible to use them.

This is due to HI-612: within Hiera itself, the URI must already be valid immediately after variable interpolation, or the lookup will fail long before reaching hiera-http code. I also cannot pre-escape the URI, because hiera-http will later escape it a second time.

I think that the right solution is for Hiera itself to perform URI escaping as I proposed on HI-612, and for hiera-http to remove the escaping that currently happens in http_get.

Currently, the best workaround we have found is to individually pre-escape and reassign variables used for hiera-http paths and to use those instead. However, this also required us to fork hiera-http and remove the escaping in http_get in order to prevent them from being doubly escaped.