Locate Module on the Forge
Locate the module in question on the forge. The next step is to identify any other unmet dependancies for the forge module and make note of them as well. For example the Chocolatey forge module requires windows_env and powershell as dependancies. Typically googling for the module author, module name, and the word Puppet will turn up the appropriate github result.
Add The Submodule
Adding the submodule is done via the CLI on your local instance.
git submodule add <path to clone from git> <path within Puppet repo>
Generally speaking the path within the Puppet will be modules/<module name>
The below example is for Chocolatey:
git submodule add git
Init and Update The Submodule
Once you have added the git submodule you will need to initialize and update it using the following commands:
Commit to Origin
The next step in the process is to commit the changes to our Github instance. Depending on the preferred workflow of the team this can either be done as a Pull Request or committed straight into prod.
Your git status should show changes to the .gitmodules directory.
Pulling to Puppet Master
Pull production to the production environment. This will not initialize or update the module, this will simply update the git module. The steps below will initialize and update the submodule within the production master.
git submodule update <modulename>
In 2018 SSL is a fact of life everywhere. Below are a couple of common useful tips:
Generating a CSR and key from a bash script:
#Written By firstname.lastname@example.org
#Last Modified April 20, 2016
#Auto-Generate CSR and Key file for SHA-256 SSL Certs
#Required Site Info
#Check for Site Name, If missing error output will be displayed
if [ -z "$sitename" ]
echo "Error! No site name provided, please provide a sitename after typing newcert.sh. ex: newcert.sh mysite.com"
#Generate CSR and Key
openssl req -new -newkey rsa:2048 -nodes -sha256 -keyout ~/$sitename.key -out ~/$sitename.csr
#Show CSR to copy and Paste
echo "Your request completed successfully, copy the CSR below and use a certificate provider to generate an SSL certificate from this CSR"
Comparing a newly issues crt to its keyfile to ensure they match:
openssl x509 -noout -modulus -in mydomain.com.crt | openssl md5
openssl rsa -noout -modulus -in mydomain.com.key | openssl md5
The output from these should be a matching MD5 string, if the values do not match you have a cert/key mismatch.
Converting crt and key to pfx:
openssl pkcs12 -export -out mydomain.com.pfx -inkey mydomain.com.key -in mydomain.com.crt