Would it be possible to side-load this into PuppetDB? For instance, instead of running the full list of checks with every run of puppet, have a cron job (or something) that runs the list and feeds the data directly into PuppetDB for the node.
That would take the pressure off of each Puppet run but still make the data available. A nifty MCollective plugin for triggering full runs or targeting specific CVE regexes would be handy for catching things like Shellshock. For skipping facts, why not use a JSON/YAML file? Trevor On Sun, Oct 12, 2014 at 5:16 PM, Felix Frank < felix.fr...@alumni.tu-berlin.de> wrote: > On 10/11/2014 02:22 AM, Garrett Honeycutt wrote: > > We could check if a file exists in a directory and if so, skip the fact. > > Suggest using */usr/local/etc/cve/*<fact_name> > > What do you think? > > > Sure, some thing in the file system. > > I suggest to not hard code locations. This should be a parameter. > > Cheers, > Felix > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/543AEFAB.1070906%40Alumni.TU-Berlin.de > <https://groups.google.com/d/msgid/puppet-users/543AEFAB.1070906%40Alumni.TU-Berlin.de?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 tvaug...@onyxpoint.com -- This account not approved for unencrypted proprietary information -- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANs%2BFoW%2BkVBaMH-cus%2BYSnsowK0c-abG%2BTJdBDLnEpVoJDy3hQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
