Compilation results for cp7009.magru.wmnet: System changes detected

Catalog differences

Summary

Resources only in the new catalog

• Concat_file[/etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources]
• Apt::Package_from_component[haproxy]
• Exec[apt_package_from_component_haproxy]
• Exec[apt_pin_apt_pin_haproxy]
• Apt::Pin[apt_pin_haproxy]
• Concat_fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia-header]
• File[/etc/apt/preferences.d/apt_pin_haproxy.pref]
• Exec[apt_repository_thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]
• Apt::Repository[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]
• Concat[/etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources]
• Concat::Fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia-header]
• Concat_fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]
• File[/etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.list]
• Concat::Fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]

Resources modified

• Apt::Repository[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]

  Parameters differences:

  --- Apt::Repository[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia].orig
  +++ Apt::Repository[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]
  
  +    keyfile                  => puppet:///modules/install_server/autoinstall/keyring/wikimedia-archive-keyring.gpg
  +    dist                     => trixie-wikimedia
  +    trust_repo               => False
  +    ensure                   => present
  +    allow_releaseinfo_change => False
  +    components               => thirdparty/haproxy32
  +    bin                      => True
  +    uri                      => http://apt.wikimedia.org/wikimedia
  +    source                   => True
  

• Class[Haproxy]

  Parameters differences:

  --- Class[Haproxy].orig
  +++ Class[Haproxy]
  
  @@
  -    config_content => # Note: This file is managed by puppet.
  global
      user haproxy
      group haproxy
      stats socket /run/haproxy/haproxy.sock mode 600 expose-fd listeners level admin
      log /var/lib/haproxy/dev/log local0 info
      log /var/run/haproxykafka/haproxykafka.sock len 8192 format rfc5424 local0 info
      tune.http.logurilen 2048
      # do not keep old processes longer than 1m after a reload
      hard-stop-after 1m
      set-dumpable
      nbthread 48
      # NB: mapping too many cores (>~60) will cause HAProxy to complain about
      # too long of a line and fail to start
      cpu-map 1/1- 0 48 2 50 4 52 6 54 8 56 10 58 12 60 14 62 16 64 18 66 20 68 22 70 24 72 26 74 28 76 30 78 32 80 34 82 36 84 38 86 40 88 42 90 44 92 46 94
  
      lua-prepend-path /etc/haproxy/lua/private/?.lua
      lua-load-per-thread /etc/haproxy/lua/private/main.lua
      lua-load-per-thread /etc/haproxy/lua/maxmind-lookup.lua
      tune.ssl.capture-buffer-size 96
      lua-load-per-thread /etc/haproxy/lua/ja3n.lua
      lua-load-per-thread /etc/haproxy/lua/ja4h.lua
      lua-load-per-thread /etc/haproxy/lua/utf8ps.lua
      lua-load-per-thread /etc/haproxy/lua/contact_info.lua
      lua-load-per-thread /etc/haproxy/lua/cidergrinder_mmdb.lua /usr/share/CIDERGRINDER/anonymous-residential.cider.mmdb
      lua-load-per-thread /etc/haproxy/lua/cidergrinder_bloom.lua /usr/share/CIDERGRINDER/anonymous-residential.cider.bloom
  
      ssl-default-bind-options ssl-min-ver TLSv1.2 ssl-max-ver TLSv1.3
      ssl-default-bind-ciphers -ALL:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256
      ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384
      ssl-dh-param-file /etc/ssl/dhparam.pem
      tune.ssl.cachesize 512000
      tune.ssl.lifetime 86400
      maxconn 200000
  
  
      tune.h2.header-table-size 4096
      tune.h2.initial-window-size 65535
      tune.h2.max-concurrent-streams 100
  
  
  defaults
      mode       http
      log-format "%rt %Tr %Tw %Tc %ST {%[capture.req.hdr(0)]} {%[capture.res.hdr(0)]} %ts"
      log-format-sd %{+E}o\ [haproxykafka@0\ server_pid=\"%pid\"\ ip=\"%ci\"\ sequence=\"%rt\"\ dt=\"%tr\"\ time_backend_response=\"%Tr\"\ http_status=\"%ST\"\ response_size=\"%B\"\ termination_state=\"%ts\"\ uri_host=\"%[capture.req.hdr(0),lua.utf8ps]\"\ referer=\"%[capture.req.hdr(1),lua.utf8ps]\"\ user_agent=\"%[capture.req.hdr(2),lua.utf8ps]\"\ accept_language=\"%[capture.req.hdr(3),lua.utf8ps]\"\ range=\"%[capture.req.hdr(4),lua.utf8ps]\"\ accept=\"%[capture.req.hdr(5),lua.utf8ps]\"\ tls=\"%[var(txn.tls)]\"\ cache_status=\"%[var(txn.x_cache_status)]\"\ content_type=\"%[var(txn.content_type)]\"\ x_analytics=\"%[var(txn.x_analytics)]\"\ x_cache=\"%[var(txn.x_cache)]\"\ backend=\"%[var(txn.server)]\"\ http_method=\"%HM\"\ uri_path=\"%HPO\"\ uri_query=\"%HQ\"]
  
      option     dontlognull
      option     accept-invalid-http-request
      option     accept-invalid-http-response
      option     http-ignore-probes
      retries    1
      timeout    connect 50000
      timeout    client 500000
      timeout    server 500000
  
  +    config_content => # Note: This file is managed by puppet.
  global
      user haproxy
      group haproxy
      stats socket /run/haproxy/haproxy.sock mode 600 expose-fd listeners level admin
      log /var/lib/haproxy/dev/log local0 info
      log /var/run/haproxykafka/haproxykafka.sock len 8192 format rfc5424 local0 info
      tune.http.logurilen 2048
      # do not keep old processes longer than 1m after a reload
      hard-stop-after 1m
      set-dumpable
      nbthread 48
      # NB: mapping too many cores (>~60) will cause HAProxy to complain about
      # too long of a line and fail to start
      cpu-map 1/1- 0 48 2 50 4 52 6 54 8 56 10 58 12 60 14 62 16 64 18 66 20 68 22 70 24 72 26 74 28 76 30 78 32 80 34 82 36 84 38 86 40 88 42 90 44 92 46 94
  
      lua-prepend-path /etc/haproxy/lua/private/?.lua
      lua-load-per-thread /etc/haproxy/lua/private/main.lua
      lua-load-per-thread /etc/haproxy/lua/maxmind-lookup.lua
      tune.ssl.capture-buffer-size 96
      lua-load-per-thread /etc/haproxy/lua/ja3n.lua
      lua-load-per-thread /etc/haproxy/lua/ja4h.lua
      lua-load-per-thread /etc/haproxy/lua/utf8ps.lua
      lua-load-per-thread /etc/haproxy/lua/contact_info.lua
      lua-load-per-thread /etc/haproxy/lua/cidergrinder_mmdb.lua /usr/share/CIDERGRINDER/anonymous-residential.cider.mmdb
      lua-load-per-thread /etc/haproxy/lua/cidergrinder_bloom.lua /usr/share/CIDERGRINDER/anonymous-residential.cider.bloom
  
      ssl-default-bind-options ssl-min-ver TLSv1.2 ssl-max-ver TLSv1.3
      ssl-default-bind-ciphers -ALL:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256
      ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384
      ssl-dh-param-file /etc/ssl/dhparam.pem
      tune.ssl.cachesize 512000
      tune.ssl.lifetime 86400
      maxconn 200000
  
  
      tune.h2.header-table-size 4096
      tune.h2.max-concurrent-streams 100
  
  
  defaults
      mode       http
      log-format "%rt %Tr %Tw %Tc %ST {%[capture.req.hdr(0)]} {%[capture.res.hdr(0)]} %ts"
      log-format-sd %{+E}o\ [haproxykafka@0\ server_pid=\"%pid\"\ ip=\"%ci\"\ sequence=\"%rt\"\ dt=\"%tr\"\ time_backend_response=\"%Tr\"\ http_status=\"%ST\"\ response_size=\"%B\"\ termination_state=\"%ts\"\ uri_host=\"%[capture.req.hdr(0),lua.utf8ps]\"\ referer=\"%[capture.req.hdr(1),lua.utf8ps]\"\ user_agent=\"%[capture.req.hdr(2),lua.utf8ps]\"\ accept_language=\"%[capture.req.hdr(3),lua.utf8ps]\"\ range=\"%[capture.req.hdr(4),lua.utf8ps]\"\ accept=\"%[capture.req.hdr(5),lua.utf8ps]\"\ tls=\"%[var(txn.tls)]\"\ cache_status=\"%[var(txn.x_cache_status)]\"\ content_type=\"%[var(txn.content_type)]\"\ x_analytics=\"%[var(txn.x_analytics)]\"\ x_cache=\"%[var(txn.x_cache)]\"\ backend=\"%[var(txn.server)]\"\ http_method=\"%HM\"\ uri_path=\"%HPO\"\ uri_query=\"%HQ\"]
  
      option     dontlognull
      option     accept-invalid-http-request
      option     accept-invalid-http-response
      option     http-ignore-probes
      retries    1
      timeout    connect 50000
      timeout    client 500000
      timeout    server 500000
  
  

• File[/etc/haproxy/haproxy.cfg]

  Content differences:

  --- /etc/haproxy/haproxy.cfg.orig
  +++ /etc/haproxy/haproxy.cfg
  @@ -35,7 +35,6 @@
   
   
       tune.h2.header-table-size 4096
  -    tune.h2.initial-window-size 65535
       tune.h2.max-concurrent-streams 100
   
   

• Concat_file[/etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources]

  Parameters differences:

  --- Concat_file[/etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources].orig
  +++ Concat_file[/etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources]
  
  +    group          => root
  +    owner          => root
  +    backup         => puppet
  +    show_diff      => True
  +    force          => False
  +    mode           => 0444
  +    order          => alpha
  +    tag            => _etc_apt_sources.list.d_thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources
  +    replace        => True
  +    ensure_newline => False
  +    format         => plain
  

• Class[Profile::Cache::Haproxy]

  Parameters differences:

  --- Class[Profile::Cache::Haproxy].orig
  +++ Class[Profile::Cache::Haproxy]
  
  @@
  -    haproxy_version => haproxy30
  +    haproxy_version => haproxy32
  

• Exec[apt_pin_apt_pin_haproxy]

  Parameters differences:

  --- Exec[apt_pin_apt_pin_haproxy].orig
  +++ Exec[apt_pin_apt_pin_haproxy]
  
  +    command     => /usr/bin/apt-get update
  +    refreshonly => True
  

• Concat::Fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]

  Parameters differences:

  --- Concat::Fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia].orig
  +++ Concat::Fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]
  
  +    target => /etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources
  +    order  => 10
  

• File[/etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.list]

  Parameters differences:

  --- File[/etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.list].orig
  +++ File[/etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.list]
  
  +    ensure => absent
  +    group  => root
  +    owner  => root
  

• File[/etc/apt/preferences.d/apt_pin_haproxy.pref]

  Parameters differences:

  --- File[/etc/apt/preferences.d/apt_pin_haproxy.pref].orig
  +++ File[/etc/apt/preferences.d/apt_pin_haproxy.pref]
  
  +    mode   => 0444
  +    group  => root
  +    owner  => root
  +    ensure => present
  +    notify => Exec[apt_package_from_component_haproxy]
  

  Content differences:

  --- /etc/apt/preferences.d/apt_pin_haproxy.pref.orig
  +++ /etc/apt/preferences.d/apt_pin_haproxy.pref
  @@ -0,0 +1,3 @@
  +Package: haproxy
  +Pin: release c=thirdparty/haproxy32
  +Pin-Priority: 1002

• Concat_fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia-header]

  Parameters differences:

  --- Concat_fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia-header].orig
  +++ Concat_fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia-header]
  
  +    target => /etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources
  +    tag    => _etc_apt_sources.list.d_thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources
  +    source => puppet:///modules/apt/sources-deb822-header.txt
  +    order  => 01
  

• Concat::Fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia-header]

  Parameters differences:

  --- Concat::Fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia-header].orig
  +++ Concat::Fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia-header]
  
  +    target => /etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources
  +    order  => 01
  +    source => puppet:///modules/apt/sources-deb822-header.txt
  

• Exec[apt_repository_thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]

  Parameters differences:

  --- Exec[apt_repository_thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia].orig
  +++ Exec[apt_repository_thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]
  
  +    command     => /usr/bin/apt-get update 
  +    refreshonly => True
  

• Concat_fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]

  Parameters differences:

  --- Concat_fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia].orig
  +++ Concat_fragment[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]
  
  +    target => /etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources
  +    tag    => _etc_apt_sources.list.d_thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources
  +    order  => 10
  

  Content differences:

  --- thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.orig
  +++ thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia
  @@ -0,0 +1,5 @@
  +Types: deb deb-src
  +URIs: http://apt.wikimedia.org/wikimedia
  +Suites: trixie-wikimedia
  +Components: thirdparty/haproxy32
  +Signed-By: /etc/apt/keyrings/wikimedia-archive-keyring.gpg

• Apt::Package_from_component[haproxy]

  Parameters differences:

  --- Apt::Package_from_component[haproxy].orig
  +++ Apt::Package_from_component[haproxy]
  
  +    before          => Class[Haproxy]
  +    priority        => 1002
  +    component       => thirdparty/haproxy32
  +    packages        => ['haproxy']
  +    ensure_packages => False
  +    ensure          => present
  +    distro          => trixie-wikimedia
  +    uri             => http://apt.wikimedia.org/wikimedia
  

• Exec[apt_package_from_component_haproxy]

  Parameters differences:

  --- Exec[apt_package_from_component_haproxy].orig
  +++ Exec[apt_package_from_component_haproxy]
  
  +    subscribe   => Apt::Repository[thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]
  +    command     => /usr/bin/apt-get update
  +    refreshonly => True
  

• Concat[/etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources]

  Parameters differences:

  --- Concat[/etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources].orig
  +++ Concat[/etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources]
  
  +    replace        => True
  +    group          => root
  +    owner          => root
  +    backup         => puppet
  +    path           => /etc/apt/sources.list.d/thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia.sources
  +    show_diff      => True
  +    force          => False
  +    mode           => 0444
  +    order          => alpha
  +    ensure_newline => False
  +    ensure         => present
  +    notify         => Exec[apt_repository_thirdparty-haproxy32-apt.wikimedia.org-wikimedia-trixie-wikimedia]
  +    warn           => False
  +    format         => plain
  

• Apt::Pin[apt_pin_haproxy]

  Parameters differences:

  --- Apt::Pin[apt_pin_haproxy].orig
  +++ Apt::Pin[apt_pin_haproxy]
  
  +    pin      => release c=thirdparty/haproxy32
  +    ensure   => present
  +    priority => 1002
  +    notify   => Exec[apt_package_from_component_haproxy]
  +    package  => haproxy
  

Relevant files

• Production catalog
• Change catalog
• Production errors/warnings
• Change errors/warnings
• Core Diff
• Standard Diff