Affects Version/s: None
Fix Version/s: None
Template:PUP Bug Template customfield_10700 389405
Method Found:Needs Assessment
Zendesk Ticket IDs:42946
Zendesk Ticket Count:1
QA Risk Assessment:Needs Assessment
Puppet Version: 2019.8.4
Puppet Server Version: 2019.8.4
OS Name/Version: EL 7
Describe your issue in as much detail as possible…
If the v4/catalog endpoint on a compiler is used to generate a catalog for a compiler node, it returns an incorrect catalog. Specifically, the catalog will contain resources that should be confined to a primary server. This causes CD4PE's impact analysis to return false positives for compilers.
Describe steps to reproduce…
Use the API to send a catalog compilation request to the compiler for the catalog of the compiler and note that PE primary server related classes are in the returned catalog.
Running the exact same thing against the primary does not result in these extra classes being included:
The catalog generated by a compiler should be the same as a catalog compiled by a primary server.
The catalog generated by a compiler appears to include additional class data.
The key appears to be the pe_compile_master() function at https://github.com/puppetlabs/puppet-enterprise-modules/blob/main/modules/puppet_enterprise/lib/puppet/parser/functions/pe_compile_master.rb#L38. When the v4/catalog endpoint is used in this way, that function will return false even when the target is actually a compiler. This causes the extra classes to get pulled in.
The v4/catalog endpoint is used by CD4PE for impact analysis. The incorrect catalog contents being returned causes false positives to show up in reports for compilers when a compiler is used for the impact analysis workload, which is the recommended configuration.