eyaml backend config doesn't quite work with 2015.2.3

[dogfish182]

Hi there,

I've just been setting up hiera eyaml at my site. using the following config in my site.pp

 class { 'hiera':
    hierarchy => [
      'secure',
      'node/%{::clientcert}',
      '%{environment}',
      'common',
    ],
    datadir   => '/etc/puppetlabs/code/environments/%{environment}/hieradata',
    eyaml     => true,
  }

this was basically all I did but puppet runs on my dev box started giving this

Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Evaluation Error: Error while evaluating a Function Call, Must pass hieratestsecure to Class[Helloworld] at /etc/puppetlabs/code/environments/dev/manifests/site.pp:29:3 on node testy.mctester.test
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run

which confused me a bit because running a test from the puppet master would generate

hieratestsecure environment=dev --debug
DEBUG: 2015-12-09 13:40:08 +0100: [eyaml_backend]: Hiera eYAML backend starting
DEBUG: 2015-12-09 13:40:08 +0100: Using Hiera 1.x backend API to access instance of class Hiera::Backend::Eyaml_backend. Lookup recursion will not be detected
DEBUG: 2015-12-09 13:40:08 +0100: [eyaml_backend]: Set option: datadir = /etc/puppetlabs/code/environments/dev/hieradata
DEBUG: 2015-12-09 13:40:08 +0100: [eyaml_backend]: Set option: pkcs7_private_key = /etc/puppetlabs/code/keys/private_key.pkcs7.pem
DEBUG: 2015-12-09 13:40:08 +0100: [eyaml_backend]: Set option: pkcs7_public_key = /etc/puppetlabs/code/keys/public_key.pkcs7.pem
DEBUG: 2015-12-09 13:40:08 +0100: [eyaml_backend]: Looking up helloworld::hieratestsecure in eYAML backend
DEBUG: 2015-12-09 13:40:08 +0100: [eyaml_backend]: Looking for data source secure
DEBUG: 2015-12-09 13:40:08 +0100: [eyaml_backend]: Found helloworld::hieratestsecure in secure
DEBUG: 2015-12-09 13:40:08 +0100: [eyaml_backend]: Attempting to decrypt
this is soo secure!

and resolve correctly. eventually I found that running

$ sudo /opt/puppetlabs/bin/puppetserver gem install hiera-eyaml

then restart the pe-puppetmaster and I was up and running. I'm not sure that this is an actual issue with this module but it's a very confusing problem on an almost brand new server and there seems to be some confusion surrounding it.

prior to doing the above I had 2 outputs of 'local gems'

sudo /opt/puppetlabs/puppet/bin/gem list

*** LOCAL GEMS ***
(truncated list.....
faraday_middleware-multi_json (0.0.6)
hiera-eyaml (2.0.8)
..
..
test-unit (2.1.7.0)
trollop (2.1.2)

and then

/$ sudo /opt/puppetlabs/bin/puppetserver gem list

*** LOCAL GEMS ***

jar-dependencies (0.1.13)
jruby-openssl (0.9.7 java)
json (1.8.0 java)
rake (10.1.0)
rdoc (4.1.2)

and puppetserver seems to require the gem or it doesn't work.

[ktreese]

See PR #89 and #90. This is a known issue with two different approaches to correcting the bug.

#86, which has been merged, was supposed to address this very problem as well, but didn't quite get there all the way, hence #89 and #90)

[jyaworski]

I think this can be closed now, @hunner