Merge pull request puppetlabs#8948 from AriaXLi/pup-11527_puppet_look…

…up_enc

(PUP-11527) puppet lookup -E doesn't execute ENC

lib/puppet/application/lookup.rb

@@ -376,9 +376,9 @@ def generate_scope
       facts = retrieve_node_facts(node, given_facts)
       ni = Puppet::Node.indirection
       tc = ni.terminus_class
-      if options[:compile] && !Puppet.settings.set_by_cli?('environment')
+      if options[:compile]
         if tc == :plain
-          node = ni.find(node, facts: facts)
+          node = ni.find(node, facts: facts, environment: Puppet[:environment])
         else
           begin
             service = Puppet.runtime[:http]
@@ -390,11 +390,11 @@ def generate_scope
             Puppet::SSL::Oids.register_puppet_oids
             trusted = Puppet::Context::TrustedInformation.remote(true, facts.values['certname'] || node, Puppet::SSL::Certificate.from_instance(cert))
             Puppet.override(trusted_information: trusted) do
-              node = ni.find(node, facts: facts)
+              node = ni.find(node, facts: facts, environment: Puppet[:environment])
             end
           rescue
             Puppet.warning _("CA is not available, the operation will continue without using trusted facts.")
-            node = ni.find(node, facts: facts)
+            node = ni.find(node, facts: facts, environment: Puppet[:environment])
           end
         end
       else
@@ -405,7 +405,7 @@ def generate_scope
     else
       node.add_extra_facts(given_facts) if given_facts
     end
-
+    node.environment = Puppet[:environment] if Puppet.settings.set_by_cli?(:environment)
     Puppet[:code] = 'undef' unless options[:compile]
     compiler = Puppet::Parser::Compiler.new(node)
     if options[:node]

spec/integration/application/lookup_spec.rb

@@ -91,6 +91,61 @@ def expect_lookup_with_output(exitcode, out)
       expect_lookup_with_output(0, /--- value from per node data/)
     end
 
+    it "resolves hiera data using a top-level node parameter from enc" do
+      Puppet.settings[:node_terminus] = 'exec'
+      enc = tmpfile('enc.sh')
+      Puppet.settings[:external_nodes] = enc
+      File.write(File.join(env_dir, env_name, 'hiera.yaml'), <<~YAML)
+      ---
+      version: 5
+      hierarchy:
+        - name: "Node parameters"
+          data_hash: yaml_data
+          path: "%{site}.yaml"
+      YAML
+
+      File.write(File.join(env_dir, env_name, 'data', "pdx.yaml"), <<~YAML)
+      ---
+      key: value
+      YAML
+      allow(Puppet::Util::Execution).to receive(:execute).with([enc, fqdn], anything).and_return(<<~YAML)
+      parameters:
+        site: pdx
+      YAML
+      app.command_line.args << 'key' << '--compile'
+      Puppet.initialize_settings(['-E', env_name])
+      expect_lookup_with_output(0, /--- value/)
+    end
+
+    it "prefers the environment specified on the commandline over the enc environment" do
+      Puppet.settings[:node_terminus] = 'exec'
+      enc = tmpfile('enc.sh')
+      Puppet.settings[:external_nodes] = enc
+      File.write(File.join(env_dir, env_name, 'hiera.yaml'), <<~YAML)
+      ---
+      version: 5
+      hierarchy:
+        - name: "Node parameters"
+          data_hash: yaml_data
+          path: "%{site}.yaml"
+      YAML
+
+      File.write(File.join(env_dir, env_name, 'data', "pdx.yaml"), <<~YAML)
+      ---
+      key: value
+      YAML
+      allow(Puppet::Util::Execution).to receive(:execute).with([enc, fqdn], anything).and_return(<<~YAML)
+      ---
+      # return 'someother' environment because it doesn't have any hiera data
+      environment: someother
+      parameters:
+        site: pdx
+      YAML
+      app.command_line.args << 'key' << '--compile'
+      Puppet.initialize_settings(['-E', env_name])
+      expect_lookup_with_output(0, /--- value/)
+    end
+
     it 'loads trusted information from the node certificate' do
       Puppet.settings[:node_terminus] = 'exec'
       expect_any_instance_of(Puppet::Node::Exec).to receive(:find) do |args|