In outage scenarios it would be good to have some advisory locking of puppet-merges, to prevent the deployment of unrelated changes. In many industries something similar is known as "lockout-tagout".
- Implement this in the wrapper script invoked by humans, not in the Python script that runs on each host and does git operations itself
- Tagout file should only live on the 'master' puppetmaster (i.e. puppetmaster1001)
- Should be possible to override with a new --force-tagout-override flag, specifically for this purpose (don't reuse existing --yes flag)
- A new file under /var/lock seems appropriate, let's say /var/lock/disable-puppet-merge
- The contents of such should include a username and also a message, but even an empty file must prevent merges
- Likely also want scripts to create and remove a tagout condition