[augeas-devel] Managing a file as a whole with puppet and augeas

Tue Jul 28 13:06:45 UTC 2015

I started a proof-of-concept implementation as
https://github.com/raphink/puppet-augeas_file

Feedback welcome!

Raphaël

On Thu, Jul 23, 2015 at 11:47 AM, Raphaël Pinson <
raphael.pinson at camptocamp.com> wrote:

>
>
> On Fri, Jun 26, 2015 at 5:00 PM, Dominic Cleal <dcleal at redhat.com> wrote:
>
>> On 26/06/15 15:38, Mickaël Canévet wrote:
>> > Hello,
>> >
>> > I'd like to be able to manage a file as a whole with puppet and augeas.
>> > The typical use case is to take a sample file, or a systemd service
>> > file, provided by a package as source and apply some augeas translations
>> > on it, then write to a destination file.
>> >
>> > I could use:
>> >
>> > file { '/etc/foo/foo.conf':
>> >   ensure => file,
>> >   source => 'file:///usr/share/doc/foo/example/foo.conf',
>> >   replace => false,
>> > }
>> > augeas { 'bar':
>> >   context => '/files/etc/foo/foo.conf',
>> >   changes => [ ... ],
>> > }
>> >
>> > But I don't like it because:
>> > - If the sample file is updated (because of security reason for
>> > example), my configuration file will not be updated,
>> > - The configuration file is not managed as whole, and thus can be
>> > manually corrupted.
>>
>> Do you remember this function?
>>
>>
>> https://github.com/camptocamp/puppet-augeas/blob/master/lib/puppet/parser/functions/augeas.rb
>>
>> It was written with the same ideas in mind - that you'd have some stock
>> file, probably inside the module, copied from /usr/share/doc which would
>> be transformed on the master by Augeas and put into the catalog.  That
>> has the same disadvantage as the first, the file needs to be copied from
>> the master.
>>
>>
>
> We did consider this function, for sure. However, it requires to store the
> file on the master side. The idea Mickaël and I have would be to use a
> template on the agent, not on the master.
>
> This might be doable using aug_text_store and aug_text_retrieve, by:
>
> * Shortcut: copying the file if target does not exist yet
> * Reading the template file
> * Inserting the template content into the tree with aug_text_store
> * Applying changes to the tree
> * Moving the resulting tree to the target file tree
> * Saving
>
>
> The problem is how to modelize that with resources? Obviously, the
> template parameter does not really go well with the augeas resource type or
> augeasproviders, as it would allow to specify a different template for
> entries in the same target…
>
> One possibility we considered would be to add augeas transforms to the
> file resource type. Theses transforms would be applied to the resulting
> content of the file resource (whether using source or content), using
> aug_text_store/aug_text_retrieve.
>
> Arguably, this could be done with two resources:
>
> file { 'foo': replace => false } -> augeas { 'transform foo': }
>
> The problem with that is that when the template changes, the file is not
> refreshed. And if we don't use replace => false, then it won't be
> idempotent…
>
>
> Any thoughts on that?
>
>
>
> --
> Raphaël Pinson
> Infrastructure Developer & Training Leader
> +33 458 482 013
>
> Camptocamp France
> Savoie Technolac
> BP 352
> 48, avenue du Lac du Bourget
> 73372 Le Bourget du Lac, Cedex
> www.camptocamp.com
>

-- 
Raphaël Pinson
Infrastructure Developer & Training Leader
+33 458 482 013

Camptocamp France
Savoie Technolac
BP 352
48, avenue du Lac du Bourget
73372 Le Bourget du Lac, Cedex
www.camptocamp.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/augeas-devel/attachments/20150728/5d56b8e3/attachment.htm>