Is there a way to exec something on purge?
On Feb 7, 2007, at 4:46 PM, Digant C Kasundra wrote:> Is there a way to exec something on purge?Hmm. Well, you could subscribe to the purge statement; that should work, but I don''t think there''s any way to subscribe to individual resources being purged, and that''d be about the only way to do it. -- The world tolerates conceit from those who are successful, but not from anybody else. -- John Blake --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com
--On Thursday, February 08, 2007 12:00 AM -0600 Luke Kanies <luke@madstop.com> wrote:> On Feb 7, 2007, at 4:46 PM, Digant C Kasundra wrote: > >> Is there a way to exec something on purge? > > Hmm. Well, you could subscribe to the purge statement; that should > work, but I don''t think there''s any way to subscribe to individual > resources being purged, and that''d be about the only way to do it.What does the syntax for that look like?
On Feb 8, 2007, at 12:57 AM, Digant C Kasundra wrote:> > What does the syntax for that look like?Hmm. I just looked at the code, and it looks like I was wrong, both in a good way and a bad way. You *can* have relationships with resources being purged: resources { user: purge => true } exec { "rm -rf /home/johnny": subscribe => User[johnny] } However, this will only work when the purge actually happens; the rest of the time an error will get thrown because the user will not get created. Basically, you can create relationships to resources that are generated during the purging process, but the resources will generally not be present (because they''ve normally already been purged) so you''ll get an error. Right now, relationship errors cause the whole configuration to fail, which means that sometimes you''ll successfully have relationships, and most times you''ll just fail. You can test whether resources exist during the compile phase, but not during the configuration instantiation phase, which means that this is currently basically irresolvable. It''s probably a bug that failed relationships cause the whole configuration to fail -- at worst, it should just skip any resources with failed resources -- but I''d still expect to throw a warning. What kind of behaviour would people expect from resources that have relationships to resources that almost never exist? I clearly designed Puppet to consider this a failure, but I''m quite willing to change that to a better behaviour if someone can come up with one. -- Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it. -- (attributed to) Brian W. Kernighan (unconfirmed) --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com
--On Thursday, February 08, 2007 1:24 AM -0600 Luke Kanies <luke@madstop.com> wrote:> resources { user: purge => true } > exec { "rm -rf /home/johnny": subscribe => User[johnny] } > > However, this will only work when the purge actually happens; the > rest of the time an error will get thrown because the user will not > get created.So in this situation, "rm -rf /home/johnny" will be executed when User[johnny] is purged, but doesn''t it also execute when User[johnny] is added? I''m not sure I understand what this bit is actually doing. Anyway, this sort of implies that I''m anticipating what is going to be purged. But my situation is a bit different. I have a directory where I want to make sure only files I expect are in there, and right now, when a file gets added, I call a script that combines all those files into an iptables config. But when purging finds a file that shouldn''t exist and removes it, I want that script exec''ed as well. I just found that the following *does* work: exec { "rebuild_iptables": command => "/usr/sbin/rebuild-iptables", refreshonly => true, } file { "/etc/iptables.d": ensure => directory, purge => true, recurse => true, notify => Exec["rebuild_iptables"], }
On Feb 8, 2007, at 3:36 AM, Digant C Kasundra wrote:> > > So in this situation, "rm -rf /home/johnny" will be executed when > User[johnny] is purged, but doesn''t it also execute when User > [johnny] is > added? I''m not sure I understand what this bit is actually doing.Yes, that is true. We''ve begun talking about how to do more interesting things, like define what happens when resources change states from absent to present or vice-versa, but we''re only in the discussion phage.> Anyway, this sort of implies that I''m anticipating what is going to be > purged. But my situation is a bit different. I have a directory > where I > want to make sure only files I expect are in there, and right now, > when a > file gets added, I call a script that combines all those files into an > iptables config. But when purging finds a file that shouldn''t > exist and > removes it, I want that script exec''ed as well. I just found that the > following *does* work: > > exec { "rebuild_iptables": > command => "/usr/sbin/rebuild-iptables", > refreshonly => true, > } > > file { "/etc/iptables.d": > ensure => directory, > purge => true, > recurse => true, > notify => Exec["rebuild_iptables"], > }*whew* Yeah, if you''re working in files, you''re in much better shape; glad to hear you got it figured out. -- The time to repair the roof is when the sun is shining. -- John F. Kennedy --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com