Puppet users - Apr 2008 - Accessing contents of a puppet:// source programmatically

Hi there,

I''m trying to implement file concatenation of remote sources with the
puppet:// protocol.

Here is the snippet of the manifest:

------------------------------------------------------------------------
    file { "/etc/apache2/htpasswd-dev":
      ensure => present,
      mode   => 644,
      owner  => root,
      group  => root,
      content => cat(''puppet:///apache/access/htpasswd_1'',
''puppet:///apache/access/htpasswd_2'')
    }
------------------------------------------------------------------------

Here is the definition of my custom cat function:

------------------------------------------------------------------------
require "caraldi/puppetutil"
module Puppet::Parser::Functions
        newfunction(:cat, :type => :rvalue) do |args|
                all_lines = ''''

                for arg in args
                        lines = PuppetUtil.get_remote_content(arg)
                        all_lines += lines
                end

                return all_lines
        end
end
------------------------------------------------------------------------

And here are the utility functions copied from Puppet source code to
fetch a remote source:

------------------------------------------------------------------------
require "puppet/type/file"
require "puppet/network/client"

module PuppetUtil
        public
        # Copied from /usr/lib/ruby/1.8/puppet/type/file/source.rb
        def PuppetUtil.get_remote_content(source)
            sourceobj, path = uri2obj(source)

            begin
                contents = sourceobj.server.retrieve(path)
            rescue => detail
                raise "Could not retrieve %s: %s" % [path, detail]
            end

            ...

        end

        # Copied from /usr/lib/ruby/1.8/puppet/type/file.rb
        def PuppetUtil.uri2obj(source)
            sourceobj = Puppet::Type::File::FileSource.new
            path = nil
            ...
        end
end
------------------------------------------------------------------------

When I run puppetd --test, I get the following error message:

err: Could not retrieve catalog: Could not read hostprivkey:
Permission denied -
/home/jbq/system/puppet/ssl/private_keys/myhost.pem at
/home/jbq/system/puppet/manifests/apache.pp:73 on node myhost

Any idea?  Any builtin way to fetch a remote source programmatically?

Thanks in advance,
-- 
Jean-Baptiste Quenot
http://caraldi.com/jbq/blog/

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users-unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Hi
> When I run puppetd --test, I get the following error message:
> 
> err: Could not retrieve catalog: Could not read hostprivkey:
> Permission denied -
> /home/jbq/system/puppet/ssl/private_keys/myhost.pem at
> /home/jbq/system/puppet/manifests/apache.pp:73 on node myhost
this sounds for me more as a permission error. maybe check the
permissions to /home/jbq/system/puppet/ssl/private_keys/myhost.pem
aswell as which user you are executing puppetd.
> Any idea?  Any builtin way to fetch a remote source programmatically?
actually I''m not quite sure your solution might work as expected. as in
my opinion the content gets evaluated on the server side. so the server
will try to fetch the content. not?

anyway maybe DavidS''-concatenated_file-define might fit your needs:
http://git.black.co.at/?p=module-common;a=summary

greets Pete


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users-unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

The permission problem is specific to my custom function.  If I
comment out the resource in the manifest, puppetd runs fine.

I also tried with the system-wide puppetd, and it does the same:

err: Could not retrieve catalog: Could not read hostprivkey:
Permission denied - /var/lib/puppet/ssl/private_keys/myhost.pem at
/var/git/system/puppet/manifests/apache.pp:73 on node myhost

Maybe I''m doing something wrong, but I can''t find an example
for achieving this.
-- 
Jean-Baptiste Quenot
http://caraldi.com/jbq/blog/

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users-unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

On Apr 9, 2008, at 3:36 AM, Peter Meier wrote:
>
> Hi
>
>> When I run puppetd --test, I get the following error message:
>>
>> err: Could not retrieve catalog: Could not read hostprivkey:
>> Permission denied -
>> /home/jbq/system/puppet/ssl/private_keys/myhost.pem at
>> /home/jbq/system/puppet/manifests/apache.pp:73 on node myhost
>
> this sounds for me more as a permission error. maybe check the
> permissions to /home/jbq/system/puppet/ssl/private_keys/myhost.pem
> aswell as which user you are executing puppetd.
>
>> Any idea?  Any builtin way to fetch a remote source programmatically?
>
> actually I''m not quite sure your solution might work as expected.
as
> in
> my opinion the content gets evaluated on the server side. so the  
> server
> will try to fetch the content. not?
You are exactly right -- all custom functions are interpreted on the  
server, so the ''cat'' function is done by the server, not
client.

That failure you''re seeing is actually a failure generated by the  
server and copied to the client, which you''d see if you looked in the  
server logs, not just the client logs.

If you want to do something on the client, your *only* option is with  
a type or provider.

-- 
I respect faith, but doubt is what gets you an education.
     -- Wilson Mizner
---------------------------------------------------------------------
Luke Kanies | http://reductivelabs.com | http://madstop.com


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users-unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---