A little while back I asked how to make puppet not report on a
resource.. and was shown the loglevel metaparam:
Quoting bellman@nsc.liu.se:
There is a metaparameter called ''loglevel''. If you set that
to something lower than "notice" (i.e. either "info" or
"debug"),
then Puppet won''t report that it applied the resource...
So I made my resource like this:
file { "/etc/mcollective/facts.yaml":
ensure => file,
content => inline_template("<%= scope.to_hash.reject { |k,v| (!(
k.is_a?(String) && v.is_a?(String) ) || (k =~ /password/i)) }.to_yaml
%>"),
noop => false,
loglevel => debug,
}
This results, indeed, in the corresponding events not appearing in the
logs received by puppetmaster (in syslog)
I then noticed that the reports, as shown by foreman, still contain
these events. It shows there there was one "applied" change, though it
does not show what resource it is.
Why is that?
someone also suggested I used an Exec resource like so:
exec { "generate_facts_yaml":
command => "/bin/false",
unless => "do the real work here",
}
Can I generate a file''s content, from an inline template, in an Exec
like above? How can I do that?
Thanks a lot.
Mohamed.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
> someone also suggested I used an Exec resource like so: > > exec { "generate_facts_yaml": > command => "/bin/false", > unless => "do the real work here", > } > > Can I generate a file''s content, from an inline template, in an Exec > like above? How can I do that?Bah, that''s an ugly hack. You might want to try: $content = inline_template(...) exec { "generate_facts_yaml": command => "/bin/false", unless => "echo ''$content'' > /path/to/file", } Note that despite never logging anything, this *will* fire on each catalog run. It''s bound to disturb whoever else needs to maintain your manifests. Don''t do it if you can avoid it in any possible way. Cheers, Felix -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Thanks Felix. I do want it to fire all the time, and I will add "noop=false" to be explicit. but it does not look safe as the $content could contain single quotes, could it not?> $content = inline_template(...) > > exec { "generate_facts_yaml": > command => "/bin/false", > unless => "echo ''$content'' > /path/to/file", > }On Thu, Mar 31, 2011 at 9:34 AM, Felix Frank <felix.frank@alumni.tu-berlin.de> wrote:>> someone also suggested I used an Exec resource like so: >> >> exec { "generate_facts_yaml": >> command => "/bin/false", >> unless => "do the real work here", >> } >> >> Can I generate a file''s content, from an inline template, in an Exec >> like above? How can I do that? > > Bah, that''s an ugly hack. > > You might want to try: > > $content = inline_template(...) > > exec { "generate_facts_yaml": > command => "/bin/false", > unless => "echo ''$content'' > /path/to/file", > } > > Note that despite never logging anything, this *will* fire on each > catalog run. It''s bound to disturb whoever else needs to maintain your > manifests. Don''t do it if you can avoid it in any possible way. > > Cheers, > Felix > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On 03/31/2011 03:42 PM, Mohamed Lrhazi wrote:> Thanks Felix. I do want it to fire all the time, and I will add > "noop=false" to be explicit. > > but it does not look safe as the $content could contain single quotes, > could it not?That''t true, and I don''t see a way that you can waterproof this construct. Sorry. Cheers, Felix -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Felix Frank wrote:> On 03/31/2011 03:42 PM, Mohamed Lrhazi wrote:>> but it does not look safe as the $content could contain single quotes, >> could it not? > > That''t true, and I don''t see a way that you can waterproof this > construct. Sorry.Then you haven''t seen the shellquote() function. It is there specifically so you can construct safe shell commands: $echocmd = shellquote(''/bin/echo'', $content) exec { "generate_facts_yaml": command => "/bin/false", unless => "$echocmd >/path/to/file"; } Note that shellquote(''/bin/echo'', $content, ''>/path/to/file''), would be wrong, since shellquote() would then quote the > character so the shell won''t interpret it as a redirection. /Bellman -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Fantastic.. did not know about that one either. Thanks. On Thu, Mar 31, 2011 at 3:42 PM, Thomas Bellman <bellman@nsc.liu.se> wrote:> Felix Frank wrote: > >> On 03/31/2011 03:42 PM, Mohamed Lrhazi wrote: > >>> but it does not look safe as the $content could contain single quotes, >>> could it not? >> >> That''t true, and I don''t see a way that you can waterproof this >> construct. Sorry. > > Then you haven''t seen the shellquote() function. It is there > specifically so you can construct safe shell commands: > > $echocmd = shellquote(''/bin/echo'', $content) > exec { > "generate_facts_yaml": > command => "/bin/false", > unless => "$echocmd >/path/to/file"; > } > > Note that shellquote(''/bin/echo'', $content, ''>/path/to/file''), > would be wrong, since shellquote() would then quote the > > character so the shell won''t interpret it as a redirection. > > > /Bellman > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.