Puppet users - Feb 2011 - custom type with cool source parameter

I''m making a custom type under Puppet 2.6.4 to manage CA certificates
in
an NSS certificate database by running certutil. I''ve got it where when
I pass a content parameter with the whole -----BEGIN CERTIFICATE-----
ewofifewoiihefwo wfoiefwjowejwfoifj oiejfw oefwij eoijfew ofewij weo
-----END CERTIFICATE----- stuff, it will add the CA certificate. But I
don''t want to paste the certificate into the policy, I want to keep it
in a separate file, and use source =>
''puppet:///modules/pki/ca-certs/my-ca.crt'' - like the file
type does.
Try as I might, I haven''t yet been able to duplicate the magic of that
parameter in my own type.

What do I really need in order to get from
''puppet:///modules/pki/ca-certs/my-ca.crt'' to
''-----BEGIN
CERTIFICATE-----...''? Do I need cached attributes? Do I need to fetch
metadata? What''s about all these checksums?

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Hi,

you''re not required to add all content to the manifest proper.
Take note of the file() function.

http://docs.puppetlabs.com/references/stable/function.html#file

HTH,
Felix

On 02/18/2011 03:41 PM, Jennings, Jared L CTR USAF AFMC 46 SK/CCI
wrote:
> I''m making a custom type under Puppet 2.6.4 to manage CA
certificates in
> an NSS certificate database by running certutil. I''ve got it where
when
> I pass a content parameter with the whole -----BEGIN CERTIFICATE-----
> ewofifewoiihefwo wfoiefwjowejwfoifj oiejfw oefwij eoijfew ofewij weo
> -----END CERTIFICATE----- stuff, it will add the CA certificate. But I
> don''t want to paste the certificate into the policy, I want to
keep it
> in a separate file, and use source =>
> ''puppet:///modules/pki/ca-certs/my-ca.crt'' - like the
file type does.
> Try as I might, I haven''t yet been able to duplicate the magic of
that
> parameter in my own type.
> 
> What do I really need in order to get from
> ''puppet:///modules/pki/ca-certs/my-ca.crt'' to
''-----BEGIN
> CERTIFICATE-----...''? Do I need cached attributes? Do I need to
fetch
> metadata? What''s about all these checksums?
> 
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Felix, thanks for your quick reply, but I''m trying to write a new type,
not use the file type. I''ve done stuff like

file { "/etc/pam_pkcs11/cacerts/myca.crt":
    source => "puppet:///modules/pki/cacerts/myca.crt"
}

But what I want to do now is

nss_ca_cert { "myca":
    source => "puppet:///modules/pki/cacerts/myca.crt"
}

where I''ve defined the nss_ca_cert type by writing some Ruby code. The
Ruby that creates the ''source'' parameter for the
''file'' type is right in
front of me, at /usr/lib/ruby/site_ruby/1.8/puppet/type/file/source.rb,
but I don''t understand it well enough to know what I need to take from
it.
> -----Original Message-----
> From: puppet-users@googlegroups.com [mailto:puppet-
> users@googlegroups.com] On Behalf Of Felix Frank
> Sent: Friday, February 18, 2011 8:52 AM
> To: puppet-users@googlegroups.com
> Subject: Re: [Puppet Users] custom type with cool source parameter
> 
> Hi,
> 
> you''re not required to add all content to the manifest proper.
> Take note of the file() function.
> 
> http://docs.puppetlabs.com/references/stable/function.html#file
> 
> HTH,
> Felix
> 
> On 02/18/2011 03:41 PM, Jennings, Jared L CTR USAF AFMC 46 SK/CCI
> wrote:
> > I''m making a custom type under Puppet 2.6.4 to manage CA
certificates
> in
> > an NSS certificate database by running certutil. I''ve got it
where
> when
> > I pass a content parameter with the whole -----BEGIN
CERTIFICATE-----
> > ewofifewoiihefwo wfoiefwjowejwfoifj oiejfw oefwij eoijfew ofewij weo
> > -----END CERTIFICATE----- stuff, it will add the CA certificate. But
> I
> > don''t want to paste the certificate into the policy, I want
to keep
> it
> > in a separate file, and use source =>
> > ''puppet:///modules/pki/ca-certs/my-ca.crt'' - like
the file type
does.
> > Try as I might, I haven''t yet been able to duplicate the
magic of
> that
> > parameter in my own type.
> >
> > What do I really need in order to get from
> > ''puppet:///modules/pki/ca-certs/my-ca.crt'' to
''-----BEGIN
> > CERTIFICATE-----...''? Do I need cached attributes? Do I need
to
fetch
> > metadata? What''s about all these checksums?
> >
> 
> --
> You received this message because you are subscribed to the Google
> Groups "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to puppet-
> users+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

> Felix, thanks for your quick reply, but I''m trying to write a new
type,
> not use the file type.
Oops, I misread your email, Felix. But I think the file function still
isn''t what I''m after: I think I want the contents to be loaded
from a
puppet:/// url, not an absolute path, because I want the same behavior
as the file type''s source parameter where if I use puppet apply, it
looks in the module path, and if I use puppet agent, it gets it whence
it got the manifest.

(And: sorry for topquoting... magic 8 ball says, "outlook not so
good")

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

http://docs.puppetlabs.com/guides/modules.html <-- I guess you want to
define your own module.

On Fri, Feb 18, 2011 at 4:17 PM, Jennings, Jared L CTR USAF AFMC 46
SK/CCI <jared.jennings.ctr@eglin.af.mil> wrote:
> Felix, thanks for your quick reply, but I''m trying to write a new
type,
> not use the file type. I''ve done stuff like
>
> file { "/etc/pam_pkcs11/cacerts/myca.crt":
>    source => "puppet:///modules/pki/cacerts/myca.crt"
> }
>
> But what I want to do now is
>
> nss_ca_cert { "myca":
>    source => "puppet:///modules/pki/cacerts/myca.crt"
> }
>
> where I''ve defined the nss_ca_cert type by writing some Ruby code.
The
> Ruby that creates the ''source'' parameter for the
''file'' type is right in
> front of me, at /usr/lib/ruby/site_ruby/1.8/puppet/type/file/source.rb,
> but I don''t understand it well enough to know what I need to take
from
> it.
>
>> -----Original Message-----
>> From: puppet-users@googlegroups.com [mailto:puppet-
>> users@googlegroups.com] On Behalf Of Felix Frank
>> Sent: Friday, February 18, 2011 8:52 AM
>> To: puppet-users@googlegroups.com
>> Subject: Re: [Puppet Users] custom type with cool source parameter
>>
>> Hi,
>>
>> you''re not required to add all content to the manifest proper.
>> Take note of the file() function.
>>
>> http://docs.puppetlabs.com/references/stable/function.html#file
>>
>> HTH,
>> Felix
>>
>> On 02/18/2011 03:41 PM, Jennings, Jared L CTR USAF AFMC 46 SK/CCI
>> wrote:
>> > I''m making a custom type under Puppet 2.6.4 to manage CA
> certificates
>> in
>> > an NSS certificate database by running certutil. I''ve got
it where
>> when
>> > I pass a content parameter with the whole -----BEGIN
> CERTIFICATE-----
>> > ewofifewoiihefwo wfoiefwjowejwfoifj oiejfw oefwij eoijfew ofewij
weo
>> > -----END CERTIFICATE----- stuff, it will add the CA certificate.
But
>> I
>> > don''t want to paste the certificate into the policy, I
want to keep
>> it
>> > in a separate file, and use source =>
>> > ''puppet:///modules/pki/ca-certs/my-ca.crt'' -
like the file type
> does.
>> > Try as I might, I haven''t yet been able to duplicate the
magic of
>> that
>> > parameter in my own type.
>> >
>> > What do I really need in order to get from
>> > ''puppet:///modules/pki/ca-certs/my-ca.crt'' to
''-----BEGIN
>> > CERTIFICATE-----...''? Do I need cached attributes? Do I
need to
> fetch
>> > metadata? What''s about all these checksums?
>> >
>>
>> --
>> You received this message because you are subscribed to the Google
>> Groups "Puppet Users" group.
>> To post to this group, send email to puppet-users@googlegroups.com.
>> To unsubscribe from this group, send email to puppet-
>> users+unsubscribe@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>
> --
> You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
>
>
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

> http://docs.puppetlabs.com/guides/modules.html <-- I guess you want to
> define your own module.
Yup, did that already.

The answer I was looking for is this.

Given: we want a custom type my_cool_type such that we can write

my_cool_type { "bla":
    justsometext => "hi mom",
    source => "puppet:///modules/six/file.txt",
}

To make a source parameter in this custom type which will fetch the
given content, do something like so:

Puppet::Type.newtype(:my_cool_type) do
    ensurable do
        defaultvalues
        defaultto :present
    end

    newparam(:justsometext) do
        desc "A string of your choosing."
    end

    newparam(:source) do

[Now copy the validate, munge, cached_attr(:content), and
cached_attr(:metadata) from puppet/type/file/source.rb in here.]

    end
end

In the provider, it''s usual to get at the parameter values like
@resource[:paramname]. This will get us the value of the justsometext
parameter:

Puppet::Type.type(:my_cool_type).provide :strange_magic do
    def create
        self.debug "The string of the admin''s choosing was
#{@resource[:justsometext]}."

    end
end

But @resource[:source] is just the puppet:/// url. It''s supposed to
have
this content method; how do we call that? Answer: @resource[:source] is
a shortcut for @resource.parameter(:source).value.
@resource.parameter(:source) gets the parameter object, upon which we
can call the content method.

    def create
        self.debug "The contents of file.txt are
#{@resource.parameter(:source).content}"
    end

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.