Issue #5154 has been updated by Joe McDonagh. Status changed from Unreviewed to Rejected
---------------------------------------- Bug #5154: Resources contained inside virtual definitions cause resource conflicts when they shouldn't https://projects.puppetlabs.com/issues/5154 Author: Joe McDonagh Status: Rejected Priority: Normal Assignee: Category: Target version: Affected Puppet version: Keywords: Branch: Consider the following class with a couple defines: <pre> import '*' class accounts { include users, groups define admin ( $cell_number, $cell_provider, $comment = "User", $ensure_d = "present", $gid, $sshpubkey, $sshpubkey_comment, $uid ) { $ensure = extlookup("user_${name}", "$ensure_d") $username = $name file { "/home/$username/.bashrc": group => "$username", mode => "640", owner => "$username", path => $kernel ? { Linux => "/home/$username/.bashrc", OpenBSD => "/home/$username/.profile" }, require => User["$username"], source => "puppet://$server/modules/accounts/$username.bashrc"; [ "/home/$username/working", "/home/$username/scratch", "/home/$username/img", "/home/$username/rrd" ]: ensure => "directory", group => "$username", mode => "640", owner => "$username", require => User["$username"]; "/home/${username}/.forward": content => "${sshpubkey_comment}", group => "$username", owner => "$username", require => User["$username"]; } group { "$username": ensure => "$ensure", gid => "$gid", } @nagios_contact { "$sshpubkey_comment": alias => "$comment", contact_name => "$username", email => "${cell_numb...@${cell_provider}", host_notification_commands => "notify-host-by-email", host_notification_options => "a,d,r", host_notification_period => "24x7", notify => Exec["fix_nagios_perms"], require => File["${nagios_cfg_dir}/contacts"], service_notification_commands => "notify-service-by-email", service_notification_options => "a,c,r", service_notification_period => "24x7", tag => "nagios", target => "${nagios_cfg_dir}/contacts/${username}.cfg", } ssh_authorized_key { "${sshpubkey_comment}": ensure => "$ensure", key => "$sshpubkey", require => User["$username"], target => "/home/${username}/.ssh/authorized_keys2", type => "rsa", user => "$username"; } if ($hostname == "builder") or ($hostname == "rackam") or ($hostname == "thordur") { ssh_authorized_key { "${sshpubkey_comment}_bootstrap": ensure => "$ensure", key => "$sshpubkey", target => $kernel ? { Linux => "/var/www/authorized_keys", OpenBSD => "/home/ftp/authorized_keys" }, type => "rsa", } } user { "$username": comment => "$comment", ensure => "$ensure", gid => "$gid", groups => "$admin_group", home => "/home/$username", managehome => "true", password => "*", require => [ Group["$username"], Group["$admin_group"] ], shell => $kernel ? { Linux => "/bin/bash", OpenBSD => "/usr/local/bin/bash" }, uid => "$uid", } } define ssh_user ( $comment = "User", $ensure_d = "present", $gid, $groups = "ssh_users", $shell = "T_DEFAULT", $sshpubkey, $sshpubkey_comment, $sshpubkey_options = "T_DEFAULT", $uid ) { $ensure = extlookup("user_${name}", "$ensure_d") $real_shell = $shell ? { T_DEFAULT => $kernel ? { Linux => "/bin/bash", OpenBSD => "/usr/local/bin/bash" }, default => $shell } $username = $name group { "$username": ensure => "$ensure", gid => "$gid", } ssh_authorized_key { "${sshpubkey_comment}": ensure => "$ensure", key => "$sshpubkey", options => $sshpubkey_options ? { T_DEFAULT => undef, default => [ $sshpubkey_options ] }, require => User["$username"], target => "/home/${username}/.ssh/authorized_keys2", type => "rsa", user => "$username", } user { "$username": ensure => "$ensure", uid => "$uid", gid => "$gid", comment => "$comment", home => "/home/$username", shell => "$real_shell", groups => [ $groups ], password => "*", managehome => "true", require => [ Group["$username"], Group["ssh_users"] ] } } } </pre> Now consider the following code that uses these definitions: <pre> class accounts::users { Accounts::Admin { require => Package["bash"] } Accounts::Ssh_user { require => Package["bash"] } @admin { "jmcdonagh": cell_number => "6175555555", cell_provider => "vtext.com", comment => "Joe McDonagh", gid => "1342", sshpubkey => 'AAAA...', sshpubkey_comment => '[email protected]', uid => "10000"; } @ssh_user { "jmcdonagh": yaddayadda } </pre> I think you get the picture. Now if I realize only one of these resources, I still get resource conflicts for things like Group["jmcdonagh"], etc. IMO this is wrong; the 'virtual' property of the definition should propagate to all contained resources. Right now I am going to have to add a bunch of silly workarounds. Is there a good technical reason why this is happening? -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
