Dears all,
Thanks nan your your suggestion, I took it (again) in account trying
to do something better. Thanks john for your puppet's lesson. I'd
never been worked with declarative system, noticeably it's demand a
different way of think than in typical imperative system.
I have done a new version having :
1) Custom function having input groups membership for all users
comming from ENC. Return an array having unique items (groups). I
prefer this instead of modify ENC for explicitness reason of input
json.
2) New defined type (main_groups) to ensuring group existence. I
discard 'defined' function like john suggest me. I suggest to
PuppetLabs team write a caution or warning about defined function at
documents.
3) New defined type (dep_groups) just like nan suggested to me, which
it's to ensuring dependencies.
Testing are good and i hope this approach can be less hurtful for
puppet design and obviously for my good health.
I appreciate all your help
Best Regards,
eduardo.
PD : The following are details of this approach .
-------------
class updssh( $users ) {
$all_groups = inline_template(
"<% users.each do |usr| -%><% usr.each do |k,v| -%><%= usr[k]
['groups'] %>;<% end -%><% end -%>")
# Custom function groups_uniq take all groups field values having
user's membership
# Return array having unique items(groups)
$groups_uniq = groups_uniq($all_groups)
# Ensuring group existence for membership of users
main_groups { $groups_uniq: }
....
# guarantee main groups existence for user's membership
define main_groups {
$group = $title
group { $group:
ensure => present
}
}
-------------
define updssh::add_user ( $email , $groups ) {
$username = $title
$usr_grp = inline_template(
"<% groups.each do |grp| -%><%= username %>_<%= grp %>,<
% end -%>
")
$usr_groups = split($usr_grp, ',')
dep_groups { $usr_groups: }
...
}
# Ensuring dependencies
define dep_groups {
$arr = split($title, '_')
$username = $arr[0]
$group = $arr[1]
notify {"Ensuring dependencies ${title}": }
Group[$group] -> User[$username]
}
-------------
On 7 jul, 11:19, Stefan Schulte <[email protected]>
wrote:
> On Mon, Jul 02, 2012 at 12:20:40PM -0500, Tim Mooney wrote:
> > > How to ensure groups dependencies at user creation ?.
>
> > If you were just talking about the user's default group, then it would
> > be one of the few cases where puppet establishes an ordering relation
> > for you automatically. In other words:
>
> > user { 'foo':
> > gid => 'bar',
> > }
>
> > automatically ensures that group 'bar' is present before user 'foo'.
>
> > I don't know if that same thing is true for supplemental groups
>
> It is also true for supplemental groups. You can see puppet creates the
> relationship when you run puppet agent / puppet apply in debug mode.
>
> So when I run
>
> # puppet apply -vd --noop << EOF
> group { ['foo', 'bar']:ensure => present }
> user { 'bob': groups => [ 'foo', 'bar' ], ensure => present }
> EOF
>
> I get
>
> debug: /Stage[main]//User[bob]: Autorequiring Group[bar]
> debug: /Stage[main]//User[bob]: Autorequiring Group[foo]
>
> -Stefan
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
