On Wednesday, November 6, 2013 12:49:27 PM UTC-6, David Gordon wrote:
>
> Hi All,
>
> I'm looking at integrating our Puppet 2.7.21 setup with an internal change
> management system. Essentially I need the master to check there is an open
> change window for a given node, and fail the run if not.
>
> I don't want to have to have a custom configuration on all the nodes (and
> this probably wouldn't be secure anyway), so plugging this check in during
> the ENC stage seemed to make sense to me.
>
> I'd like to be able to fail the run with a message back to the agent e.g.
> 'no valid change window open'. The problem is, as far as I can see, it is
> not possible to propagate any custom errors back to the master. It looks
> like the only error is e.g. 'could not find node xxx' or similar. Even
> replacing the terminus with a custom one doesn't appear to help as this
> cover-all error looks to be generated in the catalogue compiler.
>
> Does this sound right? Anyone got an ideas if it would be possible to fail
> runs with a custom error from within the puppet master? Failing from
> within the manifests themselves wouldn't be an option as they are under the
> control of the users, and so the check could be circumvented.
>
>
Do you need a bona fide error to be generated, or would it be sufficient to
deliver a catalog containing only a notification message? For example,
given the following class available on your master,
class site::no_window {
notify { 'no valid change window open': }
}
, if the ENC determines that it is outside any change window for the target
node then its output can be simply
classes:
- site::no_window
. Supposing that you have neither any global declarations nor a node block
for the target node, that will result in no changes to the target, except
possibly Puppet plugin synchronization. The notify message will appear in
Puppet's output.
John
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/d09362d2-088f-4bdf-856d-96433fab3a9d%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
