[Puppet Users] hiera_array, structured data and multiple levels of hierarchy

David Patterson Tue, 15 Oct 2013 09:54:31 -0700

Hi all!  

I'm trying to setup a puppet module for sudo that will write multiple files 
with separate data for each file, all dependent on the hiera hierarchy. 
 Here's the relevant portion of my hiera.yaml:


> :hierarchy:
>
>   - "datacenter/app/role/node/%{::clientcert}"
>
>   - "datacenter/app/role/%{::server_role}"
>
>   - "datacenter/app/%{::app_name}"
>
>   - "datacenter/%{::datacenter}"
>
>   - common
>
>
Basically, a node can have different files in /etc/sudoers.d/ depending on 
the structure above.  I want each sudoers definition to be in it's own file 
in /etc/sudoers.d/.

Here's how I have my data files laid out (yaml):

common.yaml:

> sudoers:
>
>   - filename: app1_sudo
>
>   - contents: |
>
>                 %wheel   ALL=(ALL)   ALL
>
>   - filename: app2_sudo
>
>   - contents: |
>
>                 %app2     ALL=(ALL)       ALL
>
>                 %app3     ALL=(ALL)       ALL
>
>
>
datacenter/datacenter.yaml:

> sudoers:

  - filename: datacenter1_sudo 

  - contents: |

                %datacenter1   ALL=(ALL)   ALL

  - filename: datacenter2_sudo

  - contents: |

                %datacenter2     ALL=(ALL)       ALL

                %datacenter3     ALL=(ALL)       ALL


 This is the closest I've been able to get, however, notice I'm not using 
'hiera_array', thus, only 1 level of hierarchy is written.

class sudo_crap {

  # Errors with:

  # Error: Could not run: Hiera type mismatch: expected Array and got Hash

  #create_resources(sudo_crap::sudo_configs, hiera_debug_array('sudoers'))


>   # works for only one level of hierarchy

  create_resources(sudo_crap::sudo_configs, hiera_debug('sudoers'))


>   # Errors with:

  # Error: Could not run: Hiera type mismatch: expected Array and got Hash

  #create_resources(sudo_crap::sudo_configs, 
> flatten(hiera_debug_array('sudoers')))

}


> define sudo_crap::sudo_configs($filename, $contents) {

  file {"/tmp/etc/sudoers.d/$filename":

    owner => root,

    group => root,

    mode  => 644,

    content => $contents,

  }

}

include sudo_crap

 


Any ideas what I'm doing wrong and how I can solve this?  Hopefully with 
some code examples :)  I've been banging my head on this for the better 
part of 2 weeks :)

Thanks!
David

 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] hiera_array, structured data and multiple levels of hierarchy

Reply via email to