[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[augeas-devel] Managing a file as a whole with puppet and augeas



Hello,

I'd like to be able to manage a file as a whole with puppet and augeas. The typical use case is to take a sample file, or a systemd service file, provided by a package as source and apply some augeas translations on it, then write to a destination file.

I could use:

file { '/etc/foo/foo.conf':
  ensure => file,
  source => 'file:///usr/share/doc/foo/example/foo.conf',
  replace => false,
}
augeas { 'bar':
  context => '/files/etc/foo/foo.conf',
  changes => [ ... ],
}

But I don't like it because:
- If the sample file is updated (because of security reason for example), my configuration file will not be updated,
- The configuration file is not managed as whole, and thus can be manually corrupted.

I'd like to have either something like an Augeas_builder resource that takes the source and apply any augeas transformation on it:

file { '/etc/foo/foo.conf':
  ensure => file,
}
augeas_builder { '/etc/foo/foo.conf':
  source => 'file:///usr/share/doc/foo/example/foo.conf',
}
augeas { 'bar':
  context => '/files/etc/foo/foo.conf',
  changes => [ ... ],
}

Or even a new provider for File resource that would take the source and apply any augeas transformation on it and compares with the destination file:

file { '/etc/foo/foo.conf':
  ensure => file,
  source => 'file:///usr/share/doc/foo/example/foo.conf',
  provider => 'augeas',
}
augeas { 'bar':
  context => '/files/etc/foo/foo.conf',
  changes => [ ... ],
}

I see lots of advantages over concat:
- You don't have to manage the whole file, just have to code the transformations you want to apply on the source file,
- A run with --noop should show a diff of the whole file, not just the diff of a fragment and yield about failing dependencies.

I'd like to have your opinion on:
- is is feasible?
- would this be useful?
- how to do it properly?
- how to deal with all augeas transformation? (Augeas resources, augeas providers...)
- should I create a new Augeas_builder type or a new augeas provider for File resource?
- anything else

I already discussed that with Raphaël IRL, but I'd also like to have Dominic's and/or lutter's advice (or anyone else).

Regards,
Mickaël

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]