I'd like to create a file, use it in a number of other puppetted processes, then clean it up.I can create it:file { 'bash-agent-key' :path => "/home/${user}/.bash_keyautoload.tmp",content => template('ssh_agent_add/bash_keyautoload.erb'),mode => 0700,owner => $user,group => $user,}but when I try to delete it with either:file { 'bash-agent-key' :ensure => absent,}orfile { 'bash-agent-key-delete' :path => "/home/${user}/.bash_keyautoload.tmp",ensure => absent,}I get an error message:Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Duplicate declaration: File[bash-agent-key] is already declared in file /etc/puppet/modules/ssh_agent_add/manifests/init.pp at line 47; cannot redeclare on nodeorError: Failed to apply catalog: Cannot alias File[bash-agent-key-delete] to ["/home/lightenn/.bash_keyautoload.tmp"] at /etc/puppet/modules/ssh_agent_add/manifests/init.pp:73; resource ["File", "/home/lightenn/.bash_keyautoload.tmp"] already declared at /etc/puppet/modules/ssh_agent_add/manifests/init.pp:47Any guidance much appreciated.
Could you give some more info on what you're trying to accomplish with this? That way we might offer some ideas to help.
exec{'first':
command => 'cd /tmp && wget mykey',
creates => '/tmp/mykey',
}
exec{'second':
command => 'echo "" > /tmp/mykey | tee -a /tmp/mykey2',
creates => '/tmp/mykey2',
}
Hi Jakov,On 21 November 2012 02:03, Jakov Sosic wrote:exec{'first':
command => 'cd /tmp && wget mykey',
creates => '/tmp/mykey',
}
exec{'second':
command => 'echo "" > /tmp/mykey | tee -a /tmp/mykey2',
creates => '/tmp/mykey2',
}...a really beautiful ugly hack. I appreciate the input because it sounds like I'm not missing anything really obvious. When coding in a new (declarative) language, I'm always mindful that I could be thinking about the problem incorrectly. I'm surprised in this case that more puppeteers haven't had the same problem. Perhaps I should be writing some kind of secure ssh-agent based key management plugin for Puppet?
Also John, thanks for the suggestion. Sending a plaintext password to the git clone call is an option, but I've got several git and several SVN repos, all connecting over SSH so the agent-play made more sense to me.