Puppet Resource Api and attributes 'behaviour: :parameter'

Frédéric Lespez

unread,

Feb 24, 2020, 3:54:51 PM2/24/20

to Puppet Users

Hi,

I currently trying to develop a custom type with Puppet Resource API.

Using this documentation:

https://github.com/puppetlabs/puppet-specifications/blob/master/language/resource-api/README.md

I managed to develop something that works with attributes of behavior 'namevar' and 'readonly'.

I would like to create a new attributes of behavior 'parameter' to influence how the provider behaves (quoting the doc).

But I don't understand how you could use this kind of attributes in the provider.

Here is what I want to do :

My custom type manages host ssh keys : The current attributes are type (dsa, rsa, etc.), length (of the key), comment and 2 'read_only' attributes : the file path of private ssh key (/etc/ssh/ssh_host_rsa_key) and 'age' (the number of days since the creation of the key - based on the key file modification time). The 'type' and 'length' are both 'namevar'.

All of this works as expected :-)

Now i want to add an attribute 'parameter' called 'maxdays' and implement the following behavior: If read-only attribute 'age' is greater that attributes parameter 'maxdays', I want to trigger the generation of a new key.

I don't see a way in the get method to tell Puppet that since 'age' is greater that 'maxdays', it should call the set method to change the state of the system (ie. generate a new key).

Is this doable with Puppet Resource API ?

If yes, could you show me the way please ?

Thanks in advance for your help.

Regards,

Fred

David Schmitt

unread,

Feb 24, 2020, 4:18:36 PM2/24/20

to Puppet Users

Hi Fred,

I'm sorry to say that this kind of behaviour is the topic of an open feature request: https://github.com/puppetlabs/puppet-resource_api/issues/225

I've added a link to this conversation there, to record the need for this. Until this gets implemented, you can try your hand at the "nasty munging in canonicalize method" that Sean is talking about: when reading values from the system always return the age value as maxage. When processing user input (from manifests) in canonicalize, set the incoming maxage value to the value of age read from the system if it does not require an update yet. That way puppet doesn't see the mismatched values and doesn't trigger an update. Of course, this is "a bit" brittle and unintuitive, so tread with care.

The newest version (and a bit better edited, too) of the Resource API docs ist at https://puppet.com/docs/puppet/latest/custom_resources.html

Regards, David

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/87019d6c-1415-4de6-a611-2313e279b021%40googlegroups.com.

Frédéric Lespez

unread,

Feb 25, 2020, 2:07:12 AM2/25/20

to Puppet Users

Hi David,

Thanks for your quick response.

I will contribute to feature request on Github.

Regards,

Fred

Reply all

Reply to author

Forward