Jira (PUP-2811) Provide method for class masquerading

[Henrik Lindberg (JIRA)]

Henrik Lindberg updated an issue

Puppet / PUP-2811 Provide method for class masquerading Change By: Henrik Lindberg Scrum Team: Language Add Comment

This message was sent by Atlassian JIRA (v6.3.10#6340-sha1:7ea293a)

[Henrik Lindberg (JIRA)]

Henrik Lindberg assigned an issue to Unassigned

Puppet / PUP-2811 Provide method for class masquerading

Change By: Henrik Lindberg Assignee: Andy Parker

Add Comment

[Henrik Lindberg (JIRA)]

Henrik Lindberg commented on PUP-2811

Re: Provide method for class masquerading A lot of things have happened since this ticket was last discussed. Puppet now has a type system, and from Puppet 4.4.0 it is possible to define type aliases. This provides a mechanism by which it is possible to include the alias instead of the actual class (except from one thing which I will come back to). type Auth = Class['sssd'] Unfortunately, this does not work since the include function is a 3.x function and it does not understand what a "data type" is. By changing the include function to be a 4.x function and giving it the ability to resolve type aliases (to discover the actual class it is an alias for we would achieve a simple indirection. Since types are autoloaded and they can be defined at the environment level, adding the alias to <envroot>/types/auto.pp makes it possible to define what Auth means in that environment. (Alternatively, the type alias can be placed in site.pp). Does that sound like a solution to this issue? (If so, all we need to do is to refactor the include (and related) functions.

Add Comment

This message was sent by Atlassian JIRA (v6.4.12#64027-sha1:e3691cc)

[Henrik Lindberg (JIRA)]

Henrik Lindberg updated an issue

Puppet / PUP-2811

Provide method for class masquerading

Change By: Henrik Lindberg Team: Puppet Developer Support

Add Comment

This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe)

[Branan Riley (JIRA)]

Branan Riley updated an issue

Puppet / PUP-2811 Provide method for class masquerading

Change By: Branan Riley Team: Puppet Developer Experience Agent

Add Comment

[Branan Riley (JIRA)]

Branan Riley updated an issue

Puppet / PUP-2811 Provide method for class masquerading

Change By: Branan Riley Labels: triaged

Add Comment

[Moses Mendoza (JIRA)]

Moses Mendoza updated an issue

Puppet / PUP-2811 Provide method for class masquerading

Change By: Moses Mendoza Labels: triaged

Add Comment

[Josh Cooper (Jira)]

Josh Cooper updated an issue

Puppet / PUP-2811 Provide method for class masquerading

Change By: Josh Cooper this stems from a discussion on puppet-dev. this is an attempt at putting on the radar. {code:puppet} # ~/modules/sssd/manifests/init.pp class sssd as auth { {   # do something to install/setup/etc sssd } {code } {code:puppet} # ~/modules/nslcd/manifests/init.pp class nslcd as auth { {   # do something to install/setup/etc nslcd } {code } {code:puppet} # ~/modules/ssh_authz/manifests/init.pp class ssh_authz { {   require auth   # setup something with ssh that requires groups from sssd or nslcd } {code } {code:puppet} node nodeA { {   # include both class. because of the masquerading, nslcd is viewed as "auth", and dependencies are established properly.   include ssh_authz   include nslcd } node nodeB { {   # same for this.   include sssd   include ssh_authz } node nodeC { {   # this fails with duplicate resources, as both class show up as "auth"   # hopefully, the message is clear enough that it can be clear which   # modules provide auth, and conflict with each other   include sssd   include nslcd } {code } With something like that (and maybe the node definition comes from an ENC, where the order is hard to enforce, and puppet shouldn't care), we don't have to have weird dependency on class definition/order and no "if (defined(Class['nslcd']))" type construct to make all this works. in the case where one would include ssh_authz but not one of sssd/nslcd, then the dependency is broken. if one includes both nslcd and sssd, then when ssh_authz is processed, it fails (duplicate class "authz" provided by sssd and nslcd -- – or maybe that's OK, or maybe that's configurable). if sssd XOR nslcd is included, the dependencies are valid, and everything proceeds as needed. this could be an interesting construct to have within modules (other places where this could work is with databases with mysql/postgres, and some "interface" to create tables/creds/schema that are common to each module, without resorting to weird variable as classes type of hacks that are hard to read. (maybe this example is not quite right). all this is based on Debian package dependency. software A needs an MTA, but the MTA can be provided by more than one package. SoftwareA doesn't care if i have postfix, sendmail or exim. it just needs to know it can use the "sendmail" command to send mail, and/or connect to port 25 to send mail.

Add Comment

This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935)

[Josh Cooper (Jira)]

Josh Cooper commented on PUP-2811

Re: Provide method for class masquerading A 4x version of the include function was added, but the statement type Auth = Class['sssd'] causes an entity redefinition error on the server: # cat ~/.puppetlabs/etc/code/environments/production/manifests/site.pp include sssd

type Auth = Class['sssd']

# cat ~/.puppetlabs/etc/code/environments/production/modules/sssd/manifests/init.pp class sssd {} 020-03-31 22:38:55,576 ERROR [qtp2029100676-94] [puppetserver] Puppet Server Error: Evaluation Error: Error while evaluating a Function Call, Attempt to redefine entity 'http://puppet.com/2016.1/runtime/type/auth'. Originally set at file:///Users/josh/.puppetlabs/etc/code/environments/production/manifests/site.pp?line=2&pos=6. (file: /Users/josh/.puppetlabs/etc/code/environments/production/manifests/site.pp, line: 1, column: 1) on node node_a /Users/josh/work/puppet/lib/puppet/pops/loader/base_loader.rb:125:in `fail_redefine' /Users/josh/work/puppet/lib/puppet/pops/loader/base_loader.rb:82:in `set_entry' /Users/josh/work/puppet/lib/puppet/pops/loader/type_definition_instantiator.rb:51:in `create_from_model' /Users/josh/work/puppet/lib/puppet/pops/loaders.rb:345:in `instantiate_TypeAlias' /Users/josh/work/puppet/lib/puppet/pops/loaders.rb:320:in `instantiate_definition' /Users/josh/work/puppet/lib/puppet/parser/ast/pops_bridge.rb:109:in `block in instantiate' org/jruby/RubyArray.java:2584:in `map' /Users/josh/work/puppet/lib/puppet/parser/ast/pops_bridge.rb:93:in `instantiate' /Users/josh/work/puppet/lib/puppet/parser/ast/hostclass.rb:17:in `block in instantiate' /Users/josh/work/puppet/lib/puppet/parser/ast/pops_bridge.rb:126:in `each' /Users/josh/work/puppet/lib/puppet/parser/ast/hostclass.rb:15:in `instantiate' /Users/josh/work/puppet/lib/puppet/resource/type_collection.rb:39:in `import_ast' /Users/josh/work/puppet/lib/puppet/parser/type_loader.rb:131:in `block in load_files' org/jruby/RubyArray.java:2579:in `collect' /Users/josh/work/puppet/lib/puppet/parser/type_loader.rb:130:in `load_files' /Users/josh/work/puppet/lib/puppet/parser/type_loader.rb:98:in `import_from_modules' /Users/josh/work/puppet/lib/puppet/parser/type_loader.rb:68:in `block in try_load_fqname' org/jruby/RubyArray.java:1800:in `each' /Users/josh/work/puppet/lib/puppet/parser/type_loader.rb:66:in `try_load_fqname' /Users/josh/work/puppet/lib/puppet/resource/type_collection.rb:245:in `block in find_or_load' /Users/josh/work/puppet/lib/puppet/concurrent/lock.rb:10:in `synchronize' /Users/josh/work/puppet/lib/puppet/resource/type_collection.rb:230:in `find_or_load' /Users/josh/work/puppet/lib/puppet/resource/type_collection.rb:185:in `find_hostclass' /Users/josh/work/puppet/lib/puppet/parser/compiler.rb:373:in `block in evaluate_classes' org/jruby/RubyArray.java:2579:in `collect' /Users/josh/work/puppet/lib/puppet/parser/compiler.rb:372:in `evaluate_classes' /Users/josh/work/puppet/lib/puppet/functions/include.rb:48:in `include' /Users/josh/work/puppet/lib/puppet/pops/functions/dispatch.rb:60:in `invoke' /Users/josh/work/puppet/lib/puppet/pops/functions/dispatcher.rb:43:in `block in dispatch' org/jruby/RubyKernel.java:1193:in `catch' /Users/josh/work/puppet/lib/puppet/pops/functions/dispatcher.rb:42:in `dispatch' /Users/josh/work/puppet/lib/puppet/pops/functions/function.rb:46:in `block in call' org/jruby/RubyKernel.java:1193:in `catch' /Users/josh/work/puppet/lib/puppet/pops/functions/function.rb:45:in `call' /Users/josh/work/puppet/lib/puppet/pops/puppet_stack.rb:42:in `stack' /Users/josh/work/puppet/lib/puppet/pops/evaluator/runtime3_support.rb:305:in `block in call_function' /Users/josh/work/puppet/lib/puppet/util/profiler/around_profiler.rb:58:in `profile' /Users/josh/work/puppet/lib/puppet/util/profiler.rb:51:in `profile' /Users/josh/work/puppet/lib/puppet/pops/evaluator/runtime3_support.rb:303:in `call_function' /Users/josh/work/puppet/lib/puppet/pops/evaluator/evaluator_impl.rb:976:in `call_function_with_block' /Users/josh/work/puppet/lib/puppet/pops/evaluator/evaluator_impl.rb:945:in `eval_CallNamedFunctionExpression' /Users/josh/work/puppet/lib/puppet/pops/visitor.rb:94:in `visit_this_1' /Users/josh/work/puppet/lib/puppet/pops/evaluator/evaluator_impl.rb:81:in `evaluate' /Users/josh/work/puppet/lib/puppet/pops/evaluator/evaluator_impl.rb:660:in `block in eval_BlockExpression' org/jruby/RubyArray.java:1800:in `each' org/jruby/RubyEnumerable.java:1093:in `inject' /Users/josh/work/puppet/lib/puppet/pops/evaluator/evaluator_impl.rb:660:in `eval_BlockExpression' /Users/josh/work/puppet/lib/puppet/pops/visitor.rb:94:in `visit_this_1' /Users/josh/work/puppet/lib/puppet/pops/evaluator/evaluator_impl.rb:81:in `evaluate' /Users/josh/work/puppet/lib/puppet/pops/puppet_stack.rb:42:in `stack' /Users/josh/work/puppet/lib/puppet/pops/evaluator/evaluator_impl.rb:737:in `eval_Program'

Add Comment