(CAT-761) Add custom_generate as a feature #316
Conversation
david22swan
force-pushed
the
CONT-761/main/custom_generate
branch
from
f9847cc
to
4e5ead5
Compare
david22swan
changed the title
| # Ensure that a custom `generate` method has been created within the provider | ||
| raise(Puppet::DevError, 'No generate method found within the types provider') unless my_provider.respond_to?(:generate) | ||
| # Call the providers custom `generate` method | ||
| rules_resources = my_provider.generate(context, title, is_hash, should_hash) |
There was a problem hiding this comment.
Confusingly puppet's type and provider system supports two styles of generating resources on the agent: generate and eval_generate, and I assume this is relying on the former?
If a Puppet::Type::<name> class implements the generate method, then it will be called early on in the agent's catalog application process, before any resources have been managed. This is often the wrong thing to do, because there's no guarantee any of the other resources in the catalog have reached their desired state before this resource's generate method is called.
The generally more useful method is eval_generate, because it is called while this resource is being evaluated. So all of its dependencies have already been managed/enforced. For example, the Puppet::Type::File class implements eval_generate, which is needed for recursive directory operations. We have to use eval_generate since all of the parent directories need to be managed with the correct permissions before we try to recurse: https://github.com/puppetlabs/puppet/blob/fde57136980d63bd2a64532ad74f750cc3b73bc7/lib/puppet/type/file.rb#L531
However, if a type implements prefetching, then you may be forced to use generate. For example, see https://tickets.puppetlabs.com/browse/PUP-2718?focusedCommentId=839874&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-839874 and our attempts to switch sshkeys from generate to eval_generate and back to generate in PUP-11320.
If the resource API doesn't support prefetching, then I would recommend using eval_generate instead. It's usually how people assume generate works.
There was a problem hiding this comment.
In this case I think that generate is preferred as we actively want the resources being fetched to be overwritten.
By that I mean we are generating delete commands against all active Firewall rules on the chain and then letting the catalog overwrite any that we actually need.
From the way you described eval_generate I am not sure in would work in the same way.
Or I may have just misunderstood you.
Allows the generate function to be utilized in order to manually create an array of types to be enforced. Used within the firewall module in order to enact the Purge functionality.
david22swan
force-pushed
the
CONT-761/main/custom_generate
branch
2 times, most recently
from
eff9056
to
fad616a
Compare
|
@joshcooper Have updated the PR to add a |
david22swan
changed the title
david22swan
force-pushed
the
CONT-761/main/custom_generate
branch
from
fad616a
to
35dc204
Compare
david22swan
changed the title
david22swan
changed the title
Purge tests disabled pending merge and release of resource_api change: puppetlabs/puppet-resource_api#316
- Update boolean attributes to always return a value. - Update `dst_type` and `src_type` to accept unique values. - Update `nflog_prefix` to correctly quote passed in variables and expect quotes when retrieving them. - Update `source` and `destination` to add a mask when needed. - Update `sport` and `dport` to allow a `-` when submitting a range. - Move `nflog_prefix` size check to validate due to issues with passing size restricted string to a type - Purge tests disabled pending merge and release of resource_api change: puppetlabs/puppet-resource_api#316
- Update boolean attributes to always return a value. - Update `dst_type` and `src_type` to accept unique values. - Update `nflog_prefix` to correctly quote passed in variables and expect quotes when retrieving them. - Update `source` and `destination` to add a mask when needed. - Update `sport` and `dport` to allow a `-` when submitting a range. - Purge tests disabled pending merge and release of resource_api change: puppetlabs/puppet-resource_api#316 - Set type of `nflog_prefix` to String as refining it to String[1] or String[1, 64] causes errors on Puppet 8.
- Update boolean attributes to always return a value. - Update `dst_type` and `src_type` to accept unique values. - Update `nflog_prefix` to correctly quote passed in variables and expect quotes when retrieving them. - Update `source` and `destination` to add a mask when needed. - Update `sport` and `dport` to allow a `-` when submitting a range. - Purge tests disabled pending merge and release of resource_api change: puppetlabs/puppet-resource_api#316 - Set type of `nflog_prefix` to String as refining it to String[1] or String[1, 64] causes errors on Puppet 8.
Allows the generate function to be utilized in order to manually create an array of types to be enforced.
The
generatemethod is called prior to the resource being managed.There is a second
eval_generatemethod that is called after it has been, which may be good to add at a later date.