如何隐藏 Puppet 上的“依赖失败”日志

tag-icon tag-icon puppet
如何隐藏 Puppet 上的“依赖失败”日志

我想避免(或至少隐藏)Puppet 上的“失败依赖项”日志。

我想仅在 exec 要求为真时才部署文件。它正在运行,但 puppet 显示了很多错误/警告日志:

Error: /usr/bin/test -e /home/USER returned 1 instead of one of [0]
Error: /Stage[main]/Users::Config/Exec[/usr/bin/test -e /home/USER]/returns: change from notrun to 0 failed: /usr/bin/test -e /home/USER returned 1 instead of one of [0]
Notice: /Stage[main]/Users::Config/Exec[check_ssh_dir]: Dependency Exec[/usr/bin/test -e /home/USER] has failures: true
Warning: /Stage[main]/Users::Config/Exec[check_ssh_dir]: Skipping because of failed dependencies
Notice: /Stage[main]/Users::Config/File[/home/USER/.ssh]: Dependency Exec[/usr/bin/test -e /home/USER] has failures: true
Warning: /Stage[main]/Users::Config/File[/home/USER/.ssh]: Skipping because of failed dependencies
Notice: /Stage[main]/Users::Config/File[/home/USER/.bashrc]: Dependency Exec[/usr/bin/test -e /home/USER] has failures: true
Warning: /Stage[main]/Users::Config/File[/home/USER/.bashrc]: Skipping because of failed dependencies
Notice: /Stage[main]/Users::Config/File[/home/USER/.bash_profile]: Dependency Exec[/usr/bin/test -e /home/USER] has failures: true
Warning: /Stage[main]/Users::Config/File[/home/USER/.bash_profile]: Skipping because of failed dependencies
Notice: /Stage[main]/Users::Config/File[/home/USER/.ssh/authorized_keys]: Dependency Exec[/usr/bin/test -e /home/USER] has failures: true
Warning: /Stage[main]/Users::Config/File[/home/USER/.ssh/authorized_keys]: Skipping because of failed dependencies

这是我的 config.pp:

class users::config ($user) {

    exec {"/usr/bin/test -e /home/${user}":
    }

    exec {"check_ssh_dir":
        command => '/bin/true',
        onlyif => "/usr/bin/test -e /home/${user}/.ssh",
        require => Exec["/usr/bin/test -e /home/${user}"],
    }

    file {"/home/${user}/.ssh":
        ensure => directory,
        owner   => "${user}",
        group   => "domain users",
        mode    => "700",
        require => Exec['check_ssh_dir'],
    }

    file {"/home/${user}/.bashrc":
        source => [ "puppet:///modules/users/${user}/bashrc", "puppet:///modules/users/basics/bashrc"],
        owner   => "${user}",
        group   => "domain users",
        mode    => "640",
        require => Exec["/usr/bin/test -e /home/${user}"],
    }

    file {"/home/${user}/.bash_profile":
        source => [ "puppet:///modules/users/${user}/bash_profile", "puppet:///modules/users/basics/bash_profile"],
        owner   => "${user}",
        group   => "domain users",
        mode    => "640",
        require => Exec["/usr/bin/test -e /home/${user}"],
    }

    file {"/home/${user}/.ssh/authorized_keys":
        source => [ "puppet:///modules/users/${user}/ssh/authorized_keys", "puppet:///modules/users/basics/ssh/authorized_keys"],
        owner   => "${user}",
        group   => "domain users",
        mode    => "600",
        require => Exec["check_ssh_dir"],
    }
}

我正在使用 Puppet 4.3。

谢谢你的帮助。

答案1

如果不使用事实或实现自定义提供程序,这实际上是不可能的。可以肯定的是,使用exec资源,您可以执行以下操作:

exec { 'test-user-exists:
    command => '/bin/true',
    onlyif  => "/usr/bin/test -e /home/${user}"
} ~>
exec { 'conditional-command':
    command     => '/usr/bin/my-command',
    refreshonly => true,
}

但是您无法file根据命令的结果获得条件资源。最简单的选择是创建一个事实。例如:

Facter.add(:avail_users) do
  setcode do
    IO.
      readlines('/etc/passwd').
      map { |x| x.split(':')[0] }
  end
end

然后,您可以检查块中是否$user存在数组。请确保没有。$::avail_usersifstringify_facts

答案2

感谢@Artefacto,我找到了解决我的问题的方法:

我创建了一个新的事实,其中仅列出房屋:

Facter.add(:list_home) do
    setcode do
        Facter::Core::Execution.exec('/bin/ls /home/').split("\n")
    end
end

我已经修改了我的清单以迭代每个家庭:

class users::config {

    $::list_home.each |String $user| {
        exec {"check_ssh_dir_${user}":
            command => '/bin/true',
            onlyif => "/usr/bin/test -e /home/${user}/.ssh",
        }

        file {"/home/${user}/.ssh":
            ensure => directory,
            owner   => "${user}",
                    group   => "domain users",
                    mode    => "700",
            require => Exec["check_ssh_dir_${user}"],
        }

        file {"/home/${user}/.bashrc":
            source => [ "puppet:///modules/users/${user}/bashrc", "puppet:///modules/users/basics/bashrc"],
            owner   => "${user}",
            group   => "domain users",
            mode    => "640",
        }

        file {"/home/${user}/.bash_profile":
            source => [ "puppet:///modules/users/${user}/bash_profile", "puppet:///modules/users/basics/bash_profile"],
            owner   => "${user}",
            group   => "domain users",
            mode    => "640",
        }

        file {"/home/${user}/.ssh/authorized_keys":
            source => [ "puppet:///modules/users/${user}/ssh/authorized_keys", "puppet:///modules/users/basics/ssh/authorized_keys"],
            owner   => "${user}",
            group   => "domain users",
            mode    => "600",
        }
    }
}

现在我没有因为依赖而失败。

相关内容