(PUP-2635) use generate instead of eval_generate to purge ssh keys
fa1f1ad199e5Unpublished
Actions

Unpublished Commit · Learn More

Repository Importing: This repository is still importing.

Description

(PUP-2635) use generate instead of eval_generate to purge ssh keys

The generating of ssh_authorized_keys resources for purging is implemented
in Puppet::Type::User#eval_generate. The resources are added as the graph
is being traversed.

This exhibits unexpected behavior under certain circumstances. Specifically,
generated keys can be considered already absent (and hence in sync) if there
is a package resource in the catalog. The error disappears when the
functionality is moved from the eval_generate hook in favor of the generate
hook.

The reasons for the wrong behavior is an issue between the transaction code
and the eval_generate mode of operation. During evaluation, the transaction
will call its #prefetch_if_necessary hook for each resource in turn, which
relies on #resources_by_provider. The latter has a cache and misses all
resources that are added using eval_generate after the initial method call.
As a result, those resources are not passed to the provider for prefetching
and thus remain in an uninitialized state, just as though the resource
would not exist on the target system (ensure => absent). They are therefor
not eligible for syncing/purging.

Details

Provenance

Felix Frank <Felix.Frank@Alumni.TU-Berlin.de>	Authored on
vanmeeuwen	Pushed on Jun 2 2015, 2:22 PM

Parents

rPU56c96a4c0f6e: Merge branch 'pup_2364_spike_vars' into stable

Branches

Unknown

Tags

Unknown

Event Timeline

Felix Frank <Felix.Frank@Alumni.TU-Berlin.de> committed rPUfa1f1ad199e5: (PUP-2635) use generate instead of eval_generate to purge ssh keys (authored by Felix Frank <Felix.Frank@Alumni.TU-Berlin.de>).Jun 4 2014, 10:03 PM

Changes (2)

Path

Size

lib/

puppet/

type/

user.rb

spec/

unit/

type/

user_spec.rb

rPUfa1f1ad199e5

View Options

lib/puppet/type/user.rb