You can use a file resource to copy a diff to a temp/diff area that
notifies an exec that does the diff as you have mentioned. This means
the diff would only get downloaded once, and the patch only applied if
the diff changes.
So roughly:
file {"/var/lib/diffpatches/foo.patch":
source => "puppet:///modules/foo/foo.patch",
notify => Exec["apply-foo-patch"],
}
exec {"apply-foo-patch":
command => "patch -d /path/to/patch -p1 < /var/lib/diffpatches/
foo.patch",
refreshonly => true,
}
You could wrap this sucker in a define and make it a re-usable
function if you wanted to as well so you can re-use it. You may also
want to add an 'onlyif' section to the exec with the patch command in
a dry-run perhaps?
Other ideas would include concatenating multiple files:
http://forge.puppetlabs.com/ripienaar/concat
https://github.com/puppet-modules/puppet-concat
And there are various regexp based patterns for deleting lines and
search and replace:
http://projects.puppetlabs.com/projects/1/wiki/Simple_Text_Patterns
Normally I don't diverge much from concat or managing the file in a
template myself to be honest. The vendor may add new configuration
items, but I generally want to be aware of this anyway if I'm
upgrading a package :-).
ken.
On Feb 22, 7:55 pm, Kent <kentmshu...@gmail.com> wrote:
> Hi All,
>
> For most of the config files we manage via our Puppet setup, we either
> serve flat files or use templates and dashboard parameters and Facts
> to dynamically create the config file. However, in some cases we are
> not comfortable with either of these methods due to the possibility of
> small but numerous variances across different versions of operating
> systems. Also there is always the worry that a package update from the
> OS vendor will make changes you did not forsee. Managing the file
> with a File resource or template in Puppet would stomp out these
> vendor changes.
>
> Currently in such cases, we use diff-style patches and use the 'patch'
> command in our RPMs to apply custom changes to Red Hat's baseline
> file. This is flexible and fairly safe. However we've been
> transitioning from using custom RPMs in a Kickstarted environment, to
> bootstrapping our systems using Kickstart and then using Puppet
> wherever possible. I'd like to manage even these tricky files with
> Puppet, but I'm not sure the best way to handle it.
>
> I don't want to use a File resource or templates, as we do for most
> everything else. I considered augeas and have played around with it a
> bit, but in so many cases it is clumsy and a little dangerous, i.e.
> items in config files are often referenced by file line number or some
> other possibly-volatile key. This uncertainty with augeas sorta
> defeats the whole purpose of avoiding File and templates. Line numbers
> can change from one version of the file to the next, and if I hardcode
> changes to specific line numbers, that seems like a recipe for
> incorrect config files in the future.
>
> Anyone have a good idea for how to apply Diff-style patches using
> Puppet? I was thinking a File and an Exec could get it done, the
> former being the patch file, the latter being a command to patch the
> file. But in this case, how to keep from download the patch file on
> every Puppet run, whether or not we use it?
>
> Hope I've been clear on my questioning, and thanks in advance!
>
> -Kent
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
