On 01/15/2013 04:58 PM, jcbollinger wrote: > That already seems pretty clear to me in the existing docs: > > Calls an external command on the Puppet master and *returns the results > of the command*.
> (Emphasis added.) How would you suggest improving that? Hm, it's maybe only me, but result of the command associates me with exit codes, not with actual output. Maybe the description should say: Calls an external command on the Puppet master and returns the standard output of the command. > I guess "results" could be changed to "output", but it's clear to me > that the function does not return the command's exit code because any > exit code other than zero constitutes a parse error. Returning the > output of the command is anyway the whole point of this function -- that > is, to "generate" a value for use in your manifest. Using it for the > side effects of the command is not exactly improper, but it's not the > use case toward which the function is targeted. Personally, I'd write a > custom function for such a purpose, to try to ensure that the intent is > clear. Well, generate serves me pretty well for other purposes then generating output value for puppet. For example I'm currently generating ssh host keys on the master, ricc service (RedHat Cluster Suite remote cluster management) certificates and client certificates to access ricci. No doubt, with time I will find further use cases. Benefit of using generate() is that I can reuse existing code. For example, init script of RHEL/CentOS for ssh daemon has the code for generation of ssh host keys. Code is separated in bash functions. So, I can just include (parse) that script in my own shell script, change the values of variables and generate keys. And if I want puppet to do it, just put that wrapper script in generate() function and that's it. Otherwise, I would write my own code for generating host keys in ruby. Not that I'm scared or lazy, but just don't see the point of reinventing the wheel and introducing new bugs to the story. My vendor already distributes that code, and as long as client ssh daemon can use certificates generated on my master, I'm fine with it :) If, for some reason, ssh daemons on some distribution become incompatible with the keys generated this way, I will for sure thing about doing things differently. I hope u understand my point of view on this one. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
