[chef] Re: Re: Re: Re: How to suppress notifications in LWRP


Chronological Thread 
  • From: "John E. Vincent (lusis)" < >
  • To: " " < >
  • Subject: [chef] Re: Re: Re: Re: How to suppress notifications in LWRP
  • Date: Tue, 23 Apr 2013 11:42:44 -0400

I'd have to check but I'm pretty sure keytool can return a fingerprint of the cert. That could be one way to compare.


On Tue, Apr 23, 2013 at 11:41 AM, Fabry Zio < " target="_blank"> > wrote:
Hi John,

thank you for the link. It contains a way to use "execute" and keytool I did not take into consideration.
Unfortunately I've to compare each new certificate and key with the one already in the keystore, as the alias must be always the same.
Anyway, I'll think about it. There could be a compromise for my use case.


If this is a java keystore, you can use some variant of this, yes?


I think someone even converted it to a proper LWRP at some point?


On Tue, Apr 23, 2013 at 5:50 AM, Fabry Zio < " target="_blank"> > wrote:
Hi Noah,
thank you for answer.

My problem is that, in the case of keystore update, I have to create a copy of the keystore, add or substitute required certs (only possible through bash commands) and then compare the modified keystore with the original in order to understand if I really added new certificates. Only in that case I will replace the original one. So I think I have to execute "bash" resources anyway.

One other possible case is the following... In a recipe I define my LWRP like this:

  wso2platform_greg wso_progr  do
    ...
    private_key wso_key
    public_cert wso_cert
    cacerts wso_cacerts
    action :install
    notifies :initialize, "wso2platform_greg[#{wso_progr}]", :delayed
  end

In this case, if :install action changes the configuration of my resource I have to re-initialize the server.
The :initialize action only restarts the server with some particular command line parameters, but I've to make this operation through a "bash" resource.

This seems to start an infinite loop as the "bash" resource cause my resource to be marked as changed and this starts notification again.
I would like the "bash" resource to cause a notification only when it really modify my wso2platform_greg resource, if possible.

Thank you


Use not_if/only_if to make their activation idempotent.

--Noah

On Apr 23, 2013, at 1:43 AM, Fabry Zio wrote:

> Hi all,
>
> I'm developing a custom LWRP to install a sort of application server, but I've the following problem...
>
> In my actions I've to call some "bash" and "ruby_block" resources in order to make some elaborations on configuration files (like keystores and patches) that I cannot do with the "template" resource.
> Not always these elaborations bring to a real change in the server configuration, so not always my LWRP has to notify a resource change (for example to cause a server restart).
> But, as for I can understand, if a "bash" or "ruby_block" resource is put in the converge_actions list for my LWRP, it will cause a change notification in my resource even if I never set: @new_resource.updated_by_last_action(true)
>
> Currently I'm calling the use_inline_resources method at the beginning of my LWRP.
>
> Is there a way to control this change notification?
> Or may I override the set_updated_status method in my LWRP ?
>
> Thank you a lot
> Regards









Archive powered by MHonArc 2.6.16.

§