Trying to manage files created by an Exec in Puppet. I would like to make sure that we don't have any un-managed files.
Example code:
file { '/tmp/puppet_example':
ensure => directory,
purge => true,
}
$files = [
'/tmp/puppet_example/file1.json',
# '/tmp/puppet_example/file2.json',
'/tmp/puppet_example/file3.json',
]
$files.each |$file| {
exec { "exec_${file}":
creates => $file,
command => "/usr/bin/touch ${file}",
require => File['/tmp/puppet_example'],
}
file { $file:
ensure => file,
replace => false,
require => File['/tmp/puppet_example'],
}
}
If an entry in $files
get removed, the respective files are not purged.
What is the correct way of managing files where I don't manage the content? Or is this a feature of the replace attribute:
Setting this to false allows file resources to initialize files without overwriting future changes
If an entry in
$files
get removed, the respective files are not purged.
I guess you're referring to the fact that you are managing the directory of these files with purge => true
. Per the docs, however, purge
is only relevant when you are managing a directory with recurse => true
, which you are not doing.
Consider the docs of recurse => true
:
If the
source
attribute is set, this behaves similarly torecurse => remote
, automatically managing files from the source directory.This also enables the
purge
attribute, which can delete unmanaged files from a directory. See the description ofpurge
for more details.The
source
attribute is not mandatory when usingrecurse => true
, so you can enable purging in directories where all files are managed individually.
(emphasis added).
As far as I understand what you're looking for, you should be able to achieve it by adding (just) recurse => true
to the File
resource managing the directory:
file { '/tmp/puppet_example':
ensure => directory,
recurse => true,
purge => true,
}
What is the correct way of managing files where I don't manage the content? Or is this a feature of the
replace
attribute
I take the point to be to put the files under nominal management to protect them from purging, but not otherwise to do anything with them. With respect to that:
Just declaring a File
resource for a file puts it under management, regardless of which of the target file's properties are managed. This makes it ineligible for purging.
The replace
attribute is not related to whether unmanaged files are purged. Indeed, it can't be: in order to apply such an attribute to a file, you need a File
resource for it, which itself makes the file managed.
replace
controls whether the content of existing files is managed. It is relevant only if you also specify source
or content
, for otherwise, the content isn't managed anyway. If you do specify one of those, and also replace => false
, then the contents are managed only in the event that Puppet creates the file on that run.
If you have both a file and that file's directory under management, then Puppet will automatically create a relationship between the two. You don't need to declare one explicitly (though doing so is harmless).
Overall, the minimum you need to do is declare the files without any attributes:
file { $file: }
That defaults to ensure => file
, so it will create an empty file if the file does not already exist at all. Otherwise, nothing about the file is managed. I like this particular form for your purposes, as I think it emphasizes that you're only nominally managing the designated file. Nevertheless, the form presented in the question is fine for your purposes too.