-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(files): new option to clean residual conf files #10
base: master
Are you sure you want to change the base?
Conversation
stunnel/init.sls
Outdated
@@ -21,18 +21,27 @@ stunnel_package: | |||
- user: {{ stunnel.root_user }} | |||
- group: {{ stunnel.group }} | |||
- mode: 750 | |||
{%- if stunnel.lookup.clean_conf_dir %} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think you need .lookup.
here, the stunnel:lookup
pillar is merged into the stunnel
variable in stunnel/map.jinja
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
also, nothing in the formula populates the conf.d
folder, so I don't see why the formula should purge it
stunnel/init.sls
Outdated
|
||
{{ stunnel.conf_dir }}/services.d: | ||
file.directory: | ||
- user: {{ stunnel.root_user }} | ||
- group: {{ stunnel.group }} | ||
- mode: 750 | ||
{%- if stunnel.lookup.clean_conf_dir %} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same here
stunnel/init.sls
Outdated
|
||
{{ stunnel.conf_dir }}/tls: | ||
file.directory: | ||
- user: {{ stunnel.root_user }} | ||
- group: {{ stunnel.group }} | ||
- mode: 750 | ||
{%- if stunnel.lookup.clean_conf_dir %} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
and here
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
also, this folder is populated in another state pillar_certs.sls
, so if you purge it in this state, bad things will happen if people don't run pillar_certs.sls
after init.sls
stunnel/os_family_map.yaml
Outdated
@@ -13,6 +13,7 @@ Debian: | |||
pid_dir: /var/run/stunnel4 | |||
use_chroot: true | |||
certificates_auto_config: true | |||
clean_conf_dir: false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this file is for OS specific settings, better set the default value in defaults.yaml
stunnel/os_family_map.yaml
Outdated
@@ -27,3 +28,4 @@ FreeBSD: | |||
pid_dir: /var/run | |||
use_chroot: false | |||
certificates_auto_config: true | |||
clean_conf_dir: false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same here
@@ -27,6 +27,9 @@ stunnel_package: | |||
- user: {{ stunnel.root_user }} | |||
- group: {{ stunnel.group }} | |||
- mode: 750 | |||
{%- if stunnel.clean_conf_dir %} | |||
- clean: True |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is setting the option for the services.d
directory not the conf.d
directory.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is no mistake that it was meant for the services.d directory to be cleaned.
Should i change the var name to clean_service_dir? It may be clearer.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That would make more sense to me.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree, since the scope changed from your first version, clean_services_dir
would be a better name for this setting now. Also, the explanation in pillar.example
should be updated to say it's only going to clean the services.d
folder.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It has been updated
current version looks good to me |
PR progress checklist (to be filled in by reviewers)
What type of PR is this?
Primary type
[build]
Changes related to the build system[chore]
Changes to the build process or auxiliary tools and libraries such as documentation generation[ci]
Changes to the continuous integration configuration[feat]
A new feature[fix]
A bug fix[perf]
A code change that improves performance[refactor]
A code change that neither fixes a bug nor adds a feature[revert]
A change used to revert a previous commit[style]
Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc.)Secondary type
[docs]
Documentation changes[test]
Adding missing or correcting existing testsDoes this PR introduce a
BREAKING CHANGE
?No.
Related issues and/or pull requests
None
Describe the changes you're proposing
Adding a new option so the formula actually cleans the directories where it puts its configuration files so that any residual files do not persist everytime the formula is used. It also makes this formula idempotent.
Pillar / config required to test the proposed changes
Debug log showing how the proposed changes work
Documentation checklist
README
(e.g.Available states
).pillar.example
.Testing checklist
state_top
).Additional context
I submitted this PR as non breaking, but i think that we should probably make this behaviour the default one, hence making it breaking if it's accepted, as it would give idempotency to the formula, which, in my humble opinion, is a good thing.