-
-
Notifications
You must be signed in to change notification settings - Fork 130
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enhanced acl policy files with rundeck::config::aclpolicyfile #76
Conversation
I do like the idea of using one template but I have a couple of questions. Why did you choose to have a separate define rather than just two file resources? Does having a single acl_policies param mean that you'll be applying the same policies to both policy files? This is not something we want to do. |
My intention is to have the possibility to create many .aclpolicy files - e.g. create an .aclpolicy file per project. So the abstraction via a define is better than a file. The admin.aclpolicy and apitoken.aclpolicy is using this, too. The functional behavior should be the same as before. Hope this will answer your questions :-) |
require => File[$properties_dir] | ||
rundeck::config::aclpolicyfile { 'admin': | ||
acl_policies => $acl_policies, | ||
owner => $user, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if the default owner and group are rundeck::user
and rundeck::group
we shouldn't need to specify them here.
Ah. I just re-read the documentation on this. I didn't actually know that you can multiple files, so thank you for educating me on that. |
Now, there is just a single template used to create acl policy files based on the define rundeck::config::aclpolicyfile
Ok - I removed the user / group settings in config.pp. |
Enhanced acl policy files with rundeck::config::aclpolicyfile
$acl_policies, | ||
$owner = $rundeck::user, | ||
$group = $rundeck::group, | ||
$properties_dir = $rundeck::framework_config['framework.etc.dir'], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is a problem here in that it misses the deep_merge
that happens in rundeck::config
, which merges the framework_config
parameter from rundeck
and rundeck::params::framework_config
. I haven't had time to test if just inserting config::
is sufficient or not.
modulesync 0.16.7
Now, there is just a single template used to create acl policy files
based on the define rundeck::config::aclpolicyfile