Reputation: 53
chef loop and notifies
To place two certificates in the box and then add them to a wallet I used the below code.
RDS_CA_CERTS = %w[ cert1.cer cert2.cer]
RDS_CA_CERTS.each do |rds_ca_cert|
cookbook_file "/oracle_home/ssl_wallet/#{rds_ca_cert}" do
source "certs/#{rds_ca_cert}"
owner 'oracle'
group 'dba'
mode '0644'
action :create
notifies :run, 'execute[import_rds_cert]', :immediately
end
execute 'import_rds_cert' do
command "orapki wallet add -wallet /oracle_home/ssl_wallet -trusted_cert -cert /oracle_home/ssl_wallet/#{rds_ca_cert} -auto_login_only"
user 'oracle'
group 'dba'
umask '0025'
action :nothing
end
end
I was expecting the above code will bring in one file cert1.cer and trigger the execute for the same. Then it will bring in cert2.cer and with trigger execute. This way only when file is added the execute will be triggered(gate for execute resoure)
But in TK observed behaviour is bit strange to me. It bring in cert1.cer file and then when it triggers execute it fails saying cert2.cer is not there. That can happen only if the loop has moved to next file before the execute was triggered.
Can you please explain the behavior ? What would be better alternative approach ?
Upvotes: 1
Views: 286
Answers (1)
Reputation: 21226
Your code generates 2 cookbook_file resources and 2 execute resources. Unfortunately your execute resources have the same name and eventually merged into 1 resource by Chef with the latter resource's command overwriting the previous one. So your cookbook_file "/oracle_home/ssl_wallet/cert1.cer" resource triggers execute 'import_rds_cert' resource with command "orapki wallet add -wallet /oracle_home/ssl_wallet -trusted_cert -cert /oracle_home/ssl_wallet/cert2.cer -auto_login_only".
To solve your problem change the name of the execute resource, so that it is depending on rds_ca_cert variable. This way Chef will generate 2 different execute resources too.
cookbook_file "/oracle_home/ssl_wallet/#{rds_ca_cert}" do
[...]
notifies :run, "execute[import_rds_cert_#{rds_ca_cert}]", :immediately
end
execute "import_rds_cert_#{rds_ca_cert}" do
[...]
end
Upvotes: 1
Related Questions
- Chef notification within each method
- Chef each loop for each loop
- Chef template loop ruby
- Chef templates and how to do a for loop in ruby
- ruby Iteration or loop failing as expected
- Chef Looping Recipes and Passing Data?
- chefspec testing resource with loops
- How to Run for each loop in template chef
- Chef template and using it in a loop
- Chef shell script interaction