[windows] fixes + blacklist #578
Conversation
| fail("The specified agent version has been blacklisted, please specify a version other than 6.14.0 or 6.14.1") | ||
| } | ||
|
|
||
| file { 'installer': |
There was a problem hiding this comment.
The previous behavior was to only download the MSI if it wasn't already installed. Now we are downloading it regardless. Any reason to prefer this?
There was a problem hiding this comment.
Maybe I missed something with my testing, but it didn't seem to download regardless. Once the file is in the temp directory I don't think the download was reattempted (ie. this resource doesn't behave like the chef counterpart that always pulls).
That said, we can go back to the original code. I made this change because I wanted to use the validate_cmd, but it didn't work particularly well in my tests, so I eventually did the validation in the exec resource below. We could still do it the way it was before, but I left it like this because the behavior seemed similar. I can try to reconfirm this doesn't always download.
The one thing that sucks, and I might change in a separate PR, is the fact we keep multiple files lying around, using up more and more disk space in temp over time. It might make sense to make msi_full_path a constant where we always overwrite with what we pull from the source (if it's not chatty).
There was a problem hiding this comment.
It doesn't always download, but clearing the temp directory will trigger a download that is not needed if the package is already installed.
There was a problem hiding this comment.
Tentative fix, yet to be tested: #582
manifests/params.pp
Outdated
| @@ -65,7 +65,7 @@ | |||
| } | |||
| 'Windows': { | |||
| $agent5_default_repo = '<agent 5 is not supported by this module on windows>' # Param in init.pp so needs to be defined, but not used on Windows | |||
| $agent6_default_repo = "https://s3.amazonaws.com/ddagent-windows-stable/datadog-agent-6-${agent_version}.amd64.msi" | |||
| $agent6_default_repo = "https://s3.amazonaws.com/ddagent-windows-stable/" | |||
| notify => Package[$datadog_agent::params::package_name] | ||
| } | ||
|
|
||
| package { $datadog_agent::params::package_name: | ||
| ensure => installed, | ||
| provider => 'windows', | ||
| source => $msi_full_path, | ||
| install_options => ['/quiet', {'APIKEY' => $api_key, 'HOSTNAME' => $hostname, 'TAGS' => $tags}] | ||
| install_options => ['/norestart', {'APIKEY' => $api_key, 'HOSTNAME' => $hostname, 'TAGS' => $tags}] |
Apply suggestions from code review Co-Authored-By: Albert Vaca <[email protected]>
truthbk
force-pushed
the
jaime/win_blacklist
branch
from
63441ec to
e1cb79a
Compare
* [windows] apply powershell remote fix before uninstall + idiomatic download * [windows] weak first attempt to blacklist bad MSIs * [windows] multiple fixes + blacklist + hash validation * addressing cops Apply suggestions from code review Co-Authored-By: Albert Vaca <[email protected]>
No description provided.