Avoid potential dependency cycles when used with other modules #463
Conversation
There was a problem hiding this comment.
ensure_packages I believe is part of the puppet stdlib (see: https://github.com/puppetlabs/puppetlabs-stdlib#ensure_packages)... can you elaborate a little on how it creates a dependency cycle? Could you also add to the PR what the dependency cycle is?
Thanks!
|
We require |
remicalixte
force-pushed
the
remicalixte/puppet-dependency-cycle
branch
2 times, most recently
from
1ecda90 to
d9bb827
Compare
|
The dependency cycle is |
|
Dependency graph before: Since we don't use Some external module is adding the |
remicalixte
force-pushed
the
remicalixte/puppet-dependency-cycle
branch
from
d9bb827 to
207a6c1
Compare
remicalixte
changed the title
remicalixte
force-pushed
the
remicalixte/puppet-dependency-cycle
branch
from
207a6c1 to
42c1ea0
Compare
|
@truthbk I've removed some unrelated changes and made the commit messages clearer. Hopefully we can merge this soon and release a new version of the puppet module |
remicalixte
force-pushed
the
remicalixte/puppet-dependency-cycle
branch
2 times, most recently
from
134765b to
685e919
Compare
There was a problem hiding this comment.
Some notes, in general the PR looks good, but if possible I would like to keep ensure_packages() around as a sane, standard way to ensure some required packages are available, I think that would be preferable. If you are sure we can't use it due to the dependency cycle, I understand.
We also need to make sure these changes don't make the module chatty, we don't want to be calling apt-get update every time the manifest runs.
Finally, I am unable to spot the cycle in the first PDF. Being a DAG I see no actual loops in the graph, but I may be missing something as I see repeated node names.
| before => Apt::Source['datadog6'], | ||
| $key = { | ||
| 'id' => $apt_key, | ||
| 'server' => $apt_keyserver | ||
| } | ||
| } |
There was a problem hiding this comment.
I can't remember if it's necessary to do this in case $skip_apt_key_trusting is true.
else {
$key = {}
}
There was a problem hiding this comment.
I guess it doesn't hurt to add it, and it is a bit more explicit
| @@ -16,11 +16,14 @@ | |||
| Optional[String] $apt_keyserver = undef, | |||
| ) inherits datadog_agent::params { | |||
|
|
|||
| ensure_packages(['apt-transport-https']) | |||
| exec { 'apt-transport-https': | |||
There was a problem hiding this comment.
I would like to continue using ensure_packages to be honest. I'm not sure how it would cause a cycle. If you're positive it's partly to blame we can go ahead and do this, but I'd rather not. Also, the line replaced should probably be:
ensure_packages(['apt-transport-https'], {'ensure' => 'present'})
| require => Package['apt-transport-https'], | ||
| notify => Exec['apt_update'], | ||
| key => $key, | ||
| require => Exec['apt-transport-https'], |
There was a problem hiding this comment.
If we decide to keep ensure_packages, we could probably remove this line as ensure_packages would do its thing and ensure the package is available. I wonder if the reason this was here was due to the order in which puppet applied these statements, we'll have to test that out.
| require => Package['apt-transport-https'], | ||
| notify => [Exec['datadog_apt-get_remove_agent6'],Exec['apt_update']], | ||
| key => $key, | ||
| require => Exec['apt-transport-https'], |
There was a problem hiding this comment.
As mentioned for A6, I would like to keep ensure_packages(), unless it's 100% clear that we cannot, and just remove this require.
|
Hoping to address: #423 |
… with some other modules
remicalixte
force-pushed
the
remicalixte/puppet-dependency-cycle
branch
from
685e919 to
7ef196e
Compare
…og#463) * Use native pgp key support of the apt module * apt::source notify apt_update by default * require Class['apt::update'] as the documentation suggests: https://github.com/puppetlabs/puppetlabs-apt\#adding-new-sources-or-ppas * Use 'exec' instead of 'ensure_packages' to break a dependencies cycle with some other modules * Fix spec tests * Set $key to empty dict if skipping apt key trusting
DataDog#463)" (DataDog#506) This reverts commit 8a29860.
Hopefully fixes the dependency cycle