iis_config resource not being idempotent #276
Comments
|
The work around still appears to be to add the 'returns' statement or |
|
The iis_config option literally can configure anything in multiple different patterns and areas. Until we create a method for storing the pre-config data and then checking that the |
|
Thanks @spuder. Used your suggestion. It currently seems to be working. But I'd have hoped that at least this exit code would've been there by default. |
|
@spuder new properties: So this command becomes iis_config "Enable Deployment for Retail" do
commit :MACHINE
section "deployment"
property "retail"
value "true"
endthis would allow for us to break the command apart enough that we should be able to do something like or from the result we should be able to get the value, this is a major change and definitely a breaking change. But would add idempotency to something. |
|
This feature is now in testing, some changes have been made over the current v4.2 branch that handle multiple properties at a time better |
|
@spuder can you please test this new version v4.2? it is working for all my examples in the readme.md but i don't have any other examples |
|
@EasyAsABC123 Yes, though it might take me some time. |
|
@spuder definitely no worries |
|
The Error executing action `clear` on resource 'iis_config[NetDocuments/neweb2 /section:system.webserver/staticContent /"[fileExtension='.']" /commit:app]'
================================================================================
NoMethodError
-------------
undefined method `node_type' for nil:NilClass
Resource Declaration:
---------------------
# In c:/chef/local-mode-cache/cache/cookbooks/nd-web/recipes/nd_webserver.rb
188: iis_config "NetDocuments/neweb2 /section:system.webserver/staticContent /\"[fileExtension='.']\" /commit:app" do
191: action :clear
192: # returns [0, 4312] # https://github.com/chef-cookbooks/iis/issues/205
193: end
194:I've also tried updating to the new syntax with the same error "undefined method `node_type' for nil:NilClass" node_type refers to the REXML ruby gem that was added. |
|
@spuder what is the above config suppose to do? Just remove 1 mime type? Currently that wouldn't be possible with the new If you did iis_config "Remove mime type" do
zone 'NetDocuments/neweb2'
section 'system.webserver/staticContent'
commit 'app'
action :clear
endit should delete everything in the NetDocuments/neweb2 (zone) and the whole section for static content. Let me know what that is suppose to do so I can adjust the code |
|
@EasyAsABC123 Correct it removes 1 mime type. We have some builds that have an erroneous line in the neweb2/web.config file. As a precaution we remove this line at the beginning of the chef run, and at it back at the end. Here is the same thing in powershell or |
|
Interesting, I will mess with this over the weekend so that clear is idempotent with |
|
Is it expected that the old syntax will continue to work? iis_config "NetDocuments/neweb2 /section:system.webserver/staticContent /\"[fileExtension='.']\" /commit:app" do
endOr is the new syntax mandatory? iis_config "Remove mime type" do
zone 'NetDocuments/neweb2'
section 'system.webserver/staticContent'
commit 'app'
endIf the old syntax is going away, maybe this should be a 5.0.0 release. |
|
@spuder The only way the old syntax could stay is to simply add a new provider/resource. This wouldn't be ideal since they are both managing the same thing. A new provider may be created that is simply to allow the running of appcmd commands, something like iis_cmd "my command goes here" do
endlike that...but otherwise since everyone complains about idempotency (understandably) I would prefer to avoid offering something of little to no value. Naming it version |
|
In my opinion abandoning the old syntax is preferable. The new style is much easier to understand and requires less character escaping. |
|
@spuder agreed, i'll likely move that direction but that will mean also making each property additive or subtractive |
|
@EasyAsABC123 Sorry if I'm not following etiquette, this is my first time opening an issue (#366). Is the iis_config not being idempotent an issue still from June 2016? I read this issue before opening mine, but didn't follow why this was marked as a feature request. |
|
Hey, no you are fine. I read all issues and then just clear out things that are duplicates. So on to why this is a feature request, the iis_config resource just runs any command. This means that to make it idempotent we would have to parse whatever command is run (might even be a list command which doesn't do anything) and then determine how we can get the current value. This would mean that a lot of coding would have to go into making the iis_config idempotent. I types this on my phone sorry for typos or anything that doesn't make sense, feel free to ask more questions |
|
@scolligan I think you are just setting the logging file? Is that on a site? Or application? We can likely add that property relatively easily |
|
@EasyAsABC123 No worries, just wanted to make sure I was following protocol. The example I used was from the iis cookbook readme page (which was related to logging). When I couldn't make my config work idempotently, I grabbed the example from the readme to test with. When I saw that also didn't work I decided to submit the issue. I have a bunch of appcmd type tasks that I do with powershell. I was hoping to get rid of the powershell resources and use the iis_config. But, if that resource isn't working yet, I'll just stick to powershell. Thanks for following up! |
|
Definitely not a problem, we will be moving to a PowerShell resource eventually when given the chance to rewrite for it. In the readme there is an alternative for IIS PowerShell that is very good. |
|
FWIW, I created the following to address this: Attribute Definition default['jjk_ts_transport_webserver']['config_items'] = {
'Forms Authentication - Require SSL' => {
commit: 'WEBROOT',
section: 'system.web/authentication',
item: 'forms.requireSSL',
item_value: 'True'
},
'Forms Authentication - UseCookies' => {
commit: 'WEBROOT',
section: 'system.web/authentication',
item: 'forms.cookieless',
item_value: 'UseCookies'
},
'Machine Key Validation - AES' => {
commit: 'WEBROOT',
section: 'system.web/machineKey',
item: 'validation',
item_value: 'AES'
},
'Machine Key Decryption - AES' => {
commit: 'WEBROOT',
section: 'system.web/machineKey',
item: 'decryption',
item_value: 'AES'
},
'Request Filtering - Do NOT Allow High Bit Characters' => {
commit: 'APPHOST',
section: 'requestFiltering',
item: 'allowHighBitCharacters',
item_value: 'False'
},
'HTTPCookies - HTTPOnlyCookies' => {
commit: 'WEBROOT',
section: 'system.web/httpCookies',
item: 'httpOnlyCookies',
item_value: 'True'
}
}Cookbook Code # set various web server configuration items
node['jjk_ts_transport_webserver']['config_items'].each do |key, value|
powershell_script key do
code <<-EOH
& "#{ENV['SystemRoot']}\\system32\\inetsrv\\appcmd.exe" set config /commit:#{value['commit']} -section:#{value['section']} /#{value['item']}:#{value['item_value']}
EOH
guard_interpreter :powershell_script
not_if "[bool](& #{ENV['SystemRoot']}\\system32\\inetsrv\\appcmd.exe list config -section:#{value['section']} -text:#{value['item']} | Where-Object {$_ -eq '#{value['item_value']}'})"
end
end |
Cookbook version
4.1.8
Chef-client version
12.5.1
Platform Details
AWS- Windows 2012 R2
Scenario:
I am using iis_config resource. But it is not being idempotent (even when I saw that Issue#69 says fixed). When running it more than one time, it should not update any resource, yet that seems to be happening.
Steps to Reproduce:
Wrote a simple test cookbook which depends on IIS (v4.1.8) and Windows(v1.39.2) cookbooks.
It has just one line of code as of now to set retail deployment as true. It is compiling and executing with no issues:
iis_config "/commit:MACHINE /section:deployment /retail:true"
Expected Result:
Chef Client finished, 0/1 resources updated in xx seconds
On every run after the first..unless machine.config was manually changed. Which in this case was not.
Actual Result:
Chef Client finished, 1/1 resources updated in 27 seconds
The text was updated successfully, but these errors were encountered: