Error "failure to load inifile" resulting in failed Puppet run about puppet-openssl HOT 22 CLOSED

It might be easier to use puppet/util/inifile instead of inifile, as it's shipped with Puppet itself.

from puppet-openssl.

Is the inifile gem maybe included in the new puppet 4 installer?
We are still using puppet 3, which does not seem to have the inifile gem...

from puppet-openssl.

We def need to either install the inifile gem or document that it is needed with a code example.
This took way to long to figure out on my own....

from puppet-openssl.

Code Example for documentation:

  # Ruby 1.8.7 needs older version (less than 3.0.0)
  # https://github.com/TwP/inifile/issues/35
  if versioncmp($::rubyversion, '1.9.3') >= 0 {
    $inifile_ensure = installed
  } else {
    $inifile_ensure = '2.0.2'
  }

  package { 'inifile':
    ensure   => $inifile_ensure,
    provider => gem,
    before   => Openssl::Certificate::X509['www.example.com'],
  }

from puppet-openssl.

I vote for the built in puppet inifile.
Managing the gem with puppet seems to work on fresh builds, but if you have existing vms, then it tanks your puppet run. The next run will work and finish up, but this could be a problem if you miss refreshes like nginx/apache service due the puppet run failing right in the middle.

from puppet-openssl.

FYI, I am using Puppet 4 and I had to install the inifile gem on the bundled Puppet ruby in order to get puppet working again, so this issue is not specific to Puppet 3.

from puppet-openssl.

Hi all - thanks for tracking this issue. I ran into the same problem (open source puppet 4.4 on agent running Ubuntu 14.04, puppet-openssl 1.7.1). I am using openssl::certificate::x509 to build certs. First run worked fine. Once the certs were built, I started getting the "failure to load inifile" error.

Installing inifile gem directly (gem install inifile) didn't help.

Resolved the issue for now by installing inifile gem using:
$/opt/puppetlabs/puppet/bin/gem install inifile

See:
https://ask.puppet.com/question/18703/could-not-load-ruby-gem-from-puppet-provider/

from puppet-openssl.

Hitting this on ubuntu xenial on v1.7.1

ubuntu@ip-10-187-21-156:~$ uname -a
Linux ip-10-187-21-156 4.4.0-24-generic #43-Ubuntu SMP Wed Jun 8 19:27:37 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
ubuntu@ip-10-187-21-156:~$ puppet --version
3.8.5
ubuntu@ip-10-187-21-156:~$ sudo puppet module list | grep openssl
├── camptocamp-openssl (v1.7.1)

This never happens on the initial run, as far as i can tell, but on all subsequent runs.

from puppet-openssl.

Also in Puppet 4.5.2 on CentOs 7

[vagrant@localhost ~]$ uname -a
Linux localhost.localdomain 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
[vagrant@localhost ~]$ cat /etc/redhat-release 
CentOS Linux release 7.2.1511 (Core) 
[vagrant@localhost ~]$ puppet --version
4.5.2

from puppet-openssl.

I don't really want to allow gem into my production servers only to make this module work... Could you instead use a standard library?

from puppet-openssl.

I'm facing the same error on CentOS 7.x and Puppet 4.5.x.
I've solved installing inifile gem:

$ /opt/puppetlabs/puppet/bin/gem install inifile

Regards.

from puppet-openssl.

Facing same issue on Ubuntu 16.04.1 LTS and Puppet 4.5.3
Solved using the aforementioned way, thanks chilcano.

from puppet-openssl.

I've just reworked the code to use puppet/util/inifile: #73

Could you please test and confirm that it works?

@cjeanneret what do you think?

from puppet-openssl.

@raphink I just tested #73 on a RHEL 6 server where I was seeing this problem. At least the error is gone, but I haven't tested it further.

from puppet-openssl.

Thanks @ckaenzig. I'll wait for a few more comments from people here /cc @bgshacklett @edestecd @hdeadman @kmob @bdashrad @benedicere @chilcano @kronos-pbrideau @malaikah

from puppet-openssl.

Hi everyone, may is not what you want to do but I choose to not use inifile because it means to load a whole module just to compare some variables. So, I've replaced the inifile block-code for this:

   commonName = subjectAltName = ''
    IO.foreach(resource[:template]) do |line|
      line.chomp!
      key, value = line.split('=', 2)
      case key
      when /^([#;]|$)/; # ignore line
      when /^subjectAltName.+/; subjectAltName = value.strip()
      when /^commonName.+$/; commonName = value.strip()
      end
    end

    return false if "#{subjectAltName}".delete(' ').gsub(/^"|"$/, '') != altName.delete(' ').gsub(/^"|"$/, '').gsub('IPAddress','IP')
    return false if "#{commonName}" != cdata['CN']
    return true

from puppet-openssl.

@raphink Unfortunately, I no-longer have access to the environment where I was implementing this module. Perhaps I can get a test case going at some point. I'll report back if I do.

from puppet-openssl.

@damong it seems that would fit the initial intent, although in #73 I'm not loading an external inifile module, but puppet/util/inifile, which is already loaded in other places in Puppet anyway.

from puppet-openssl.

@bgshacklett ok, thanks for replying.

from puppet-openssl.

+1 to merging #73. Tested and it functions as expected.

Edit: On Centos 7

from puppet-openssl.

Successfully tested #73 on Centos 6.8 and PE 2016.1.2. It works as expected.

from puppet-openssl.

OK, I merged #73. I'll craft a release on Monday, unless @mcanevet has time for that

from puppet-openssl.