You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Affected Puppet, Ruby, OS and module versions/distributions
Puppet: 7
Module version: HEAD
What are you seeing
The Exec inside consul::reload_service never works for me. Trying to reload Consul via the Consul CLI is the most universal method, however it means a token must be in place for it to work. I use ACLs, and I will not pass any token to Puppet for security reasons.
If I were to submit a PR to optionally change the behaviour of consul::reload_service to call out to systemctl reload consul if $facts['systemd'] plus another class Boolean, would that be acceptable? It's not pretty, but it's the best I've got.
The other thing I can do is spaceship operator and override:
Exec <| title == 'reload consul service' |> {
command => 'systemctl reload consul'
}
Which is even nastier, but it'll work for me.
Output log
Notice: /Stage[main]/Consul::Reload_service/Exec[reload consul service]/returns: Error reloading: Unexpected response code: 403 (Permission denied: anonymous token lacks permission 'agent:write' on "hostname". The anonymous token is used implicitly when a request does not specify a token.)
Error: /Stage[main]/Consul::Reload_service/Exec[reload consul service]: Failed to call refresh: 'consul reload -http-addr=127.0.0.1:8500' returned 1 instead of one of [0]
Error: /Stage[main]/Consul::Reload_service/Exec[reload consul service]: 'consul reload -http-addr=127.0.0.1:8500' returned 1 instead of one of [0]
The text was updated successfully, but these errors were encountered:
Affected Puppet, Ruby, OS and module versions/distributions
What are you seeing
The Exec inside
consul::reload_servicenever works for me. Trying to reload Consul via the Consul CLI is the most universal method, however it means a token must be in place for it to work. I use ACLs, and I will not pass any token to Puppet for security reasons.If I were to submit a PR to optionally change the behaviour of
consul::reload_serviceto call out tosystemctl reload consulif$facts['systemd']plus another class Boolean, would that be acceptable? It's not pretty, but it's the best I've got.The other thing I can do is spaceship operator and override:
Which is even nastier, but it'll work for me.
Output log
The text was updated successfully, but these errors were encountered: