postgresql icon indicating copy to clipboard operation
postgresql copied to clipboard
verified publisher icon sous-chefs

postgresql_access resource in a custom resource always returns it is up to date, does not notify other resources

Open gregkare opened this issue 5 years ago • 4 comments

Brief Description

postgresql_access resource when used in a custom resource always returns it is up to date, does not notify other resources

Cookbook version

7.1.8

Chef-Infra Version

15.3.14

Platform details

Ubuntu 18.04

Steps To Reproduce

Steps to reproduce the behavior:

  1. Install postgresql using the postgresql_server_install resource
  2. In a custom resource, use postgresql_access resource to set up some access rights. For example:
postgresql_access "replication" do
  access_type "host"
  access_db "replication"
  access_user "replication"
  access_addr "192.168.42.25/32"
  access_method "md5"
  notifies :reload, "service[postgresql@12-main]", :immediately
end

It doesn't matter if the hba.conf file needs to be changed, the postgresql_access resource always thinks it was up to date. From a Chef run:

postgresql_access[replication] action grant (up to date)

This means that the notification isn't sent and the service is not reloaded. However on the first run the hba.conf file is updated

Expected behavior

I expect the postgresql_access resource to know when the hba.conf needs to be changed, and properly use the notifies property, allowing the PostgreSQL service to be reloaded for example.

The notification works when the postgresql_access resource is used in a recipe. This only occurs in a custom resource, like in https://github.com/chef-cookbooks/firewall/issues/134

Do you know about a workaround? I tried editing the hba.conf template with edit_resource and find_resource to add the notifies property to it but got stuck since it expects a lot of variables.

Let me know if you need more information or if you have any question

gregkare avatar May 07 '20 12:05 gregkare

Just a quick guess; but do you happen to have multiple postgresql_access resources with the name replication?

jimdaga avatar May 07 '20 15:05 jimdaga

I wonder if unified mode will fix this.. if you can drop us a full replication case here, I think I can work out a fix.

Thanks!

damacus avatar May 08 '20 20:05 damacus

I only have one postgresql_access resource with the name replication, however I created a simplified test recipe and I can't reproduce the issue.

Now I'm thinking the bug is related to using a postgresql_access resource inside of a custom resource, similar to https://github.com/chef-cookbooks/firewall/issues/134. I'm working on a replication case

gregkare avatar May 11 '20 08:05 gregkare

@damacus I have created a repo that reproduces this in Vagrant. The issue does not happen when the postgresql_access resource is used directly in a recipe, I'm updating the issue

Here is the repo: https://github.com/gregkare/pg_test

Edit: I can reproduce the issue using the latest version of Chef too, 16.0.287

gregkare avatar May 11 '20 09:05 gregkare