search

sous-chefs / firewall

Development repository for the firewall cookbook
https://supermarket.chef.io/cookbooks/firewall
Apache License 2.0
99 stars 150 forks source link

ImmutableAttributeModification exception #125

Closed kareiva closed 8 years ago

kareiva commented 8 years ago

Given two firewall_rule resources, when ports are defined by different types of attributes (i.e. number and array), the cookbook fails to converge. This presumably appeared in version 2.3.0 (which, in my opinion, should have been 3.0, so that it wouldn't have broken the ~> 2.0)

firewall_rule 'in1' do
  protocol :tcp
  port node['xxx']['port'] # integer
  direction :in
end

firewall_rule 'in2' do
  protocol :tcp
  port node['xxx']['port_array'] # array
  direction :in
end

.kitchen.yml:

    attributes:
      xxx:
        port_array: [11111]
        port: 22222

Result:

       Node attributes are read-only when you do not specify which precedence level to set. To set an attribute use code like `node.default["key"] = "value"'

       Cookbook Trace:
       ---------------
       /tmp/kitchen/cache/cookbooks/firewall/libraries/helpers.rb:13:in `port_to_s'
       /tmp/kitchen/cache/cookbooks/firewall/libraries/helpers_iptables.rb:37:in `build_firewall_rule'
       /tmp/kitchen/cache/cookbooks/firewall/libraries/provider_firewall_iptables.rb:84:in `block (3 levels) in <class:FirewallIptables>'
       /tmp/kitchen/cache/cookbooks/firewall/libraries/provider_firewall_iptables.rb:82:in `each'
       /tmp/kitchen/cache/cookbooks/firewall/libraries/provider_firewall_iptables.rb:82:in `block (2 levels) in <class:FirewallIptables>'
       /tmp/kitchen/cache/cookbooks/firewall/libraries/provider_firewall_iptables.rb:71:in `each'
       /tmp/kitchen/cache/cookbooks/firewall/libraries/provider_firewall_iptables.rb:71:in `block in <class:FirewallIptables>'
martinb3 commented 8 years ago

Hello! This is actually already fixed in master. Can you confirm master works for you? It's also been released as v2.5.0.

This presumably appeared in version 2.3.0 (which, in my opinion, should have been 3.0, so that it wouldn't have broken the ~> 2.0)

Non-major version releases sometimes do introduce bugs, and I feel that's what happened here (vs intentional backwards-incompatible changes); I apologize for that, and backwards compatibility has already been restored.

kareiva commented 8 years ago

It looks good now with 2.5.0, at least with the case described above. I appreciate your swiftness @martinb3 !!!