`purge_inputs => true` leaves artifacts in `inputs.conf`

[oniGino]

Affected Puppet, Ruby, OS and module versions/distributions

• Puppet: 7.2
• Ruby: 2
• Distribution: centos 7
• Module version: 9.0.0

How to reproduce (e.g Puppet code you use)

1. Create a @splunkforwarder_input entry for a file
2. remove that entry

What are you seeing

[section] will be left behind but its content will be removed example

index=ops_metrics
ignoreOlderThan=4d
blacklist=\.([0-9]|gz)$

[monitor:///opt/acton/var/log/streamer/streamer.log] <--- WE DO NOT WANT THIS

[monitor:///opt/acton/classic_core/*.log]
sourcetype=cc_ext_mon_logs

What behaviour did you expect instead

we are running

  class { '::splunk::forwarder':
         purge_inputs    => true,
         purge_outputs   => true
}

Should remove all inputs not defined

[oniGino]

After looking through the code I think the issue might be inside ini_settings module, where it appears to not return any value when it encounters an empty section on scan, I'm not sure the best way to fix this issue

[jeffbyrnes]

We at @athenahealth have run into something similar, but with outputs.conf. We’re gonna see about sprucing this all up, since we need the functionality to work as intended.

[siegy22]

One could argue that it's impossible to even set a section without any values with this module respectively with puppetlabs-inifile, so it does make sense that it doesn't get picked up when removing. So I'm assuming you already had a config running and then started to manage that with Puppet? Or added some inputs by hand?

So there's multiple workarounds:

Setting a value temporarily via puppet:

Apply this first:

@splunkforwarder_input { 'temp':
  section => 'monitor:///opt/acton/var/log/streamer/streamer.log',
  setting => 'temp',
  value   => 'to_delete',
}

Then remove the @splunkforwarder_input resource and run puppet again.

Using file_line

See https://forge.puppet.com/modules/puppetlabs/stdlib/4.9.1/types to remove the given section.