On Thu, 25 Jun 2009, Todd Zullinger wrote: > Mike McGrath wrote: > > I'll take a look at this tomorrow, we've got a git check in there > > now that does a syntax and notify. I think the only reason it > > prevents commits is because I didn't know how to do that :) so all > > it does is throw errors. > > That's in syncPuppetMaster.sh, called from the post-update hook, > right? By then, there is no chance to deny the push, as the refs have > been updated by git. :) > > > Here's the only got'cha. We mix a private and public repo together. > > IE: in our public repo we reference $someDbPassword, and then in the > > private repo we create that password. The only time they're > > together is after a push has happened. Does this account for that? > > Does that problem not even exist anymore? > > Using the code for the update hook in my previous mail, I don't think > is should be a problem. That should only check the files that are > being modified by the push for syntax errors. Puppet is called with > --parseonly and --ignoreimport. That should prevent problems caused > by a manifest in puppet relying on something in private. Of course, > testing it on a manifest that uses a variable define in private would > be a good idea. :) > > Keeping the syntax check in syncPuppetMaster.sh is probably a good > backup, as it might catch things that the check on individual .pp > files misses. > Works for me, patch seems resonable (if it does work like it seems it should :) Ping me on irc and we'll get this in and ready and tested. -Mike _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
