I am attempting to modify a puppet module for Centrify Express, which integrates against Active Directory.
I want to append users to an allowlist on a per node basis, E.G:
$centrifydc_groups_allow = ['admins', 'users']
Then in my template, do something along the lines of:
<% scope.lookupvar('centrifydc::groups_allow').each do |val| -%>
<%= val %>
<% end -%>
I'm looking for a clean consistent way of defining access profiles, and then do individual node adjustments adding more entries that should have access.
How to do this?
You have the += operator to append to arrays in puppet.
$centrifydc_groups_allow = ['admins', 'users']
$centrifydc_groups_allow += ['webusers']
Also, if you use the stdlib module, it implements many useful functions for dealing with arrays.
For example if there's a risk you could repeat yourself in the array from differents pp, you can test before appending:
$centrifydc_groups_allow = ['admins', 'users']
if member($centrifydc_groups_allow,'webusers') == false {
$centrifydc_groups_allow += ['webusers']
}
Also you have a merge function to merge arrays, which through scope_function_merge you could use it inside your template to instead of appending to an array, have a default array and a custom array rewritten for each node/type/etc.