Issue #22752 has been updated by Zachary Stern.
I'd be careful about attributing this to "zaml" per se - same problem occurs with the core ruby YAML library. ---------------------------------------- Bug #22752: Namevar over 1024 characters is not caught and results in invalid yaml with accompanying errors https://projects.puppetlabs.com/issues/22752#change-98237 * Author: Zachary Stern * Status: Investigating * Priority: Normal * Assignee: Charlie Sharpsteen * Category: zaml * Target version: * Affected Puppet version: * Keywords: customer support * Branch: ---------------------------------------- Puppet resources with namevars over 1024 characters result in the generation of invalid yaml. For example, this nonsense resource: ssh_authorized_key { 'ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff': ensure => present, user => 'root', type => 'rsa', key => 'foo', } Results in the following: [root@pe-301-master pe-301-master.puppetdebug.vlan]# puppet agent --test ... Info: Applying configuration version '1380664174' Notice: /Stage[main]//Ssh_authorized_key[ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff]/ensure: created Info: Creating state file /var/opt/lib/pe-puppet/state/state.yaml Notice: Finished catalog run in 8.37 seconds Error: Could not send report: Error 400 on SERVER: (<unknown>): could not find expected ':' while scanning a simple key at line 1314 column 5 All future runs are prevented at that point, until you remove the state.yaml file: [root@pe-301-master pe-301-master.puppetdebug.vlan]# puppet agent --test Error: Could not run Puppet configuration client: (<unknown>): could not find expected ':' while scanning a simple key at line 441 column 3 Error: Could not run: can't convert Puppet::Util::Log into Integer and then: root@pe-301-master pe-301-master.puppetdebug.vlan]# rm /var/opt/lib/pe-puppet/state/state.yaml rm: remove regular file `/var/opt/lib/pe-puppet/state/state.yaml'? y [root@pe-301-master pe-301-master.puppetdebug.vlan]# /opt/puppet/bin/puppet agent --test Info: Retrieving plugin Info: Loading facts in /opt/puppet/share/puppet/modules/stdlib/lib/facter/pe_version.rb Info: Loading facts in /opt/puppet/share/puppet/modules/stdlib/lib/facter/facter_dot_d.rb Info: Loading facts in /opt/puppet/share/puppet/modules/stdlib/lib/facter/puppet_vardir.rb Info: Loading facts in /opt/puppet/share/puppet/modules/stdlib/lib/facter/root_home.rb … Info: Caching catalog for pe-301-master.puppetdebug.vlan Info: Applying configuration version '1380664174' Info: Creating state file /var/opt/lib/pe-puppet/state/state.yaml Notice: Finished catalog run in 17.62 seconds Error: Could not send report: Error 400 on SERVER: (<unknown>): could not find expected ':' while scanning a simple key at line 1302 column 5 While obviously having a 1024+ character namevar is a bad idea, it shouldn't be SO bad that it prevents all future puppet runs from proceeding. Note: The namevar actually needs to be slightly less than 1024 chars to trigger this, since it ends up padded a bit in the yaml key, and then breaks 1024, even if the namevar itself isn't quite 1024 chars. One real-world example of this is that the pe_accounts module we supply with PE has defined types that generate ssh trusted key resources, with the ssh keys themselves as the namevars. This results in very long namevars in some cases, with the above problem. The issue is that the namevar gets set as the key of a hash in, for example, state.yaml, and the YAML spec restricts hash key length to 1024 chars. This appears to have not been enforced in Ruby 1.8.7, but is in 1.9.3, and is now affecting users. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/groups/opt_out.
