Unable to get correct key/value pair from a Map Function - Puppet

Question

I am getting the following error in my puppet catalog.

/Stage[main]/Scconfig::Genetecauthrole/Dsc[COSCRole-GenetecAuthRole]: Could not evaluate: unsupported type NilClass of value ''

Below is the Json .

"authrole":
    {
        "genetecauth_role":
        {
            "Id" : "526b3508-dc4b-49fe-a651-ec877b93f7b9",
            "Name" : "SCaaSAuthRole",
            "Partition" : "Root",
            "PrimaryServer" : "%{facts.securitycenterserverguid}",
            "Type" : "AuthRole",
            "RoleSubtype" : "aaccf493-6b59-4aac-8ae2-3682d34fdff5",
            "UseTables" : false,
            "Enabled" : "True",
            "InstanceCount" : 1,
            "roleproperties":
            [
                {
                    "roleproperty":"GroupClaimType",
                    "propertyvalue":"groups"
                },
                {
                    "roleproperty":"UsernameClaimType",
                    "propertyvalue":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"
                },
                {
                    "roleproperty":"GroupNamesFormat",
                    "propertyvalue":"Unspecified"
                },
                {
                    "roleproperty":"IssuerName",
                    "propertyvalue":"https://login.microsoftonline.com/7ba8l2qb-4660-4a19-802e-8d015a17e167/v2.0/.well-known/openid-configuration"
                },
                {
                    "roleproperty":"ClientId",
                    "propertyvalue":"55622248-fb88-4034-9194-cd097db869a2"
                },
                {
                    "roleproperty":"Group",
                    "propertyvalue":"ApplicationGroup"
                },
                {
                    "roleproperty":"AcceptedDomainNames",
                    "propertyvalue":"somedomain.COM"
                },
                {
                    "roleproperty":"ExtraScopes",
                    "propertyvalue":"api://5562ce48-fb88-4224-9194-cd097db869a2/userread"
                }
            ]   
        }
    }

I tested my function the following way

function scconfig::normalizedroleproperties(String $lookupkey) >> Hash{
      info("Looking up value for ${lookupkey}")

      #$stringsplit = "${lookupkey}.roleproperties"

      $finddata= lookup($lookupkey)
      $data = $finddata['roleproperties']
      # $json = parsejson($hash)
      # $data = $json["${lookupkey}"]['roleproperties']
      $transformed_data = $data.map |$key, $value| {
            $temp = $value.map |$key2, $value2| {
                  if $key2 == 'roleproperty' {
                        {'key' => $value2}
                  }elsif $key2 =='propertyvalue'{
                        {'value' => $value2}
                  }
            }

            merge($temp[0],$temp[1])
      }

      return $transformed_data
}

My test is shown below:

function scconfig::normalizedroleproperties() >> Hash{
      $hash = file('C:\\users\\cloudadmin\\Desktop\\Roles.json')
      $json = parsejson($hash)
      $data = $json['authrole']['genetecauth_roleproperties']
      $temp = $data.map |$key, $value| {
            $temp = $value.map |$key2, $value2| {
              if $key2 == 'roleproperty' {
                      {'key' => $value2}
              }elsif $key2 =='propertyvalue'{
                      {'value' => $value2}
              }
            }
            merge($temp[0],$temp[1])
      }
      $transformed_data = $temp
      return $transformed_data
}
$test = scconfig::normalizedroleproperties()
info("The outcome is: ${test}")

Result :

The outcome is: [{key => GroupClaimType, value => groups}, {key => UsernameClaimType, value => http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn}, {key => GroupNamesFormat, value => Unspecified}, {key => IssuerName, value => https://login.microsoftonline.com/7ba8d2ui-4660-4a19-802e-7d015a17e167/v2.0/.well-known/openid-configuration}, {key => ClientId, value => 6662cb48-fb88-4034-9194-cd097db869a2}, {key => Group, value => ApplicationGroup}, {key => AcceptedDomainNames, value => somedomain.COM}, {key => ExtraScopes, value => api://5562cb48-fb88-40680-9194-cd097db869a2/userread}]

Below is my DSC resource

class scconfig::gcauthrole {
        require Class['scconfig::coserveradmin']
        # Get DSC Module dependencies to use dsc-lite
        $module = osconfig::getdscmodule()

        # Add Genetec Authentication role to security center
        #test
        $properties = lookup('authrole.genetecauth_role')
        # $data = $properties['roleproperties']
        # # $json = parsejson($hash)
        # # $data = $json["${lookupkey}"]['roleproperties']
        # $transformed_data = $data.map |$key, $value| {
        #         $temp = $value.map |$key2, $value2| {
        #                 if $key2 == 'roleproperty' {
        #                         {'key' => $value2}
        #                 }elsif $key2 =='propertyvalue'{
        #                         {'value' => $value2}
        #                 }
        #         }

        #         merge($temp[0],$temp[1])
        # }
        #$roleproperties = lookup('authrole.genetecauth_roleproperties')
        dsc{'COSCRole-GAuthRole':
                resource_name => 'COSCRole',
                module        => $module,
                #properties    => $properties,
                properties    => {
                                        id             => $properties['Id'],
                                        name           => $properties['Name'],
                                        partition      => $properties['Partition'],
                                        primaryserver  => $properties['PrimaryServer'],
                                        type           => $properties['Type'],
                                        rolesubtype    => $properties['RoleSubType'],
                                        usetables      => $properties['UseTables'],
                                        enabled        => $properties['Enabled'],
                                        instancecount  => $properties['InstanceCount'],
                                        roleproperties => {
                                                'dsc_type'       => 'MSFT_KeyValuePair[]',
                                                #'dsc_properties' => $transformed_data,
                                                'dsc_properties' => scconfig::normalizedroleproperties('authrole.genetecauth_role'),
                                        },
                },
        }
}

However, when I feed the function to my dsc resource I get the above error. I think there is something I am doing in my function which is causing the problem. It is most likey something very simple but I can't seem to find out. Any help would be appreciated.

The error message implies that nothing was returned by the `lookup` function. You may want to do some debugging for your Hiera config and data to determine why no value is being returned there. — Matthew Schuchard, Apr 15 '22 at 15:52
Hiera is tough to debug, and nested loops make it harder. Have you tried validating the path to your data as JSON or YAML? Your Hiera data validates as YAML in IRB, but the path seems to be `parsed_yaml.dig "authrole", "genetecauth_role", "roleproperties"` to get an Array of "roleproperty" hashes. — Todd A. Jacobs, Apr 15 '22 at 18:52
The diagnostic implicates a resource declared by class `scconfig::genetecauthrole`. You have instead presented class `scconfig::gcauthrole`. You have not presented the implementation of the Dsc resource type at all. And is that `scconfig::normalizedroleproperties()` function relevant? I'm having trouble spotting where it is used in the code presented. — John Bollinger, Apr 17 '22 at 12:01
@ToddA.Jacobs I tried the following command on puppet server. sudo /opt/puppetlabs/bin/puppet lookup --node dev-302885-01a.gsc-cloud.prod.puppet --environment CODEV_165 authrole.genetecauth_role . I am getting the output as shown below. — tafz, Apr 19 '22 at 12:21
InstanceCount: 1 roleproperties: - roleproperty: GroupClaimType propertyvalue: groups - roleproperty: UsernameClaimType propertyvalue: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn - roleproperty: GroupNamesFormat propertyvalue: Unspecified - roleproperty: IssuerName propertyvalue: https://login.microsoftonline.com/7ba8d2fb-4660-4a19-802e-4d015a17e167/v2.0/.well-known/openid-configuration - roleproperty: ClientId propertyvalue: 5562cb48-fb88-4034-9194-cd097db869a2 - roleproperty: Group propertyvalue: ApplicationGroup — tafz, Apr 19 '22 at 12:25

Unable to get correct key/value pair from a Map Function - Puppet

0 Answers0