Some types, specifically the resources type, will call Firewall
instances and then use generate to build and add to the catalog firewall
resources very early in a Puppet run. Later, those resources might be
removed as a side effect of another action, such as shutting down the
firewalld service.
Prior to this commit, Puppet would try to delete firewall resources
which were already absent, and throw an error. This commit adds an
exception catcher which will check to see if the rule being removed is
absent, and if so, consider the change a success even if the firewall
command failed. It will adjust the change message to reflect the
uncertainty over how the rule was removed, though it was verified
removed.
Code Review / puppet-modules / puppetlabs-firewall.git / commit