From ffe7e12145af9896a6bda362731851bb123285b1 Mon Sep 17 00:00:00 2001
From: Colleen Murphy <colleen.murphy@suse.de>
Date: Tue, 10 Jul 2018 20:43:25 +0200
Subject: [PATCH] Ensure firewalld package is absent, not purged

There seems to be a longstanding, inexplicably unresolved bug[1][2] in
the puppet package resource on CentOS where an uninstalled package will
repeatedly be reported as being "created" when it is not installed and
when the resource has ensure => purged. This breaks idempotency tests
and is just confusing. Setting the resource to absent instead of purge
works correctly and should be sufficient for ensuring firewalld isn't
interfering..

[1] https://projects.puppetlabs.com/issues/2833
[2] https://projects.puppetlabs.com/issues/3707

Change-Id: I702cf0130b311a5cd6786b4c4dd76fa03adbd2f7
---
 manifests/init.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index d6bab5c..0088274 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -68,7 +68,7 @@ class iptables(
           onlyif  => '/usr/bin/pgrep firewalld',
         }
         package { 'firewalld':
-          ensure  => 'purged',
+          ensure  => absent,
           require => Exec['stop-firewalld-if-running'],
           before  => Package['iptables'],
         }