How do I create new xml nodes in a given position using augeas in puppet?

Question

I'm trying to use puppet to edit the weblogic config.xml file for finalizing the SSL configuration part.

Below the starting weblogic config.xml file:

<?xml version="1.0" encoding="UTF-8"?>
<domain ...
...
<server>
  <name>AdminServer</name>
  <ssl>
    <name>AdminServer</name>
    <enabled>true</enabled>
    <listen-port>7336</listen-port>
  </ssl>

Below what I need to get:

<?xml version="1.0" encoding="UTF-8"?>
<domain ...
  ...
  <server>
    <name>AdminServer</name>
    <ssl>
      <name>AdminServer</name>
      <enabled>true</enabled>
      <hostname-verifier xsi:nil="true"></hostname-verifier>
      <hostname-verification-ignored>false</hostname-verification-ignored>
      <client-certificate-enforced>false</client-certificate-enforced>
      <listen-port>7336</listen-port>
      <two-way-ssl-enabled>true</two-way-ssl-enabled>
      <server-private-key-alias>...alias...</server-private-key-alias>
      <server-private-key-pass-phrase-encrypted>...key-pass-phrase...        </server-private-key-pass-phrase-encrypted>
    </ssl>

Below my puppet code:

augeas { "ssl_config_${instance}":
  lens    => "Xml.lns",
  require => File["${config_instance}"],
  incl    => "${config_instance}",
  changes => [
    "set domain/server/ssl/hostname-verifier/#attribute/xsi:nil true",
    "set domain/server/ssl/hostname-verification-ignored/#text false",
    "set domain/server/ssl/client-certificate-enforced/#text false",
    "set domain/server/ssl/two-way-ssl-enabled/#text true",
    "set domain/server/ssl/server-private-key-alias/#text    ${server_private_key_alias}",
    "set domain/server/ssl/server-private-key-pass-phrase-encrypted/#text ${server_private_key_pass_phrase}",
   ], 
}

Below what I get:

...
  <ssl>
    <name>AdminServer</name>
    <enabled>true</enabled>
    <listen-port>7336</listen-port>
  <hostname-verifier xsi:nil="true"></hostname-verifier>
  <hostname-verification-ignored>false</hostname-verification-ignored>
  <client-certificate-enforced>false</client-certificate-enforced>
  <two-way-ssl-enabled>true</two-way-ssl-enabled>
  <server-private-key-alias>default</server-private-key-alias>
  <server-private-key-pass-phrase-encrypted>...key-pass-phrase...
 </server-private-key-pass-phrase-encrypted>
</ssl>

as you can see the nodes are added after the last node but in this way we are invalidating the schema.

Is there any way to specify in which position the new nodes should be added ?

Thanks in advance for any feedback Regards ferp

Answer 1

You will have to use ins ... before/after ..., combined with an onlyif, which is not very practical as in general you'll need at least two resources per value you want to set (one with a set command, another with ins). There are examples like this in the documentation.