Using firewall_rule in custom resource not possible

[anewb]

Cookbook version

2.7.0

Chef-client version

14.11.21

Platform Details

Ubuntu 18.04

Scenario:

Using firewall_rule in a custom resource results in exception Chef::Exceptions::ResourceNotFound

Chef::Exceptions::ResourceNotFound
----------------------------------
Cannot find a resource matching firewall[default] (did you define it first?)

Cookbook Trace:
---------------
/var/chef/cache/cookbooks/firewall/libraries/provider_firewall_rule.rb:27:in `action_create'

Steps to Reproduce:

Create new cookbook with recipe default.rb:

fw 'Test fw' do
	action :configure
end

and resource fw.rb:

resource_name :fw

action :configure do
	firewall 'default' do
		action :install
	end

	firewall_rule 'ssh' do
		port 22
		action :create
	end
end

Add this cookbook to the runlist of a node.

Expected Result:

Firewall is installed, enabled and the rule is added.

Actual Result:

Using firewall_rule from a custom resource results in exception Chef::Exceptions::ResourceNotFound for firewall[default], error message see under Scenario.

[welcomebot]

Hey There
It looks like this is the first issue you've filed against the chef-cookbooks project. I'm here to offer you a bit of extra help to make sure we can quickly get back to you.
Make sure you've filled out all the fields in our issue template. Make sure you've provided us with the version of chef-client you're running, your operating system and the version of the cookbook. If you're not using the most up to date version of the cookbook then please make sure to update first. Lots of things change between versions even if you're issue isn't listed in the changelog. Finally please give us a detailed description of the issue you're having. The more we know about what you're trying to do, what actually happens, and how you can reproduce the problem, the better.

If you're looking for more immediate troubleshooting help make sure to check out #general on the Chef Community Slack. There's plenty of folks there willing to lend a helping hand. Thanks for the first issue. We hope we can get back to you soon with a solution.

[martinb3]

Hi there -- are you sure you're executing the firewall rule in the same run_contexts that the firewall resource might be in? This cookbook uses Chef.run_context.resource_collection.find() which should search correctly. Without seeing more of your example, I couldn't tell where you're declaring those resources, or what run context they're in.

https://github.com/chef-cookbooks/firewall/blob/master/libraries/provider_firewall_rule.rb#L27

[anewb]

Hi, i am just doing exactly what i described in 'Steps to reproduce', nothing more.
I don't know about run_context.
Every other resource i have worked with until now does not have this kind of problem, so i was wondering what was happening there. Is using resources inside other resources problematic?

[aspyatkin]

Using with_run_context inside a custom resource action declaration seems to working in Chef 14:

resource_name :myapp
...
...
action :configure do
  with_run_context :root do
    firewall_rule 'https' do
      port 443
      source '0.0.0.0/0'
      protocol :tcp
      command :allow
    end
  end
end