I am using the 'digest' copy method for all file copy promises, because of the way we package and deploy software, I cant rely on mtime for the criteria for updating files. For various reasons, I am not employing the client-server approach with a central configuration server: rather we package and deploy our entire configuration module to each server, so from cf-engine's perspective, the source and target are local on the server it is running.
The problem I am having with this approach is that the source will always update the target when they differ - which is what I want most of the time, usually because the source has been updated.
However, like many other cfengine users, we are running an operational environment, where occasionally emergency fixes have to be applied immediately - meaning we don't have time to rebuild and redeploy a configuration module, and the fix will often be applied by deploying a tarball with specific changes. Of course this is problematic if cf-engine comes along 5 mintues later and reverts the changes.
What we would like is to be able to make small, incremental changes to our servers, without them being reverted, until the next deployment cycle at which time the new source files would be copied. We do not consider random file corruption or mistaken changes to involve enough risk to warrant having cfengine constantly revert deployments to their source copy - the ability to deploy emergency fixes and have them stay that way until the next deployment would be of much greater value and utility.
So, after all that, my question is this: is cf-engine capable of detecting whether it was the source or target that changed when the files differ, and if so, is their a way to use the 'digest' copy method but only if the source side changed? I am very open to other ideas and approaches as-well, as I am still quite new to this whole configuration management thing.
The only way to know if it was source or target that changed is to use a time stamp, which cfengine does nicely. Maybe you are overthinking this. In general I think either you let cfengine manage or you do it by hand. Looking for a middle way lacks discipline and you will soon end up making a mistake. I would just go with the automation.
Why not put your configuration in version control, updating it instead of overwriting? Instead of copyfiles,
or
The revision control tool will handle local changes for you until you get a chance to commit and push them back to the central repository.