Initial failure to autoload puppet_x/puppetlabs/firewall/ipcidr

[smoeding]

Describe the Bug

After upgrading the firewall module to 7.x I have repeatable errors during the first runs of the Puppet Agent.

Everytime I restart the Puppetserver I have two runs of the Puppet Agent that fail and the third and all subsequent runs will be successful. No other settings are changed during that time.

Expected Behavior

The two first runs should also be successful.

Steps to Reproduce

I first lines of my site.pp look like this:

# site.pp --- Main Puppet manifest

# Firewall
firewallchain { 'FOO:filter:IPv4':
  ensure => present,
}

firewall { '200 foo':
  chain  => 'FOO',
  jump   => 'accept',
}

I restart the Puppetserver and run the Agent three times in a row on a client:

# puppet agent -t ; puppet agent -t ; puppet agent -t
Info: Refreshing CA certificate
Info: CA certificate is unmodified, using existing CA certificate
Info: Refreshing CRL
Info: CRL is unmodified, using existing CRL
Info: Using environment 'development'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Could not autoload puppet/type/firewallchain: Could not autoload puppet/provider/firewallchain/firewallchain: no such file to load -- puppet_x/puppetlabs/firewall/ipcidr (file: /etc/puppetlabs/code/developments/development/manifests/site.pp, line: 4, column: 1) on node atlantia.local
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Info: Refreshing CA certificate
Info: CA certificate is unmodified, using existing CA certificate
Info: Refreshing CRL
Info: CRL is unmodified, using existing CRL
Info: Using environment 'development'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Could not autoload puppet/type/firewall: Could not autoload puppet/provider/firewall/firewall: no such file to load -- puppet_x/puppetlabs/firewall/ipcidr (file: /etc/puppetlabs/code/developments/development/manifests/site.pp, line: 8, column: 1) on node atlantia.local
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Info: Refreshing CA certificate
Info: CA certificate is unmodified, using existing CA certificate
Info: Refreshing CRL
Info: CRL is unmodified, using existing CRL
Info: Using environment 'development'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Info: Caching catalog for atlantia.local
Info: Applying configuration version '1696071749'
Notice: Applied catalog in 31.10 seconds

Notice that during the first run the firewallchain resource has a problem and during the second run the firewall resource causes the failure. The third run has no problems at all.

It looks like a require for ipcidr.rb fails even though the file is really there. It's very strange that this only seems to happen once for every type.

Environment

• puppet-agent 8.2.0-1bullseye
• puppetserver 8.2.1-1bullseye
• Platform Debian-11 Bullseye

[smoeding]

The problem still exists after upgrading to the latest Puppetserver 8.2.3-1bullseye release.

[oscar-vlugt]

Still happens in 8.3.0 for bullseye on Puppetserver and 8.3.1 bullseye for Puppet agent. Anyone found a solution yet?

[redrac]

Related to: #1162