Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(PUP-10786) Update puppet node clean for ca-cli 2 #8445

Merged
merged 1 commit into from Nov 19, 2020
Merged

(PUP-10786) Update puppet node clean for ca-cli 2 #8445

merged 1 commit into from Nov 19, 2020

Conversation

justinstoller
Copy link
Member

Previously, the puppet node clean action called the PuppetServer CA CLI
as a library to clean certs. To do so it implemented a bridge between
the CA library's logger and Puppet's logger. That implementation only
included those methods used by the CA's clean action. However, in the
most recent version of the CA it will now also warn if the cadir is in
the legacy location (like Puppet proper does).

This patch implements the remaining API for the CA's logger (debug
and warn). It also filters out the warning from the CA library for a
cadir nested w/in the ssldir, as Puppet should have already warned about
that if needed.

@justinstoller
(PUP-10786) Update puppet node clean for ca-cli 2
8e054af 
Previously, the puppet node clean action called the PuppetServer CA CLI
as a library to clean certs. To do so it implemented a bridge between
the CA library's logger and Puppet's logger. That implementation only
included those methods used by the CA's clean action. However, in the
most recent version of the CA it will now also `warn` if the cadir is in
the legacy location (like Puppet proper does).

This patch implements the remaining API for the CA's logger (debug
and warn). It also filters out the warning from the CA library for a
cadir nested w/in the ssldir, as Puppet should have already warned about
that if needed.
@justinstoller justinstoller requested review from a team November 19, 2020 18:43
@justinstoller
Copy link
Member Author

The test is kinda wonky for a unit test because the warning depends on the state of the system running the test (unless we heavily refactor the CA library and the face). However, I tested locally that the unit test fails properly w/o the change and passes with the change with both an existing ~/.puppetlabs/etc/puppet/ssl/ca and not.

@Magisus Magisus merged commit 8bf64bb into puppetlabs:main Nov 19, 2020
@justinstoller justinstoller deleted the pup10786 branch November 19, 2020 21:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Magisus Magisus Magisus approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@justinstoller @Magisus