Skip to content
This repository has been archived by the owner on Jun 1, 2023. It is now read-only.

Allow ssl_dir to be configured via Hiera #205

Merged
merged 1 commit into from
Dec 15, 2021
Merged

Allow ssl_dir to be configured via Hiera #205

merged 1 commit into from
Dec 15, 2021

Conversation

Sharpie
Copy link
Member

@Sharpie Sharpie commented Nov 6, 2021

This commit updates the puppet_metrics_dashboard::certs defined type
by promoting the ssl_dir variable to be a parameter. The default
value remains $settings::ssldir, but can be overridden by Hiera.

This change provides users the option to work around two situations
where $settings::ssldir does not point to the right location:

  • $settings::ssldir returns the SSL directory of the Puppet Server
    or other process compiling the catalog. This is usually-but-not-always
    the same directory that the Puppet Agent applying the catalog stores
    its keypair in.

  • Bolt's bolt apply command runs a puppet apply process on remote
    targets with many major Puppet settings, such as ssldir, shifted
    into a tempdir sandbox to avoid the possibility of side-effects
    that could affect Puppet daemons.

Fixes #183

@Sharpie Sharpie requested a review from a team as a code owner November 6, 2021 00:13
@puppet-community-rangefinder
Copy link

puppet_metrics_dashboard::certs is a type

that may have no external impact to Forge modules.

This module is declared in 0 of 578 indexed public Puppetfiles.

These results were generated with Rangefinder, a tool that helps predict the downstream impact of breaking changes to elements used in Puppet modules. You can run this on the command line to get a full report.

Exact matches are those that we can positively identify via namespace and the declaring modules' metadata. Non-namespaced items, such as Puppet 3.x functions, will always be reported as near matches only.

@MartyEwings MartyEwings added the enhancement New feature or request label Dec 15, 2021
@Sharpie @m0dular
Allow ssl_dir to be configured via Hiera
4f07732 
This commit updates the `puppet_metrics_dashboard::certs` defined type
by promoting the `ssl_dir` variable to be a parameter. The default
value remains `$settings::ssldir`, but can be overridden by Hiera.

This change provides users the option to work around two situations
where `$settings::ssldir` does not point to the right location:

 - `$settings::ssldir` returns the SSL directory of the _Puppet Server_
   or other process compiling the catalog. This is usually-but-not-always
   the same directory that the Puppet Agent applying the catalog stores
   its keypair in.

 - Bolt's `bolt apply` command runs a `puppet apply` process on remote
   targets with many major Puppet settings, such as `ssldir`, shifted
   into a tempdir sandbox to avoid the possibility of side-effects
   that could affect Puppet daemons.

Fixes puppetlabs#183
@m0dular
Copy link
Contributor

m0dular commented Dec 15, 2021

Rebased since this was a bit stale, I'll let the tests run for posterity.

@m0dular
Copy link
Contributor

m0dular commented Dec 15, 2021

One GCP error for Alma, I think we're good to merge 👍

@m0dular m0dular merged commit 5db4709 into puppetlabs:main Dec 15, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jarretlavallee jarretlavallee jarretlavallee left review comments

@m0dular m0dular m0dular approved these changes

Assignees

@m0dular m0dular

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

$cert::ssldir is using the server's configuration, not the agent's
4 participants
@Sharpie @m0dular @jarretlavallee @MartyEwings