add cert_file type #124
add cert_file type #124
Conversation
cert_file is a typethat may have no external impact to Forge modules. This module is declared in 2 of 576 indexed public
|
|
It needs unit tests, therefore still in draft, but open for discussion and comments. |
|
It actually fails with Puppet 5. Will the module support Puppet 5 for a long time? |
|
Rebased onto #125 |
|
I just merged #125. Could you rebase to reduce the diff please? |
|
Rebased onto master and squashed. Unfortunately, tests downloading files are unstable on travis-ci, and now breaking the build again. |
|
I think it's done now. I could run the spec test locally multiple times with stable results. It may be a good idea to restart the travis-ci build a couple of times before merging to assure it's stable. |
Co-authored-by: Raphaël Pinson <github+aem1eeshi1@raphink.net>
Co-authored-by: Raphaël Pinson <github+aem1eeshi1@raphink.net>
Co-authored-by: Raphaël Pinson <github+aem1eeshi1@raphink.net>
| return false unless Pathname.new(resource[:path]).exist? | ||
|
|
||
| debug "Checking file format #{resource[:path]}" | ||
| localcert_file = File.read(resource[:path]) |
There was a problem hiding this comment.
This is where it will fail if the path is a directory.
Errno::EISDIR: Is a directory @ io_fread - /etc
There was a problem hiding this comment.
Yes, but the agent continues.
It would log something like:
Info: Applying configuration version 'environment rev: 2021-04-30T08:44:13+02:00 c77a23b2 Tibor Répási: test'
Error: /Stage[main]/Roles_test::Cert/Cert_file[/tmp]: Could not evaluate: Is a directory @ io_fread - /tmp
Notice: /Stage[main]/Roles_test::Cert/File[/tmp/test.txt]/ensure: defined content as '{md5}65a8e27d8879283831b664bd8b7f0ad4' (corrective)
Info: Class[Roles_test::Cert]: Unscheduling all events on Class[Roles_test::Cert]
Notice: Applied catalog in 4.35 seconds
Could catch and re-throw to wrap the error, like e.g.:
Info: Applying configuration version 'environment rev: 2021-04-30T08:44:13+02:00 c77a23b2 Tibor Répási: test'
Error: /Stage[main]/Roles_test::Cert/Cert_file[/tmp]: Could not evaluate: failed to evaluate contents of the file expected at /tmp. Caused by: Is a directory @ io_fread - /tmp
Notice: /Stage[main]/Roles_test::Cert/File[/tmp/test.txt]/ensure: defined content as '{md5}65a8e27d8879283831b664bd8b7f0ad4' (corrective)
Info: Class[Roles_test::Cert]: Unscheduling all events on Class[Roles_test::Cert]
Notice: Applied catalog in 4.32 seconds
This could be a bit more expressive, but the overall behaviour wouldn't change.
There was a problem hiding this comment.
Alright, fine if Puppet continues then
A
cert_fileresource is intended to behave some similar tofile, but respecting the content as X.509 certificate. In this initial version it is able to download a certificate from a given URL and to store it in a local file in the chosen format PEM or DER.