Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move certname configuration to [main] #680

Closed
baurmatt opened this issue Feb 13, 2019 · 4 comments
Closed

Move certname configuration to [main] #680

baurmatt opened this issue Feb 13, 2019 · 4 comments
Labels
skip-changelog

Comments

@baurmatt
Copy link
Contributor

Affected Puppet, Ruby, OS and module versions/distributions

  • Puppet: All?
  • Ruby: All?
  • Distribution: All?
  • Module version: Current master

How to reproduce (e.g Puppet code you use)

This is more of an Puppet problem, but I think we should solve it in this modules so other do not stumble over it...

root@3ca798133bc2:~# cat /etc/puppetlabs/puppet/puppet.conf
[agent]
certname = test
root@3ca798133bc2:~# puppet config print hostcert
/etc/puppetlabs/puppet/ssl/certs/3ca798133bc2.syseleven.net.pem
root@3ca798133bc2:~# sed -i 's,agent,main,' /etc/puppetlabs/puppet/puppet.conf
root@3ca798133bc2:~# puppet config print hostcert
/etc/puppetlabs/puppet/ssl/certs/test.pem

Conclusion: Puppet doesn't properly resolve the configured values which might lead to errors with config parameters depending on others.

The easiest solution seems to be putting certname in [main]. This is also what the documentation shows as examples --> https://puppet.com/docs/puppet/5.4/config_file_main.html

What are you seeing

See above.

What behaviour did you expect instead

Puppet would correctly determine the value of config parameters depending on $certname

Output log

Any additional information you'd like to impart
@baurmatt
Copy link
Contributor Author

I would suggest doing this:

diff --git a/manifests/agent/config.pp b/manifests/agent/config.pp
index f9b12d2..a25a3e5 100644
--- a/manifests/agent/config.pp
+++ b/manifests/agent/config.pp
@@ -32,7 +32,7 @@ class puppet::agent::config inherits puppet::config {
     }
   }
   if $::puppet::client_certname {
-    puppet::config::agent {
+    puppet::config::main {
       'certname':        value => $::puppet::client_certname;
     }
   }

If you're ok with it, I'm happy to provide a PR.

@ekohl
Copy link
Member

ekohl commented Feb 13, 2019

While I agree putting it in main makes more sense, I would say doing this in manifests/config.pp feels more natural since there we configure the main section.

@baurmatt
Copy link
Contributor Author

Ha, yeah that makes more sense! :) Are you ok with keeping the name $client_certname and moving the option into puppet::config?

@ekohl
Copy link
Member

ekohl commented Feb 13, 2019

I did think about that and there's no better name IMHO since $certname is already reserved. It'd also make this a non-breaking change which I always like.

baurmatt added a commit to syseleven/puppet-puppet that referenced this issue Feb 13, 2019
@baurmatt
Move client_certname to [main]
b33823b 
This is needed to ensure all Puppet subcommands can properly use it.

Fixes #theforemanGH-680.
@baurmatt baurmatt mentioned this issue Feb 13, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
skip-changelog
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ekohl @baurmatt