-
Notifications
You must be signed in to change notification settings - Fork 228
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add puppet8 certificate renewal endpoint. #905
Conversation
256e2e4
to
70f9dbf
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about the compatibility for older Puppet versions? Is this option available in Puppet 7?
allow-auto-renewal: <%= @server_ca_allow_auto_renewal %> | ||
# This value determines the lifetime of the cert if auto-renewal is enabled | ||
auto-renewal-cert-ttl: <%= @server_ca_allow_auto_renewal_cert_ttl %> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These values are not known in the scope, so they don't get replaced. That causes the build to fail:
CI failures are related:
Dec 28 19:30:38 centos9-64-puppet8.example.com puppetserver[2140]: /etc/puppetlabs/puppetserver/conf.d/ca.conf: 14: Expecting close brace } or a comma, got ':' (if you intended ':' to be part of a key or string value, try enclosing the key or value in double quotes)
You need to add them to puppet::server
(and further) as well.
70f9dbf
to
ac3c426
Compare
Hmmmm, that endpoint doesn't appear to work with puppet7. Is the |
We used to have |
ac3c426
to
62d076b
Compare
0ff35a6
to
d5b736d
Compare
From https://www.puppet.com/docs/puppet/8/server/http_certificate_renew Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
d5b736d
to
52d57e5
Compare
Co-authored-by: Ewoud Kohl van Wijngaarden <ewoud@kohlvanwijngaarden.nl>
Co-authored-by: Ewoud Kohl van Wijngaarden <ewoud@kohlvanwijngaarden.nl>
From https://www.puppet.com/docs/puppet/8/server/http_certificate_renew