Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add server_puppetserver_trusted_certificate_extensions #758

Merged
merged 1 commit into from
Oct 10, 2020
Merged

Add server_puppetserver_trusted_certificate_extensions #758

merged 1 commit into from
Oct 10, 2020

Conversation

alexjfisher
Copy link
Contributor

@alexjfisher alexjfisher commented Aug 7, 2020
edited
Loading

Accepts an array of hashes to allow for more complicated setups.
Typical use would probably just be a single array element such as...

class { 'puppet':
  ...
  server_puppetserver_trusted_certificate_extensions => [{ 'pp_authorization' => 'catalog' }],
  ...
}

@alexjfisher alexjfisher force-pushed the trusted_certificate_extensions branch 2 times, most recently from 04e60aa to 0d5be00 Compare August 15, 2020 15:36
@alexjfisher alexjfisher changed the title WIP: Trusted certificate extensions Trusted certificate extensions Aug 15, 2020
@alexjfisher alexjfisher changed the title Trusted certificate extensions Add server_puppetserver_trusted_certificate_extensions Aug 15, 2020
@alexjfisher
Copy link
Contributor Author

Can this get a review? (I was messaged on Puppet Community slack today. @chadh is planning PRs in the same area).

ekohl
ekohl reviewed Oct 7, 2020
View reviewed changes
Copy link
Member

@ekohl ekohl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mostly looks good, some small improvements in the tests.

spec/classes/puppet_server_puppetserver_spec.rb Outdated Show resolved Hide resolved
spec/classes/puppet_server_puppetserver_spec.rb Show resolved Hide resolved
templates/server/puppetserver/conf.d/auth.conf.erb
Comment on lines +15 to +21
<%= scope.call_function(
'to_json_pretty',
[
{'allow' => @server_trusted_agents + ['$1'] + @server_trusted_certificate_extensions.map { |extension| { 'extensions' => extension } } }
]
).lines.to_a[1..-2].map{ |line| " #{line}"}.join
-%>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We migrated away from puppetlabs-hocon because puppetlabs-hocon because back then the support wasn't really clear. Looking at how they still update it I do wonder if we should reconsider. However, probably better to merge it now.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it'd be much easier for users to add their own configs in their profiles if it still did use puppetlabs-hocon

manifests/server.pp Outdated Show resolved Hide resolved
@alexjfisher alexjfisher force-pushed the trusted_certificate_extensions branch from 0d5be00 to f6e75c6 Compare October 9, 2020 18:59
@alexjfisher
Add server_puppetserver_trusted_certificate_extensions
d43fbee 
Accepts an array of hashes to allow for more complicated setups.
Typical use would probably just be a single array element such as...

```puppet
class { 'puppet':
  ...
  server_puppetserver_trusted_certificate_extensions => [{ 'pp_authorization' => 'catalog' }],
  ...
}
```
@alexjfisher alexjfisher force-pushed the trusted_certificate_extensions branch from f6e75c6 to d43fbee Compare October 9, 2020 19:16
@alexjfisher alexjfisher requested a review from ekohl October 10, 2020 08:49
@ekohl ekohl merged commit 51943a2 into theforeman:master Oct 10, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ekohl ekohl ekohl approved these changes

Assignees
No one assigned
Labels
Enhancement Needs testing
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@alexjfisher @ekohl @theforeman-bot