Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-10720

Update `cadir` default to return the new location post-migration

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: PUP 7.0.0
    • Component/s: None
    • Labels:
    • Template:
    • Team:
      Froyo
    • Story Points:
      3
    • Sprint:
      Froyo 11/02/2020, Froyo - 11/09/2020
    • Release Notes:
      Not Needed
    • Release Notes Summary:
      See SERVER-2896 for release notes.
    • QA Risk Assessment:
      Needs Assessment

      Description

      In order to make the transition to the new CA dir location as seamless as possible, we want to put some special logic into the default calculation for the cadir setting in Puppet, that will make it return the new location after the CA has been migrated, and warn otherwise.

      If the setting is not configured by the user (default, use a Ruby lambda/proc):

      • and the files are in the old default spot, warn with a message that encourages users to migrate. Return the old default (/etc/puppetlabs/puppet/ssl/ca)
      • and there are no CA files (new install) or CA files in the new location, return the new location (/etc/puppetlabs/puppetserver/ca).

      If the setting is configured by the user (custom, use hook (example)):

      • and points to a location within the SSL dir, warn with a message that encourages migration
      • and points to a location outside the SSL dir, use it as-is.

        Attachments

          Activity

            People

            Assignee:
            tony.vu Tony Vu
            Reporter:
            maggie Maggie Dreyer
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Zendesk Support