[PUP-10720] Update `cadir` default to return the new location post-migration - Puppet Jira Server

XML

Word

Printable

Details

Type: Task
Status: Resolved
Priority: Normal
Resolution: Fixed
Affects Version/s: None
Fix Version/s: PUP 7.0.0
Component/s: None
Labels:
- doc_reviewed

Epic Link:
Puppet 7 Server
Team:
Froyo
Story Points:
3
Sprint:
Froyo 11/02/2020, Froyo - 11/09/2020

Release Notes:
Not Needed
Release Notes Summary:
See ~~SERVER-2896~~ for release notes.

QA Risk Assessment:
Needs Assessment

Description

In order to make the transition to the new CA dir location as seamless as possible, we want to put some special logic into the default calculation for the cadir setting in Puppet, that will make it return the new location after the CA has been migrated, and warn otherwise.

If the setting is not configured by the user (default, use a Ruby lambda/proc):

and the files are in the old default spot, warn with a message that encourages users to migrate. Return the old default (/etc/puppetlabs/puppet/ssl/ca)
and there are no CA files (new install) or CA files in the new location, return the new location (/etc/puppetlabs/puppetserver/ca).

If the setting is configured by the user (custom, use hook (example)):

and points to a location within the SSL dir, warn with a message that encourages migration
and points to a location outside the SSL dir, use it as-is.

Attachments

Activity

People

Assignee:: Tony Vu

Reporter:: Maggie Dreyer

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2020/10/15 4:00 PM

Updated:: 2020/11/09 9:21 AM

Resolved:: 2020/11/05 1:20 AM