[PUP-9022] Update the `puppet cert` command to error with information about the `puppetserver ca` command Created: 2018/07/26  Updated: 2018/09/19  Resolved: 2018/09/17

Status: Closed
Project: Puppet
Component/s: None
Affects Version/s: None
Fix Version/s: PUP 6.0.0

Type: Task Priority: Normal
Reporter: Maggie Dreyer Assignee: Maggie Dreyer
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
is blocked by SERVER-1747 New CLI tools for interacting with CA Closed
relates to PUP-9155 `puppet cert` does not output helpful... Closed
relates to SERVER-2270 Allow revoking certificates by their ... Accepted
Acceptance Criteria:
  • puppet cert errors helpfully when used
Epic Link: Ruby SSL CLI
Team: Froyo
Release Notes: New Feature
Release Notes Summary: The `puppet cert` command will now error with instructions on alternative commands to use, mostly `puppetserver ca <subcommand>`. A couple of the actions (fingerprint, print) have not been directly replaced because openssl already provides good equivalents. For verifying certs, use `puppet ssl verify`.
QA Risk Assessment: Needs Assessment


The cert subcommand is by far the most heavily used of the SSL and CA related subcommands in Puppet. Therefore instead of just removing it outright in Puppet 6, we should update it to error with a helpful message about how to use the new puppetserver ca CLI to do whatever the user was trying to do with puppet cert. This will make for better UX as people transition to the new streamlined tools.

Comment by Scott Garman [ 2018/09/17 ]

Since we had a green run of CI puppet-agent 6.0.0 last night, I'm bulk-changing these issues from Ready for CI -> Resolved in preparation of the release.

Comment by Adam Bottchen [ 2018/09/19 ]

I am not seeing any errors when running `puppet cert list` on 2019.0.0-rc2-249-gc7c7b32. This ticket is marked as resolved, but has this code landed yet?

Comment by Charlie Sharpsteen [ 2018/09/19 ]

The deprecation message is only printed when puppet cert, exactly, is run. That command also produces a 0 exit code, which does not show up as an error.

Comment by Adam Bottchen [ 2018/09/19 ]

Ah, yes, my mistake. I'll see if there is another ticket for the subcommands, as I suspect that is where most customers are going to need to see this notification.

Comment by Charlie Sharpsteen [ 2018/09/19 ]

See PUP-9155 for follow-on changes.

Generated at Sat Jul 11 08:38:20 PDT 2020 using Jira 8.5.2#805002-sha1:a66f9354b9e12ac788984e5d84669c903a370049.