Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add class to configure generating certificates #449

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

ehelms
Copy link
Member

@ehelms ehelms commented Apr 30, 2024

The intent of this class is to allow generating any number of the sets of certificates from this module in a simple way. This is also a way to work around the fact that parsing params by Kafo doesn't cleanly work on classes such as certs::apache (see #424).

@ehelms
Copy link
Member Author

ehelms commented Apr 30, 2024

See theforeman/foreman-installer#935 for example of how this is intended to be used.

Copy link
Member

@ekohl ekohl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't see this before, but I recall a long time ago that I already discussed something like this with @timogoebel. Then we talked about making it a define so you could easily declare it for multiple hosts.

In effect this is a more configurable version of certs::foreman_proxy_content.

We could even go a step further and generalize it to make certs_tar an optional parameter.

Boolean $foreman_proxy = false,
Boolean $puppet = false,
) {
if $certs::generate::apache {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can simplify all of these since the parameters are local

Suggested change
if $certs::generate::apache {
if $apache {

Comment on lines +15 to +17
let :pre_condition do
"class {'certs::generate': apache => true,}"
end
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since the subject is the class itself, you can use params instead of a precondition

Suggested change
let :pre_condition do
"class {'certs::generate': apache => true,}"
end
let :params do
{ apache: true }
end

"class {'certs::generate': apache => true,}"
end

it { should compile.with_all_deps }
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The should syntax is deprecated and we should (pun not intended) migrate to is_expected.to

Suggested change
it { should compile.with_all_deps }
it { is_expected.to compile.with_all_deps }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants