OSC / puppet-module-openondemand

0 stars 16 forks source link

Add support for mellon auth #135

Open bp85 opened 1 year ago

bp85 commented 1 year ago
bp85 commented 1 year ago

@treydock I've been using this in prod for well over an year, finally got around to push it upstream.

treydock commented 1 year ago

@bp85 Generally I don't recommend deploying things that require manual steps, that somewhat defeats the purpose of Puppet. I think one way to achieve full automation is this:

exec { '/usr/local/bin/mellon_ood_metadata.sh':
  creates => [
    "${apache::httpd_dir}/mellon/mellon.cert",
    "${apache::httpd_dir}/mellon/mellon.key",
    "${apache::httpd_dir}/mellon/mellon_metadata.xml",
  ],
  require => File['/usr/local/bin/mellon_ood_metadata.sh'],
  notify   => Class['apache::service'],
}
treydock commented 1 year ago

I also see some hardcoded paths for Mellon defaults while other places use variables from Apache module. I think all paths should be defined in init.pp , and referenced downstream in various places using maybe the mellon_merged_config variable. This helps ensure if someone changes a variable, for example in this module or Apache module, the things using that path will also reflect that change.