search

cyberark / conjur-puppet

Official Puppet module for CyberArk Conjur
https://forge.puppet.com/cyberark/conjur
Apache License 2.0
6 stars 3 forks source link

When using Puppet server-side credentials, specifying both `cert_file` and `ssl_certificate` errors out on Windows #147

Closed sgnn7 closed 4 years ago

sgnn7 commented 4 years ago

Summary

Steps to Reproduce

Steps to reproduce the behavior:

  1. Create puppet server and conjur master
  2. Configure puppet server to provide server-side credentials to a Windows node. Specify both cert_file and ssl_certificate parameters.
  3. Run agent on that Windows node

Expected Results

No errors

Actual Results (including error logs, if applicable)

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Cannot reassign variable '$ssl_certificate' (file: /etc/puppetlabs/code/environments/production/modules/conjur/manifests/init.pp, line: 15, column: 22) on node windows2016.us.cyber-ark.com

Reproducible

Version/Tag number

v2.0.3 @ this

Environment setup

Vagrant setup, Windows 2016, hardcoded class manifest details.

Additional Information

The bug makes sense since Puppet DSL apparently doesn't allow re-assignment but we do it here.

izgeri commented 4 years ago

it would be good to be clear about which value it uses in the case both are specified, too (I think this is clear in the README, no?)

sgnn7 commented 4 years ago

Yeah the docs specify that cert_file has precedence in almost all cases

sgnn7 commented 4 years ago

This bug is no longer valid as the new changes do not have the problematic code. All other cert_file functionality support is moved to issue #105. Closing.