Closed laugmanuel closed 3 years ago
There is a race condition in the rake task whenever a host gets deleted during the run.
This happens if the host is part of the host list (https://github.com/dm-drogeriemarkt/foreman_vault/blob/master/lib/tasks/foreman_vault_tasks.rake#L11) but gets deleted from Foreman before the deploy of the auth method happens (https://github.com/dm-drogeriemarkt/foreman_vault/blob/master/lib/tasks/foreman_vault_tasks.rake#L14)
This results in allowed_common_names being empty which might break other hosts in Vault (because this essentially matches all hosts using that cert auth backend)
allowed_common_names
There is a race condition in the rake task whenever a host gets deleted during the run.
This happens if the host is part of the host list (https://github.com/dm-drogeriemarkt/foreman_vault/blob/master/lib/tasks/foreman_vault_tasks.rake#L11) but gets deleted from Foreman before the deploy of the auth method happens (https://github.com/dm-drogeriemarkt/foreman_vault/blob/master/lib/tasks/foreman_vault_tasks.rake#L14)
This results in
allowed_common_namesbeing empty which might break other hosts in Vault (because this essentially matches all hosts using that cert auth backend)