ekohl
commented
1 month ago I fixed up my commit message (customer -> custom) and added a Fixes trailer to yours.
Closed ehelms closed 1 month ago
ekohl
commented
1 month ago I fixed up my commit message (customer -> custom) and added a Fixes trailer to yours.
Alternative to https://github.com/theforeman/puppet-certs/pull/461. This does include the tests from 461, but not the re-factorings. I wanted to have as crisp of a solution to the regression as possible. The re-factoring, which I like, we can layer on top of the fix afterward.
If you rewind to https://github.com/theforeman/puppet-certs/commit/433dadc5ec41c2477fc6a04e056ca061fd818980, prior to this change, the
caresource was used to perform the copying to the server CA in the build root. This resource had thegenerateparameter built into it. This is what prevented the current regression from happening in the old design. When deploying a foreman-proxy-content scenario in the installer, we are supplying all the certificates in the tarball. Therefore no generation needs to occur. Which we can see as the case by looking at the answers file (https://github.com/theforeman/foreman-installer/blob/develop/config/foreman-proxy-content-answers.yaml#L13C1-L14C1):I think this is the correct solution at this point in time, as it restores the prior behavior and fixes the issues (as evidenced by the reproducer tests -- thanks @ekohl).
This issue has given me some ideas on how this could be improved in upcoming releases through some re-factoring and re-design.