search

theforeman / puppet-katello

Puppet module for setting Katello specific configuration. Also includes provider for manipulating with Katello resources.
GNU General Public License v3.0
14 stars 48 forks source link

Calculate the client DN for Artemis, ignoring empty values #457

Closed ehelms closed 2 years ago

ehelms commented 2 years ago

Moving the computation of the Artemis client DN into this class instead of relying on the value provided directly by classes in puppet-certs aims to solve two problems:

1) Testing at all levels of the value of the client DN 2) Adding a function to calculate the DN based on a set of values and ignoring any empty values which do not end up in the actual certificate

Additionally this removes the layers of indirection certs::candlepin::artemis_client_dn which pointed certs::foreman::client_dn and moves the calculation closer to the input as this class serves to bring another of items together to properly configure Candlepin/Artemis/Tomcat.

This aims to solve a reported BZ from Satellite where if a user customizes parts of the certificate creation process, the statically calculated client DN breaks and the Artemis connection breaks. By ignoring empty values the right DN gets provided.

Somewhere in the future, there is a path to eventually calculate this directly from the certificate and avoid even more ambiguity -- my attempts at this previously have proved difficult.

ehelms commented 2 years ago

@ekohl could I ask for a round of review on this idea?

ehelms commented 2 years ago

Currently, acceptance tests are failing due to foreman.service timing out on boot through systemd. I observed this locally and that https://github.com/theforeman/foreman-packaging/pull/8660 seemed to provide a fix.... granted that is not a complete root cause analysis but does close a gap. I could see no other obvious evidence as to why it was suddenly timing out on start yet.

ehelms commented 2 years ago

Testing the same assertion round trip, seems to fix test runs locally as well:

diff --git a/spec/acceptance/katello_spec.rb b/spec/acceptance/katello_spec.rb
index 98abe98..963422d 100644
--- a/spec/acceptance/katello_spec.rb
+++ b/spec/acceptance/katello_spec.rb
@@ -8,6 +8,8 @@ describe 'Scenario: install katello' do
       <<-PUPPET
         include katello
         include foreman::cli
+
+        package { 'rubygem-sd_notify': ensure => installed }
       PUPPET
     end
   end