Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove deploy via provider #426

Merged
merged 1 commit into from
May 3, 2024

Conversation

ehelms
Copy link
Member

@ehelms ehelms commented Sep 26, 2023

This includes commits that are in existing PRs, and is working towards this change with small incremental updates.

@ehelms ehelms force-pushed the remove-deploy-via-provider branch from 7892a82 to 8d7e10c Compare January 23, 2024 02:12
@ehelms ehelms marked this pull request as ready for review January 23, 2024 02:14
@ehelms ehelms force-pushed the remove-deploy-via-provider branch from 8d7e10c to 28ce97d Compare February 21, 2024 18:47
@ehelms ehelms force-pushed the remove-deploy-via-provider branch from 28ce97d to 70fb403 Compare March 21, 2024 12:20
Copy link
Member

@ekohl ekohl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not a complete review, but one thing that jumped out.

manifests/apache.pp Outdated Show resolved Hide resolved
@ehelms
Copy link
Member Author

ehelms commented Mar 25, 2024

This includes #420 which I would like to have in first.

@ehelms ehelms force-pushed the remove-deploy-via-provider branch from 70fb403 to 907bee7 Compare April 23, 2024 12:46
@ehelms
Copy link
Member Author

ehelms commented Apr 23, 2024

Well, this is annoying, the acceptance tests come out differently on EL9 due to spacing:

      Failure/Error: its(:issuer) { should eq("C = US, ST = North Carolina, L = Raleigh, O = Katello, OU = SomeOrgUnit, CN = #{fqdn}") }
        
        expected: "C = US, ST = North Carolina, L = Raleigh, O = Katello, OU = SomeOrgUnit, CN = centos9-64.example.com"
             got: "C=US, ST=North Carolina, L=Raleigh, O=Katello, OU=SomeOrgUnit, CN=centos9-64.example.com"

@evgeni
Copy link
Member

evgeni commented Apr 23, 2024

I could swear we have this issue somewhere else too and somehow made it work.

Katello certs tools?

@ehelms
Copy link
Member Author

ehelms commented Apr 23, 2024

I could swear we have this issue somewhere else too and somehow made it work.

Katello certs tools?

I couldn't find anything. One option is to update serverspec project to use a standardized output when printing the subject or issuer with -nameopt oneline. Means we will have to wait and hope for a release.

Another option is to create our own matcher instead of eq to match and not care about the output style and rather care about the content.

Third option is to use command and have contorl over it:

describe command('openssl x509 -noout -text -in <cert> -nameopt oneline') do
  its(:stdout) {}
end

A fourth option is to carry a patch here in this repo to these two functions https://github.com/mizzy/serverspec/blob/master/lib/serverspec/type/x509_certificate.rb#L9-L15

@evgeni
Copy link
Member

evgeni commented Apr 23, 2024

Would its(:issuer).gsub(' ', '').to eq("blah") work?

@ehelms
Copy link
Member Author

ehelms commented Apr 23, 2024

Would its(:issuer).gsub(' ', '').to eq("blah") work?

This is the winner https://github.com/theforeman/puppet-certs/blob/master/spec/support/acceptance/matchers/match_without_whitespace.rb

@ehelms
Copy link
Member Author

ehelms commented Apr 23, 2024

This is should fix it up #443

@ehelms ehelms force-pushed the remove-deploy-via-provider branch from 907bee7 to 17d76dc Compare April 23, 2024 17:33
@ehelms
Copy link
Member Author

ehelms commented Apr 23, 2024

This is rebased and tests updated. This does two things effectively:

  • Removes the ability to deploy certificates through the provider that generates them
  • Removes creation of the RPMs from katello-certs-tool that are no longer used for any part of the process

I think further re-factoring can come after this. My goal is to first remove the RPM aspect as cleanly as I can.

@evgeni
Copy link
Member

evgeni commented Apr 24, 2024

Puppet providers are really not my domain, but I posted a few comments ;-)

@ehelms ehelms force-pushed the remove-deploy-via-provider branch from 17d76dc to f959adb Compare April 29, 2024 14:17
@ehelms
Copy link
Member Author

ehelms commented Apr 29, 2024

Puppet providers are really not my domain, but I posted a few comments ;-)

Appreciated - they helped me clean the code up.

@ehelms ehelms merged commit 91651c5 into theforeman:master May 3, 2024
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants