Skip to content
This repository has been archived by the owner on Jun 1, 2023. It is now read-only.

Enable PuppetDB SSL in dbcompiler profile #203

Merged
merged 1 commit into from
Nov 8, 2021
Merged

Enable PuppetDB SSL in dbcompiler profile #203

merged 1 commit into from
Nov 8, 2021

Conversation

Sharpie
Copy link
Member

@Sharpie Sharpie commented Nov 6, 2021

This commit updates puppet_metrics_dashboard::profile::dbcompiler::install
to pass enable_client_cert => true when configuring PuppetDB metrics.
This parameter controls whether http:// or https:// is used as the
collection scheme.

As the default port number queried is 8081, which is the SSL port, https://
must be used. Additionally, client certificates must be use to authorize
access to the /status and /metrics API endpoints due to CVE-2020-7943.

@Sharpie
Enable PuppetDB SSL in dbcompiler profile
235db8a 
This commit updates `puppet_metrics_dashboard::profile::dbcompiler::install`
to pass `enable_client_cert => true` when configuring PuppetDB metrics.
This parameter controls whether `http://` or `https://` is used as the
collection scheme.

As the default port number queried is 8081, which is the SSL port, `https://`
must be used. Additionally, client certificates must be use to authorize
access to the `/status` and `/metrics` API endpoints due to CVE-2020-7943.
@Sharpie Sharpie requested a review from a team as a code owner November 6, 2021 00:12
@puppet-community-rangefinder
Copy link

puppet_metrics_dashboard::profile::dbcompiler::install is a class

that may have no external impact to Forge modules.

This module is declared in 0 of 578 indexed public Puppetfiles.

These results were generated with Rangefinder, a tool that helps predict the downstream impact of breaking changes to elements used in Puppet modules. You can run this on the command line to get a full report.

Exact matches are those that we can positively identify via namespace and the declaring modules' metadata. Non-namespaced items, such as Puppet 3.x functions, will always be reported as near matches only.

jarretlavallee
jarretlavallee approved these changes Nov 8, 2021
View reviewed changes
Copy link
Contributor

@jarretlavallee jarretlavallee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@jarretlavallee
Copy link
Contributor

I just kicked CI since it failed in the provisioning phase.

@jarretlavallee jarretlavallee merged commit 9dab767 into puppetlabs:main Nov 8, 2021
@MartyEwings MartyEwings added the enhancement New feature or request label Feb 24, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jarretlavallee jarretlavallee jarretlavallee approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Sharpie @jarretlavallee @MartyEwings