Ensure pulp-server package present before qpid client certs created #270
Conversation
|
Devel installs suffer from this error: |
|
Should we fix it here? This class has no knowledge of the pulp-server package and thus will fail to compile with all dependencies. Edit: of course just after I submit I remember theforeman/puppet-foreman#779 (comment) Untested alternative: Package <| name == 'pulp-server' |> -> File <| group == 'pulp' |> |
|
Maybe? I am not always sure where something should live. This class for example won't work unless the pulp group exists. Is ensuring that exists the purview of this puppet class? or somebody using this class? I think that production likely gets lucky that this works right now. |
|
Just the edits, as this current idea doesnt work: |
ehelms
force-pushed
the
ensure-pulp-server
branch
from
207f610
to
41780f8
Compare
|
Regarding design: most modules take care of placing their own files to be able to properly set the dependencies. In puppet-pulpcore we define the pulp user and group so Puppet would automatically find this. That means we can't define them again in puppet-pulp. |
|
The virtual resource idea failed with: This is likely due to nothing actually declaring this resource in the devel scenario yet? |
manifests/qpid_client.pp
Outdated
| @@ -42,27 +42,29 @@ | |||
|
|
|||
| if $deploy { | |||
|
|
|||
| Package <| name == 'pulp-server' |> -> File <| group == 'pulp' |> | |||
There was a problem hiding this comment.
Alternative suggestion:
| Package <| name == 'pulp-server' |> -> File <| group == 'pulp' |> | |
| Package <| name == 'pulp-server' |> -> Class['qpid_client'] |
ehelms
force-pushed
the
ensure-pulp-server
branch
from
41780f8
to
b26b179
Compare
|
This appears to be the crux of the problem (https://github.com/theforeman/puppet-katello/blob/master/manifests/pulp.pp#L127). We need to generate the messaging certificates before setting up Pulp, but those certificates need pulp-server package in order to have the user and group. Is there any puppet magic to help? |
There was a problem hiding this comment.
This appears to be the crux of the problem (https://github.com/theforeman/puppet-katello/blob/master/manifests/pulp.pp#L127). We need to generate the messaging certificates before setting up Pulp, but those certificates need pulp-server package in order to have the user and group.
Is there any puppet magic to help?
Usually the actual deployment of certs is done within a module and then applies the correct chaining. Since pulp contains all classes (pulp::install and pulp::service), you can't really get in between there as we've chained them now.
What we can do in the various modules is:
class { 'certs::qpid_client':
require => Class['pulp::install'],
notify => Class['pulp::service'],
}This needs to be applied in the 3 places where we call pulp: katello, foreman_proxy_content and katello_devel.
| @@ -42,27 +42,29 @@ | |||
|
|
|||
| if $deploy { | |||
|
|
|||
| Package <| name == 'pulp-server' |> -> Class['qpid_client'] | |||
There was a problem hiding this comment.
Looks like I wasn't fully awake when I made the suggestion:
| Package <| name == 'pulp-server' |> -> Class['qpid_client'] | |
| Package <| name == 'pulp-server' |> -> Class['certs::qpid_client'] |
|
I believe this has been fixed by other updates and PRs. Thanks @ekohl ! |
No description provided.