-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable source to support puppet file server #6
Comments
We always convert the source to a URI (even for local files) so we can easily use the URI class to check the scheme. While this is not very useful right now, it can be used to handle some URLs (like `puppet://`) differently in the future.
In some situations it is desireable to use your puppet master as a central resource for gpg keys. Since rpm does not support `puppet://` URLs you'd have to make sure that you install the key with a seperate `file` resource. To solve this, check the `source` before runnig `rpm --import`: * if source is an absolute path, use it directly for `rpm --import` * if source is a file:// resource, convert the source to a local path and use this for `rpm --import` * if source is a `puppet://` URL and puppet runs locally (via puppet apply), get the local path to the file and use that `rpm --import` * if source is a `puppet://` URL and puppet runs as an agent, write the remote content to a temporary file and use the path to the temporary file for `rpm --import` * if source is anything else (e.g. a `http://` link) pass it directly to `rpm --import` and hope `rpm` can handle it directly.
I tried to implement that today and did a few successful tests. The code can be found here: https://github.com/stschulte/puppet-rpmkey/tree/source_puppet_fileserver
|
I'm not sure if its the changes for #6 which created these errors but it seems that with a Puppet Client agent version 3.3.1 (we tested with this version) we got errors with the RPMkey provider that was unable to use the ruby function "Puppet::Network::HTTP::API::V1.indirection2uri(req)" I am not entirely sure when it is added to Puppet but the module works well with our nodes running 3.7.5. |
Hi Stefan, I'm sorry for the delay, I finally got around to testing it, and it works great:
Puppet config:
Thanks |
@stschulte |
@OrangeCrush the problem here is that this is basically a rip-off the code I found for the file resource with two problems
Since I want to ship a module that works on the versions I claim to support, and I consider the problem itself to be a minor one (you can resort to an additional file resource and place your keys on a server that is accessable via http) I do not plan to merge the code. One possiblity though is to mark this feature explicitly as "experimental". But not breaking anyones code is really important for me. |
I did end up implementing a solution using the file resource + http server approach. Thanks again for the module! |
Would you please put in a pull request so that this can be slipstreamed into the master branch? Also, an update a PuppetForge would be great! I use this functionality (source=>"puppet:///") and when I moved to a new puppet master the functionality was gone because it's not in MASTER. |
Would you please slipstream the source_puppet_fileserver into the master and update the Puppet forge? |
Hello,
Not all servers that I manage have access to internet so it would be useful for the module to get the keys from the puppet file server, such as follow:
As a workaround, I store the keys in a temporary folder on the client, and source it locally:
And thank you for work.
Thank you
Thomas
The text was updated successfully, but these errors were encountered: