Skip to content

Commit

Permalink
Externalize answer defaults
Browse files Browse the repository at this point in the history
This moves all non-default options into the Hiera layer. Since Kafo 3.0
this works and is supported. It also means --reset-$option loads the
installer default rather than the Puppet default.
  • Loading branch information
ekohl committed Aug 27, 2021
1 parent 0493a2f commit faecabf
Show file tree
Hide file tree
Showing 33 changed files with 85 additions and 103 deletions.
10 changes: 3 additions & 7 deletions config/foreman-answers.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
#
# See params.pp in each class for what options are available
---
foreman: {}
foreman: true
foreman::cli: true
foreman::cli::ansible: false
foreman::cli::azure: false
Expand Down Expand Up @@ -57,7 +57,7 @@ foreman::plugin::statistics: false
foreman::plugin::tasks: false
foreman::plugin::templates: false
foreman::plugin::webhooks: false
foreman_proxy: {}
foreman_proxy: true
foreman_proxy::plugin::acd: false
foreman_proxy::plugin::ansible: false
foreman_proxy::plugin::chef: false
Expand All @@ -73,8 +73,4 @@ foreman_proxy::plugin::openscap: false
foreman_proxy::plugin::remote_execution::ssh: false
foreman_proxy::plugin::salt: false
foreman_proxy::plugin::shellhooks: false
puppet:
server: true
server_jvm_extra_args:
- "-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"
- "-XX:ReservedCodeCacheSize=512m"
puppet: true
1 change: 1 addition & 0 deletions config/foreman-hiera.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ hierarchy:
- name: "Built in"
paths:
- "scenario/%{facts.kafo.scenario.id}/family/%{facts.os.family}-%{facts.os.release.major}.yaml"
- "scenario/%{facts.kafo.scenario.id}/defaults.yaml"
- "family/%{facts.os.family}-%{facts.os.release.major}.yaml"
- "family/%{facts.os.family}.yaml"
- "security.yaml"
Expand Down
27 changes: 4 additions & 23 deletions config/foreman-proxy-content-answers.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,21 +9,9 @@
#
# See params.pp in each class for what options are available
---
certs:
generate: false
foreman_proxy_content:
pulpcore_mirror: true
foreman_proxy:
foreman_ssl_ca: /etc/foreman-proxy/foreman_ssl_ca.pem
foreman_ssl_cert: /etc/foreman-proxy/foreman_ssl_cert.pem
foreman_ssl_key: /etc/foreman-proxy/foreman_ssl_key.pem
http: true
manage_puppet_group: false
ssl_ca: /etc/foreman-proxy/ssl_ca.pem
ssl_cert: /etc/foreman-proxy/ssl_cert.pem
ssl_key: /etc/foreman-proxy/ssl_key.pem
ssl_port: '9090'
templates: true
certs: true
foreman_proxy_content: {}
foreman_proxy: true
foreman_proxy::plugin::acd: false
foreman_proxy::plugin::ansible: false
foreman_proxy::plugin::dhcp::infoblox: false
Expand All @@ -33,11 +21,4 @@ foreman_proxy::plugin::dns::infoblox: false
foreman_proxy::plugin::openscap: false
foreman_proxy::plugin::remote_execution::ssh: false
foreman_proxy::plugin::shellhooks: false
puppet:
server: true
server_foreman_ssl_ca: /etc/pki/katello/puppet/puppet_client_ca.crt
server_foreman_ssl_cert: /etc/pki/katello/puppet/puppet_client.crt
server_foreman_ssl_key: /etc/pki/katello/puppet/puppet_client.key
server_jvm_extra_args:
- "-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"
- "-XX:ReservedCodeCacheSize=512m"
puppet: true
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
if answers['foreman_proxy']
if answers['foreman_proxy'].is_a?(Hash)
answers['foreman_proxy']['use_autosignfile'] = true
if answers['foreman_proxy'].key?('puppetdir')
puppetdir = answers['foreman_proxy']['puppetdir']
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
if answers['foreman_proxy_content'].is_a?(Hash)
enabled = answers['puppet'].is_a?(Hash) && answers['puppet']['server'] != false && answers['puppet']['server_foreman'] != false
enabled = answers['puppet'] == true || (answers['puppet'].is_a?(Hash) && answers['puppet']['server'] != false && answers['puppet']['server_foreman'] != false)
answers['foreman_proxy_content']['puppet'] = false unless enabled
end

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,6 @@
end
end

if (mod_answers = answers['foreman_proxy'])
if (mod_answers = answers['foreman_proxy']) && mod_answers.is_a?(Hash)
mod_answers['dhcp_gateway'] = nil if mod_answers['dhcp_gateway'] == '192.168.100.1'
end
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
answers.delete('foreman_proxy::plugin::pulp')

if answers['foreman_proxy_content'].is_a?(Hash)
answers['foreman_proxy_content']['pulpcore_mirror'] = true

# Prior migrations add these so we need to ensure they are deleted
# config/katello.migrations/200611220455-dont-proxy-pulp-yum-to-pulpcore-on-upgrades.rb
# config/katello.migrations/200123161606-enable-pulpcore.rb
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,5 @@
answers['puppet']['server_jvm_extra_args'] += " #{reserved_code_cache_arg}"
end
end
else
# The logger is silently added by the module if it's undef
answers['puppet']['server_jvm_extra_args'] = ['-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger', reserved_code_cache_arg]
end
end
6 changes: 6 additions & 0 deletions config/foreman.hiera/common.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,3 +19,9 @@ katello::globals::enable_file: "%{alias('foreman_proxy_content::enable_file')}"
katello::globals::enable_docker: "%{alias('foreman_proxy_content::enable_docker')}"
katello::globals::enable_deb: "%{alias('foreman_proxy_content::enable_deb')}"
katello::globals::enable_ansible_collection: "%{alias('foreman_proxy_content::enable_ansible')}"

puppet::server: true
# The logger must be there. The ReservedCodeCacheSize helps with memory issues
puppet::server_jvm_extra_args:
- "-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"
- "-XX:ReservedCodeCacheSize=512m"
18 changes: 18 additions & 0 deletions config/foreman.hiera/scenario/foreman-proxy-content/defaults.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
certs::generate: false

foreman_proxy_content::pulpcore_mirror: true

foreman_proxy::foreman_ssl_ca: /etc/foreman-proxy/foreman_ssl_ca.pem
foreman_proxy::foreman_ssl_cert: /etc/foreman-proxy/foreman_ssl_cert.pem
foreman_proxy::foreman_ssl_key: /etc/foreman-proxy/foreman_ssl_key.pem
foreman_proxy::http: true
foreman_proxy::manage_puppet_group: false
foreman_proxy::ssl_ca: /etc/foreman-proxy/ssl_ca.pem
foreman_proxy::ssl_cert: /etc/foreman-proxy/ssl_cert.pem
foreman_proxy::ssl_key: /etc/foreman-proxy/ssl_key.pem
foreman_proxy::ssl_port: 9090
foreman_proxy::templates: true

puppet::server_foreman_ssl_ca: /etc/pki/katello/puppet/puppet_client_ca.crt
puppet::server_foreman_ssl_cert: /etc/pki/katello/puppet/puppet_client.crt
puppet::server_foreman_ssl_key: /etc/pki/katello/puppet/puppet_client.key
25 changes: 25 additions & 0 deletions config/foreman.hiera/scenario/katello/defaults.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
certs::group: foreman

foreman::client_ssl_ca: /etc/foreman/proxy_ca.pem
foreman::client_ssl_cert: /etc/foreman/client_cert.pem
foreman::client_ssl_key: /etc/foreman/client_key.pem
foreman::initial_location: Default Location
foreman::initial_organization: Default Organization
foreman::server_ssl_ca: /etc/pki/katello/certs/katello-default-ca.crt
foreman::server_ssl_cert: /etc/pki/katello/certs/katello-apache.crt
foreman::server_ssl_chain: /etc/pki/katello/certs/katello-server-ca.crt
foreman::server_ssl_crl: ""
foreman::server_ssl_key: /etc/pki/katello/private/katello-apache.key

foreman_proxy::foreman_ssl_ca: /etc/foreman-proxy/foreman_ssl_ca.pem
foreman_proxy::foreman_ssl_cert: /etc/foreman-proxy/foreman_ssl_cert.pem
foreman_proxy::foreman_ssl_key: /etc/foreman-proxy/foreman_ssl_key.pem
foreman_proxy::manage_puppet_group: false
foreman_proxy::ssl_ca: /etc/foreman-proxy/ssl_ca.pem
foreman_proxy::ssl_cert: /etc/foreman-proxy/ssl_cert.pem
foreman_proxy::ssl_key: /etc/foreman-proxy/ssl_key.pem
foreman_proxy::ssl_port: 9090

puppet::server_foreman_ssl_ca: /etc/pki/katello/puppet/puppet_client_ca.crt
puppet::server_foreman_ssl_cert: /etc/pki/katello/puppet/puppet_client.crt
puppet::server_foreman_ssl_key: /etc/pki/katello/puppet/puppet_client.key
2 changes: 1 addition & 1 deletion config/foreman.migrations/20160405122117_passenger_ruby.rb
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
# Redetermine the value of passenger_ruby, as it changed on Debian in puppet-foreman f9329b6
answers['foreman'].delete('passenger_ruby') if answers['foreman']
answers['foreman'].delete('passenger_ruby') if answers['foreman'].is_a?(Hash)
4 changes: 2 additions & 2 deletions config/foreman.migrations/20160420224417_puppet_autosign.rb
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Redetermine the value of autosign, as it changed from string/boolean to path/boolean
# in puppet-puppet a2325f1 and was deleted from puppet-foreman_proxy 9f3c9aa
if answers['puppet']
if answers['puppet'].is_a?(Hash)
current_autosign = answers['puppet']['autosign']
answers['puppet'].delete('autosign') unless !!current_autosign == current_autosign # rubocop:disable Style/DoubleNegation
end
answers['foreman_proxy'].delete('autosign_location') if answers['foreman_proxy']
answers['foreman_proxy'].delete('autosign_location') if answers['foreman_proxy'].is_a?(Hash)
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
# Rename foreman_proxy puppetrun parameters to puppet
# https://github.com/theforeman/puppet-foreman_proxy/commit/c26cac15
answers['foreman_proxy']['puppet'] = answers['foreman_proxy'].delete('puppetrun') if answers['foreman_proxy'] && answers['foreman_proxy'].has_key?('puppetrun')
answers['foreman_proxy']['puppet_listen_on'] = answers['foreman_proxy'].delete('puppetrun_listen_on') if answers['foreman_proxy'] && answers['foreman_proxy'].has_key?('puppetrun_listen_on')
if answers['foreman_proxy'].is_a?(Hash)
answers['foreman_proxy']['puppet'] = answers['foreman_proxy'].delete('puppetrun') if answers['foreman_proxy'].has_key?('puppetrun')
answers['foreman_proxy']['puppet_listen_on'] = answers['foreman_proxy'].delete('puppetrun_listen_on') if answers['foreman_proxy'].has_key?('puppetrun_listen_on')
end
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Rename foreman_proxy provider "puppetssh" to "ssh"
# http://projects.theforeman.org/issues/15323
answers['foreman_proxy']['puppetrun_provider'] = 'ssh' if answers['foreman_proxy'] && answers['foreman_proxy']['puppetrun_provider'] == 'puppetssh'
answers['foreman_proxy']['puppetrun_provider'] = 'ssh' if answers['foreman_proxy'].is_a?(Hash) && answers['foreman_proxy']['puppetrun_provider'] == 'puppetssh'
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# rename foreman environment parameter to rails_env
# https://github.com/theforeman/puppet-foreman_proxy/commit/d239f0b
answers['foreman']['rails_env'] = answers['foreman'].delete('environment') if answers['foreman'] && answers['foreman'].has_key?('environment')
answers['foreman']['rails_env'] = answers['foreman'].delete('environment') if answers['foreman'].is_a?(Hash) && answers['foreman'].has_key?('environment')
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
if answers['foreman_proxy']
if answers['foreman_proxy'].is_a?(Hash)
root = answers['foreman_proxy']['tftp_root']
if answers['foreman_proxy']['tftp_dirs']
dirs = answers['foreman_proxy']['tftp_dirs']
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Redetermine the value of API whitelists, as it changed
# in puppet-puppet f9b4e87cd855d7d5d0bbf3a1831b5daf22cdb413
if answers['puppet']
if answers['puppet'].is_a?(Hash)
answers['puppet'].delete('server_admin_api_whitelist')
answers['puppet'].delete('server_ca_client_whitelist')
end
Original file line number Diff line number Diff line change
@@ -1 +1 @@
answers['foreman']['email_config_method'] = 'database' if answers['foreman']
answers['foreman']['email_config_method'] = 'database' if answers['foreman'].is_a?(Hash)
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
# false is no longer a valid value, the param should be undef/nil to be disabled
answers['foreman_proxy']['dhcp_range'] = nil if answers['foreman_proxy'] && answers['foreman_proxy']['dhcp_range'] == false
answers['foreman_proxy']['dhcp_range'] = nil if answers['foreman_proxy'].is_a?(Hash) && answers['foreman_proxy']['dhcp_range'] == false
Original file line number Diff line number Diff line change
@@ -1 +1 @@
answers['foreman_proxy']['realm_split_config_files'] = true if answers['foreman_proxy']
answers['foreman_proxy']['realm_split_config_files'] = true if answers['foreman_proxy'].is_a?(Hash)
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
if answers['foreman_proxy'] && answers['foreman_proxy']['bind_host'].is_a?(String)
if answers['foreman_proxy'].is_a?(Hash) && answers['foreman_proxy']['bind_host'].is_a?(String)
answers['foreman_proxy']['bind_host'] = [answers['foreman_proxy']['bind_host']]
end
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
if answers['foreman_proxy'] && !answers['foreman_proxy'].has_key?('use_autosignfile')
if answers['foreman_proxy'].is_a?(Hash) && !answers['foreman_proxy'].has_key?('use_autosignfile')
answers['foreman_proxy']['use_autosignfile'] = true
if answers['foreman_proxy'].has_key?('puppetdir')
puppetdir = answers['foreman_proxy']['puppetdir']
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# server_puppetserver_metrics also controls if the Ruby profiler gets enabled
# in puppet-puppet since 94ff77740a27d458ce1444db016645ab763cba42
if answers['puppet'] && answers['puppet'].has_key?('server_enable_ruby_profiler')
if answers['puppet'].is_a?(Hash) && answers['puppet'].has_key?('server_enable_ruby_profiler')
if answers['puppet']['server_enable_ruby_profiler'] == true
answers['puppet']['server_puppetserver_metrics'] = true
end
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,6 @@
end
end

if (mod_answers = answers['foreman_proxy'])
if (mod_answers = answers['foreman_proxy']) && mod_answers.is_a?(Hash)
mod_answers['dhcp_gateway'] = nil if mod_answers['dhcp_gateway'] == '192.168.100.1'
end
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,5 @@
answers['puppet']['server_jvm_extra_args'] += " #{reserved_code_cache_arg}"
end
end
else
# The logger is silently added by the module if it's undef
answers['puppet']['server_jvm_extra_args'] = ['-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger', reserved_code_cache_arg]
end
end
34 changes: 4 additions & 30 deletions config/katello-answers.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,19 +9,8 @@
#
# See params.pp in each class for what options are available
---
certs:
group: foreman
foreman:
client_ssl_ca: /etc/foreman/proxy_ca.pem
client_ssl_cert: /etc/foreman/client_cert.pem
client_ssl_key: /etc/foreman/client_key.pem
initial_location: Default Location
initial_organization: Default Organization
server_ssl_ca: /etc/pki/katello/certs/katello-default-ca.crt
server_ssl_cert: /etc/pki/katello/certs/katello-apache.crt
server_ssl_chain: /etc/pki/katello/certs/katello-server-ca.crt
server_ssl_crl: ""
server_ssl_key: /etc/pki/katello/private/katello-apache.key
certs: true
foreman: true
foreman::cli: true
foreman::cli::ansible: false
foreman::cli::azure: false
Expand Down Expand Up @@ -69,15 +58,7 @@ foreman::plugin::tasks: true
foreman::plugin::templates: false
foreman::plugin::virt_who_configure: false
foreman::plugin::webhooks: false
foreman_proxy:
foreman_ssl_ca: /etc/foreman-proxy/foreman_ssl_ca.pem
foreman_ssl_cert: /etc/foreman-proxy/foreman_ssl_cert.pem
foreman_ssl_key: /etc/foreman-proxy/foreman_ssl_key.pem
manage_puppet_group: false
ssl_ca: /etc/foreman-proxy/ssl_ca.pem
ssl_cert: /etc/foreman-proxy/ssl_cert.pem
ssl_key: /etc/foreman-proxy/ssl_key.pem
ssl_port: '9090'
foreman_proxy: true
foreman_proxy::plugin::acd: false
foreman_proxy::plugin::ansible: false
foreman_proxy::plugin::chef: false
Expand All @@ -92,11 +73,4 @@ foreman_proxy::plugin::salt: false
foreman_proxy::plugin::shellhooks: false
foreman_proxy_content: true
katello: true
puppet:
server: true
server_foreman_ssl_ca: /etc/pki/katello/puppet/puppet_client_ca.crt
server_foreman_ssl_cert: /etc/pki/katello/puppet/puppet_client.crt
server_foreman_ssl_key: /etc/pki/katello/puppet/puppet_client.key
server_jvm_extra_args:
- "-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"
- "-XX:ReservedCodeCacheSize=512m"
puppet: true
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
if answers['foreman_proxy']
if answers['foreman_proxy'].is_a?(Hash)
answers['foreman_proxy']['use_autosignfile'] = true
if answers['foreman_proxy'].key?('puppetdir')
puppetdir = answers['foreman_proxy']['puppetdir']
Expand Down

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,6 @@
end
end

if (mod_answers = answers['foreman_proxy'])
if (mod_answers = answers['foreman_proxy']) && mod_answers.is_a?(Hash)
mod_answers['dhcp_gateway'] = nil if mod_answers['dhcp_gateway'] == '192.168.100.1'
end
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,5 @@
answers['puppet']['server_jvm_extra_args'] += " #{reserved_code_cache_arg}"
end
end
else
# The logger is silently added by the module if it's undef
answers['puppet']['server_jvm_extra_args'] = ['-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger', reserved_code_cache_arg]
end
end
2 changes: 1 addition & 1 deletion spec/migration_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -137,7 +137,7 @@

it 'changes scenario answers' do
_, after = migrator
expect(after).to include({'foreman' => {'user_groups' => []}})
expect(after['foreman']['user_groups']).to eq([])
end
end
end
Expand Down

0 comments on commit faecabf

Please sign in to comment.