Jira (PUP-9994) External/Extended trusted data

0 views
Skip to first unread message

David Schmitt (JIRA)

unread,
Sep 3, 2019, 10:57:03 AM9/3/19
to puppe...@googlegroups.com
David Schmitt created an issue
 
Puppet / Improvement PUP-9994
External/Extended trusted data
Issue Type: Improvement Improvement
Assignee: Unassigned
Created: 2019/09/03 7:56 AM
Priority: Normal Normal
Reporter: David Schmitt

To facilitate enhancing catalog compilation with dynamic trusted data from third parties (i.e. not the ENC or the agent), this change adds $trusted_ext. The data gets loaded from the indirector (currently only through calling a script that needs to return JSON).

This is an experimental feature.
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)
Atlassian logo

David Schmitt (JIRA)

unread,
Sep 3, 2019, 12:00:46 PM9/3/19
to puppe...@googlegroups.com
David Schmitt assigned an issue to David Schmitt
Change By: David Schmitt
Assignee: David Schmitt

Josh Cooper (JIRA)

unread,
Nov 10, 2019, 8:12:04 PM11/10/19
to puppe...@googlegroups.com
Josh Cooper updated an issue
Change By: Josh Cooper
Fix Version/s: PUP 6.11.0

Thomas Honey (JIRA)

unread,
Nov 11, 2019, 8:57:03 AM11/11/19
to puppe...@googlegroups.com
Thomas Honey updated an issue
Change By: Thomas Honey
To facilitate enhancing catalog compilation with dynamic external trusted data from third parties (i.e. not the ENC or the agent), this change adds {{$trusted_ext}}. The data gets loaded from the indirector (currently only through calling a script that needs to return JSON).


This is an experimental feature.

Thomas Honey (JIRA)

unread,
Nov 11, 2019, 8:57:03 AM11/11/19
to puppe...@googlegroups.com
Thomas Honey updated an issue
Change By: Thomas Honey
Release Notes Summary: Experimental feature.
Release Notes: Not Needed

Thomas Honey (JIRA)

unread,
Nov 11, 2019, 8:59:04 AM11/11/19
to puppe...@googlegroups.com
Thomas Honey commented on Improvement PUP-9994
 
Re: External/Extended trusted data

[https://github.com/puppetlabs/puppet/blob/8e840139fc2deac3c27d0df9882ffac0882c9ec6/lib/puppet/defaults.rb#L538-L547
]

This documents the behaviour of the parameter. As mentioned above, this is an experimental feature.

Henrik Lindberg (JIRA)

unread,
Nov 11, 2019, 11:14:03 AM11/11/19
to puppe...@googlegroups.com
Henrik Lindberg updated an issue
Change By: Henrik Lindberg
To facilitate enhancing catalog compilation with external trusted data from third parties (i.e. not the ENC or the agent), this change adds data to {{$ trusted_ext trusted\['external'] }}. The data gets loaded from the indirector (currently only through calling a script that needs to return JSON).

This is an experimental feature.

Josh Cooper (JIRA)

unread,
Nov 11, 2019, 1:24:04 PM11/11/19
to puppe...@googlegroups.com

Josh Cooper (JIRA)

unread,
Nov 11, 2019, 1:25:06 PM11/11/19
to puppe...@googlegroups.com
Josh Cooper updated an issue
Change By: Josh Cooper
To facilitate enhancing catalog compilation with external trusted data from third parties (i.e. not the ENC or the agent), this change adds data to {{$trusted \ ['external']}}. The data gets loaded from the indirector (currently only through via calling a script that needs to return JSON ) , similar to how the autosign command works .


This is an experimental feature.

Kris Bosland (JIRA)

unread,
Nov 12, 2019, 5:45:03 PM11/12/19
to puppe...@googlegroups.com

Josh Cooper (JIRA)

unread,
Nov 12, 2019, 7:47:05 PM11/12/19
to puppe...@googlegroups.com
Josh Cooper commented on Improvement PUP-9994
 
Re: External/Extended trusted data

Thomas Honey I think we do want to document this experimental feature in the release notes, yeah? /cc Jean Bond

Josh Cooper (JIRA)

unread,
Nov 12, 2019, 8:41:03 PM11/12/19
to puppe...@googlegroups.com
Josh Cooper assigned an issue to Josh Cooper
Change By: Josh Cooper
Assignee: David Schmitt Josh Cooper

Josh Cooper (JIRA)

unread,
Nov 12, 2019, 8:41:04 PM11/12/19
to puppe...@googlegroups.com
Josh Cooper updated an issue
Change By: Josh Cooper
Team: Coremunity

Josh Cooper (JIRA)

unread,
Nov 13, 2019, 12:56:05 PM11/13/19
to puppe...@googlegroups.com
Josh Cooper updated an issue
Change By: Josh Cooper
Sprint: Platform Core KANBAN

Jean Bond (JIRA)

unread,
Nov 15, 2019, 12:25:04 PM11/15/19
to puppe...@googlegroups.com
Jean Bond commented on Improvement PUP-9994
 
Re: External/Extended trusted data

Josh Cooper, Thomas Honey, it seems reasonable to me to include a release note with documentation about experimental features, but I leave it to you to decide. Pinging Heston Hoffman on this, as he's working on the 6.11 release.

Heston Hoffman (JIRA)

unread,
Nov 18, 2019, 1:53:04 PM11/18/19
to puppe...@googlegroups.com
Heston Hoffman updated an issue
Change By: Heston Hoffman
Release Notes: Not Needed New Feature

Heston Hoffman (JIRA)

unread,
Nov 18, 2019, 1:53:07 PM11/18/19
to puppe...@googlegroups.com
Heston Hoffman updated an issue
Change By: Heston Hoffman
Release Notes: New Feature Enhancement

Heston Hoffman (JIRA)

unread,
Nov 18, 2019, 2:01:04 PM11/18/19
to puppe...@googlegroups.com
Heston Hoffman updated an issue
Change By: Heston Hoffman
Labels: resolved-issue-added

Heston Hoffman (JIRA)

unread,
Nov 18, 2019, 2:02:03 PM11/18/19
to puppe...@googlegroups.com
Heston Hoffman updated an issue
Change By: Heston Hoffman
Release Notes Summary: Experimental feature Use the `trusted_external_command` to add trusted facts from an external source during catalog compilation .
The value for trusted_external_command is a path to an executable command that can produce external trusted facts. The command must:
- Take the name of a node as a command-line argument.
- Return a JSON hash with the external trusted facts for this node.
- Exit with a non-zero exit code for unknown or invalid nodes.

Heston Hoffman (JIRA)

unread,
Nov 18, 2019, 2:02:05 PM11/18/19
to puppe...@googlegroups.com
Heston Hoffman updated an issue
Change By: Heston Hoffman
Release Notes Summary:
Use the `trusted_external_command` to add trusted facts from an external source during catalog compilation.
The value for ` trusted_external_command ` is a path to an executable command that can produce external trusted facts. The command must:
- Take the name of a node as a command-line argument.
- Return a JSON hash with the external trusted facts for this node.
- Exit with a non-zero exit code for unknown or invalid nodes.
Reply all
Reply to author
Forward
0 new messages