Jira (PUP-11759) trusted fqdn fact

[Pat Riehecky (Jira)]

Pat Riehecky created an issue

Puppet / PUP-11759 trusted fqdn fact Issue Type: New Feature Assignee: Unassigned Created: 2023/02/14 12:11 PM Priority: Normal Reporter: Pat Riehecky With the legacy top level facts going away, it would be handy if there as a $::trusted['fqdn'] fact I could pull in. In practice I know I can concat $::trusted['hostname'] with $::trusted['domain'], but making sure my mass find/replace is syntax valid for all the quoting and whatnot is going to be ugly. A trusted replacement fact would be great so I don't have to constantly repeat that pattern everywhere. Add Comment

This message was sent by Atlassian Jira (v8.20.11#820011-sha1:0629dd8)

[Josh Cooper (Jira)]

Josh Cooper updated an issue

Puppet / PUP-11759 trusted fqdn fact

Change By: Josh Cooper Team: Phoenix

Add Comment

[Josh Cooper (Jira)]

Josh Cooper commented on PUP-11759

Re: trusted fqdn fact Hi Pat Riehecky I wasn't clear if you wanted to use the structured fact "$facts['networking']['fqdn']" which already exists. Or if you are explicitly wanting a trusted version? If so, you can use "$trusted['certname']" which defaults to the fqdn of the host, but doesn't have to be in cases where "certname" is set explicitly in puppet.conf.

Add Comment

[Pat Riehecky (Jira)]

Pat Riehecky commented on PUP-11759

Re: trusted fqdn fact I'd prefer a "fully" trusted version.  My certname for the hosts is often a UUID for "reasons" so I'm assembling it by hand with a trivial join.   I'm controlling access to SSL certificates and kerberos keytabs, so I don't really want to trust that the client has the right fqdn.

Add Comment