Jira (PUP-9027) Deprecate CA-related settings in puppet.conf

1 view
Skip to first unread message

Maggie Dreyer (JIRA)

unread,
Jul 31, 2018, 1:28:03 PM7/31/18
to puppe...@googlegroups.com
Maggie Dreyer created an issue
 
Puppet / Task PUP-9027
Deprecate CA-related settings in puppet.conf
Issue Type: Task Task
Assignee: Unassigned
Created: 2018/07/31 10:27 AM
Fix Versions: PUP 5.5.5
Priority: Normal Normal
Reporter: Maggie Dreyer

In SERVER-2222 for Puppet 6 we are defining a bunch of CA related settings in puppetserver's config that will be respected instead of the ones in puppet.conf. We need to deprecate the puppet.conf versions of these settings in Puppet 5.
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)
Atlassian logo

Maggie Dreyer (JIRA)

unread,
Aug 1, 2018, 12:27:03 PM8/1/18
to puppe...@googlegroups.com
Maggie Dreyer assigned an issue to Maggie Dreyer
Change By: Maggie Dreyer
Assignee: Maggie Dreyer

Maggie Dreyer (JIRA)

unread,
Aug 1, 2018, 6:06:02 PM8/1/18
to puppe...@googlegroups.com
Maggie Dreyer updated an issue
Change By: Maggie Dreyer
Release Notes: Deprecation

Maggie Dreyer (JIRA)

unread,
Aug 1, 2018, 6:07:05 PM8/1/18
to puppe...@googlegroups.com
Maggie Dreyer updated an issue
Change By: Maggie Dreyer
Release Notes Summary: We are deprecating the Puppet settings relating to CA file locations, since these will be replaced by similar settings in Puppet Server's configs in Puppet 6.

Garrett Guillotte (JIRA)

unread,
Aug 7, 2018, 5:05:03 PM8/7/18
to puppe...@googlegroups.com
Garrett Guillotte updated an issue
Change By: Garrett Guillotte
Component/s: DOCS

Kenn Hussey (JIRA)

unread,
Aug 15, 2018, 11:26:03 AM8/15/18
to puppe...@googlegroups.com
Kenn Hussey updated an issue
Change By: Kenn Hussey
Flagged: Impediment

Kenn Hussey (JIRA)

unread,
Aug 15, 2018, 4:23:03 PM8/15/18
to puppe...@googlegroups.com

Michelle Fredette (JIRA)

unread,
Aug 16, 2018, 1:24:03 PM8/16/18
to puppe...@googlegroups.com
Michelle Fredette commented on Task PUP-9027
 
Re: Deprecate CA-related settings in puppet.conf

Maggie Dreyer This seems kind of vague - can we provide a list of the specific settings that are deprecated? Or a point to a set of them?

Maggie Dreyer (JIRA)

unread,
Aug 16, 2018, 1:49:03 PM8/16/18
to puppe...@googlegroups.com
Maggie Dreyer commented on Task PUP-9027

The list is:

  • ca_name
  • cadir
  • cacert
  • cakey
  • capub
  • cacrl
  • caprivatedir
  • csrdir
  • signeddir
  • capass
  • serial
  • autosign
  • allow_duplicate_certs
  • ca_ttl
  • cert_inventory

Michelle Fredette (JIRA)

unread,
Aug 17, 2018, 5:06:02 PM8/17/18
to puppe...@googlegroups.com

thank you!

Michelle Fredette (JIRA)

unread,
Aug 17, 2018, 6:11:03 PM8/17/18
to puppe...@googlegroups.com
Michelle Fredette updated an issue
 
Change By: Michelle Fredette
Labels: docs_reviewed

Massimiliano Adamo (JIRA)

unread,
Aug 23, 2018, 8:49:03 AM8/23/18
to puppe...@googlegroups.com
Massimiliano Adamo commented on Task PUP-9027
 
Re: Deprecate CA-related settings in puppet.conf

is it possible to use this new setting already, to mute this warning? 

Thomas Kishel (JIRA)

unread,
Aug 24, 2018, 4:10:02 PM8/24/18
to puppe...@googlegroups.com
Thomas Kishel commented on Task PUP-9027

You can suppress deprecation warnings with this setting in puppet.conf:

[main]
 
disable_warnings = deprecations

Tommy McNeely (JIRA)

unread,
Aug 30, 2018, 12:25:03 PM8/30/18
to puppe...@googlegroups.com
Tommy McNeely commented on Task PUP-9027

Usually when there is a (deprecation) warning, there is something that can be done to "fix" the situation that is causing the warning. In this case, we can't do anything except to hide all deprecation warnings. I don't think that is desirable. Until there is a solution to the deprecation, it should not appear.

 

At a minimum, it should not appear during a "puppet agent" run (as that is in the "master" section).

Massimiliano Adamo (JIRA)

unread,
Aug 31, 2018, 1:52:04 PM8/31/18
to puppe...@googlegroups.com

indeed. There should be a viable alternative when depcrecation message is thrown. 

More in general, I see a reason to unify, group, merge, join all puppet configuration files, in one, unique, single file (have you neer tried to install Salt-Stack? Even the DB configuration is in the same file). 

But I hardly see a reason for shuffling things around. More hardly I see a reason for having, conf, yaml, ruby (see Puppetfile), hocon, ini, cfg....  

After an upgrade the usual mess becomes a nightmare, because you don't know if that specific configuration is stale and it's not in use with the new version, or if it must be there. 

We need one single puppet.conf, with everything inside

 

Josh Cooper (Jira)

unread,
Oct 9, 2020, 1:09:04 PM10/9/20
to puppe...@googlegroups.com
Josh Cooper commented on Task PUP-9027
This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935)
Atlassian logo
Reply all
Reply to author
Forward
0 new messages