Jira (PDOC-171) generate the hiera keynames to use for parameterised classes
Title: Message Title Henrik Lindberg commented on PDOC-171 Re: generate the hiera keynames to use for parameterised classes Applying heuristics like that would work - the documentation extraction would need to understand a hiera.yaml, understand if there is any interpolation in any layer, and if all layers are known data functions, further it must understand lookup options - if they are not, then it is not possible to statically compute the value that will be looked up. The simple case: one level, one path pointing to a yaml file is doable - but then, must also look if the data is an alias, or contains interpolation. Information from lookup_options should also be taken into account since it is of interest to know if deep merge is turned on by the module's hiera data. So, somewhat doable for the simplest case, but still quite a bit of work to get right. Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-9480) puppet unable to put ipv4+ipv6 dual stack hosts into /etc/hosts
Title: Message Title Hadmut Danisch created an issue Puppet / PUP-9480 puppet unable to put ipv4+ipv6 dual stack hosts into /etc/hosts Issue Type: Improvement Affects Versions: PUP 5.4.0 Assignee: Unassigned Created: 2019/02/07 2:34 AM Priority: Normal Reporter: Hadmut Danisch Hi, an old problem, known at least since 2011, still exists in puppet and is causing more and more trouble: the host resource and put a host into /etc/hosts with either its ipv4 or ipv6 address, but not with both. Since it is state of the art today and normal that machines have both addresses, this really causes headache and problems. I wonder why a problem know for at least 8 years still exists, if https://puppet.com/docs/puppet/5.5/types/host.html is still correct. regards Add Comment
Jira (PUP-9480) puppet unable to put ipv4+ipv6 dual stack hosts into /etc/hosts
Title: Message Title Hadmut Danisch commented on PUP-9480 Re: puppet unable to put ipv4+ipv6 dual stack hosts into /etc/hosts BTW, the host resource seems to be somewhat broken by design, since the leading entity and key in /etc/hosts is the ip address and not the host name. A better way would be to bind host names to ip addresses and not ip addresses to host names. Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-9364) puppet module install is really slow
Title: Message Title Matthias Baur commented on PUP-9364 Re: puppet module install is really slow Hey Josh Cooper, sorry for the late answer. I don't think that facts are the problem: $ time puppet facts find &> /dev/null real 0m3.209s user 0m1.753s sys 0m0.845s $ time puppet module install puppetlabs-firewall -v 1.14.0 --modulepath $HOME/modules/ Notice: Preparing to install into /Users/mbaur/modules ... Notice: Downloading from https://forgeapi.puppet.com ... Notice: Installing -- do not interrupt ... /Users/mbaur/modules └─┬ puppetlabs-firewall (v1.14.0) └── puppetlabs-stdlib (v5.2.0)
Jira (BOLT-1118) Add a command that lists available modules and their versions
Title: Message Title Charlie Sharpsteen created an issue Puppet Task Runner / BOLT-1118 Add a command that lists available modules and their versions Issue Type: New Feature Assignee: Unassigned Created: 2019/02/07 7:03 AM Priority: Normal Reporter: Charlie Sharpsteen As a bolt user, I need the ability to call up a list of the modules available in my workspace. This will allow me to determine the names and versions of available modules along with their order of precedence. Desired Outcome A command similar to puppet module list that displays each module available in the Bolt environment. Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)
Jira (BOLT-920) Bolt unable to connect with ecdsa key
Title: Message Title Melissa Amos commented on BOLT-920 Re: Bolt unable to connect with ecdsa key To clarify, the known issue documented in pre-docs for this ticket is being FIXED in 1.11.0? Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (BOLT-978) Package Bolt for Fedora 28/29
Title: Message Title Melissa Amos updated an issue Puppet Task Runner / BOLT-978 Package Bolt for Fedora 28/29 Change By: Melissa Amos Labels: docs docs_reviewed Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (BOLT-978) Package Bolt for Fedora 28/29
Title: Message Title Melissa Amos commented on BOLT-978 Re: Package Bolt for Fedora 28/29 Docs for review: http://docs-internal.puppet.com/docs/bolt/dev/bolt_installing.html#task-5651 http://docs-internal.puppet.com/docs/bolt/dev/bolt_new_features.html#support-for-new-platforms-1-11-0 Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (BOLT-920) Bolt unable to connect with ecdsa key
Title: Message Title Cas Donoghue commented on BOLT-920 Re: Bolt unable to connect with ecdsa key When I tested this originally I did not have my test case quite right. I went to do a final verification on a clean install and found that net-ssh 5.1.0 does not resolve the issue. Replication: [root@ebo9k1qf1fpcs67 gems]# ssh -V OpenSSH_7.8p1, OpenSSL 1.1.1 FIPS 11 Sep 2018 [root@ebo9k1qf1fpcs67 ~]# ssh-keygen -t ecdsa [root@ebo9k1qf1fpcs67 ~]# ssh -i id_ecdsa root@localhost [root@ebo9k1qf1fpcs67 Boltdir]# bolt command run whoami -n ecdsa Started on localhost... Failed on localhost: Failed to connect to localhost: the given identity is known, but the private key could not be loaded: Net::SSH::Exception (Cannot decode private key of type ecdsa-sha2-nistp256) Failed on 1 node: localhost Ran on 1 node in 0.16 seconds inventory.yaml
Jira (PUP-5068) Windows - Allow logging to a different event log
Title: Message Title Erick Banks updated an issue Puppet / PUP-5068 Windows - Allow logging to a different event log Change By: Erick Banks Epic Status: In Progress Done Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (BOLT-920) Bolt unable to connect with ecdsa key
Title: Message Title Cas Donoghue updated an issue Puppet Task Runner / BOLT-920 Bolt unable to connect with ecdsa key Change By: Cas Donoghue Fix Version/s: BOLT Next Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (BOLT-830) Running a script via PCP fails on Windows
Title: Message Title Cas Donoghue updated an issue Puppet Task Runner / BOLT-830 Running a script via PCP fails on Windows Change By: Cas Donoghue Fix Version/s: BOLT Next Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (BOLT-830) Running a script via PCP fails on Windows
Title: Message Title Cas Donoghue assigned an issue to Cas Donoghue Puppet Task Runner / BOLT-830 Running a script via PCP fails on Windows Change By: Cas Donoghue Assignee: Alex Dreyer Cas Donoghue Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (BOLT-830) Running a script via PCP fails on Windows
Title: Message Title Cas Donoghue updated an issue Puppet Task Runner / BOLT-830 Running a script via PCP fails on Windows Change By: Cas Donoghue Release Notes Summary: Powershell scripts can now be run on windows targets over the {{pcp}} transport. Release Notes: Enhancement Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (BOLT-920) Bolt unable to connect with ecdsa key
Title: Message Title Melissa Amos commented on BOLT-920 Re: Bolt unable to connect with ecdsa key Here's the known issue. I tweaked the wording on the workaround (last paragraph) so please check my understanding. http://docs-internal.puppet.com/docs/bolt/dev/bolt_known_issues.html#ssh-keys-generated-with-ssh-keygen-from-openssh-7-8-fail Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (BOLT-920) Bolt unable to connect with ecdsa key
Title: Message Title Melissa Amos updated an issue Puppet Task Runner / BOLT-920 Bolt unable to connect with ecdsa key Change By: Melissa Amos Labels: known-issue-added Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (BOLT-830) Running a script via PCP fails on Windows
Title: Message Title Melissa Amos updated an issue Puppet Task Runner / BOLT-830 Running a script via PCP fails on Windows Change By: Melissa Amos Labels: docs_reviewed Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (BOLT-830) Running a script via PCP fails on Windows
Title: Message Title Melissa Amos commented on BOLT-830 Re: Running a script via PCP fails on Windows Docs for review: http://docs-internal.puppet.com/docs/bolt/dev/bolt_new_features.html#powershell-scripts-over-the-pcp-transport-1-11-0 Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-9431) Decide the best system to break up the tests into reasonable chunks to work on
Title: Message Title Geoff Nichols updated an issue Puppet / PUP-9431 Decide the best system to break up the tests into reasonable chunks to work on Change By: Geoff Nichols Sprint: Platform OS Kanban Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-7870) Windows - Custom event logging v.next
Title: Message Title Erick Banks updated an issue Puppet / PUP-7870 Windows - Custom event logging v.next Change By: Erick Banks Epic Status: To Do Done Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (BOLT-1107) plan executor should use the internal API to connect to orchestrator
Title: Message Title Cas Donoghue assigned an issue to Cas Donoghue Puppet Task Runner / BOLT-1107 plan executor should use the internal API to connect to orchestrator Change By: Cas Donoghue Assignee: Nick Lewis Cas Donoghue Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-6585) Remove internal usage of Puppet::Util.absolute_path?(path) / replace with Pathname.new(path)
Title: Message Title Erick Banks updated an issue Puppet / PUP-6585 Remove internal usage of Puppet::Util.absolute_path?(path) / replace with Pathname.new(path) Change By: Erick Banks Sprint: Windows Grooming Hopper Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-9074) Windows scheduled_task name cannot us a path
Title: Message Title Erick Banks updated an issue Puppet / PUP-9074 Windows scheduled_task name cannot us a path Change By: Erick Banks Sprint: Windows Grooming Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-6184) Remove win32-dir code usage from Puppet
Title: Message Title Erick Banks updated an issue Puppet / PUP-6184 Remove win32-dir code usage from Puppet Change By: Erick Banks Sprint: Windows Grooming Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-9197) Windows file system ACL reported change is not always correct
Title: Message Title Erick Banks updated an issue Puppet / PUP-9197 Windows file system ACL reported change is not always correct Change By: Erick Banks Sprint: Windows Grooming Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8243) Allow ERB templates to be tolerant of a leading BOM
Title: Message Title Erick Banks updated an issue Puppet / PUP-8243 Allow ERB templates to be tolerant of a leading BOM Change By: Erick Banks Sprint: Windows Grooming Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-9297) Audit and fix locations where set_mode is called with inappropriate permissions on Windows
Title: Message Title Erick Banks updated an issue Puppet / PUP-9297 Audit and fix locations where set_mode is called with inappropriate permissions on Windows Change By: Erick Banks Sprint: Windows Grooming Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-6429) Provide a way to install SSL certs on Windows machines
Title: Message Title Erick Banks updated an issue Puppet / PUP-6429 Provide a way to install SSL certs on Windows machines Change By: Erick Banks Sprint: Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-6429) Provide a way to install SSL certs on Windows machines
Title: Message Title Erick Banks updated an issue Puppet / PUP-6429 Provide a way to install SSL certs on Windows machines Change By: Erick Banks Sprint: Windows 2019-02-20 Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8333) Remove scheduled_task type and provider
Title: Message Title Erick Banks updated an issue Puppet / PUP-8333 Remove scheduled_task type and provider Change By: Erick Banks Sprint: Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8395) Exec Parity for Windows
Title: Message Title Erick Banks updated an issue Puppet / PUP-8395 Exec Parity for Windows Change By: Erick Banks Sprint: Windows 2019-02-20 Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8295) Group resource cannot resolve virtual account "NT Service\Servicename"
Title: Message Title Erick Banks updated an issue Puppet / PUP-8295 Group resource cannot resolve virtual account "NT Service\Servicename" Change By: Erick Banks Sprint: Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8349) SPIKE scheduled_task : should we deprecate scheduled_task resource?
Title: Message Title Erick Banks updated an issue Puppet / PUP-8349 SPIKE scheduled_task : should we deprecate scheduled_task resource? Change By: Erick Banks Sprint: Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8333) Remove scheduled_task type and provider
Title: Message Title Erick Banks updated an issue Puppet / PUP-8333 Remove scheduled_task type and provider Change By: Erick Banks Sprint: Windows 2019-02-20 Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8295) Group resource cannot resolve virtual account "NT Service\Servicename"
Title: Message Title Erick Banks updated an issue Puppet / PUP-8295 Group resource cannot resolve virtual account "NT Service\Servicename" Change By: Erick Banks Sprint: Windows 2019-02-20 Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8395) Exec Parity for Windows
Title: Message Title Erick Banks updated an issue Puppet / PUP-8395 Exec Parity for Windows Change By: Erick Banks Sprint: Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8349) SPIKE scheduled_task : should we deprecate scheduled_task resource?
Title: Message Title Erick Banks updated an issue Puppet / PUP-8349 SPIKE scheduled_task : should we deprecate scheduled_task resource? Change By: Erick Banks Sprint: Windows 2019-02-20 Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2354) agent is confused about cert state
Title: Message Title Josh Cooper commented on PUP-2354 Re: agent is confused about cert state There are a few issues here. Newly provisioned agents generate a key pair, but optimistically try to download an issued cert before sending a CSR. This is due to the byzantine logic in Puppet::SSL::Host. If there happens to be an issued cert from the previous agent instance, then the agent prints the error message about a mismatched key and cert, and to make matters worse, saves the mismatched cert to disk. This breaks all future attempts to bootstrap the agent's cert. I am working on fixing this mess as described in other tickets in this Epic. But I have a few questions for watchers on this specific ticket. Assuming allow_duplicate_certs=true, I'm proposing: If the agent submits a CSR and there is already a CSR present on the server (same or different content), then the server will overwrite its version with whatever the agent sent. If the agent submits a CSR and there is already an issued cert (from possibly a previous instance), the server will save the agent's CSR, but leave the issued cert as-is. We have to be careful about "automatically" revoking old certs and signing new ones, because a malicious unauthenticated user could submit a CSR for the ca or puppetserver node. Would it be sufficient to restrict the scope of this to: If you set allow_duplicate_certs=true then autosign must be false or you must provide an autosigning policy to conditionally clean the old instance and issue a new cert? In particular autosign=true would not be allowed. If an autosign policy is used, then it's up to the user to define when it it acceptable to clean a node's cert, such as using the AWS instance-id Eric Sorenson mentions above? We should blacklist the ca node and any node name whose cert contains the isCA: TRUE basic constraint We could only allow certs to be revoked if they contain a cert extension indicating they are "recycle-able", something like pp_ephemeral=true. Infrastructure nodes like compiler, etc wouldn't have that extension in their cert. Thoughts? Add Comment