In some cases it may not be possible to securely specify a password for
PuppetDB. When that is true, it's impossible to use the module to manage
PuppetDB, because specifying undef for the password will cause database
validation to fail, or for the setting in database.ini to be overridden.
This change will simply check that database_password is set, and will
skip validation and changing database.ini in the case where it is not.
This documents each of the newer parameters: gc_interval, log_slow_statements,
conn_max_age, conn_keep_alive, conn_lifetime with the version of PuppetDB that
are supported on.
Signed-off-by: Ken Barber <ken@bob.sh>
This patch adds all the missing parameters now defined in the 1.4.0 release.
This includes some new database parameters mainly, but also adds gc_interval
to the `puppetdb` and `puppetdb::server` classes, as previously this wasn't
configurable using this method.
To avoid documentation duplication the Puppet headers have been removed in
favour of documenting classes from the README.md. Until such times as the
forge can turn Puppet docs into HTML automatically, this is just duplicate
noise and prone to update slippage. The README.md is more authoritative in
this area and is pubicly displayed on the forge project page so it should be
used for now.
Signed-off-by: Ken Barber <ken@bob.sh>
Downcase has been added to puppetlabs/puppetdb, this patch changes the
dependency for stdlib to >= 2.2.0 as that was when downcase was first
included.
Signed-off-by: Ken Barber <ken@bob.sh>
for my use case, I am not able to validate the
ssl endpoint b/c I am creating my puppet certificates
during my puppet run, so they are not available to
the http get request.
This patch adds a new resource parameter to
the puppetdb_conn_validator that allows it
to make a non-ssl connection. This allows me
to declare my own http only resource that I
can use to verify the puppetdb connection.
Chris Barker reported that the default value of `$::clientcert`
was not the best choice for some things we were using it for
in the module; specifically, for the default value of
the jetty ssl listen address. He suggested using `$::fqdn` instead.
This commit makes that change; rspec-system tests pass, but I'm
not 100% sure that there aren't edge cases that would be
affected by this.
Previously this was >= 3.2.0, which probably isn't necessary just for
validate_re, plus at the time of writing this it was causing a problem
with the forge.
Signed-off-by: Ken Barber <ken@bob.sh>
This adds a basic test to run the standard 1 node setup until it succeeds.
This also fixes a bug with the connection validation facilities. Before this
patch we would keep retrying the connection to PuppetDB until the timeout
expired, this patch fixes that bug making provisioning faster and well, more
reliable. I've also increased the timeout as some systems take longer than
15 seconds for PuppetDB to start.
Signed-off-by: Ken Barber <ken@bob.sh>
