Page MenuHomeSoftware Heritage

defaults: Move gpg/certificate blocks to a dedicated config file
ClosedPublic

Authored by ardumont on Mon, Aug 5, 6:54 PM.

Details

Summary

To:

  • avoid further errors when touching needed blank spaces
  • reduce the defaults.yaml's already too big size
Test Plan

bin/octocatalog <node>
Nothing new

Also tested live in staging environment and same. Nothing to complain.

Diff Detail

Repository
rSPSITE puppet-swh-site
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

ardumont created this revision.Mon, Aug 5, 6:54 PM
ardumont edited the test plan for this revision. (Show Details)Mon, Aug 5, 6:56 PM
ardumont added inline comments.Tue, Aug 6, 10:28 AM
data/defaults.yaml
2

I don't like that name, i'll rename it to defaults_security.yaml.
We are dealing with public key/cert block, this is security related.
We are specifying that we trust those.

ardumont updated this revision to Diff 6131.Tue, Aug 6, 10:31 AM

Rename defaults_gpg.yaml to defaults_security.yaml

I've checked back (after the new modification) and bin/octocatalog is still happy.
It still does not want to touch anything.

data/defaults.yaml
2

that name

was defaults_gpg.yaml...

ftigeot accepted this revision.Tue, Aug 6, 10:49 AM
This revision is now accepted and ready to land.Tue, Aug 6, 10:49 AM

as @anlambert mentioned to me, maybe puppet could load those blocks from files, but let's check that later ;)

anlambert accepted this revision.Tue, Aug 6, 11:21 AM

Looks good to me. This is helpful as I can't count the number of times the auto-trimming feature of my text editor removed those needed spaces.

I am also wondering if each GPG key / certificate could be put in a separate file then read by puppet and integrated in the YAML file.

ardumont updated this revision to Diff 6135.Tue, Aug 6, 11:24 AM

Plug to production branch

This revision was automatically updated to reflect the committed changes.