Feature #14455

Add foreman_smartproxy provider with dependencies for AIO

Added by Dominic Cleal about 6 years ago. Updated almost 4 years ago.

Foreman modules
Target version:
Bugzilla link:
Fixed in Releases:
Found in Releases:


The foreman_smartproxy provider in the puppet-foreman module currently uses the apipie-bindings rubygem to make the REST API call to Foreman to register a smart proxy. This requires dependencies that aren't in the AIO Puppet environment.

Some points came out of the discussion at

1) The dependencies should be installed directly into the AIO environment, probably by creating packages to ship the .gems into a known location, then install them with package resources and the puppet_gem provider.

This may be helped by which brings dependency installation into puppet-foreman so it's in the same module as the providers themselves.

2) The number of dependencies with apipie-bindings is high, and adding a new provider with minimal dependencies (just 'oauth') would help. The same thread links to an example provider that does this, which needs merging into puppet-foreman.

As a workaround, users can use --foreman-proxy-register-in-foreman=false.

Related issues

Blocks Foreman - Tracker #8447: Puppet 4 supportClosed2014-11-19

Associated revisions

Revision 51e26e56 (diff)
Added by Dominic Cleal about 6 years ago

fixes #14455 - add rest_v3 smart proxy provider using OAuth gem

The new provider has fewer dependencies than rest_v2 (with
apipie-bindings), therefore it's easier to package the dependencies for
an AIO version of Puppet. puppet-agent-oauth will be provided by the
Foreman repositories to install the oauth gem into the AIO environment.

All Ruby 1.9+ installations, including Puppet AIO packages, won't need
a JSON package as they include a bundled 'json' library.

The provider's been split into a base type+provider (supported as per
PUP-2458) to make it easier to add and update other types in future.

The addition of the SSL CA in the type is required with the OAuth gem's
HTTP request support, as it enables verification by default when it
detects CA bundles in common locations.

Thanks to @liamjbennett, whose work this is partly based on.

closes GH-432


#1 Updated by Dominic Cleal about 6 years ago

#2 Updated by Dominic Cleal about 6 years ago

  • Status changed from New to Assigned
  • Assignee set to Dominic Cleal

#3 Updated by Dominic Cleal about 6 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request added

#4 Updated by Dominic Cleal about 6 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#5 Updated by Dominic Cleal about 6 years ago

  • Legacy Backlogs Release (now unused) set to 136

Also available in: Atom PDF