Project

General

Profile

Refactor #163

clean certificate only when a new build request starts

Added by Ric Danger over 9 years ago. Updated over 9 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Puppet integration
Target version:
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

Hi,

Shouldn't be better to remove the certificate only when the machine gets preseed_finish?
That way, the machine can still be managed by puppet until it gets reinstalled.

Regards,
Ricardo

Associated revisions

Revision 07723734 (diff)
Added by Ohad Levy over 9 years ago

fixes 163 - clean certificate only when a new build request starts

History

#1 Updated by Ohad Levy over 9 years ago

  • Status changed from New to Feedback

I'm not sure what you are asking, removing (which is also revoking the certificate in the last puppet master branch) will disable the client all together, IMHO removing should be done only when reinstalling or deleting the client

#2 Updated by Ric Danger over 9 years ago

Ohad Levy wrote:

I'm not sure what you are asking, removing (which is also revoking the certificate in the last puppet master branch) will disable the client all together, IMHO removing should be done only when reinstalling or deleting the client

Instead of removing the certificate imediatelly after pressing "build", you could delay it to preseed or preseed_finish.
The problem with the current methodology is that as soon as you press build, the machine will not be able to get policy from puppet anymore.
If the machine user never reboots the machine, it will never reinstall and will not be managed by puppet.

#3 Updated by Ohad Levy over 9 years ago

  • Category set to Puppet integration
  • Status changed from Feedback to Assigned
  • Assignee set to Ohad Levy
  • Target version set to 0.1-4

#4 Updated by Ohad Levy over 9 years ago

  • Subject changed from Why not clean the certificate when running preseed_finish? to clean certificate only when a new build request starts

#5 Updated by Ohad Levy over 9 years ago

  • Status changed from Assigned to Ready For Testing
  • % Done changed from 0 to 100

#6 Updated by Ohad Levy over 9 years ago

  • Status changed from Ready For Testing to Closed

Also available in: Atom PDF