Foreman chokes on "puppet cert clean host.does.not.exist.example.com" as of Puppet 2.7.19 and thus can't provision new hosts
In Puppet 2.7.19 a bug in
puppet cert clean was fixed. Previously, the command always terminated with exit status 0, even if the certificate to be cleaned did not exist. Now, as of Puppet 2.7.19 (see https://projects.puppetlabs.com/issues/14860), the command terminates with exit status 24, which is the correct behaviour.
Foreman, or probably the Foreman smart proxy, should take this behavior change into account when provisioning hosts. Otherwise it is not possible to provision new hosts as retrieving the
/unattended/provision resource fails with a 500 error, resulting from the smart proxy on the Puppet server (proxying Puppet CA) failing to correctly run
W, [2012-08-24T18:52:42.575984 #1386] WARN -- : Failed to run puppetca: err: Could not call revoke: Could not find a serial number for web02.dmz01.example.com Could not find a serial number for web02.dmz01.example.com E, [2012-08-24T18:52:42.576345 #1386] ERROR -- : Failed to remove certificate(s) for web02.dmz01.example.com: Execution of puppetca failed, check log files