Actions
Bug #26623
closed
foreman-proxy-certs-generate is missing parameters between katello 3.10 and 3.11
Difficulty:
Triaged:
No
Description
hellokatello on IRC discovered that f-p-c-g does not properly work on Katello 3.11 and newer (aka since "the installer merge"), as it has fewer parameters than before (e.g. --certs-update-server is missing)
Updated by Evgeni Golov over 5 years ago
nightly:
# foreman-proxy-certs-generate --help
Usage:
foreman-proxy-certs-generate [OPTIONS]
Options:
= Generic:
--[no-]colors Use color output on STDOUT (default: true)
--color-of-background COLOR Your terminal background is :bright or :dark (default: :dark)
--dont-save-answers Skip saving answers to '/usr/share/foreman-installer/katello-certs/scenarios.d/foreman-proxy-certs-answers.yaml'? (default: true)
--ignore-undocumented Ignore inconsistent parameter documentation (default: false)
-i, --interactive Run in interactive mode
--log-level LEVEL Log level for log file output (default: :debug)
-n, --noop Run puppet in noop mode? (default: false)
-p, --profile Run puppet in profile mode? (default: false)
-s, --skip-checks-i-know-better Skip all system checks (default: false)
--skip-puppet-version-check Skip check for compatible Puppet versions (default: false)
-v, --verbose Display log on STDOUT instead of progressbar
-l, --verbose-log-level LEVEL Log level for verbose mode output (default: "info")
-S, --scenario SCENARIO Use installation scenario
--disable-scenario SCENARIO Disable installation scenario
--enable-scenario SCENARIO Enable installation scenario
--list-scenarios List available installation scenarios
--force Force change of installation scenario
--compare-scenarios Show changes between last used scenario and the scenario specified with -S or --scenario argument
--migrations-only Apply migrations to a selected scenario and exit
--[no-]parser-cache Force use or bypass of Puppet module parser cache
-h, --help print help
--full-help print complete help
--[no-]enable-certs Enable 'certs' puppet module (default: true)
--[no-]enable-foreman-proxy-certs Enable 'foreman_proxy_certs' puppet module (default: true)
= Module certs:
--cname The alternative names of the host the generated certificates
should be for (current: [])
--node-fqdn The fqdn of the host the generated certificates
should be for (current: "pipeline-katello-nightly-centos7.yatsu.example.com")
--server-ca-cert Path to the CA that issued the ssl certificates for https
if not specified, the default CA will be used (current: UNDEF)
--server-cert Path to the ssl certificate for https
if not specified, the default CA will generate one (current: UNDEF)
--server-cert-req Path to the ssl certificate request for https
if not specified, the default CA will generate one (current: UNDEF)
--server-key Path to the ssl key for https
if not specified, the default CA will generate one (current: UNDEF)
--tar-file Use a tarball with certificates rather than generate
new ones. This can be used on another node which is
not the CA. (current: UNDEF)
= Module foreman_proxy_certs:
--certs-tar Path to tar file with certs to generate (current: UNDEF)
--foreman-proxy-cname additional names of the foreman proxy (current: ["[]"])
--foreman-proxy-fqdn FQDN of the foreman proxy (current: "pipeline-katello-nightly-centos7.yatsu.example.com")
--parent-fqdn FQDN of the parent node. Does not usually
need to be set. (current: "pipeline-katello-nightly-centos7.yatsu.example.com")
Only commonly used options have been displayed.
Use --full-help to view the complete list.
3.7 (the only I have handy)
# foreman-proxy-certs-generate --help
Usage:
foreman-proxy-certs-generate [OPTIONS]
Options:
= Generic:
--reset This option will drop the Katello database and clear all subsequent backend data stores.You will lose all data! Unfortunately we
can't detect a failure at the moment so you should verify the success
manually. e.g. dropping can fail when DB is currently in use. (default: false)
--clear-pulp-content This option will clear all Pulp content from disk located in '/var/lib/pulp/content/'. (default: false)
--clear-puppet-environments This option will clear all published Puppet environments from disk. (default: false)
--disable-system-checks This option will skip the system checks for memory. (default: false)
--force-upgrade-steps This option will force upgrade steps to run that are normally only run once. (default: false)
--certs-update-server This option will enforce an update of the HTTPS certificates (default: false)
--certs-update-server-ca This option will enforce an update of the CA used for HTTPS certificates. (default: false)
--certs-update-all This option will enforce an update of all the certificates for given host (default: false)
--certs-reset This option will reset any custom certificates and use the self-signed CA instead. Note that any clients will need to be updated with the latest katello-ca-consumer RPM, and any external proxies will need to have the certs updated by generating a new certs tarball. (default: false)
--certs-skip-check This option will cause skipping the certificates sanity check. Use with caution (default: false)
--upgrade Run the steps necessary for an upgrade such as migrations, rake tasks, etc. (default: false)
--disable-resolve-mismatches This will disable the resolving of mismatches between the application and backend services, during upgrade. The steps will still run in a non-commit mode to show what would have been changed. (default: false)
--[no-]colors Use color output on STDOUT (default: true)
--color-of-background COLOR Your terminal background is :bright or :dark (default: :dark)
--dont-save-answers Skip saving answers to '/tmp/foreman-proxy-certs-answer20190416-15313-1j5b57x.yaml'? (default: true)
--ignore-undocumented Ignore inconsistent parameter documentation (default: false)
-i, --interactive Run in interactive mode
--log-level LEVEL Log level for log file output (default: :debug)
-n, --noop Run puppet in noop mode? (default: false)
-p, --profile Run puppet in profile mode? (default: false)
-s, --skip-checks-i-know-better Skip all system checks (default: false)
--skip-puppet-version-check Skip check for compatible Puppet versions (default: false)
-v, --verbose Display log on STDOUT instead of progressbar
-l, --verbose-log-level LEVEL Log level for verbose mode output (default: "info")
-S, --scenario SCENARIO Use installation scenario
--disable-scenario SCENARIO Disable installation scenario
--enable-scenario SCENARIO Enable installation scenario
--list-scenarios List available installation scenarios
--force Force change of installation scenario
--compare-scenarios Show changes between last used scenario and the scenario specified with -S or --scenario argument
--migrations-only Apply migrations to a selected scenario and exit
--[no-]parser-cache Force use or bypass of Puppet module parser cache
-h, --help print help
--full-help print complete help
--[no-]enable-certs Enable 'certs' puppet module (default: true)
--[no-]enable-foreman-proxy-certs Enable 'foreman_proxy_certs' puppet module (default: true)
= Module certs:
--cname The alternative names of the host the generated certificates
should be for (current: [])
--node-fqdn The fqdn of the host the generated certificates
should be for (current: "blah.example.com")
--server-ca-cert Path to the CA that issued the ssl certificates for https
if not specified, the default CA will be used (current: UNDEF)
--server-cert Path to the ssl certificate for https
if not specified, the default CA will generate one (current: UNDEF)
--server-cert-req Path to the ssl certificate request for https
if not specified, the default CA will generate one (current: UNDEF)
--server-key Path to the ssl key for https
if not specified, the default CA will generate one (current: UNDEF)
= Module foreman_proxy_certs:
--certs-tar Path to tar file with certs to generate (current: UNDEF)
--foreman-proxy-cname additional names of the foreman proxy (current: [])
--foreman-proxy-fqdn FQDN of the foreman proxy (current: "blah.example.com")
--parent-fqdn FQDN of the parent node. Does not usually
need to be set. (current: "blah.example.com")
Only commonly used options have been displayed.
Use --full-help to view the complete list.
Updated by Evgeni Golov over 5 years ago
workaround:cp /usr/share/foreman-installer/katello/hooks/boot/20-certs_update.rb /usr/share/foreman-installer/katello-certs/hooks/boot/
Updated by
Updated by The Foreman Bot over 5 years ago
- Status changed from New to Ready For Testing
- Assignee set to Evgeni Golov
- Pull request https://github.com/theforeman/foreman-installer/pull/355 added
Updated by Evgeni Golov over 5 years ago
- Status changed from Ready For Testing to Closed
Applied in changeset installer|b26d33f9481b636519c620b6bf61f38ab788b5be.
Actions