okay, but i need to understand for myself whats going on. because how else should i know what to create and where deploy it if i not gonna use generate_ca in a multi-master setup?

this a bit unclear, why is there a generate_ca flag when i not supposed to use this in a production cluster which will (always?) have more then one controll plan server?

There's a generate_ca flag which is useful for setting up the first node of a multi-master cluster, or for setting up entire single-master clusters. But if you can generate a valid set of secrets externally, then you can simply skip that function.

Every multi-master cluster must be a single-master cluster at some point, etcd does require an already established quorum for adding more nodes after all. So the optimal way to build a multi-master cluster would likely be; deploying one node with generate_ca, grabbing the secrets from it while the cluster itself is established, disabling generate_ca, and then provisioning the additional masters using the collection of secrets you've collected.

You can of course leave generate_ca enabled - even if you're managing the secrets yourself. It will only trigger generation if the secrets are invalid

ewoud: Sorry I couldn't work out how to deal with aliases in a generic way.

But as it's the

ensure_packages

special case I'm trying to fix, I think it is probably 'ok'.

well, I didn't see a good way either since all APIs appear to be private

and there is match? but that also matches regexes

I've deliberately tried to not be too clever. For instance, if there is a resource defined already why continue to call

ensure_resource

? I want that to continue and have the chance to fail in the same way it currently does if some other parameters don't match.

so in conclusion: I think it's fine to special case it now and find a generic solution in the future

yes, I saw that and I liked the simplicity in design

and if that day never comes, it was obviously not that important 🙂

Thanks. I really did aim for 'simple'. Like getting rid of the case of calling either

ensure_resource

or

ensure_resources

.

and I find it much easier to understand compared to what was there before. https://github.com/puppetlabs/puppetlabs-stdlib/blob/77a9c07c9e64f03b12a4d8068941609f44829c8b/lib/puppet/parser/functions/ensure_packages.rb

@bastelfreak Could use re-review on https://github.com/voxpupuli/puppet-openldap/pull/375 - I left comment WRT to having to use legacy fact.

@bastelfreak Could use re-review on https://github.com/voxpupuli/puppet-openldap/pull/375 - I left comment WRT to having to use legacy fact.

This message was deleted.

found.

This message was deleted.

.

do you know why this is succeeding on my laptop and it's failing on github? Also, it's not true that REFERENCE.md was not updated. You can see it in the commits that was updated: https://github.com/voxpupuli/puppet-nomad/pull/80/commits/db222a07ce166e96025f5dd01c159f7d93f5caf5#diff-6269a4217141bc6fd7[…]2f0d0d7d1ba04af62ba229a

on my laptop it's looking good:

$ bundle exec rake validate lint check
Your RubyGems version (3.0.3.1) has a bug that prevents `required_ruby_version` from working for Bundler. Any scripts that use `gem install bundler` will break as soon as Bundler drops support for your Ruby version. Please upgrade RubyGems to avoid future breakage and silence this warning by running `gem update --system 3.2.3`
To use retry middleware with Faraday v2.0+, install `faraday-retry` gem
ruby -c lib/facter/nomad_version.rb
Syntax OK
ruby -c lib/facter/nomad_node_id.rb
Syntax OK
---> syntax:manifests
---> syntax:templates
---> syntax:hiera:yaml
Files:                    6
Modules:                  0 (    0 undocumented)
Classes:                  0 (    0 undocumented)
Constants:                0 (    0 undocumented)
Attributes:               0 (    0 undocumented)
Methods:                  0 (    0 undocumented)
Puppet Defined Types:     0 (    0 undocumented)
Puppet Types:             0 (    0 undocumented)
Puppet Providers:         0 (    0 undocumented)
Puppet Functions:         0 (    0 undocumented)
Puppet Tasks:             0 (    0 undocumented)
Puppet Plans:             0 (    0 undocumented)
Puppet Classes:           6 (    0 undocumented)
Puppet Data Types:        0 (    0 undocumented)
Puppet Data Type Aliases:     0 (    0 undocumented)
 100.00% documented
$ echo $?
0

This message was deleted.

CI uses puppet-strings 3, which creates a different markdown output

In my efforts to get ecosystem announcements going I realised I sent the VOX group an announcement on the SNOW Service Graph connector for Puppet being released. I hadn't intended to send but wanted to check my presumption for the integrations (which are PE only) that it wouldn't be relevant for the VOX list?

This message was deleted.

are you on ruby 2.5 or 2.6 locally?

exist? has been in ruby since ever, you can change that one w/o any issue

@Ananace may you have a look here? https://github.com/voxpupuli/puppet-k8s/issues/37 ... since PR #30 etcd ca behaves differently for me