https://www.puppet.com/community logo
Join Slack
Powered by
This message was deleted.
# puppet
s
This message was deleted.
🦜 1
b
usually 
hostname
is the shortname
and the certname is the full FQDN
you can use the notify or echo resource to check the value of 
$trusted['certname']
k
even better, i WANT the shortname, so I guess I'll just go with that. Yea, I tried using notify to check, nothing. Very weird.
b
whenever possible, use 
$trusted
and not facts
k
'whenever possible' - that's why I'm here, I'ma trying! LOL
b
agents can provide you whatever fact values they like. stuff in 
trusted
comes from the tls cert
if you drop 
$
from your regex it will work. Or extract the hostname from 
$trusted['certname']
👀 1
y
if $trusted['certname'] =~ /-sec\.common\.domain\.com/ {
b
yeah
or 
if $trusted['certname'].split('.')[0] =~ /-sec$/
k
But I need the regex$, my certname & hostname both are just a shortname, ending with either -pri or -sec (primary/secondary). In our test env I've never added a fqdn .domain.com for simplicity. That said, when this goes live, the prod nodes will certainly have fqdn's. So I guess I should start using them in test env now.
b
don't do that. always use FQDNs for the certificates
👍 1
this 2
l
honestly, always use FQDNs for systems and put them in DNS (unless they're a totally ephemeral cloud node)
k
yea, I get that now. Live and learn.
c
Per default $trusted['hostname'] and $trusted['domain'] does also exist. They also come from the cert itself so you do not need to manually split the $trusted['certname']. https://www.puppet.com/docs/puppet/8/lang_facts_builtin_variables.html#trusted-facts
1
Open in Slack
PreviousNext
Powered by