prefer new puppetserver 7 ca_crt.pem path

The new puppetserver 7 ca_crt.pem path of `/etc/puppetlabs/puppetserver/ca/ca_crt.pem` is now preferred over the legacy path of `/etc/puppetlabs/puppet/ssl/ca/ca_crt.pem`. The puppetserver 6 is used as a fallback.
lsst-it · Aug 22, 2022 · 6471bb6 · 6471bb6
1 parent ba226f6
commit 6471bb6
Showing 1 changed file with 9 additions and 1 deletion.
diff --git a/exe/foreman_envsync b/exe/foreman_envsync
@@ -103,6 +103,14 @@ def foreman_org_ids
   hammer_cmd_parse_one(cmd, field)
 end
 
+# prefer the puppetserver 7 ca_crt.pem path
+def ssl_ca_file
+  %w[
+    /etc/puppetlabs/puppetserver/ca/ca_crt.pem
+    /etc/puppetlabs/puppet/ssl/ca/ca_crt.pem
+  ].find { |f| File.exist?(f) }
+end
+
 def puppetserver_env_list
   hostname = Socket.gethostname
 
@@ -112,7 +120,7 @@ def puppetserver_env_list
     ssl_client_cert: cert_file("/etc/puppetlabs/puppet/ssl/certs/#{hostname}.pem"),
     ssl_client_key: key_file("/etc/puppetlabs/puppet/ssl/private_keys/#{hostname}.pem"),
     verify_ssl: true,
-    ssl_ca_file: "/etc/puppetlabs/puppet/ssl/ca/ca_crt.pem"
+    ssl_ca_file: ssl_ca_file
   )
 
   JSON.parse(res)["environments"].keys