Externalize answer defaults

This moves all non-default options into the Hiera layer. Since Kafo 3.0
this works and is supported. It also means --reset-$option loads the
installer default rather than the Puppet default.

config/foreman-answers.yaml

@@ -9,7 +9,7 @@
 #
 # See params.pp in each class for what options are available
 ---
-foreman: {}
+foreman: true
 foreman::cli: true
 foreman::cli::ansible: false
 foreman::cli::azure: false
@@ -73,8 +73,4 @@ foreman_proxy::plugin::openscap: false
 foreman_proxy::plugin::remote_execution::ssh: false
 foreman_proxy::plugin::salt: false
 foreman_proxy::plugin::shellhooks: false
-puppet:
-  server: true
-  server_jvm_extra_args:
-    - "-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"
-    - "-XX:ReservedCodeCacheSize=512m"
+puppet: true

config/foreman-hiera.yaml

@@ -15,6 +15,7 @@ hierarchy:
   - name: "Built in"
     paths:
       - "scenario/%{facts.kafo.scenario.id}/family/%{facts.os.family}-%{facts.os.release.major}.yaml"
+      - "scenario/%{facts.kafo.scenario.id}/defaults.yaml"
       - "family/%{facts.os.family}-%{facts.os.release.major}.yaml"
       - "family/%{facts.os.family}.yaml"
       - "security.yaml"

config/foreman-proxy-content-answers.yaml

@@ -9,21 +9,9 @@
 #
 # See params.pp in each class for what options are available
 ---
-certs:
-  generate: false
-foreman_proxy_content:
-  pulpcore_mirror: true
-foreman_proxy:
-  foreman_ssl_ca: /etc/foreman-proxy/foreman_ssl_ca.pem
-  foreman_ssl_cert: /etc/foreman-proxy/foreman_ssl_cert.pem
-  foreman_ssl_key: /etc/foreman-proxy/foreman_ssl_key.pem
-  http: true
-  manage_puppet_group: false
-  ssl_ca: /etc/foreman-proxy/ssl_ca.pem
-  ssl_cert: /etc/foreman-proxy/ssl_cert.pem
-  ssl_key: /etc/foreman-proxy/ssl_key.pem
-  ssl_port: '9090'
-  templates: true
+certs: true
+foreman_proxy_content: {}
+foreman_proxy: {}
 foreman_proxy::plugin::acd: false
 foreman_proxy::plugin::ansible: false
 foreman_proxy::plugin::dhcp::infoblox: false
@@ -33,11 +21,4 @@ foreman_proxy::plugin::dns::infoblox: false
 foreman_proxy::plugin::openscap: false
 foreman_proxy::plugin::remote_execution::ssh: false
 foreman_proxy::plugin::shellhooks: false
-puppet:
-  server: true
-  server_foreman_ssl_ca: /etc/pki/katello/puppet/puppet_client_ca.crt
-  server_foreman_ssl_cert: /etc/pki/katello/puppet/puppet_client.crt
-  server_foreman_ssl_key: /etc/pki/katello/puppet/puppet_client.key
-  server_jvm_extra_args:
-    - "-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"
-    - "-XX:ReservedCodeCacheSize=512m"
+puppet: true

config/foreman-proxy-content.migrations/180702133937-set-puppet-integration-answer.rb

@@ -1,4 +1,4 @@
 if answers['foreman_proxy_content'].is_a?(Hash)
-  enabled = answers['puppet'].is_a?(Hash) && answers['puppet']['server'] != false && answers['puppet']['server_foreman'] != false
+  enabled = answers['puppet'] == true || (answers['puppet'].is_a?(Hash) && answers['puppet']['server'] != false && answers['puppet']['server_foreman'] != false)
   answers['foreman_proxy_content']['puppet'] = false unless enabled
 end

config/foreman-proxy-content.migrations/210112194603-enable-pulp3-content-proxy.rb

@@ -1,8 +1,6 @@
 answers.delete('foreman_proxy::plugin::pulp')
 
 if answers['foreman_proxy_content'].is_a?(Hash)
-  answers['foreman_proxy_content']['pulpcore_mirror'] = true
-
   # Prior migrations add these so we need to ensure they are deleted
   # config/katello.migrations/200611220455-dont-proxy-pulp-yum-to-pulpcore-on-upgrades.rb
   # config/katello.migrations/200123161606-enable-pulpcore.rb

config/foreman-proxy-content.migrations/210407174237-add-puppet-reserved-code-cache.rb

@@ -12,8 +12,5 @@
         answers['puppet']['server_jvm_extra_args'] += " #{reserved_code_cache_arg}"
       end
     end
-  else
-    # The logger is silently added by the module if it's undef
-    answers['puppet']['server_jvm_extra_args'] = ['-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger', reserved_code_cache_arg]
   end
 end

config/foreman.hiera/common.yaml

@@ -19,3 +19,9 @@ katello::globals::enable_file: "%{alias('foreman_proxy_content::enable_file')}"
 katello::globals::enable_docker: "%{alias('foreman_proxy_content::enable_docker')}"
 katello::globals::enable_deb: "%{alias('foreman_proxy_content::enable_deb')}"
 katello::globals::enable_ansible_collection: "%{alias('foreman_proxy_content::enable_ansible')}"
+
+puppet::server: true
+# The logger must be there. The ReservedCodeCacheSize helps with memory issues
+puppet::server_jvm_extra_args:
+  - "-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"
+  - "-XX:ReservedCodeCacheSize=512m"

config/foreman.hiera/scenario/foreman-proxy-content/defaults.yaml

@@ -0,0 +1,18 @@
+certs::generate: false
+
+foreman_proxy_content::pulpcore_mirror: true
+
+foreman_proxy::foreman_ssl_ca: /etc/foreman-proxy/foreman_ssl_ca.pem
+foreman_proxy::foreman_ssl_cert: /etc/foreman-proxy/foreman_ssl_cert.pem
+foreman_proxy::foreman_ssl_key: /etc/foreman-proxy/foreman_ssl_key.pem
+foreman_proxy::http: true
+foreman_proxy::manage_puppet_group: false
+foreman_proxy::ssl_ca: /etc/foreman-proxy/ssl_ca.pem
+foreman_proxy::ssl_cert: /etc/foreman-proxy/ssl_cert.pem
+foreman_proxy::ssl_key: /etc/foreman-proxy/ssl_key.pem
+foreman_proxy::ssl_port: 9090
+foreman_proxy::templates: true
+
+puppet::server_foreman_ssl_ca: /etc/pki/katello/puppet/puppet_client_ca.crt
+puppet::server_foreman_ssl_cert: /etc/pki/katello/puppet/puppet_client.crt
+puppet::server_foreman_ssl_key: /etc/pki/katello/puppet/puppet_client.key

config/foreman.hiera/scenario/katello/defaults.yaml

@@ -0,0 +1,25 @@
+certs::group: foreman
+
+foreman::client_ssl_ca: /etc/foreman/proxy_ca.pem
+foreman::client_ssl_cert: /etc/foreman/client_cert.pem
+foreman::client_ssl_key: /etc/foreman/client_key.pem
+foreman::initial_location: Default Location
+foreman::initial_organization: Default Organization
+foreman::server_ssl_ca: /etc/pki/katello/certs/katello-default-ca.crt
+foreman::server_ssl_cert: /etc/pki/katello/certs/katello-apache.crt
+foreman::server_ssl_chain: /etc/pki/katello/certs/katello-server-ca.crt
+foreman::server_ssl_crl: ""
+foreman::server_ssl_key: /etc/pki/katello/private/katello-apache.key
+
+foreman_proxy::foreman_ssl_ca: /etc/foreman-proxy/foreman_ssl_ca.pem
+foreman_proxy::foreman_ssl_cert: /etc/foreman-proxy/foreman_ssl_cert.pem
+foreman_proxy::foreman_ssl_key: /etc/foreman-proxy/foreman_ssl_key.pem
+foreman_proxy::manage_puppet_group: false
+foreman_proxy::ssl_ca: /etc/foreman-proxy/ssl_ca.pem
+foreman_proxy::ssl_cert: /etc/foreman-proxy/ssl_cert.pem
+foreman_proxy::ssl_key: /etc/foreman-proxy/ssl_key.pem
+foreman_proxy::ssl_port: 9090
+
+puppet::server_foreman_ssl_ca: /etc/pki/katello/puppet/puppet_client_ca.crt
+puppet::server_foreman_ssl_cert: /etc/pki/katello/puppet/puppet_client.crt
+puppet::server_foreman_ssl_key: /etc/pki/katello/puppet/puppet_client.key

config/foreman.migrations/20160405122117_passenger_ruby.rb

@@ -1,2 +1,2 @@
 # Redetermine the value of passenger_ruby, as it changed on Debian in puppet-foreman f9329b6
-answers['foreman'].delete('passenger_ruby') if answers['foreman']
+answers['foreman'].delete('passenger_ruby') if answers['foreman'].is_a?(Hash)

config/foreman.migrations/20210407174237_add_puppet_reserved_code_cache.rb

@@ -12,8 +12,5 @@
         answers['puppet']['server_jvm_extra_args'] += " #{reserved_code_cache_arg}"
       end
     end
-  else
-    # The logger is silently added by the module if it's undef
-    answers['puppet']['server_jvm_extra_args'] = ['-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger', reserved_code_cache_arg]
   end
 end

config/katello-answers.yaml

@@ -9,19 +9,8 @@
 #
 # See params.pp in each class for what options are available
 ---
-certs:
-  group: foreman
-foreman:
-  client_ssl_ca: /etc/foreman/proxy_ca.pem
-  client_ssl_cert: /etc/foreman/client_cert.pem
-  client_ssl_key: /etc/foreman/client_key.pem
-  initial_location: Default Location
-  initial_organization: Default Organization
-  server_ssl_ca: /etc/pki/katello/certs/katello-default-ca.crt
-  server_ssl_cert: /etc/pki/katello/certs/katello-apache.crt
-  server_ssl_chain: /etc/pki/katello/certs/katello-server-ca.crt
-  server_ssl_crl: ""
-  server_ssl_key: /etc/pki/katello/private/katello-apache.key
+certs: true
+foreman: true
 foreman::cli: true
 foreman::cli::ansible: false
 foreman::cli::azure: false
@@ -69,15 +58,7 @@ foreman::plugin::tasks: true
 foreman::plugin::templates: false
 foreman::plugin::virt_who_configure: false
 foreman::plugin::webhooks: false
-foreman_proxy:
-  foreman_ssl_ca: /etc/foreman-proxy/foreman_ssl_ca.pem
-  foreman_ssl_cert: /etc/foreman-proxy/foreman_ssl_cert.pem
-  foreman_ssl_key: /etc/foreman-proxy/foreman_ssl_key.pem
-  manage_puppet_group: false
-  ssl_ca: /etc/foreman-proxy/ssl_ca.pem
-  ssl_cert: /etc/foreman-proxy/ssl_cert.pem
-  ssl_key: /etc/foreman-proxy/ssl_key.pem
-  ssl_port: '9090'
+foreman_proxy: {}
 foreman_proxy::plugin::acd: false
 foreman_proxy::plugin::ansible: false
 foreman_proxy::plugin::chef: false
@@ -92,11 +73,4 @@ foreman_proxy::plugin::salt: false
 foreman_proxy::plugin::shellhooks: false
 foreman_proxy_content: true
 katello: true
-puppet:
-  server: true
-  server_foreman_ssl_ca: /etc/pki/katello/puppet/puppet_client_ca.crt
-  server_foreman_ssl_cert: /etc/pki/katello/puppet/puppet_client.crt
-  server_foreman_ssl_key: /etc/pki/katello/puppet/puppet_client.key
-  server_jvm_extra_args:
-    - "-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"
-    - "-XX:ReservedCodeCacheSize=512m"
+puppet: true

config/katello.migrations/210407174237-add-puppet-reserved-code-cache.rb

@@ -12,8 +12,5 @@
         answers['puppet']['server_jvm_extra_args'] += " #{reserved_code_cache_arg}"
       end
     end
-  else
-    # The logger is silently added by the module if it's undef
-    answers['puppet']['server_jvm_extra_args'] = ['-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger', reserved_code_cache_arg]
   end
 end