--- modules/puppetca/puppetca_main.rb 2020-01-16 08:41:51.557765000 +0100 +++ modules/puppetca/puppetca_main.rb 2020-01-16 14:08:29.559916000 +0100 @@ -66,7 +66,11 @@ # list of all certificates and their state/fingerprint def list find_puppetca - command = "#{@sudo} #{@puppetca} --list --all" + if @puppetca.include?("puppetserver") + command = "#{@sudo} #{@puppetca} list --all" + else + command = "#{@sudo} #{@puppetca} --list --all" + end logger.debug "Executing #{command}" response = `#{command}` unless $? == 0 @@ -99,18 +103,30 @@ end default_path = ["/opt/puppet/bin", "/opt/puppet/sbin", "/opt/puppetlabs/bin"] - @puppetca = which("puppetca", default_path) || which("puppet", default_path) + puppet = which("puppetca", default_path) || which("puppet", default_path) + puppetserver = which("puppetserver", default_path) + puppetserver_version = `#{puppetserver} --version`.split(": ")[1] + if puppetserver_version >= "6" + @puppetca = puppetserver + else + @puppetca = puppet + end + unless File.exist?(@puppetca.to_s) logger.warn "unable to find puppetca binary" raise "unable to find puppetca" end # Append cert to the puppet command if we are not using the old puppetca command logger.debug "Found puppetca at #{@puppetca}" - @puppetca << " cert" unless @puppetca.include?("puppetca") + if @puppetca.include?("puppetserver") + @puppetca << " ca" + else + @puppetca << " cert" unless @puppetca.include?("puppetca") + end # Tell puppetca to use the ssl dir that Foreman has been told to use - @puppetca << " --ssldir #{ssl_dir}" + @puppetca << " --ssldir #{ssl_dir}" unless @puppetca.include?("puppetserver") if to_bool(::Proxy::PuppetCa::Plugin.settings.puppetca_use_sudo, true) @sudo = ::Proxy::PuppetCa::Plugin.settings.sudo_command || which("sudo") @@ -137,7 +153,7 @@ "#{puppetdir}/autosign.conf" end - # parse the puppetca --list output + # parse the puppetca list output def certificate str case str when /(\+|\-)\s+["]{0,1}(.*\w)["]{0,1}\s+\((\S+)\)/