Merge pull request #637 from puppetlabs/CONT-585-deferred-function

(CONT-585) allow deferred function for auth password

REFERENCE.md

@@ -626,7 +626,7 @@ the files if they do not exist.
 [*containerd_config_template*]
  The template to use for containerd configuration
  This value is ignored if containerd_config_source is defined
- Default to 'kubernetes/containerd/config.toml.erb'
+ Default to 'kubernetes/containerd/config.toml.epp'
 
 [*containerd_config_source*]
  The source of the containerd configuration
@@ -1946,7 +1946,7 @@ Data type: `String`
 
 
 
-Default value: `'kubernetes/containerd/config.toml.erb'`
+Default value: `'kubernetes/containerd/config.toml.epp'`
 
 ##### <a name="-kubernetes--containerd_socket"></a>`containerd_socket`
 

manifests/init.pp

@@ -53,7 +53,7 @@
 # [*containerd_config_template*]
 # The template to use for containerd configuration
 # This value is ignored if containerd_config_source is defined
-# Default to 'kubernetes/containerd/config.toml.erb'
+# Default to 'kubernetes/containerd/config.toml.epp'
 #
 # [*containerd_config_source*]
 # The source of the containerd configuration
@@ -686,7 +686,7 @@
  Optional[String] $containerd_archive_checksum = undef,
  String $containerd_source =
  "https://github.com/containerd/containerd/releases/download/v${containerd_version}/${containerd_archive}",
- String $containerd_config_template = 'kubernetes/containerd/config.toml.erb',
+ String $containerd_config_template = 'kubernetes/containerd/config.toml.epp',
  Variant[Stdlib::Unixpath, String] $containerd_socket = '/run/containerd/containerd.sock',
  Optional[String] $containerd_config_source = undef,
  Hash $containerd_plugins_registry = {

manifests/packages.pp

@@ -55,7 +55,7 @@
 # Defaults to https://github.com/containerd/containerd/releases/download/v${containerd_version}/${containerd_archive}
 # @param containerd_config_template
 # The template to use for containerd configuration
-# This value is ignored if containerd_config_source is defined. Default to 'kubernetes/containerd/config.toml.erb'
+# This value is ignored if containerd_config_source is defined. Default to 'kubernetes/containerd/config.toml.epp'
 # @param containerd_config_source
 # The source of the containerd configuration
 # This value overrides containerd_config_template. Default to undef
@@ -350,7 +350,13 @@
  if $containerd_config_source {
  $_containerd_config_content = undef
  } else {
- $_containerd_config_content = template($containerd_config_template)
+ $_containerd_config_content = stdlib::deferrable_epp($containerd_config_template, {
+ 'containerd_plugins_registry' => $containerd_plugins_registry,
+ 'containerd_socket' => $containerd_socket,
+ 'containerd_sandbox_image' => $containerd_sandbox_image,
+ 'docker_cgroup_driver' => $docker_cgroup_driver,
+ 'containerd_default_runtime_name' => $containerd_default_runtime_name,
+ })
  }
  # Generate using 'containerd config default'
  file { '/etc/containerd/config.toml':
@@ -379,7 +385,13 @@
  if $containerd_config_source {
  $_containerd_config_content = undef
  } else {
- $_containerd_config_content = template($containerd_config_template)
+ $_containerd_config_content = stdlib::deferrable_epp($containerd_config_template, {
+ 'containerd_plugins_registry' => $containerd_plugins_registry,
+ 'containerd_socket' => $containerd_socket,
+ 'containerd_sandbox_image' => $containerd_sandbox_image,
+ 'docker_cgroup_driver' => $docker_cgroup_driver,
+ 'containerd_default_runtime_name' => $containerd_default_runtime_name,
+ })
  }
  # Generate using 'containerd config default'
  file { '/etc/containerd/config.toml':
@@ -430,7 +442,13 @@
  owner => 'root',
  group => 'root',
  mode => '0644',
- content => template('kubernetes/containerd/config.toml.erb'),
+ content => stdlib::deferrable_epp('kubernetes/containerd/config.toml.epp', {
+ 'containerd_plugins_registry' => $containerd_plugins_registry,
+ 'containerd_socket' => $containerd_socket,
+ 'containerd_sandbox_image' => $containerd_sandbox_image,
+ 'docker_cgroup_driver' => $docker_cgroup_driver,
+ 'containerd_default_runtime_name' => $containerd_default_runtime_name,
+ }),
  require => [File['/etc/containerd'], Archive[$containerd_archive]],
  notify => Service['containerd'],
  }

spec/classes/packages_spec.rb

@@ -44,7 +44,7 @@
  'containerd_package_name' => 'containerd.io',
  'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
  'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
- 'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
+ 'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
  'containerd_default_runtime_name' => 'runc',
  'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
  'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
@@ -145,7 +145,7 @@
  'containerd_package_name' => 'containerd.io',
  'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
  'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
- 'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
+ 'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
  'containerd_default_runtime_name' => 'runc',
  'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
  'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
@@ -245,7 +245,7 @@
  'containerd_package_name' => 'containerd.io',
  'containerd_archive' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
  'containerd_source' => 'containerd-1.4.3-linux-amd64.tar.gz',
- 'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
+ 'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
  'containerd_default_runtime_name' => 'runc',
  'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
  'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
@@ -466,7 +466,7 @@
  'containerd_package_name' => 'containerd.io',
  'containerd_archive' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
  'containerd_source' => 'containerd-1.4.3-linux-amd64.tar.gz',
- 'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
+ 'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
  'containerd_default_runtime_name' => 'nvidia',
  'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
  'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
@@ -549,7 +549,7 @@
  'containerd_package_name' => 'containerd.io',
  'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
  'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
- 'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
+ 'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
  'containerd_default_runtime_name' => 'runc',
  'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
  'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
@@ -648,7 +648,7 @@
  'containerd_package_name' => 'containerd.io',
  'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
  'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
- 'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
+ 'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
  'containerd_default_runtime_name' => 'runc',
  'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
  'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
@@ -753,7 +753,7 @@
  'containerd_package_name' => 'containerd.io',
  'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
  'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
- 'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
+ 'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
  'containerd_default_runtime_name' => 'runc',
  'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
  'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
@@ -835,7 +835,7 @@
  'containerd_package_name' => 'containerd.io',
  'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
  'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
- 'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
+ 'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
  'containerd_default_runtime_name' => 'runc',
  'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
  'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
@@ -930,7 +930,7 @@
  'containerd_package_name' => 'containerd.io',
  'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
  'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
- 'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
+ 'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
  'containerd_default_runtime_name' => 'runc',
  'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
  'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
@@ -1030,7 +1030,7 @@
  'containerd_package_name' => 'containerd.io',
  'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
  'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
- 'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
+ 'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
  'containerd_default_runtime_name' => 'runc',
  'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
  'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',

templates/containerd/config.toml.erb → templates/containerd/config.toml.epp

@@ -7,7 +7,7 @@ required_plugins = []
 oom_score = 0
 
 [grpc]
- address = "<%= @containerd_socket -%>"
+ address = "<%= $containerd_socket -%>"
  tcp_address = ""
  tcp_tls_cert = ""
  tcp_tls_key = ""
@@ -54,7 +54,7 @@ oom_score = 0
  stream_idle_timeout = "4h0m0s"
  enable_selinux = false
  selinux_category_range = 1024
- sandbox_image = "<%= @containerd_sandbox_image %>"
+ sandbox_image = "<%= $containerd_sandbox_image %>"
  stats_collect_period = 10
  systemd_cgroup = false
  enable_tls_streaming = false
@@ -70,7 +70,7 @@ oom_score = 0
  ignore_image_defined_volumes = false
  [plugins."io.containerd.grpc.v1.cri".containerd]
  snapshotter = "overlayfs"
- default_runtime_name = "<%= @containerd_default_runtime_name %>"
+ default_runtime_name = "<%= $containerd_default_runtime_name %>"
  no_pivot = false
  disable_snapshot_annotations = true
  discard_unpacked_layers = false
@@ -94,10 +94,10 @@ oom_score = 0
  privileged_without_host_devices = false
  base_runtime_spec = ""
  [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
-<%- if @docker_cgroup_driver == 'systemd' -%>
+<% if $docker_cgroup_driver == 'systemd' { -%>
  SystemdCgroup = true
-<%- end -%>
-<%- if @containerd_default_runtime_name == 'nvidia' -%>
+<% } -%>
+<% if $containerd_default_runtime_name == 'nvidia' { -%>
  [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia]
  runtime_type = "io.containerd.runc.v2"
  runtime_engine = ""
@@ -106,57 +106,57 @@ oom_score = 0
  base_runtime_spec = ""
  [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia.options]
  BinaryName = "/usr/bin/nvidia-container-runtime"
-<%- end -%>
+<% } -%>
  [plugins."io.containerd.grpc.v1.cri".cni]
  bin_dir = "/opt/cni/bin"
  conf_dir = "/etc/cni/net.d"
  max_conf_num = 1
  conf_template = ""
  [plugins."io.containerd.grpc.v1.cri".registry]
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors]
- <%- @containerd_plugins_registry.each do |registry, sections| -%>
- <%- if sections['mirrors'] and not sections['mirrors'].empty? -%>
- [plugins."io.containerd.grpc.v1.cri".registry.mirrors."<%= registry %>"]
- <%- if sections['mirrors']['endpoint'] -%>
- endpoint = ["<%= sections['mirrors']['endpoint'] %>"]
- <%- end -%>
- <%- end -%>
- <%- end -%>
+ <% $containerd_plugins_registry.map |Any $registry, Any $sections| { -%>
+ <% if $sections['mirrors'] and !$sections['mirrors'].empty { -%>
+ [plugins."io.containerd.grpc.v1.cri".registry.mirrors."<%= $registry %>"]
+ <% if $sections['mirrors']['endpoint'] { -%>
+ endpoint = ["<%= $sections['mirrors']['endpoint'] %>"]
+ <% } -%>
+ <% } -%>
+ <% } -%>
  [plugins."io.containerd.grpc.v1.cri".registry.configs]
- <%- @containerd_plugins_registry.each do |registry, sections| -%>
- <%- if sections['auth'] and not sections['auth'].empty? -%>
- [plugins."io.containerd.grpc.v1.cri".registry.configs."<%= registry %>".auth]
- <%- if sections['auth']['username'] -%>
- username = "<%= sections['auth']['username'] %>"
- <%- end -%>
- <%- if sections['auth']['password'] -%>
- password = "<%= sections['auth']['password'] %>"
- <%- end -%>
- <%- if sections['auth']['auth'] -%>
- auth = "<%= sections['auth']['auth'] %>"
- <%- end -%>
- <%- if sections['auth']['identitytoken'] -%>
- identitytoken = "<%= sections['auth']['identitytoken'] %>"
- <%- end -%>
- <%- end -%>
- <%- end -%>
- <%- @containerd_plugins_registry.each do |registry, sections| -%>
- <%- if sections['tls'] and not sections['tls'].empty? -%>
- [plugins."io.containerd.grpc.v1.cri".registry.configs."<%= registry %>".tls]
- <%- if sections['tls']['ca_file'] -%>
- ca_file = "<%= sections['tls']['ca_file'] %>"
- <%- end -%>
- <%- if sections['tls']['cert_file'] -%>
- cert_file = "<%= sections['tls']['cert_file'] %>"
- <%- end -%>
- <%- if sections['tls']['key_file'] -%>
- key_file = "<%= sections['tls']['key_file'] %>"
- <%- end -%>
- <%- if sections['tls']['insecure_skip_verify'] -%>
- insecure_skip_verify = <%= sections['tls']['insecure_skip_verify'] %>
- <%- end -%>
- <%- end -%>
- <%- end -%>
+ <% $containerd_plugins_registry.map |Any $registry, Any $sections| { -%>
+ <% if $sections['auth'] and !$sections['auth'].empty { -%>
+ [plugins."io.containerd.grpc.v1.cri".registry.configs."<%= $registry %>".auth]
+ <% if $sections['auth']['username'] { -%>
+ username = "<%= $sections['auth']['username'] %>"
+ <% } -%>
+ <% if $sections['auth']['password'] { -%>
+ password = "<%= $sections['auth']['password'] %>"
+ <% } -%>
+ <% if $sections['auth']['auth'] { -%>
+ auth = "<%= $sections['auth']['auth'] %>"
+ <% } -%>
+ <% if $sections['auth']['identitytoken'] { -%>
+ identitytoken = "<%= $sections['auth']['identitytoken'] %>"
+ <% } -%>
+ <% } -%>
+ <% } -%>
+ <% $containerd_plugins_registry.map |Any $registry, Any $sections| { -%>
+ <% if $sections['tls'] and !$sections['tls'].empty { -%>
+ [plugins."io.containerd.grpc.v1.cri".registry.configs."<%= $registry %>".tls]
+ <% if $sections['tls']['ca_file'] { -%>
+ ca_file = "<%= $sections['tls']['ca_file'] %>"
+ <% } -%>
+ <% if $sections['tls']['cert_file'] { -%>
+ cert_file = "<%= $sections['tls']['cert_file'] %>"
+ <% } -%>
+ <% if $sections['tls']['key_file'] { -%>
+ key_file = "<%= $sections['tls']['key_file'] %>"
+ <% } -%>
+ <% if $sections['tls']['insecure_skip_verify'] { -%>
+ insecure_skip_verify = <%= $sections['tls']['insecure_skip_verify'] %>
+ <% } -%>
+ <% } -%>
+ <% } -%>
  [plugins."io.containerd.grpc.v1.cri".image_decryption]
  key_model = ""
  [plugins."io.containerd.grpc.v1.cri".x509_key_pair_streaming]