Refs #26571 - Add dispatch router auth

manifests/dispatch_router.pp

@@ -60,11 +60,14 @@
 
     # Connect dispatch router to the local qpid
     qpid::router::connector { 'broker':
-      host         => $foreman_proxy_content::qpid_router_broker_addr,
-      port         => $foreman_proxy_content::qpid_router_broker_port,
-      ssl_profile  => 'client',
-      role         => 'route-container',
-      idle_timeout => 0,
+      host          => $foreman_proxy_content::qpid_router_broker_addr,
+      port          => $foreman_proxy_content::qpid_router_broker_port,
+      sasl_mech     => $foreman_proxy_content::qpid_router_sasl_mech,
+      sasl_username => $foreman_proxy_content::qpid_router_sasl_username,
+      sasl_password => $foreman_proxy_content::qpid_router_sasl_password,
+      ssl_profile   => 'client',
+      role          => 'route-container',
+      idle_timeout  => 0,
     }
 
     qpid::router::link_route { 'broker-pulp-route-out':

manifests/init.pp

@@ -76,6 +76,12 @@
 #
 # $qpid_router_ssl_protocols::          Protocols to support in dispatch router (e.g. TLSv1.2, etc)
 #
+# $qpid_router_sasl_mech::              SASL mechanism to be used from router to broker
+#
+# $qpid_router_sasl_username::          SASL username to be used from router to broker
+#
+# $qpid_router_sasl_password::          SASL password to be used from router to broker
+#
 # $manage_broker::                      Manage the qpid message broker when applicable
 #
 # $pulp_worker_timeout::                The amount of time (in seconds) before considering a worker as missing. If Pulp's
@@ -117,6 +123,9 @@
   Stdlib::Absolutepath $qpid_router_logging_path = $foreman_proxy_content::params::qpid_router_logging_path,
   Optional[String] $qpid_router_ssl_ciphers = $foreman_proxy_content::params::qpid_router_ssl_ciphers,
   Optional[Array[String]] $qpid_router_ssl_protocols = $foreman_proxy_content::params::qpid_router_ssl_protocols,
+  Optional[String] $qpid_router_sasl_mech = $foreman_proxy_content::params::qpid_router_sasl_mech,
+  Optional[String] $qpid_router_sasl_username = $foreman_proxy_content::params::qpid_router_sasl_username,
+  Optional[String] $qpid_router_sasl_password = $foreman_proxy_content::params::qpid_router_sasl_password,
   Boolean $enable_ostree = $foreman_proxy_content::params::enable_ostree,
   Boolean $enable_yum = $foreman_proxy_content::params::enable_yum,
   Boolean $enable_file = $foreman_proxy_content::params::enable_file,

manifests/params.pp

@@ -39,6 +39,9 @@
   $qpid_router_logging_path  = '/var/log/qdrouterd'
   $qpid_router_ssl_ciphers   = undef
   $qpid_router_ssl_protocols = undef
+  $qpid_router_sasl_mech   = 'PLAIN'
+  $qpid_router_sasl_username = 'katello_agent'
+  $qpid_router_sasl_password = cache_data('foreman_cache_data', 'qpid_router_sasl_password', random_password(16))
 
   $enable_ostree             = false
   $enable_yum                = true