postgresql::postgres_password throws errors when Deferred

Question

postgresql::postgres_password throws errors when Deferred

bobnegri opened this issue 8 months ago · comments

Describe the Bug

When postgresql::postgres_password is Deferred, it throws one of two possible errors:

Error 1:

$hash_postgresql_db_pw = Deferred('postgresql::postgresql_password', ['puppetdb', $plain_postgresql_db_pw])

Error: Failed to apply catalog: Function postgresql::postgresql_password(): Unknown function: 'postgresql::default'

Error 2:

# Get the hash value: md5 or scram-sha-256
$pwd_encrypt = $postgresql::params::password_encryption

$hash_postgresql_db_pw = Deferred('postgresql::postgresql_password', ['puppetdb', $plain_postgresql_db_pw, false, $pwd_encrypt])

Failed to apply catalog: 'postgresql::postgresql_password' parameter 'hash' references an unresolved type 'Postgresql::Pg_password_encryption'

Expected Behavior

A clear and concise description of what you expected to happen.

Expectation 1:
When function postgresql::postgresql_password is Deferred and only passed username and password, the function should use the built in defaults without throwing an error.

Expectation 2:
When function postgresql::postgresql_password is Deferred and values are provided for username, password, sensitive, and hash, the function should not throw a type error.

Steps to Reproduce

Steps to reproduce the behavior:

Go to '...'
Click on '....'

Environment

postgresql-12 10.0.3
puppet-agent 7.27.0
puppetdb 7.15.0
puppetserver 7.14.0
Ubuntu 20.04.6 LTS

Additional Context

Add any other context about the problem here.

Under postgresql 9.2.0, we did not provide sensitive and hash values and the function worked when Deferred.

Ewoud Kohl van Wijngaarden · Answer 1 · Sat Apr 06 2024 00:01:08 GMT+0800 (China Standard Time)

Is this a duplicate of #1560?

Bob Negri · Answer 2 · Thu Apr 11 2024 19:07:56 GMT+0800 (China Standard Time)

I'm going to go with, no.

I'm Deferring function 'postgresql::postgresql_password':

$hash_postgresql_db_pw = Deferred('postgresql::postgresql_password', ['puppetdb', $plain_postgresql_db_pw])

Issue #1560 is passing in a Deferred to the class.

class { '::postgresql::server':
    postgres_password => Deferred('unwrap', [$admin_password_vault]),
}

Tim Meusel · Answer 3 · Wed May 29 2024 20:15:06 GMT+0800 (China Standard Time)

Expectation 2:
When function postgresql::postgresql_password is Deferred and values are provided for username, password, sensitive, and hash, the function should not throw a type error.

are you sure that's not the case? postgresql::postgresql_password() doesn't call postgresql::default() when the hash is set.

Bob Negri · Answer 4 · Thu May 30 2024 21:41:10 GMT+0800 (China Standard Time)

Expectation 2:
When function postgresql::postgresql_password is Deferred and values are provided for username, password, sensitive, and hash, the function should not throw a type error.

are you sure that's not the case? postgresql::postgresql_password() doesn't call postgresql::default() when the hash is set.

Yes. Deferred can't resolve this:

optional_param 'Optional[Postgresql::Pg_password_encryption]', :hash

So even though I'm providing values - and avoiding the Puppet function -- it still fails.

Note: I'm appearing as my work identity rather than my personal login.

Tim Meusel · Answer 5 · Mon Jun 03 2024 18:43:50 GMT+0800 (China Standard Time)

Can you provide a PR that switches to native Enum?

Bob Negri · Answer 6 · Mon Jun 03 2024 20:40:56 GMT+0800 (China Standard Time)

I'll try and figure out how to do that. (First time.) Going to have to do it off work hours due to the bureaucracy that is my current employer and our client.