Puppet Plan: puppet::server::sign

Defined in:
plans/server/sign.pp

Summary

Signs node certificates on the Puppet controller node.

Overview

This Bolt plan runs the ‘puppetserver ca sign’ command for each specified node on the Puppet controller node, treating it as the target for this Bolt plan. The ‘$nodes` parameter can include both fully qualified domain names (FQDNs) and separate certificate names (certnames), allowing for flexible specification of targets for certificate signing.

Parameters:

  • targets (TargetSpec)

    Puppet server(s) on which certificates should be signed.

  • nodes (Array[Stdlib::Fqdn])

    Nodes or certnames for which certificate signing requests should be signed.



15
16
17
18
19
20
21
22
23
24
25
26
27
 
# File 'plans/server/sign.pp', line 15

plan puppet::server::sign (
  TargetSpec $targets,
  Array[Stdlib::Fqdn] $nodes,
) {
  run_plan(facts, $targets)

  return apply($targets) {
    include puppet
    $nodes.each |$node| {
      puppet::server::ca::sign { $node: }
    }
  }
}