postgresql::postgres_password throws errors when Deferred

Question

postgresql::postgres_password throws errors when Deferred

bobnegri opened this issue 10 months ago · 6 comments

Describe the Bug

When postgresql::postgres_password is Deferred, it throws one of two possible errors:

Error 1:

$hash_postgresql_db_pw = Deferred('postgresql::postgresql_password', ['puppetdb', $plain_postgresql_db_pw])

Error: Failed to apply catalog: Function postgresql::postgresql_password(): Unknown function: 'postgresql::default'

Error 2:

# Get the hash value: md5 or scram-sha-256
$pwd_encrypt = $postgresql::params::password_encryption

$hash_postgresql_db_pw = Deferred('postgresql::postgresql_password', ['puppetdb', $plain_postgresql_db_pw, false, $pwd_encrypt])

Failed to apply catalog: 'postgresql::postgresql_password' parameter 'hash' references an unresolved type 'Postgresql::Pg_password_encryption'

Expected Behavior

A clear and concise description of what you expected to happen.

Expectation 1:
When function postgresql::postgresql_password is Deferred and only passed username and password, the function should use the built in defaults without throwing an error.

Expectation 2:
When function postgresql::postgresql_password is Deferred and values are provided for username, password, sensitive, and hash, the function should not throw a type error.

Steps to Reproduce

Steps to reproduce the behavior:

Go to '...'
Click on '....'

Environment

postgresql-12 10.0.3
puppet-agent 7.27.0
puppetdb 7.15.0
puppetserver 7.14.0
Ubuntu 20.04.6 LTS

Additional Context

Add any other context about the problem here.

Under postgresql 9.2.0, we did not provide sensitive and hash values and the function worked when Deferred.

Answer 1 · 2024-04-05T16:01:08.000Z

Is this a duplicate of #1560?

Answer 2 · 2024-04-11T11:07:56.000Z

I'm going to go with, no.

I'm Deferring function 'postgresql::postgresql_password':

$hash_postgresql_db_pw = Deferred('postgresql::postgresql_password', ['puppetdb', $plain_postgresql_db_pw])

Issue #1560 is passing in a Deferred to the class.

class { '::postgresql::server':
    postgres_password => Deferred('unwrap', [$admin_password_vault]),
}

Answer 3 · 2024-05-29T12:15:06.000Z

Expectation 2:
When function postgresql::postgresql_password is Deferred and values are provided for username, password, sensitive, and hash, the function should not throw a type error.

are you sure that's not the case? postgresql::postgresql_password() doesn't call postgresql::default() when the hash is set.

Answer 4 · 2024-05-30T13:41:10.000Z

Expectation 2:
When function postgresql::postgresql_password is Deferred and values are provided for username, password, sensitive, and hash, the function should not throw a type error.

are you sure that's not the case? postgresql::postgresql_password() doesn't call postgresql::default() when the hash is set.

Yes. Deferred can't resolve this:

optional_param 'Optional[Postgresql::Pg_password_encryption]', :hash

So even though I'm providing values - and avoiding the Puppet function -- it still fails.

Note: I'm appearing as my work identity rather than my personal login.

Answer 5 · 2024-06-03T10:43:50.000Z

Can you provide a PR that switches to native Enum?

Answer 6 · 2024-06-03T12:40:56.000Z

I'll try and figure out how to do that. (First time.) Going to have to do it off work hours due to the bureaucracy that is my current employer and our client.