[Pkg-puppet-devel] ssl-utils-clojure: will FTBFS during trixie support period
Jérôme Charaoui
jerome at riseup.net
Thu Feb 20 15:40:17 GMT 2025
Le 2025-02-19 à 15 h 53, Calum McConnell a écrit :
> I've forwarded this bug upstream[1]; it seems obvious that the
> certificates need to be regenerated, but there are quite a few of them,
> and some of them have been expired for some time.
>
> Upstream hasn't updated in a few years, which is a bit concerning, but
> puppetlabs software in general seems well-maintained; I've CC'd the
> relevant maintainers. This issue shouldn't be too difficult to fix,
> especially for people who actually know how to use openssl.
Shipping x509 certificates among test fixtures has been a staple for
Puppetlabs projects including Puppetserver and PuppetDB, and
unfortunately, there's reason to believe upstream will not be addressing
these issues [0].
A fork is taking shape [1] but it's going to take a while before it
takes over the maintenance of all these bits.
I've fixed the issue in Debian for Puppetserver with a patch that
refactors a script to regenerate the full suite of test certs [2], but
its a time-consuming process. My plan was to introduce a similar script
to ssl-utils-clojure at some point before the trixie freeze.
-- Jérôme
[0] https://www.puppet.com/blog/open-source-puppet-updates-2025
[1]
https://overlookinfratech.com/2025/01/21/first-release-hot-off-the-presses/
[2]
https://sources.debian.org/src/puppetserver/8.7.0-3/debian/patches/improve_regen_certs_script.patch/
More information about the Pkg-puppet-devel
mailing list