feat(convert_compiler_to_legacy): gather certificate extension information

- Added steps to gather certificate extension information from all systems using the `peadm::cert_data` task.
- Updated variable names for clarity and consistency.
- Filtered legacy compiler targets based on availability group using the gathered certificate data.

This enhancement improves the accuracy of the conversion process by ensuring that the correct certificate data is used.

Author: CoMfUcIoS

plans/convert_compiler_to_legacy.pp

@@ -5,37 +5,51 @@
   Optional[Boolean]       $remove_pdb = true,
 ) {
   $primary_target            = peadm::get_targets($primary_host, 1)
-  $legacy_compiler_targets   = peadm::get_targets($legacy_hosts)
+  $convert_legacy_compiler_targets   = peadm::get_targets($legacy_hosts)
 
   $cluster = run_task('peadm::get_peadm_config', $primary_host).first.value
   $error = getvar('cluster.error')
   if $error {
     fail_plan($error)
   }
 
+  $replica_host = getvar('cluster.params.replica_host')
+  $primary_postgresql_host = getvar('cluster.params.primary_postgresql_host')
+  $replica_postgresql_host = getvar('cluster.params.replica_postgresql_host')
+  $compiler_hosts = getvar('cluster.params.compiler_hosts')
+  $legacy_compilers = getvar('cluster.params.legacy_hosts')
+
+  $replica_target = peadm::get_targets($replica_host, 1)
+  $primary_postgresql_target = peadm::get_targets($primary_postgresql_host, 1)
+  $replica_postgresql_target = peadm::get_targets($replica_postgresql_host, 1)
+  $compiler_targets = peadm::get_targets($compiler_hosts)
+  $legacy_targets = peadm::get_targets($legacy_compilers) + $convert_legacy_compiler_targets
+
   $all_targets = peadm::flatten_compact([
-      getvar('cluster.params.primary_host'),
-      getvar('cluster.params.replica_host'),
-      getvar('cluster.params.primary_postgresql_host'),
-      getvar('cluster.params.replica_postgresql_host'),
-      getvar('cluster.params.compiler_hosts'),
+      $primary_target,
+      $replica_target,
+      $primary_postgresql_target,
+      $replica_postgresql_target,
+      $compiler_targets,
+      $legacy_targets,
   ])
 
   # Ensure input valid for a supported architecture
   $arch = peadm::assert_supported_architecture(
-    getvar('cluster.params.primary_host'),
-    getvar('cluster.params.replica_host'),
-    getvar('cluster.params.primary_postgresql_host'),
-    getvar('cluster.params.replica_postgresql_host'),
-    getvar('cluster.params.compiler_hosts'),
+    $primary_host,
+    $replica_host,
+    $primary_postgresql_host,
+    $replica_postgresql_host,
+    $compiler_hosts,
+    $legacy_compilers,
   )
 
   if $arch['disaster-recovery'] {
     # Gather certificate extension information from all systems
     $cert_extensions = run_task('peadm::cert_data', $all_targets).reduce({}) |$memo,$result| {
       $memo + { $result.target.peadm::certname => $result['extensions'] }
     }
-    $legacy_compiler_a_targets = $legacy_compiler_targets.filter |$index,$target| {
+    $legacy_compiler_a_targets = $convert_legacy_compiler_targets.filter |$index,$target| {
       $exts = $cert_extensions[$target.peadm::certname()]
       if ($exts[peadm::oid('peadm_availability_group')] in ['A', 'B']) {
         $exts[peadm::oid('peadm_availability_group')] == 'A'
@@ -47,7 +61,7 @@
         $index % 2 == 0
       }
     }
-    $legacy_compiler_b_targets = $legacy_compiler_targets.filter |$index,$target| {
+    $legacy_compiler_b_targets = $convert_legacy_compiler_targets.filter |$index,$target| {
       $exts = $cert_extensions[$target.peadm::certname()]
       if ($exts[peadm::oid('peadm_availability_group')] in ['A', 'B']) {
         $exts[peadm::oid('peadm_availability_group')] == 'B'
@@ -60,12 +74,10 @@
       }
     }
   } else {
-    $legacy_compiler_a_targets = $legacy_compiler_targets
+    $legacy_compiler_a_targets = $convert_legacy_compiler_targets
     $legacy_compiler_b_targets = []
   }
 
-  $compiler_targets = peadm::get_targets(getvar('cluster.params.compiler_hosts'))
-
   wait([
       background('modify-compilers-certs') || {
         run_plan('peadm::modify_certificate', $compiler_targets,
@@ -98,8 +110,8 @@
   ])
 
   if $remove_pdb {
-    run_command('puppet resource service puppet ensure=stopped', $legacy_compiler_targets)
-    run_command('puppet resource service pe-puppetdb ensure=stopped enable=false', $legacy_compiler_targets)
+    run_command('puppet resource service puppet ensure=stopped', $convert_legacy_compiler_targets)
+    run_command('puppet resource service pe-puppetdb ensure=stopped enable=false', $convert_legacy_compiler_targets)
   }
 
   apply($primary_target) {
@@ -121,22 +133,22 @@
     }
   }
 
-  run_task('peadm::puppet_runonce', $legacy_compiler_targets)
+  run_task('peadm::puppet_runonce', $convert_legacy_compiler_targets)
   run_task('peadm::puppet_runonce', $compiler_targets)
   run_task('peadm::puppet_runonce', $primary_target)
   run_task('peadm::puppet_runonce', $all_targets)
 
   if $remove_pdb {
-    run_command('puppet resource package pe-puppetdb ensure=purged', $legacy_compiler_targets)
-    run_command('puppet resource user pe-puppetdb ensure=absent', $legacy_compiler_targets)
+    run_command('puppet resource package pe-puppetdb ensure=purged', $convert_legacy_compiler_targets)
+    run_command('puppet resource user pe-puppetdb ensure=absent', $convert_legacy_compiler_targets)
 
-    run_command('rm -rf /etc/puppetlabs/puppetdb', $legacy_compiler_targets)
-    run_command('rm -rf /var/log/puppetlabs/puppetdb', $legacy_compiler_targets)
-    run_command('rm -rf /opt/puppetlabs/server/data/puppetdb', $legacy_compiler_targets)
+    run_command('rm -rf /etc/puppetlabs/puppetdb', $convert_legacy_compiler_targets)
+    run_command('rm -rf /var/log/puppetlabs/puppetdb', $convert_legacy_compiler_targets)
+    run_command('rm -rf /opt/puppetlabs/server/data/puppetdb', $convert_legacy_compiler_targets)
   }
 
-  run_command('systemctl start pe-puppetserver.service', $legacy_compiler_targets)
-  run_command('puppet resource service puppet ensure=running', $legacy_compiler_targets)
+  run_command('systemctl start pe-puppetserver.service', $convert_legacy_compiler_targets)
+  run_command('puppet resource service puppet ensure=running', $convert_legacy_compiler_targets)
 
-  return("Converted host ${legacy_compiler_targets} to legacy compiler.")
+  return("Converted host ${convert_legacy_compiler_targets} to legacy compiler.")
 }