add allowInvalidHostnames when found in config file

Johan De Wit · Johan De Wit · commit 92e334ef3aee · 2023-06-20T14:57:37.000+02:00
diff --git a/lib/facter/is_master.rb b/lib/facter/is_master.rb
@@ -16,16 +16,18 @@ def get_options_from_hash_config(config)
   # - sslMode is "requireSSL"
   # - Parameter --sslPEMKeyFile is set
   # - Parameter --sslCAFile is set
-  result << "--ssl --host #{Facter.value(:fqdn)}" if config['net.ssl.mode'] == 'requireSSL' || !config['net.ssl.PEMKeyFile'].nil? || !config['net.ssl.CAFile'].nil?
+  result << "--ssl --host #{Facter.value(:fqdn)}" if ['allowSSL', 'preferSSL', 'requireSSL'].include? config['net.ssl.mode'] || !config['net.ssl.PEMKeyFile'].nil? || !config['net.ssl.CAFile'].nil?
   result << "--sslPEMKeyFile #{config['net.ssl.PEMKeyFile']}" unless config['net.ssl.PEMKeyFile'].nil?
   result << "--sslCAFile #{config['net.ssl.CAFile']}" unless config['net.ssl.CAFile'].nil?
+  result << "--sslAllowInvalidHostnames" if config['net.ssl.allowInvalidHostnames'] == true
   # use --tls and --host if:
   # - tlsMode is "requireTLS"
   # - Parameter --tlsCertificateKeyFile is set
   # - Parameter --tlsCAFile is set
-  result << "--tls --host #{Facter.value(:fqdn)}" if config['net.tls.mode'] == 'requireTLS' || !config['net.tls.certificateKeyFile'].nil? || !config['net.tls.CAFile'].nil?
+  result << "--tls --host #{Facter.value(:fqdn)}" if ['allowTLS', 'prefeTLS', 'requireTLS'].include? config['net.tls.mode'] || !config['net.tls.certificateKeyFile'].nil? || !config['net.tls.CAFile'].nil?
   result << "--tlsCertificateKeyFile #{config['net.tls.certificateKeyFile']}" unless config['net.tls.certificateKeyFile'].nil?
   result << "--tlsCAFile #{config['net.tls.CAFile']}" unless config['net.tls.CAFile'].nil?
+  result << "--tlsAllowInvalidHostnames" if config['net.tls.allowInvalidHostnames'] == true
 
   result << '--ipv6' unless config['net.ipv6'].nil?
 
diff --git a/lib/puppet/provider/mongodb_user/mongodb.rb b/lib/puppet/provider/mongodb_user/mongodb.rb
@@ -67,7 +67,8 @@ def create
         roles: role_hashes(@resource[:roles], @resource[:database]),
       }
 
-      if mongo_4? || mongo_5?
+      # is this still needed / we only support verion 4 and higher
+      if mongo_4? || mongo_5? || mongo_6?
         if @resource[:auth_mechanism] == :scram_sha_256 # rubocop:disable Naming/VariableNumber
           command[:mechanisms] = ['SCRAM-SHA-256']
           command[:pwd] = @resource[:password]

Original file line number	Diff line number	Diff line change
`@@ -67,7 +67,8 @@ def create`
`67`	`67`	`roles: role_hashes(@resource[:roles], @resource[:database]),`
`68`	`68`	`}`
`69`	`69`
`70`		`- if mongo_4? \|\| mongo_5?`
	`70`	`+ # is this still needed / we only support verion 4 and higher`
	`71`	`+ if mongo_4? \|\| mongo_5? \|\| mongo_6?`
`71`	`72`	`if @resource[:auth_mechanism] == :scram_sha_256 # rubocop:disable Naming/VariableNumber`
`72`	`73`	`command[:mechanisms] = ['SCRAM-SHA-256']`
`73`	`74`	`command[:pwd] = @resource[:password]`