When passing non-fqdn name for the NodeName the certificate is still generated with cn set to fqdn

[kaprizki]

Expected Behavior

In AWS I would like to generate certificates for the master and clients using icinga2 cert tools with cn set to the NodeName. Node name in my case is aws instance id on the client and predefined DNS name on the master.

Current Behavior

Currently even if you set NodeName to custom value module ignores it and creates certificates with CN set to fqdn of the nodes.

Possible Solution

In the manifests/pki/ca.pp and manifests/feature/api.pp while setting value on $NodeName it constants has should be used that includes values passed to the class, vs _constants that only includes default values.

Proposed PR: #329

  $user          = $::icinga2::params::user
  $group         = $::icinga2::params::group
  $node_name     = $::icinga2::_constants['NodeName']

should be

  $user          = $::icinga2::params::user
  $group         = $::icinga2::params::group
  $node_name     = $::icinga2::constants['NodeName']

Steps to Reproduce (for bugs)

1. Setup then client node using custom node name - not fqdn name.
2. Make sure pki is set to 'icinga2'.
3. Generated certificate is generated with CN name set to fqdn and service refuses to start with endpoint not found.

Context

Trying to setup NodeName to be aws id on client icinga nodes and predefined DNS name on master node.

Your Environment

• Module version 1.3.0:
• Puppet version 4.10.1:
• Operating System and version: Amazon Linux for clients, master runs on Ubuntu

[lbetz]

related to #319

[lbetz]

_constants is a merge of defaults and settings/parameters of the icinga2 class. Last one is stronger.