Skip to content

Remove update-ca-trust enable step #3954

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Remove update-ca-trust enable step #3954

wants to merge 1 commit into from

Conversation

ekohl
Copy link
Member

@ekohl ekohl commented Jun 23, 2025

What changes are you introducing?

Always only run update-ca-trust extract.

Why are you introducing these changes? (Explanation, links to references, issues, etc.)

The enable command was never valid. On EL 7 & 8 it was just ignored so effectively it ran twice. On EL 9 there is argument parsing and enable emits a deprecation warning to use extract. On EL 10 the enable command is no longer accepted and only extract is valid.

Anything else to add? (Considerations, potential downsides, alternative solutions you have explored, etc.)

voxpupuli/puppet-trusted_ca@b3416c5 is where I originally wrote down my findings in the period that ca-certificates on EL9 didn't accept enable at all. It has since started to accept it again, with a deprecation warning.

Checklists

  • I am okay with my commits getting squashed when you merge this PR.
  • I am familiar with the contributing guidelines.

Please cherry-pick my commits into:

  • Foreman 3.15/Katello 4.17
  • Foreman 3.14/Katello 4.16 (Satellite 6.17)
  • Foreman 3.13/Katello 4.15 (EL9 only)
  • Foreman 3.12/Katello 4.14 (Satellite 6.16; orcharhino 7.2 on EL9 only)
  • Foreman 3.11/Katello 4.13 (orcharhino 6.11 on EL8 only; orcharhino 7.0 on EL8+EL9; orcharhino 7.1 with Leapp)
  • Foreman 3.10/Katello 4.12
  • Foreman 3.9/Katello 4.11 (Satellite 6.15; orcharhino 6.8/6.9/6.10)
  • We do not accept PRs for Foreman older than 3.9.

@ekohl
Remove update-ca-trust enable step
58a1de2 
The enable command was never valid. On EL 7 & 8 it was just ignored so
effectively it ran twice. On EL 9 there is argument parsing and enable
emits a deprecation warning to use extract. On EL 10 the enable command
is no longer accepted and only extract is valid.
@github-actions github-actions bot added Needs tech review Requires a review from the technical perspective Needs style review Requires a review from docs style/grammar perspective Needs testing Requires functional testing labels Jun 23, 2025
@github-actions GitHub Actions
Copy link

The PR preview for 58a1de2 is available at theforeman-foreman-documentation-preview-pr-3954.surge.sh

The following output files are affected by this PR:

show diff

show diff as HTML

@maximiliankolb maximiliankolb mentioned this pull request Jun 23, 2025
Open
@ekohl ekohl mentioned this pull request Jun 23, 2025
Open
9 tasks
maximiliankolb
maximiliankolb approved these changes Jun 23, 2025
View reviewed changes
Copy link
Contributor

@maximiliankolb maximiliankolb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM style-wise. Would you mind doing a tech review @m-bucher ?

FYI: In foreman on "devel", I still found one instance:

$ rg "update-ca-trust"
app/views/unattended/provisioning_templates/snippet/ca_registration.erb
31:      update-ca-trust

@maximiliankolb maximiliankolb added style review done No issues from docs style/grammar perspective and removed Needs style review Requires a review from docs style/grammar perspective labels Jun 23, 2025
@ekohl
Copy link
Member Author

ekohl commented Jun 23, 2025

FYI: In foreman on "devel", I still found one instance:

Without a parameter is technically not a problem because that's the same as extract, but good to review regardless.

@maximiliankolb
Copy link
Contributor

@m-bucher Can you please do a tech review?

@maximiliankolb
Copy link
Contributor

Friendly reminder: @m-bucher Can you please do a tech review?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maximiliankolb maximiliankolb maximiliankolb approved these changes

Assignees
No one assigned
Labels
Needs tech review Requires a review from the technical perspective Needs testing Requires functional testing style review done No issues from docs style/grammar perspective
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ekohl @maximiliankolb