diff options
author | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-06-20 15:26:32 +0200 |
---|---|---|
committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-06-20 15:26:32 +0200 |
commit | 7a1a396a451a884ca1b5e42a431c35c536a402b5 (patch) | |
tree | e3878090bf0a026bdcb98ee83791880bf8457017 | |
parent | fixes (diff) | |
download | concourse-7a1a396a451a884ca1b5e42a431c35c536a402b5.tar.gz concourse-7a1a396a451a884ca1b5e42a431c35c536a402b5.tar.xz |
fixes
-rw-r--r-- | manifests/web.pp | 5 | ||||
-rw-r--r-- | manifests/worker.pp | 2 |
2 files changed, 4 insertions, 3 deletions
diff --git a/manifests/web.pp b/manifests/web.pp index 1aea92a..6354e02 100644 --- a/manifests/web.pp +++ b/manifests/web.pp @@ -51,6 +51,7 @@ # Maps to `CONCOURSE_TSA_HOST_KEY`, and the public part should be passed to each worker. # # @param worker_public_keys +# Explicitly allowed worker public keys. # @param key_dir # @param session_signing_key_file # @param tsa_host_key_file @@ -173,9 +174,9 @@ class concourse::web ( } $worker_public_keys.each |$key| { - concat::fragment { sha1($key): + @@concourse::worker_key { sha1($key): + cluster => $cluster, content => $key, - target => "authorized_worker_keys - ${cluster}", } } diff --git a/manifests/worker.pp b/manifests/worker.pp index b45a3fe..99c8175 100644 --- a/manifests/worker.pp +++ b/manifests/worker.pp @@ -110,7 +110,7 @@ class concourse::worker ( if $export_public_key { @@concourse::worker_key { "${trusted['certname']} worker key": - content => $worker_public_key_file, + source => $worker_public_key_file, cluster => $cluster, # Requiring File[$worker_public_file] would be semantically better, # but it appears like Exec resources don't autorequire their "created" file. |