Description of problem: When an unmanaged client in satellite6 is deleted the Puppet CA client certificate is not removed. Version-Release number of selected component (if applicable): 6.1.9 How reproducible: Always. Steps to Reproduce: 1. Register a host, make sure it's unmanaged 2. Delete host 3. Check Infrastructure -> capsules -> certificates, cert is still there. Actual results: Host is deleted but old certificate is still there, which means re-registering host will fail on puppet. Expected results: Deleted host == deleted certificate etc. Additional info: Nothing happens in foreman-proxy/proxy.log when deleting unmanaged client. API call to remove cert is never executed.
Related: http://projects.theforeman.org/issues/8271 http://projects.theforeman.org/issues/13911
Connecting redmine issue http://projects.theforeman.org/issues/8271 from this bug
Connecting redmine issue http://projects.theforeman.org/issues/13911 from this bug
Upstream bug component is Provisioning
Upstream bug component is Configuration Management
Upstream bug component is Puppet
Can confirm this is still present in 1.17. We use --foreman-unattended=false so we can use foreman as a puppet GUI without the provisioning features. It's highly annoying that when this is used, deleting a host via the API/gui does not delete the puppet cert. This issue needs some love!
Do we have any local reproducer for this issue to get this bug moving?
Thank you for your interest in Satellite 6. We have evaluated this request, and we do not expect this to be implemented in the product in the foreseeable future. We are therefore closing this out as WONTFIX. If you have any concerns about this, please feel free to contact Rich Jerrido or Bryan Kearney. Thank you.
This happens if the host is unmanaged. Reproducer: 1. register the host via subscription-manager register --org --activationkey 2. unregister the host via sm 3. delete the host entry Satellite will create host and content host but the host has set "host": { "managed": "false" }. To fix this: via WebUI: 1. Navigate to Hosts -> All hosts 2. Select the desired host 3. Click on "Edit" and then click on "Manage host" and confirm by hitting the Submit button 4. Then unregister the host by hitting the "Delete" button Puppet agent (host's) certificate should be deleted at this moment. via API: HOST_ID=$(curl -s -m 30 -k -f -u ${SAT_USER}:${SAT_PASSWORD} https://${SATELLITE_SERVER}/api/hosts/?search=name="$(hostname)" | jq '.results[0].id') curl -m 30 -k -X 'PUT' -H 'content-type: application/json' -d '{"host": {"managed": 1 }}' -u ${SAT_USER}:${SAT_PASSWORD} https://${SATELLITE_SERVER}/api/v2/hosts/${HOST_ID} curl -m 30 -k -X 'DELETE' -u ${SAT_USER}:${SAT_PASSWORD} https://${SATELLITE_SERVER}/api/v2/hosts/${HOST_ID} Is this behaviour expected or is it a bug?