Allow munge_key_content to be provided as Binary type data

Munge key is binary data, and should be serialised into the catalog as such. Passing the key content in as a string may cause catalog serialisation to fall back to PSON instead of JSON. When the catalog is serialised in PSON, binary data may be converted to base64, which leads to the encoded form of the secret being written to the key file on disk. If this happens, cluster authentication will fail due to nodes having different key file contents. This change allows the key content to be passed in as Binary in addition to the previous allowed String.
treydock · Oct 22, 2024 · 8a16552 · 8a16552
1 parent e3abaff
commit 8a16552
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -74,7 +74,7 @@
   Optional[Stdlib::Absolutepath] $conf_dir = undef,
   Optional[Stdlib::Absolutepath] $run_dir = undef,
   Optional[String] $munge_key_source    = undef,
-  Optional[String] $munge_key_content   = undef,
+  Optional[Variant[String,Binary]] $munge_key_content   = undef,
   Boolean $manage_user                  = true,
   String $user                          = 'munge',
   String $group                         = 'munge',