From 8a16552269c086b9e37c14a14bbe4c11601b5229 Mon Sep 17 00:00:00 2001
From: Ben Roberts <ben.roberts@gsacapital.com>
Date: Tue, 22 Oct 2024 20:31:32 +0100
Subject: [PATCH] Allow munge_key_content to be provided as Binary type data

Munge key is binary data, and should be serialised into the catalog
as such. Passing the key content in as a string may cause catalog
serialisation to fall back to PSON instead of JSON. When the catalog
is serialised in PSON, binary data may be converted to base64, which
leads to the encoded form of the secret being written to the key file
on disk. If this happens, cluster authentication will fail due to
nodes having different key file contents.

This change allows the key content to be passed in as Binary in
addition to the previous allowed String.
---
 manifests/init.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index 9787647..073639a 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -74,7 +74,7 @@
   Optional[Stdlib::Absolutepath] $conf_dir = undef,
   Optional[Stdlib::Absolutepath] $run_dir = undef,
   Optional[String] $munge_key_source    = undef,
-  Optional[String] $munge_key_content   = undef,
+  Optional[Variant[String,Binary]] $munge_key_content   = undef,
   Boolean $manage_user                  = true,
   String $user                          = 'munge',
   String $group                         = 'munge',