The comments in ceph::client say:
# [*keys*]
# (required) List of pairs of key names & secrets.
# At least a key named 'admin' should be passed.
# Example: {
# 'admin' => {
# secret => 'secretadmin'
# keyring_path => '/etc/ceph/ceph.client.admin.keyring'
# },
# 'client1' => {
# secret => 'secretclient1',
# keyring_path => '/etc/ceph/ceph.client.client1.keyring'
# }
# }
# Note: if path is ommited, the current default from enovance/puppet-ceph
# will be used: '/var/lib/ceph/tmp/${name}.keyring' which might be unsafe
Yet ceph::key has:
define ceph::key (
$secret,
$keyring_path = "/var/lib/ceph/tmp/${name}.keyring",
$keyname_int,
) {
so keyname_int is required.
Though you could fix the comments, I personally think that keyname_int could default to the $name or $title of the resource. I feel like I'm specifying that value multiple times. Here's my example:
$ceph_keys = {'xyzkey' => {
keyring_path => '/etc/ceph/ceph.client.xyzkey.keyring',
secret => hiera('xyzkey::ceph::secret'),
keyname_int => 'xyzkey'
}
}
Note how 'xyzkey' is repeated several times. I think at least keyname_int could default to the name of the resource.
The comments in ceph::client say:
Yet ceph::key has:
so keyname_int is required.
Though you could fix the comments, I personally think that keyname_int could default to the $name or $title of the resource. I feel like I'm specifying that value multiple times. Here's my example:
Note how 'xyzkey' is repeated several times. I think at least keyname_int could default to the name of the resource.