(PE-38771) Convert plan accepts legacy compilers key in params.json (#476)

* feat(convert): add support for legacy compilers

- Introduced `legacy_compilers` parameter to handle legacy compiler hosts.
- Added logic to filter and categorize legacy compiler targets.
- Updated certificate modification steps to include legacy compiler targets with appropriate extensions.

* feat(convert): ensure all targets are up-to-date post conversion

- Added a step to run puppet on all targets after restarting services.
- Ensures all targets are fully up-to-date after conversion.

* docs(convert): update documentation for PEADM module

- Corrected the module name from 'peadm' to 'PEADM' for consistency.
- Added 'legacy_compilers' section in the example JSON parameters.
- Improved clarity in the description of the `begin_at_step` parameter.
- Fixed minor grammatical issues in the instructions for converting compilers to legacy.

* - Updated REFERENCE.md to include the new parameter.

Author: CoMfUcIoS

Diff for: REFERENCE.md

@@ -1755,6 +1755,7 @@ management using PEAdm.
 
 The following parameters are available in the `peadm::convert` plan:
 
+<<<<<<< HEAD
 - [`primary_host`](#-peadm--convert--primary_host)
 - [`replica_host`](#-peadm--convert--replica_host)
 - [`compiler_hosts`](#-peadm--convert--compiler_hosts)
@@ -1765,6 +1766,19 @@ The following parameters are available in the `peadm::convert` plan:
 - [`internal_compiler_b_pool_address`](#-peadm--convert--internal_compiler_b_pool_address)
 - [`dns_alt_names`](#-peadm--convert--dns_alt_names)
 - [`begin_at_step`](#-peadm--convert--begin_at_step)
+=======
+* [`primary_host`](#-peadm--convert--primary_host)
+* [`replica_host`](#-peadm--convert--replica_host)
+* [`compiler_hosts`](#-peadm--convert--compiler_hosts)
+* [`legacy_compilers`](#-peadm--convert--legacy_compilers)
+* [`primary_postgresql_host`](#-peadm--convert--primary_postgresql_host)
+* [`replica_postgresql_host`](#-peadm--convert--replica_postgresql_host)
+* [`compiler_pool_address`](#-peadm--convert--compiler_pool_address)
+* [`internal_compiler_a_pool_address`](#-peadm--convert--internal_compiler_a_pool_address)
+* [`internal_compiler_b_pool_address`](#-peadm--convert--internal_compiler_b_pool_address)
+* [`dns_alt_names`](#-peadm--convert--dns_alt_names)
+* [`begin_at_step`](#-peadm--convert--begin_at_step)
+>>>>>>> 671839c ((PE-38771) Convert plan accepts legacy compilers key in params.json (#476))
 
 ##### <a name="-peadm--convert--primary_host"></a>`primary_host`
 
@@ -1780,6 +1794,14 @@ Default value: `undef`
 
 Data type: `Optional[TargetSpec]`
 
+Default value: `undef`
+
+##### <a name="-peadm--convert--legacy_compilers"></a>`legacy_compilers`
+
+Data type: `Optional[TargetSpec]`
+
+
+
 Default value: `undef`
 
 ##### <a name="-peadm--convert--primary_postgresql_host"></a>`primary_postgresql_host`

Diff for: documentation/convert.md

@@ -1,6 +1,6 @@
-# Convert infrastructure for use with the peadm module
+# Convert infrastructure for use with the PEADM module
 
-The peadm::convert plan can be used to adopt manually deployed infrastructure for use with peadm, or to adopt infrastructure deployed with an older version of peadm.
+The peadm::convert plan can be used to adopt manually deployed infrastructure for use with PEADM or to adopt infrastructure deployed with an older version of peadm.
 
 ## Convert an Existing Deployment
 
@@ -14,7 +14,10 @@ Prepare to run the plan against all servers in the PE infrastructure, using a pa
     "pe-xl-compiler-0.lab1.puppet.vm",
     "pe-xl-compiler-1.lab1.puppet.vm"
   ],
-
+  "legacy_compilers": [
+    "pe-xl-legacy-compiler-0.lab1.puppet.vm",
+    "pe-xl-legacy-compiler-1.lab1.puppet.vm"
+  ],
   "compiler_pool_address": "puppet.lab1.puppet.vm"
 }
 ```
@@ -29,13 +32,13 @@ bolt plan run peadm::convert --params @params.json
 
 This plan is broken down into steps. Normally, the plan runs through all the steps from start to finish. The name of each step is displayed during the plan run, as the step begins.
 
-The `begin_at_step` parameter can be used to facilitate re-running this plan after a failed attempt, skipping past any steps that already completed successfully on the first try and picking up again at the step specified. The step name to resume at can be read from the previous run logs. A full list of available values for this parameter can be viewed by running `bolt plan show peadm::convert`.
+The `begin_at_step` parameter can be used to facilitate re-running this plan after a failed attempt, skipping past any steps that were already completed successfully on the first try and picking up again at the step specified. The step name to resume can be read from the previous run logs. A full list of available values for this parameter can be viewed by running `bolt plan show peadm::convert`.
 
 ## Convert compilers to legacy
 
 ### Puppet Enterprise installed with puppetlabs-peadm version 3.21 or later
 
-To convert compilers to legacy compilers use the `peadm::convert_compiler_to_legacy` plan. This plan will create the needed Node group and Classifier rules to make the compilers legacy. Also will add certificate extensions to those nodes.
+To convert compilers to legacy compilers use the `peadm::convert_compiler_to_legacy` plan. This plan will create the needed Node group and Classifier rules to make compilers legacy. Also will add certificate extensions to those nodes.
 
 ```shell
 bolt plan run peadm::convert_compiler_to_legacy legacy_hosts=compiler1.example.com,compiler2.example.com primary_host=primary.example.com

Diff for: plans/convert.pp

@@ -10,6 +10,7 @@
 
   # Large
   Optional[TargetSpec]              $compiler_hosts = undef,
+  Optional[TargetSpec]              $legacy_compilers = undef,
 
   # Extra Large
   Optional[Peadm::SingleTargetSpec] $primary_postgresql_host         = undef,
@@ -36,13 +37,15 @@
   $replica_target                   = peadm::get_targets($replica_host, 1)
   $replica_postgresql_target        = peadm::get_targets($replica_postgresql_host, 1)
   $compiler_targets                 = peadm::get_targets($compiler_hosts)
+  $legacy_compiler_targets          = peadm::get_targets($legacy_compilers)
   $primary_postgresql_target        = peadm::get_targets($primary_postgresql_host, 1)
 
   $all_targets = peadm::flatten_compact([
       $primary_target,
       $replica_target,
       $replica_postgresql_target,
       $compiler_targets,
+      $legacy_compiler_targets,
       $primary_postgresql_target,
   ])
 
@@ -53,6 +56,7 @@
     $primary_postgresql_host,
     $replica_postgresql_host,
     $compiler_hosts,
+    $legacy_compilers,
   )
 
   out::message('# Gathering information')
@@ -115,10 +119,36 @@
         $index % 2 != 0
       }
     }
+    $legacy_compiler_a_targets = $legacy_compiler_targets.filter |$index,$target| {
+      $exts = $cert_extensions[$target.peadm::certname()]
+      if ($exts[peadm::oid('peadm_availability_group')] in ['A', 'B']) {
+        $exts[peadm::oid('peadm_availability_group')] == 'A'
+      }
+      elsif ($exts[peadm::oid('pp_cluster')] in ['A', 'B']) {
+        $exts[peadm::oid('pp_cluster')] == 'A'
+      }
+      else {
+        $index % 2 == 0
+      }
+    }
+    $legacy_compiler_b_targets = $legacy_compiler_targets.filter |$index,$target| {
+      $exts = $cert_extensions[$target.peadm::certname()]
+      if ($exts[peadm::oid('peadm_availability_group')] in ['A', 'B']) {
+        $exts[peadm::oid('peadm_availability_group')] == 'B'
+      }
+      elsif ($exts[peadm::oid('pp_cluster')] in ['A', 'B']) {
+        $exts[peadm::oid('pp_cluster')] == 'B'
+      }
+      else {
+        $index % 2 != 0
+      }
+    }
   }
   else {
     $compiler_a_targets = $compiler_targets
     $compiler_b_targets = []
+    $legacy_compiler_a_targets = $legacy_compiler_targets
+    $legacy_compiler_b_targets = []
   }
 
   # Modify csr_attributes.yaml and insert the peadm-specific OIDs to identify
@@ -185,6 +215,7 @@
           add_extensions => {
             peadm::oid('pp_auth_role')             => 'pe_compiler',
             peadm::oid('peadm_availability_group') => 'A',
+            peadm::oid('peadm_legacy_compiler')    => 'false',
           },
         )
       },
@@ -194,6 +225,27 @@
           add_extensions => {
             peadm::oid('pp_auth_role')             => 'pe_compiler',
             peadm::oid('peadm_availability_group') => 'B',
+            peadm::oid('peadm_legacy_compiler')    => 'false',
+          },
+        )
+      },
+      background('modify-compilers-a-certs') || {
+        run_plan('peadm::modify_certificate', $legacy_compiler_a_targets,
+          primary_host   => $primary_target,
+          add_extensions => {
+            peadm::oid('pp_auth_role')             => 'pe_compiler',
+            peadm::oid('peadm_availability_group') => 'A',
+            peadm::oid('peadm_legacy_compiler')    => 'true',
+          },
+        )
+      },
+      background('modify-compilers-b-certs') || {
+        run_plan('peadm::modify_certificate', $legacy_compiler_b_targets,
+          primary_host   => $primary_target,
+          add_extensions => {
+            peadm::oid('pp_auth_role')             => 'pe_compiler',
+            peadm::oid('peadm_availability_group') => 'B',
+            peadm::oid('peadm_legacy_compiler')    => 'true',
           },
         )
       },
@@ -252,6 +304,9 @@
     # completion
     run_command('systemctl restart pe-puppetserver.service pe-puppetdb.service',
     $all_targets - $primary_target - $primary_postgresql_target - $replica_postgresql_target)
+
+    # Run puppet on all targets again to ensure everything is fully up-to-date
+    run_task('peadm::puppet_runonce', $all_targets)
   }
 
   return("Conversion to peadm Puppet Enterprise ${arch['architecture']} completed.")