Preserve existing csr_attributes data

In the event a csr_attributes.yaml file is already present, don't
overwrite it; instead, merge in the values we need to any values already
present.

Author: reidmv

plans/action/install.pp

@@ -179,38 +179,29 @@
     upload_path => $upload_tarball_path,
   )
 
-  # Create csr_attributes.yaml files for the nodes that need them
-  # There is a problem with OID names in csr_attributes.yaml for some
-  # installs, e.g. PE 2019.0.1, PUP-9746. Use the raw OIDs for now.
-
-  run_task('peadm::mkdir_p_file', $master_target,
-    path    => '/etc/puppetlabs/puppet/csr_attributes.yaml',
-    content => @("HEREDOC"),
-      ---
-      extension_requests:
-        ${peadm::oid('peadm_role')}: "puppet/master"
-        ${peadm::oid('peadm_availability_group')}: "A"
-      | HEREDOC
+  # Create csr_attributes.yaml files for the nodes that need them. Ensure that
+  # if a csr_attributes.yaml file is already present, the values we need are
+  # merged with the existing values.
+
+  run_plan('peadm::util::insert_csr_extensions', $master_target,
+    extensions => {
+      peadm::oid('peadm_role')               => 'puppet/master',
+      peadm::oid('peadm_availability_group') => 'A',
+    },
   )
 
-  run_task('peadm::mkdir_p_file', $puppetdb_database_target,
-    path    => '/etc/puppetlabs/puppet/csr_attributes.yaml',
-    content => @("HEREDOC"),
-      ---
-      extension_requests:
-        ${peadm::oid('peadm_role')}: "puppet/puppetdb-database"
-        ${peadm::oid('peadm_availability_group')}: "A"
-      | HEREDOC
+  run_plan('peadm::util::insert_csr_extensions', $puppetdb_database_target,
+    extensions => {
+      peadm::oid('peadm_role')               => 'puppet/puppetdb-database',
+      peadm::oid('peadm_availability_group') => 'A',
+    },
   )
 
-  run_task('peadm::mkdir_p_file', $puppetdb_database_replica_target,
-    path    => '/etc/puppetlabs/puppet/csr_attributes.yaml',
-    content => @("HEREDOC"),
-      ---
-      extension_requests:
-        ${peadm::oid('peadm_role')}: "puppet/puppetdb-database"
-        ${peadm::oid('peadm_availability_group')}: "B"
-      | HEREDOC
+  run_plan('peadm::util::insert_csr_extensions', $puppetdb_database_replica_target,
+    extensions => {
+      peadm::oid('peadm_role')               => 'puppet/puppetdb-database',
+      peadm::oid('peadm_availability_group') => 'B',
+    },
   )
 
   # Get the master installation up and running. The installer will

plans/util/insert_csr_extensions.pp

@@ -0,0 +1,18 @@
+plan peadm::util::insert_csr_extensions (
+  TargetSpec $targets,
+  Hash       $extensions,
+) {
+  get_targets($targets).each |$target| {
+    $csr_attributes_data = ($csr_file = run_task('peadm::read_file', $target,
+      path => '/etc/puppetlabs/puppet/csr_attributes.yaml',
+    ).first['content']) ? {
+      undef   => { },
+      default => $csr_file.parseyaml,
+    }
+
+    run_task('peadm::mkdir_p_file', $target,
+      path    => '/etc/puppetlabs/puppet/csr_attributes.yaml',
+      content => $csr_attributes_data.deep_merge({'extensions' => $extensions}).to_yaml,
+    )
+  }
+}

tasks/read_file.rb

@@ -2,8 +2,18 @@
 
 require 'json'
 
-params  = JSON.parse(STDIN.read)
-content = File.read(params['path'])
-result  = { 'content' => content }.to_json
-
-puts result
+begin
+  params  = JSON.parse(STDIN.read)
+  content = File.read(params['path'])
+rescue StandardError => err
+  result = {
+    'content' => nil,
+    'error'   => err.message,
+  }
+else
+  result = {
+    'content' => content
+  }
+ensure
+  puts result.to_json
+end