From 7702058c05d0a69330915d16ac4994584543bb96 Mon Sep 17 00:00:00 2001
From: Ioannis Karasavvaidis <ioannis@puppet.com>
Date: Wed, 14 Aug 2024 15:11:27 +0100
Subject: [PATCH 1/4] feat(convert): add support for legacy compilers

- Introduced `legacy_compilers` parameter to handle legacy compiler hosts.
- Added logic to filter and categorize legacy compiler targets.
- Updated certificate modification steps to include legacy compiler targets with appropriate extensions.
---
 plans/convert.pp | 52 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)

diff --git a/plans/convert.pp b/plans/convert.pp
index 1995a0b0..a49daac7 100644
--- a/plans/convert.pp
+++ b/plans/convert.pp
@@ -10,6 +10,7 @@
 
   # Large
   Optional[TargetSpec]              $compiler_hosts = undef,
+  Optional[TargetSpec]              $legacy_compilers = undef,
 
   # Extra Large
   Optional[Peadm::SingleTargetSpec] $primary_postgresql_host         = undef,
@@ -36,6 +37,7 @@
   $replica_target                   = peadm::get_targets($replica_host, 1)
   $replica_postgresql_target        = peadm::get_targets($replica_postgresql_host, 1)
   $compiler_targets                 = peadm::get_targets($compiler_hosts)
+  $legacy_compiler_targets          = peadm::get_targets($legacy_compilers)
   $primary_postgresql_target        = peadm::get_targets($primary_postgresql_host, 1)
 
   $all_targets = peadm::flatten_compact([
@@ -43,6 +45,7 @@
       $replica_target,
       $replica_postgresql_target,
       $compiler_targets,
+      $legacy_compiler_targets,
       $primary_postgresql_target,
   ])
 
@@ -53,6 +56,7 @@
     $primary_postgresql_host,
     $replica_postgresql_host,
     $compiler_hosts,
+    $legacy_compilers,
   )
 
   out::message('# Gathering information')
@@ -115,10 +119,36 @@
         $index % 2 != 0
       }
     }
+    $legacy_compiler_a_targets = $legacy_compiler_targets.filter |$index,$target| {
+      $exts = $cert_extensions[$target.peadm::certname()]
+      if ($exts[peadm::oid('peadm_availability_group')] in ['A', 'B']) {
+        $exts[peadm::oid('peadm_availability_group')] == 'A'
+      }
+      elsif ($exts[peadm::oid('pp_cluster')] in ['A', 'B']) {
+        $exts[peadm::oid('pp_cluster')] == 'A'
+      }
+      else {
+        $index % 2 == 0
+      }
+    }
+    $legacy_compiler_b_targets = $legacy_compiler_targets.filter |$index,$target| {
+      $exts = $cert_extensions[$target.peadm::certname()]
+      if ($exts[peadm::oid('peadm_availability_group')] in ['A', 'B']) {
+        $exts[peadm::oid('peadm_availability_group')] == 'B'
+      }
+      elsif ($exts[peadm::oid('pp_cluster')] in ['A', 'B']) {
+        $exts[peadm::oid('pp_cluster')] == 'B'
+      }
+      else {
+        $index % 2 != 0
+      }
+    }
   }
   else {
     $compiler_a_targets = $compiler_targets
     $compiler_b_targets = []
+    $legacy_compiler_a_targets = $legacy_compiler_targets
+    $legacy_compiler_b_targets = []
   }
 
   # Modify csr_attributes.yaml and insert the peadm-specific OIDs to identify
@@ -185,6 +215,7 @@
           add_extensions => {
             peadm::oid('pp_auth_role')             => 'pe_compiler',
             peadm::oid('peadm_availability_group') => 'A',
+            peadm::oid('peadm_legacy_compiler')    => 'false',
           },
         )
       },
@@ -194,6 +225,27 @@
           add_extensions => {
             peadm::oid('pp_auth_role')             => 'pe_compiler',
             peadm::oid('peadm_availability_group') => 'B',
+            peadm::oid('peadm_legacy_compiler')    => 'false',
+          },
+        )
+      },
+      background('modify-compilers-a-certs') || {
+        run_plan('peadm::modify_certificate', $legacy_compiler_a_targets,
+          primary_host   => $primary_target,
+          add_extensions => {
+            peadm::oid('pp_auth_role')             => 'pe_compiler',
+            peadm::oid('peadm_availability_group') => 'A',
+            peadm::oid('peadm_legacy_compiler')    => 'true',
+          },
+        )
+      },
+      background('modify-compilers-b-certs') || {
+        run_plan('peadm::modify_certificate', $legacy_compiler_b_targets,
+          primary_host   => $primary_target,
+          add_extensions => {
+            peadm::oid('pp_auth_role')             => 'pe_compiler',
+            peadm::oid('peadm_availability_group') => 'B',
+            peadm::oid('peadm_legacy_compiler')    => 'true',
           },
         )
       },

From 4c114a503ad0c0c13fb205b1dea7a36d50c88f0d Mon Sep 17 00:00:00 2001
From: Ioannis Karasavvaidis <ioannis@puppet.com>
Date: Thu, 15 Aug 2024 12:55:45 +0100
Subject: [PATCH 2/4] feat(convert): ensure all targets are up-to-date post
 conversion

- Added a step to run puppet on all targets after restarting services.
- Ensures all targets are fully up-to-date after conversion.
---
 plans/convert.pp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/plans/convert.pp b/plans/convert.pp
index a49daac7..f452e81c 100644
--- a/plans/convert.pp
+++ b/plans/convert.pp
@@ -304,6 +304,9 @@
     # completion
     run_command('systemctl restart pe-puppetserver.service pe-puppetdb.service',
     $all_targets - $primary_target - $primary_postgresql_target - $replica_postgresql_target)
+
+    # Run puppet on all targets again to ensure everything is fully up-to-date
+    run_task('peadm::puppet_runonce', $all_targets)
   }
 
   return("Conversion to peadm Puppet Enterprise ${arch['architecture']} completed.")

From c6568fa00d98c57fa5271da90eff73011fda28f5 Mon Sep 17 00:00:00 2001
From: Ioannis Karasavvaidis <ioannis@puppet.com>
Date: Thu, 15 Aug 2024 16:05:50 +0100
Subject: [PATCH 3/4] docs(convert): update documentation for PEADM module

- Corrected the module name from 'peadm' to 'PEADM' for consistency.
- Added 'legacy_compilers' section in the example JSON parameters.
- Improved clarity in the description of the `begin_at_step` parameter.
- Fixed minor grammatical issues in the instructions for converting compilers to legacy.
---
 documentation/convert.md | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/documentation/convert.md b/documentation/convert.md
index 30242ef0..c0ec001f 100644
--- a/documentation/convert.md
+++ b/documentation/convert.md
@@ -1,6 +1,6 @@
-# Convert infrastructure for use with the peadm module
+# Convert infrastructure for use with the PEADM module
 
-The peadm::convert plan can be used to adopt manually deployed infrastructure for use with peadm, or to adopt infrastructure deployed with an older version of peadm.
+The peadm::convert plan can be used to adopt manually deployed infrastructure for use with PEADM or to adopt infrastructure deployed with an older version of peadm.
 
 ## Convert an Existing Deployment
 
@@ -14,7 +14,10 @@ Prepare to run the plan against all servers in the PE infrastructure, using a pa
     "pe-xl-compiler-0.lab1.puppet.vm",
     "pe-xl-compiler-1.lab1.puppet.vm"
   ],
-
+  "legacy_compilers": [
+    "pe-xl-legacy-compiler-0.lab1.puppet.vm",
+    "pe-xl-legacy-compiler-1.lab1.puppet.vm"
+  ],
   "compiler_pool_address": "puppet.lab1.puppet.vm"
 }
 ```
@@ -29,13 +32,13 @@ bolt plan run peadm::convert --params @params.json
 
 This plan is broken down into steps. Normally, the plan runs through all the steps from start to finish. The name of each step is displayed during the plan run, as the step begins.
 
-The `begin_at_step` parameter can be used to facilitate re-running this plan after a failed attempt, skipping past any steps that already completed successfully on the first try and picking up again at the step specified. The step name to resume at can be read from the previous run logs. A full list of available values for this parameter can be viewed by running `bolt plan show peadm::convert`.
+The `begin_at_step` parameter can be used to facilitate re-running this plan after a failed attempt, skipping past any steps that were already completed successfully on the first try and picking up again at the step specified. The step name to resume can be read from the previous run logs. A full list of available values for this parameter can be viewed by running `bolt plan show peadm::convert`.
 
 ## Convert compilers to legacy
 
 ### Puppet Enterprise installed with puppetlabs-peadm version 3.21 or later
 
-To convert compilers to legacy compilers use the `peadm::convert_compiler_to_legacy` plan. This plan will create the needed Node group and Classifier rules to make the compilers legacy. Also will add certificate extensions to those nodes.
+To convert compilers to legacy compilers use the `peadm::convert_compiler_to_legacy` plan. This plan will create the needed Node group and Classifier rules to make compilers legacy. Also will add certificate extensions to those nodes.
 
 ```shell
 bolt plan run peadm::convert_compiler_to_legacy legacy_hosts=compiler1.example.com,compiler2.example.com primary_host=primary.example.com

From b6cd93c3ce20cd94ec39a0a137cfd7eab436a0f5 Mon Sep 17 00:00:00 2001
From: Ioannis Karasavvaidis <ioannis@puppet.com>
Date: Thu, 15 Aug 2024 16:13:15 +0100
Subject: [PATCH 4/4] - Updated REFERENCE.md to include the new parameter.

---
 REFERENCE.md | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/REFERENCE.md b/REFERENCE.md
index 3af295d9..4cc9a196 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -1719,6 +1719,7 @@ The following parameters are available in the `peadm::convert` plan:
 * [`primary_host`](#-peadm--convert--primary_host)
 * [`replica_host`](#-peadm--convert--replica_host)
 * [`compiler_hosts`](#-peadm--convert--compiler_hosts)
+* [`legacy_compilers`](#-peadm--convert--legacy_compilers)
 * [`primary_postgresql_host`](#-peadm--convert--primary_postgresql_host)
 * [`replica_postgresql_host`](#-peadm--convert--replica_postgresql_host)
 * [`compiler_pool_address`](#-peadm--convert--compiler_pool_address)
@@ -1747,6 +1748,14 @@ Data type: `Optional[TargetSpec]`
 
 
 
+Default value: `undef`
+
+##### <a name="-peadm--convert--legacy_compilers"></a>`legacy_compilers`
+
+Data type: `Optional[TargetSpec]`
+
+
+
 Default value: `undef`
 
 ##### <a name="-peadm--convert--primary_postgresql_host"></a>`primary_postgresql_host`