Merge "Deprecate support for [p11_crypto_plugin]token_label"

2021-03-19 12:51:33 +00:00 · 2021-03-19 12:51:33 +00:00 · a89b6a97ee
commit a89b6a97ee
parent 1815e11384 4403fe7247
2 changed files with 23 additions and 6 deletions
--- a/manifests/plugins/p11_crypto.pp
+++ b/manifests/plugins/p11_crypto.pp
@ -23,10 +23,6 @@
 #   (optional) Serial number to identify PKCS#11 token
 #   Defaults to $::os_service_default
 #
-# [*p11_crypto_plugin_token_label*]
-#   (optional) Label to identify PKCS#11 token
-#   Defaults to $::os_service_default
-#
 # [*p11_crypto_plugin_token_labels*]
 #   (optional) List of comma-separated labels to identify
 #   PKCS#11 tokens to be used.
@ -65,6 +61,12 @@
 #   (optional) set plugin as global default
 #   Defaults to false
 #
+# DEPRECATED PARAMETERS
+#
+# [*p11_crypto_plugin_token_label*]
+#   (optional) Label to identify PKCS#11 token
+#   Defaults to undef
+#
 class barbican::plugins::p11_crypto (
  $p11_crypto_plugin_library_path,
  $p11_crypto_plugin_login,
@ -72,7 +74,6 @@ class barbican::plugins::p11_crypto (
  $p11_crypto_plugin_mkek_length,
  $p11_crypto_plugin_hmac_label,
  $p11_crypto_plugin_token_serial_number   = $::os_service_default,
-  $p11_crypto_plugin_token_label           = $::os_service_default,
  $p11_crypto_plugin_token_labels          = $::os_service_default,
  $p11_crypto_plugin_slot_id               = $::os_service_default,
  $p11_crypto_plugin_encryption_mechanism  = $::os_service_default,
@ -81,10 +82,20 @@ class barbican::plugins::p11_crypto (
  $p11_crypto_plugin_aes_gcm_generate_iv   = $::os_service_default,
  $p11_crypto_plugin_os_locking_ok         = $::os_service_default,
  $global_default                          = false,
+  # DEPRECATED PARAMETERS
+  $p11_crypto_plugin_token_label           = undef,
 ) {

  include barbican::deps

+  if $p11_crypto_plugin_token_label != undef {
+    warning('The p11_crypto_plugin_token_label parameter has been deprecated. \
+Use the p11_crypto_plugin_token_labels parameter instead')
+    $p11_crypto_plugin_token_label_real = $p11_crypto_plugin_token_label
+  } else {
+    $p11_crypto_plugin_token_label_real = $::os_service_default
+  }
+
  barbican_config {
    'p11_crypto_plugin/library_path':          value => $p11_crypto_plugin_library_path;
    'p11_crypto_plugin/login':                 value => $p11_crypto_plugin_login;
@ -92,7 +103,7 @@ class barbican::plugins::p11_crypto (
    'p11_crypto_plugin/mkek_length':           value => $p11_crypto_plugin_mkek_length;
    'p11_crypto_plugin/hmac_label':            value => $p11_crypto_plugin_hmac_label;
    'p11_crypto_plugin/token_serial_number':   value => $p11_crypto_plugin_token_serial_number;
-    'p11_crypto_plugin/token_label':           value => $p11_crypto_plugin_token_label;
+    'p11_crypto_plugin/token_label':           value => $p11_crypto_plugin_token_label_real;
    'p11_crypto_plugin/token_labels':          value => $p11_crypto_plugin_token_labels;
    'p11_crypto_plugin/slot_id':               value => $p11_crypto_plugin_slot_id;
    'p11_crypto_plugin/encryption_mechanism':  value => $p11_crypto_plugin_encryption_mechanism;
--- a/releasenotes/notes/deprecate-p11_crypto_plugin_token_label-a055b1ea71604914.yaml
+++ b/releasenotes/notes/deprecate-p11_crypto_plugin_token_label-a055b1ea71604914.yaml
@ -0,0 +1,6 @@
+---
+deprecations:
+  - |
+    The ``barbican::plugins::p11_crypto::p11_crypto_plugin_token_label``
+    parameter has been deprecated. Use the ``p11_crypto_plugin_token_labels``
+    parameter instead.