postgresql::postgres_password throws errors when Deferred

[bobnegri]

Describe the Bug

When postgresql::postgres_password is Deferred, it throws one of two possible errors:

Error 1:

$hash_postgresql_db_pw = Deferred('postgresql::postgresql_password', ['puppetdb', $plain_postgresql_db_pw])

Error: Failed to apply catalog: Function postgresql::postgresql_password(): Unknown function: 'postgresql::default'

Error 2:

# Get the hash value: md5 or scram-sha-256
$pwd_encrypt = $postgresql::params::password_encryption

$hash_postgresql_db_pw = Deferred('postgresql::postgresql_password', ['puppetdb', $plain_postgresql_db_pw, false, $pwd_encrypt])

Failed to apply catalog: 'postgresql::postgresql_password' parameter 'hash' references an unresolved type 'Postgresql::Pg_password_encryption'

Expected Behavior

A clear and concise description of what you expected to happen.

Expectation 1:
When function postgresql::postgresql_password is Deferred and only passed username and password, the function should use the built in defaults without throwing an error.

Expectation 2:
When function postgresql::postgresql_password is Deferred and values are provided for username, password, sensitive, and hash, the function should not throw a type error.

Steps to Reproduce

Steps to reproduce the behavior:

1. Go to '...'
2. Click on '....'

Environment

• postgresql-12 10.0.3
• puppet-agent 7.27.0
• puppetdb 7.15.0
• puppetserver 7.14.0
• Ubuntu 20.04.6 LTS

Additional Context

Add any other context about the problem here.

Under postgresql 9.2.0, we did not provide sensitive and hash values and the function worked when Deferred.

[ekohl]

Is this a duplicate of #1560?

[bobnegri]

I'm going to go with, no.

I'm Deferring function 'postgresql::postgresql_password':

$hash_postgresql_db_pw = Deferred('postgresql::postgresql_password', ['puppetdb', $plain_postgresql_db_pw])

Issue #1560 is passing in a Deferred to the class.

class { '::postgresql::server':
    postgres_password => Deferred('unwrap', [$admin_password_vault]),
}

[bastelfreak]

Expectation 2:
When function postgresql::postgresql_password is Deferred and values are provided for username, password, sensitive, and hash, the function should not throw a type error.

are you sure that's not the case? postgresql::postgresql_password() doesn't call postgresql::default() when the hash is set.

[bobnegri-vaerec]

Expectation 2:
When function postgresql::postgresql_password is Deferred and values are provided for username, password, sensitive, and hash, the function should not throw a type error.

are you sure that's not the case? postgresql::postgresql_password() doesn't call postgresql::default() when the hash is set.

Yes. Deferred can't resolve this:

optional_param 'Optional[Postgresql::Pg_password_encryption]', :hash

So even though I'm providing values - and avoiding the Puppet function -- it still fails.

Note: I'm appearing as my work identity rather than my personal login.

[bastelfreak]

Can you provide a PR that switches to native Enum?

[bobnegri]

I'll try and figure out how to do that. (First time.) Going to have to do it off work hours due to the bureaucracy that is my current employer and our client.