diff options
| author |   Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2017-08-04 11:15:45 +0300 |
|---|---|---|
| committer | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2017-08-11 04:06:14 +0000 |
| commit | 040411c2a4f8b1fbd1e4a5598e5ea0e6a4306e06 (patch) | |
| tree | 4b41b815cbfb42de63f0aeda1f69c3986357e710 | |
| parent | f41922902eb2649ba6eee0c43fb32d623f76c7ec (diff) | |
Modify resource dependencies of certmonger_user resources
In a containerized environment the haproxy class might not be defined,
so this was made optional. On the other hand, this also retrieves the
CRL before any certmonger_certificate resources are created.
bp tls-via-certmonger-containers
Change-Id: I2078da7757ff3af1d05d36315fcebd54bb4ca3ec
| -rw-r--r-- | manifests/certmonger/haproxy.pp | 13 | ||||
| -rw-r--r-- | manifests/profile/base/certmonger_user.pp | 5 |
2 files changed, 11 insertions, 7 deletions
diff --git a/manifests/certmonger/haproxy.pp b/manifests/certmonger/haproxy.pp index 3def337..d4f4ad2 100644 --- a/manifests/certmonger/haproxy.pp +++ b/manifests/certmonger/haproxy.pp @@ -88,13 +88,14 @@ define tripleo::certmonger::haproxy ( require => Class['::certmonger'], } concat { $service_pem : - ensure => present, - mode => '0640', - owner => 'haproxy', - group => 'haproxy', - tag => 'haproxy-cert', - require => Package[$::haproxy::params::package_name], + ensure => present, + mode => '0640', + owner => 'haproxy', + group => 'haproxy', + tag => 'haproxy-cert', } + Package<| name == $::haproxy::params::package_name |> -> Concat[$service_pem] + concat::fragment { "${title}-cert-fragment": target => $service_pem, source => $service_certificate, diff --git a/manifests/profile/base/certmonger_user.pp b/manifests/profile/base/certmonger_user.pp index 231a1d0..2ac4b6e 100644 --- a/manifests/profile/base/certmonger_user.pp +++ b/manifests/profile/base/certmonger_user.pp @@ -80,13 +80,16 @@ class tripleo::profile::base::certmonger_user ( unless empty($haproxy_certificates_specs) { $reload_haproxy = ['systemctl reload haproxy'] Class['::tripleo::certmonger::ca::crl'] ~> Haproxy::Balancermember<||> - Class['::tripleo::certmonger::ca::crl'] ~> Class['::haproxy'] + if defined(Class['::haproxy']) { + Class['::tripleo::certmonger::ca::crl'] ~> Class['::haproxy'] + } } else { $reload_haproxy = [] } class { '::tripleo::certmonger::ca::crl' : reload_cmds => $reload_haproxy, } + Certmonger_certificate<||> -> Class['::tripleo::certmonger::ca::crl'] include ::tripleo::certmonger::ca::libvirt unless empty($apache_certificates_specs) { |