Merge pull request #37 from jyundt/master

Added support for dns_alt_names.

Author: stephenrjohnson

Modulefile

@@ -10,3 +10,4 @@ project_page 'https://github.com/stephenrjohnson/puppetlabs-puppet'
 dependency 'puppetlabs/inifile', '>= 1.0.0'
 dependency 'puppetlabs/apache', '>= 0.8.0'
 dependency 'puppetlabs/puppetdb', '>= 2.0.0'
+dependency 'puppetlabs/stdlib', '>= 3.0.0'

manifests/master.pp

@@ -26,6 +26,7 @@
 #  ['pluginsync']               - Enable plugin sync
 #  ['parser']                   - Which parser to use
 #  ['puppetdb_startup_timeout'] - The timeout for puppetdb
+#  ['dns_alt_names']            - Comma separated list of alternative DNS names
 #
 # Requires:
 #
@@ -70,7 +71,8 @@
   $pluginsync                 = true,
   $parser                     = $::puppet::params::parser,
   $puppetdb_startup_timeout   = '60',
-  $puppetdb_strict_validation = $::puppet::params::puppetdb_strict_validation
+  $puppetdb_strict_validation = $::puppet::params::puppetdb_strict_validation,
+  $dns_alt_names              = ['puppet'],
 ) inherits puppet::params {
 
   anchor { 'puppet::master::begin': }
@@ -116,6 +118,7 @@
     puppet_ssldir          => $::puppet::params::puppet_ssldir,
     certname               => $certname,
     conf_dir               => $::puppet::params::confdir,
+    dns_alt_names          => join($dns_alt_names,","),
   } ->
   Anchor['puppet::master::end']
 
@@ -244,5 +247,11 @@
     }
   }
 
+  ini_setting {'puppetmasterdnsaltnames':
+      ensure  => present,
+      setting => 'dns_alt_names',
+      value   => join($dns_alt_names, ","),
+  }
+
   anchor { 'puppet::master::end': }
 }

manifests/passenger.pp

@@ -37,7 +37,8 @@
   $puppet_conf,
   $puppet_ssldir,
   $certname,
-  $conf_dir
+  $conf_dir,
+  $dns_alt_names
 ){
   include apache
   include puppet::params
@@ -74,7 +75,7 @@
   $crt_clean_cmd  = "puppet cert clean ${certname}"
   # I would have preferred to use puppet cert generate, but it does not
   # return the corret exit code on some versions of puppet
-  $crt_gen_cmd   = "puppet certificate --ca-location=local --dns_alt_names=puppet generate ${certname}"
+  $crt_gen_cmd   = "puppet certificate --ca-location=local --dns_alt_names=$dns_alt_names generate ${certname}"
   # I am using the sign command here b/c AFAICT, the sign command for certificate
   # does not work
   $crt_sign_cmd  = "puppet cert sign --allow-dns-alt-names ${certname}"

spec/classes/puppet_master_spec.rb

@@ -21,7 +21,8 @@
                 :autosign               => 'true',
                 :certname               => 'test.example.com',
                 :storeconfigs           => 'true',
-                :storeconfigs_dbserver  => 'test.example.com'
+                :storeconfigs_dbserver  => 'test.example.com',
+                :dns_alt_names          => ['puppet']
 
             }
         end
@@ -128,6 +129,13 @@
                 :path    => '/etc/puppet/puppet.conf',
                 :value   => 'true'
             )
+            should contain_ini_setting('puppetmasterdnsaltnames').with(
+                :ensure  => 'present',
+                :section => 'master',
+                :setting => 'dns_alt_names',
+                :path    => '/etc/puppet/puppet.conf',
+                :value   => params[:dns_alt_names].join(',')
+            )
             should contain_anchor('puppet::master::begin').with_before(
               ['Class[Puppet::Passenger]', 'Class[Puppet::Storeconfigs]']
             )
@@ -154,7 +162,8 @@
                 :autosign               => 'true',
                 :certname               => 'test.example.com',
                 :storeconfigs           => 'true',
-                :storeconfigs_dbserver  => 'test.example.com'
+                :storeconfigs_dbserver  => 'test.example.com',
+                :dns_alt_names          => ['puppet']
 
             }
         end
@@ -260,6 +269,13 @@
                 :path    => '/etc/puppet/puppet.conf',
                 :value   => 'true'
             )
+            should contain_ini_setting('puppetmasterdnsaltnames').with(
+                :ensure  => 'present',
+                :section => 'master',
+                :setting => 'dns_alt_names',
+                :path    => '/etc/puppet/puppet.conf',
+                :value   => params[:dns_alt_names].join(',')
+            )
             should contain_anchor('puppet::master::begin').with_before(
               ['Class[Puppet::Passenger]', 'Class[Puppet::Storeconfigs]']
             )

spec/classes/puppet_passenger_spec.rb

@@ -10,6 +10,7 @@
                 :puppet_ssldir          => '/var/lib/puppet/ssl',
                 :certname               => 'test.test.com',
                 :conf_dir               => '/etc/puppet',
+                :dns_alt_names          => ['puppet'],
         }
         end
     context 'on Debian' do
@@ -29,7 +30,7 @@
                 should contain_exec('Certificate_Check').with(
                     :command =>
                       "puppet cert clean #{params[:certname]} ; " +
-                      "puppet certificate --ca-location=local --dns_alt_names=puppet generate #{params[:certname]}" +
+                      "puppet certificate --ca-location=local --dns_alt_names=#{params[:dns_alt_names].join(',')} generate #{params[:certname]}" +
                       " && puppet cert sign --allow-dns-alt-names #{params[:certname]}" +
                       " && puppet certificate --ca-location=local find #{params[:certname]}",
                     :unless  => "/bin/ls #{params[:puppet_ssldir]}/certs/#{params[:certname]}.pem",

spec/spec_helper_system.rb

@@ -24,6 +24,7 @@
         shell('puppet module install puppetlabs-inifile --version ">= 1.0.0"')
         shell('puppet module install puppetlabs-apache --version ">= 0.8.0"')
         shell('puppet module install puppetlabs-puppetdb --version ">= 2.0.0"')
+        shell('puppet module install puppetlabs-stdlib --version ">= 3.0.0"')
         if node.facts['osfamily'] == 'Debian'
             shell('puppet module install puppetlabs-apt')
         end