Skip to content

Commit 95f141e

Browse files
ehelmsekohl
ehelms
authored and
ekohl
committed
Provide certs as input to boostrap_rpm class
Signed-off-by: Eric D. Helms <[email protected]>
1 parent 5caacb0 commit 95f141e

File tree

3 files changed

+86
-29
lines changed

3 files changed

+86
-29
lines changed

manifests/bootstrap_rpm.pp

Lines changed: 10 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -2,18 +2,15 @@
22
# This file is placed in $rpm_serve_dir.
33
# @api private
44
class foreman_proxy_content::bootstrap_rpm (
5+
Stdlib::Absolutepath $server_ca_cert,
6+
String $server_ca_name,
7+
Stdlib::Absolutepath $default_ca_cert,
8+
String $default_ca_name,
59
Stdlib::Fqdn $rhsm_hostname = $facts['networking']['fqdn'],
610
Stdlib::Port $rhsm_port = 443,
711
Pattern[/\A(\/[a-zA-Z0-9]+)+(\/)?\z/] $rhsm_path = '/rhsm',
812
Stdlib::Absolutepath $rpm_serve_dir = '/var/www/html/pub',
913
) {
10-
include certs
11-
12-
$katello_server_ca_cert = $certs::katello_server_ca_cert
13-
$server_ca_name = $certs::server_ca_name
14-
$default_ca_name = $certs::default_ca_name
15-
$ca_cert = $certs::ca_cert
16-
1714
$katello_rhsm_setup_script = 'katello-rhsm-consumer'
1815
$katello_rhsm_setup_script_location = "/usr/bin/${katello_rhsm_setup_script}"
1916
$candlepin_cert_rpm_alias_filename = 'katello-ca-consumer-latest.noarch.rpm'
@@ -22,8 +19,8 @@
2219

2320
include trusted_ca
2421
trusted_ca::ca { 'katello_server-host-cert':
25-
source => $katello_server_ca_cert,
26-
require => File[$katello_server_ca_cert],
22+
source => $server_ca_cert,
23+
require => File[$server_ca_cert],
2724
}
2825

2926
package { 'rpm-build':
@@ -41,16 +38,16 @@
4138
# Placing the CA in the pub dir for trusting by a user in their browser
4239
file { "${rpm_serve_dir}/${server_ca_name}.crt":
4340
ensure => file,
44-
source => $katello_server_ca_cert,
41+
source => $server_ca_cert,
4542
owner => 'root',
4643
group => 'root',
4744
mode => '0644',
48-
require => File[$katello_server_ca_cert],
45+
require => File[$server_ca_cert],
4946
} ->
5047
rhsm_reconfigure_script { "${rpm_serve_dir}/${katello_rhsm_setup_script}":
5148
ensure => present,
52-
default_ca_cert => $ca_cert,
53-
server_ca_cert => $katello_server_ca_cert,
49+
default_ca_cert => $default_ca_cert,
50+
server_ca_cert => $server_ca_cert,
5451
default_ca_name => $default_ca_name,
5552
server_ca_name => $server_ca_name,
5653
rhsm_hostname => $rhsm_hostname,

manifests/init.pp

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -307,9 +307,13 @@
307307
}
308308

309309
class { 'foreman_proxy_content::bootstrap_rpm':
310-
rhsm_hostname => $client_facing_servername,
311-
rhsm_port => $rhsm_port,
312-
rhsm_path => $rhsm_path,
310+
rhsm_hostname => $client_facing_servername,
311+
rhsm_port => $rhsm_port,
312+
rhsm_path => $rhsm_path,
313+
server_ca_cert => $certs::katello_server_ca_cert,
314+
server_ca_name => $certs::server_ca_name,
315+
default_ca_cert => $certs::katello_default_ca_cert,
316+
default_ca_name => $certs::default_ca_name,
313317
}
314318

315319
# smart_proxy_pulp dynamically retrieves the Pulp content types and Katello

spec/acceptance/bootstrap_rpm_spec.rb

Lines changed: 69 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,14 @@
1010
it_behaves_like 'an idempotent resource' do
1111
let(:manifest) do
1212
<<-PUPPET
13-
include foreman_proxy_content::bootstrap_rpm
13+
include certs
14+
15+
class { 'foreman_proxy_content::bootstrap_rpm':
16+
server_ca_cert => $certs::katello_server_ca_cert,
17+
server_ca_name => $certs::server_ca_name,
18+
default_ca_cert => $certs::katello_default_ca_cert,
19+
default_ca_name => $certs::default_ca_name,
20+
}
1421
1522
package { "katello-ca-consumer-#{host_inventory['fqdn']}":
1623
ensure => installed,
@@ -89,8 +96,19 @@
8996

9097
context 'ensure symlink is present if deleted' do
9198
it 'removes symlink and re-applies the manifest' do
99+
manifest = <<-PUPPET
100+
include certs
101+
102+
class { 'foreman_proxy_content::bootstrap_rpm':
103+
server_ca_cert => $certs::katello_server_ca_cert,
104+
server_ca_name => $certs::server_ca_name,
105+
default_ca_cert => $certs::katello_default_ca_cert,
106+
default_ca_name => $certs::default_ca_name,
107+
}
108+
PUPPET
109+
92110
apply_manifest("exec { '/bin/unlink /var/www/html/pub/katello-ca-consumer-latest.noarch.rpm': }", catch_failures: true)
93-
apply_manifest("class { 'foreman_proxy_content::bootstrap_rpm': }", catch_failures: true)
111+
apply_manifest(manifest, catch_failures: true)
94112
end
95113

96114
describe file("/var/www/html/pub/katello-ca-consumer-#{host_inventory['fqdn']}-1.0-1.noarch.rpm") do
@@ -124,7 +142,14 @@
124142
it_behaves_like 'an idempotent resource' do
125143
let(:manifest) do
126144
<<-PUPPET
127-
include foreman_proxy_content::bootstrap_rpm
145+
include certs
146+
147+
class { 'foreman_proxy_content::bootstrap_rpm':
148+
server_ca_cert => $certs::katello_server_ca_cert,
149+
server_ca_name => $certs::server_ca_name,
150+
default_ca_cert => $certs::katello_default_ca_cert,
151+
default_ca_name => $certs::default_ca_name,
152+
}
128153
129154
package { "katello-ca-consumer-#{host_inventory['fqdn']}":
130155
ensure => latest,
@@ -156,8 +181,14 @@
156181
it_behaves_like 'an idempotent resource' do
157182
let(:manifest) do
158183
<<-PUPPET
184+
include certs
185+
159186
class { 'foreman_proxy_content::bootstrap_rpm':
160-
rhsm_port => 8443,
187+
rhsm_port => 8443,
188+
server_ca_cert => $certs::katello_server_ca_cert,
189+
server_ca_name => $certs::server_ca_name,
190+
default_ca_cert => $certs::katello_default_ca_cert,
191+
default_ca_name => $certs::default_ca_name,
161192
}
162193
163194
package { "katello-ca-consumer-#{host_inventory['fqdn']}":
@@ -203,10 +234,19 @@ class { 'foreman_proxy_content::bootstrap_rpm':
203234
context 'correctly sets latest RPM after reaching RPM release of 10' do
204235
it 'applies 7 more times without error' do
205236
7.times do |num|
206-
apply_manifest(
207-
"class { 'foreman_proxy_content::bootstrap_rpm': rhsm_port => 844#{num}, }",
208-
catch_failures: true
209-
)
237+
manifest = <<-PUPPET
238+
include certs
239+
240+
class { 'foreman_proxy_content::bootstrap_rpm':
241+
rhsm_port => 844#{num},
242+
server_ca_cert => $certs::katello_server_ca_cert,
243+
server_ca_name => $certs::server_ca_name,
244+
default_ca_cert => $certs::katello_default_ca_cert,
245+
default_ca_name => $certs::default_ca_name,
246+
}
247+
PUPPET
248+
249+
apply_manifest(manifest, catch_failures: true)
210250
end
211251
end
212252

@@ -232,7 +272,14 @@ class { 'foreman_proxy_content::bootstrap_rpm':
232272
it_behaves_like 'an idempotent resource' do
233273
let(:manifest) do
234274
<<-PUPPET
235-
include foreman_proxy_content::bootstrap_rpm
275+
include certs
276+
277+
class { 'foreman_proxy_content::bootstrap_rpm':
278+
server_ca_cert => $certs::katello_server_ca_cert,
279+
server_ca_name => $certs::server_ca_name,
280+
default_ca_cert => $certs::katello_default_ca_cert,
281+
default_ca_name => $certs::default_ca_name,
282+
}
236283
PUPPET
237284
end
238285
end
@@ -247,10 +294,19 @@ class { 'foreman_proxy_content::bootstrap_rpm':
247294

248295
context 'correctly sets the mode on subsequent RPMs' do
249296
it 'applies again without error' do
250-
apply_manifest(
251-
"class { 'foreman_proxy_content::bootstrap_rpm': rhsm_port => 8447, }",
252-
catch_failures: true
253-
)
297+
manifest = <<-PUPPET
298+
include certs
299+
300+
class { 'foreman_proxy_content::bootstrap_rpm':
301+
rhsm_port => 8447,
302+
server_ca_cert => $certs::katello_server_ca_cert,
303+
server_ca_name => $certs::server_ca_name,
304+
default_ca_cert => $certs::katello_default_ca_cert,
305+
default_ca_name => $certs::default_ca_name,
306+
}
307+
PUPPET
308+
309+
apply_manifest(manifest, catch_failures: true)
254310
end
255311

256312
describe file("/var/www/html/pub/katello-ca-consumer-#{host_inventory['fqdn']}-1.0-2.noarch.rpm") do

0 commit comments

Comments
 (0)