Skip to content

Commit

Permalink
Rewrite acceptance test to create certificates
Browse files Browse the repository at this point in the history
  • Loading branch information
@ekohl
ekohl committed Nov 12, 2018
1 parent 9ad78cb commit 6a6e3e2
Showing 1 changed file with 23 additions and 16 deletions.
39 changes: 23 additions & 16 deletions examples/basic_candlepin.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,27 +2,34 @@
# Create certificates then install candlepin
#

Exec {
path => ['/usr/bin'],
cwd => '/etc/candlepin/certs/',
}
$keydir = '/etc/candlepin/certs'
$keystore = "${keydir}/keystore"
$keystore_password = 'secret'
$ca_key = "${keydir}/candlepin-ca.key"
$ca_cert = "${keydir}/candlepin-ca.crt"

file { '/etc/candlepin/':
ensure => directory,
}
file { '/etc/candlepin/certs/':
ensure => directory,
exec { "/bin/mkdir -p ${keydir}":
creates => $keydir,
} ->
exec { 'Create CA key':
command => 'openssl genrsa -out candlepin-ca.key 2048',
creates => '/etc/candlepin/certs/candlepin-ca.key',
command => "/usr/bin/openssl genrsa -out '${ca_key}' 2048",
creates => $ca_key,
notify => Service['tomcat'],
} ->
exec { 'Create CA certficate':
command => "/usr/bin/openssl req -new -x509 -key '${ca_key}' -out '${ca_cert}' -nodes -x509 -subj '/C=US/ST=North Carolina/L=Raleigh/O=CustomKatelloCA/CN=${facts['fqdn']}'",
creates => $ca_cert,
notify => Service['tomcat'],
} ->
exec { 'Create CA certficates':
command => 'openssl req -new -x509 -key candlepin-ca.key -out candlepin-ca.crt -nodes -x509 -subj "/C=US/ST=North Carolina/L=Raleigh/O=CustomKatelloCA/CN=www.candlepin.example.com"',
creates => '/etc/candlepin/certs/candlepin-ca.crt',
exec { 'Create keystore':
command => "/usr/bin/openssl pkcs12 -export -in '${ca_cert}' -inkey '${ca_key}' -out '${keystore}' -name tomcat -CAfile '${ca_cert}' -caname root -password 'pass:${keystore_password}'",
creates => $keystore,
notify => Service['tomcat'],
} ->
class { '::candlepin':
manage_repo => true,
class { 'candlepin':
manage_repo => true,
ca_key => $ca_key,
ca_cert => $ca_cert,
keystore_file => $keystore,
keystore_password => $keystore_password,
}

0 comments on commit 6a6e3e2

Please sign in to comment.