From 9018eb84a43c3aeb939edebea804e4fa17bee2a6 Mon Sep 17 00:00:00 2001
From: Partha Aji <paji@redhat.com>
Date: Tue, 9 Feb 2016 17:49:26 -0500
Subject: [PATCH] Fixes #13634 - Adding Katello cert to ca-trust

Adding Katello Server cert to the machines local ca-trust
---
 .fixtures.yml                |  9 +++++----
 manifests/katello.pp         |  6 ++++++
 metadata.json                |  4 ++++
 spec/classes/katello_spec.rb | 27 +++++++++++++++++++++++++++
 4 files changed, 42 insertions(+), 4 deletions(-)
 create mode 100644 spec/classes/katello_spec.rb

diff --git a/.fixtures.yml b/.fixtures.yml
index a73b35d2..afc84d53 100644
--- a/.fixtures.yml
+++ b/.fixtures.yml
@@ -1,8 +1,9 @@
 fixtures:
   repositories:
-    stdlib:        "git://github.com/puppetlabs/puppetlabs-stdlib.git"
-    extlib:        "git://github.com/puppet-community/puppet-extlib.git"
-    foreman:       "git://github.com/theforeman/puppet-foreman.git"
-    common:        "git://github.com/katello/puppet-common.git"
+    stdlib:            "git://github.com/puppetlabs/puppetlabs-stdlib.git"
+    extlib:            "git://github.com/puppet-community/puppet-extlib.git"
+    foreman:           "git://github.com/theforeman/puppet-foreman.git"
+    common:            "git://github.com/katello/puppet-common.git"
+    trusted_ca:        "git://github.com/evenup/evenup-trusted_ca.git"
   symlinks:
     certs: "#{source_dir}"
diff --git a/manifests/katello.pp b/manifests/katello.pp
index e5c43683..1d0b3ac3 100644
--- a/manifests/katello.pp
+++ b/manifests/katello.pp
@@ -18,6 +18,12 @@
   $candlepin_consumer_summary     = "Subscription-manager consumer certificate for Katello instance ${::fqdn}"
   $candlepin_consumer_description = 'Consumer certificate and post installation script that configures rhsm.'
 
+  include ::trusted_ca
+  trusted_ca::ca { 'katello_server-host-cert':
+    source  => $certs::katello_server_ca_cert,
+    require => File[$certs::katello_server_ca_cert],
+  }
+
   file { $katello_www_pub_dir:
     ensure => directory,
     owner  => 'apache',
diff --git a/metadata.json b/metadata.json
index 7838cf55..06451277 100644
--- a/metadata.json
+++ b/metadata.json
@@ -8,6 +8,10 @@
   "project_page": "https://github.com/Katello/puppet-certs",
   "issues_url": "http://projects.theforeman.org/projects/katello/issues",
   "dependencies": [
+    {
+      "name": "evenup-trusted_ca",
+      "version_requirement": ">= 1.0.1 < 2.0.0"
+    },
     {
       "name": "puppetlabs-stdlib",
       "version_requirement": ">= 4.2.0 < 5.0.0"
diff --git a/spec/classes/katello_spec.rb b/spec/classes/katello_spec.rb
new file mode 100644
index 00000000..e1ecb859
--- /dev/null
+++ b/spec/classes/katello_spec.rb
@@ -0,0 +1,27 @@
+require 'spec_helper'
+
+describe 'certs::katello' do
+  let :facts do
+    {
+      :concat_basedir             => '/tmp',
+      :interfaces                 => '',
+      :operatingsystem            => 'RedHat',
+      :operatingsystemrelease     => '6',
+      :operatingsystemmajrelease  => '6',
+      :osfamily                   => 'RedHat',
+      :fqdn                       => 'pulp.compony.net',
+      :hostname                   => 'pulp',
+    }
+  end
+
+  context 'with parameters' do
+    let :pre_condition do
+      "class {'certs': pki_dir => '/tmp', server_ca_name => 'foo'}"
+    end
+
+    describe 'with katello certs set' do
+      # source format should be -> "${certs::pki_dir}/certs/${server_ca_name}.crt"
+      it { should contain_trusted_ca__ca('katello_server-host-cert').with({ :source => "/tmp/certs/foo.crt" }) }
+    end
+  end
+end