Merge "Remove postsave_cmd and restart libvirt on cert files change"

manifests/certmonger/qemu.pp

@@ -37,7 +37,6 @@
 #
 # [*postsave_cmd*]
 #   (Optional) Specifies the command to execute after requesting a certificate.
-#   If nothing is given, it will default to: "systemctl reload ${service name}"
 #   Defaults to undef.
 #
 # [*principal*]
@@ -60,7 +59,6 @@ define tripleo::certmonger::qemu (
   include ::certmonger
   include ::nova::params
 
-  $postsave_cmd_real = pick($postsave_cmd, "systemctl reload ${::nova::params::libvirt_service_name}")
   certmonger_certificate { $name :
     ensure       => 'present',
     certfile     => $service_certificate,
@@ -68,7 +66,7 @@ define tripleo::certmonger::qemu (
     hostname     => $hostname,
     dnsname      => $hostname,
     principal    => $principal,
-    postsave_cmd => $postsave_cmd_real,
+    postsave_cmd => $postsave_cmd,
     ca           => $certmonger_ca,
     cacertfile   => $cacertfile,
     wait         => true,
@@ -85,7 +83,4 @@ define tripleo::certmonger::qemu (
     group   => 'qemu',
     mode    => '0640'
   }
-
-  File[$service_certificate] ~> Service<| title == $::nova::params::libvirt_service_name |>
-  File[$service_key] ~> Service<| title == $::nova::params::libvirt_service_name |>
 }

releasenotes/notes/qemu_remove_postsave_cmd-07ad04ac44d7b706.yaml

@@ -0,0 +1,7 @@
+---
+fixes:
+  - |
+    qemu certs are note used by libvirt and therefore does not need a restart.
+    In case certs gets renewed, right now qemu processes (instances) need to be
+    restarted. This removes the postsave_cmd and also restart libvirt on cert
+    file change.