Remove default post-save command from mysql
That was not being used. The new certificate will be picked up when mysql is restarted (which would happen on an upgrade). Change-Id: If4ca3e9f0c248ae6df6c57edc9a2adf841d2e425 Related-Bug: #1811401
This commit is contained in:
parent
028e73fbcf
commit
8fa561f8f0
|
@ -56,9 +56,7 @@ class tripleo::certmonger::mysql (
|
|||
$principal = undef,
|
||||
) {
|
||||
include ::certmonger
|
||||
include ::mysql::params
|
||||
|
||||
$postsave_cmd_real = pick($postsave_cmd, "systemctl reload ${::mysql::params::server_service_name}")
|
||||
certmonger_certificate { 'mysql' :
|
||||
ensure => 'present',
|
||||
certfile => $service_certificate,
|
||||
|
@ -66,22 +64,9 @@ class tripleo::certmonger::mysql (
|
|||
hostname => $hostname,
|
||||
dnsname => $dnsnames,
|
||||
principal => $principal,
|
||||
postsave_cmd => $postsave_cmd_real,
|
||||
postsave_cmd => $postsave_cmd,
|
||||
ca => $certmonger_ca,
|
||||
wait => true,
|
||||
require => Class['::certmonger'],
|
||||
}
|
||||
file { $service_certificate :
|
||||
owner => 'mysql',
|
||||
group => 'mysql',
|
||||
require => Certmonger_certificate['mysql'],
|
||||
}
|
||||
file { $service_key :
|
||||
owner => 'mysql',
|
||||
group => 'mysql',
|
||||
require => Certmonger_certificate['mysql'],
|
||||
}
|
||||
|
||||
File[$service_certificate] ~> Service<| title == $::mysql::params::server_service_name |>
|
||||
File[$service_key] ~> Service<| title == $::mysql::params::server_service_name |>
|
||||
}
|
||||
|
|
|
@ -33,10 +33,6 @@ describe 'tripleo::certmonger::mysql' do
|
|||
is_expected.to contain_class('certmonger')
|
||||
end
|
||||
|
||||
it 'should include the mysql parameters' do
|
||||
is_expected.to contain_class('mysql::params')
|
||||
end
|
||||
|
||||
it 'should request a certificate' do
|
||||
is_expected.to contain_certmonger_certificate('mysql').with(
|
||||
:ensure => 'present',
|
||||
|
@ -47,8 +43,6 @@ describe 'tripleo::certmonger::mysql' do
|
|||
:ca => 'local',
|
||||
:wait => true,
|
||||
)
|
||||
is_expected.to contain_file('/etc/pki/cert.crt')
|
||||
is_expected.to contain_file('/etc/pki/key.pem')
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue