From e177129e59eace0cbc3bfa638ca9f3d06ca1e68d Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Date: Thu, 21 Mar 2019 11:22:33 +0200
Subject: [PATCH] Stop creating symlinks for lbivirt's CA files

These were used in baremetal deployments, but are unused in
containerized deployments. We bind-mount the CA files instead of
creating symlinks nowadays.

Change-Id: Ib05f2bc4be9987b222cef78541fe05988cd8c0a4
Related-Bug: #1821139
---
 manifests/certmonger/ca/libvirt.pp        | 42 -----------------------
 manifests/profile/base/certmonger_user.pp |  1 -
 2 files changed, 43 deletions(-)
 delete mode 100644 manifests/certmonger/ca/libvirt.pp

diff --git a/manifests/certmonger/ca/libvirt.pp b/manifests/certmonger/ca/libvirt.pp
deleted file mode 100644
index 9fa9e745d..000000000
--- a/manifests/certmonger/ca/libvirt.pp
+++ /dev/null
@@ -1,42 +0,0 @@
-# Copyright 2017 Red Hat, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-# == Class: tripleo::certmonger::ca::libvirt
-#
-# Sets the necessary file that will be used by both libvirt servers and
-# clients.
-#
-# === Parameters:
-#
-# [*origin_ca_pem*]
-#  (Optional) Path to the CA certificate that libvirt will use. This is not
-#  assumed automatically or uses the system CA bundle as is the case of other
-#  services because a limitation with the file sizes in GNU TLS, which libvirt
-#  uses as a TLS backend.
-#  Defaults to undef
-#
-class tripleo::certmonger::ca::libvirt(
-  $origin_ca_pem = undef
-){
-  if $origin_ca_pem {
-    $ensure_file = 'link'
-  } else {
-    $ensure_file = 'absent'
-  }
-  file { '/etc/pki/CA/cacert.pem':
-    ensure => $ensure_file,
-    mode   => '0644',
-    target => $origin_ca_pem,
-  }
-}
diff --git a/manifests/profile/base/certmonger_user.pp b/manifests/profile/base/certmonger_user.pp
index 36be5c7df..3166e811e 100644
--- a/manifests/profile/base/certmonger_user.pp
+++ b/manifests/profile/base/certmonger_user.pp
@@ -184,7 +184,6 @@ class tripleo::profile::base::certmonger_user (
       reload_cmds => $reload_haproxy,
     }
     Certmonger_certificate<||> -> Class['::tripleo::certmonger::ca::crl']
-    include ::tripleo::certmonger::ca::libvirt
     include ::tripleo::certmonger::ca::libvirt_vnc
     include ::tripleo::certmonger::ca::qemu