octavia: Use module feature to install certificate files

Change-Id: I634c0ee99383c4b0dfd62e829cae7a7ddb02e774
2024-03-15 12:25:23 +09:00 · 2024-03-15 12:25:23 +09:00 · d7c2ba0550
parent 9bb4d22f1d
commit d7c2ba0550
1 changed files with 4 additions and 25 deletions
--- a/manifests/octavia.pp
+++ b/manifests/octavia.pp
@ -95,37 +95,16 @@ class openstack_integration::octavia (
    service_token_roles_required => true,
  }

-  File { '/etc/octavia/certs':
-    ensure => directory,
-    owner  => 'octavia',
-    group  => 'octavia',
-    mode   => '0700',
-    tag    => 'octavia-certs',
-  }
-
-  [
-    'server_ca.cert.pem',
-    'server_ca.key.pem',
-    'client_ca.cert.pem',
-    'client.cert-and-key.pem'
-  ].each |String $cert | {
-    File { "/etc/octavia/certs/${cert}":
-      ensure => present,
-      owner  => 'octavia',
-      group  => 'octavia',
-      mode   => '0700',
-      source => "puppet:///modules/${module_name}/octavia-certs/${cert}",
-      tag    => 'octavia-certs',
-    }
-  }
-  Anchor['octavia::config::begin'] -> File<| tag == 'octavia-certs' |> -> Anchor['octavia::config::end']
-
  class { 'octavia::certificates':
    ca_private_key_passphrase => 'not-secure-passphrase',
    ca_certificate            => '/etc/octavia/certs/server_ca.cert.pem',
+    ca_certificate_data       => file("${module_name}/octavia-certs/server_ca.cert.pem"),
    ca_private_key            => '/etc/octavia/certs/server_ca.key.pem',
+    ca_private_key_data       => file("${module_name}/octavia-certs/server_ca.key.pem"),
    client_ca                 => '/etc/octavia/certs/client_ca.cert.pem',
+    client_ca_data            => file("${module_name}/octavia-certs/client_ca.cert.pem"),
    client_cert               => '/etc/octavia/certs/client.cert-and-key.pem',
+    client_cert_data          => file("${module_name}/octavia-certs/client.cert-and-key.pem"),
  }

  if $provider_driver == 'ovn' {