From d7c2ba05508a05dd3088ce12356db54bf2f1bea7 Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Fri, 15 Mar 2024 12:25:23 +0900 Subject: [PATCH] octavia: Use module feature to install certificate files Change-Id: I634c0ee99383c4b0dfd62e829cae7a7ddb02e774 --- manifests/octavia.pp | 29 ++++------------------------- 1 file changed, 4 insertions(+), 25 deletions(-) diff --git a/manifests/octavia.pp b/manifests/octavia.pp index 3629728a2..04a0b49fc 100644 --- a/manifests/octavia.pp +++ b/manifests/octavia.pp @@ -95,37 +95,16 @@ class openstack_integration::octavia ( service_token_roles_required => true, } - File { '/etc/octavia/certs': - ensure => directory, - owner => 'octavia', - group => 'octavia', - mode => '0700', - tag => 'octavia-certs', - } - - [ - 'server_ca.cert.pem', - 'server_ca.key.pem', - 'client_ca.cert.pem', - 'client.cert-and-key.pem' - ].each |String $cert | { - File { "/etc/octavia/certs/${cert}": - ensure => present, - owner => 'octavia', - group => 'octavia', - mode => '0700', - source => "puppet:///modules/${module_name}/octavia-certs/${cert}", - tag => 'octavia-certs', - } - } - Anchor['octavia::config::begin'] -> File<| tag == 'octavia-certs' |> -> Anchor['octavia::config::end'] - class { 'octavia::certificates': ca_private_key_passphrase => 'not-secure-passphrase', ca_certificate => '/etc/octavia/certs/server_ca.cert.pem', + ca_certificate_data => file("${module_name}/octavia-certs/server_ca.cert.pem"), ca_private_key => '/etc/octavia/certs/server_ca.key.pem', + ca_private_key_data => file("${module_name}/octavia-certs/server_ca.key.pem"), client_ca => '/etc/octavia/certs/client_ca.cert.pem', + client_ca_data => file("${module_name}/octavia-certs/client_ca.cert.pem"), client_cert => '/etc/octavia/certs/client.cert-and-key.pem', + client_cert_data => file("${module_name}/octavia-certs/client.cert-and-key.pem"), } if $provider_driver == 'ovn' {