From f7c71486cf601a7f9cc1a3b06968165236c7fc0e Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Date: Fri, 25 Jan 2019 11:13:24 +0200
Subject: [PATCH] httpd: Remove default post-save command for certmonger

The default command didn't work, so we need to fix that.

Related-Bug: #1811401
Needed-By: I862f0d15f769167c8b5d27cf302b7087b8fad0ab
Change-Id: I642f48aa0e66ca57de2ecee921c798747ba41e1a
(cherry picked from commit f1f4a6ccb88e3fc3c2509e0f5c6ba1ae61efe617)
---
 manifests/certmonger/httpd.pp             |  3 +--
 manifests/profile/base/certmonger_user.pp | 15 +++++++--------
 2 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/manifests/certmonger/httpd.pp b/manifests/certmonger/httpd.pp
index 1b57984d1..18c2de2e6 100644
--- a/manifests/certmonger/httpd.pp
+++ b/manifests/certmonger/httpd.pp
@@ -62,7 +62,6 @@ define tripleo::certmonger::httpd (
     $dnsnames_real = $hostname
   }
 
-  $postsave_cmd_real = pick($postsave_cmd, "systemctl reload ${::apache::params::service_name}")
   certmonger_certificate { $name :
     ensure       => 'present',
     certfile     => $service_certificate,
@@ -70,7 +69,7 @@ define tripleo::certmonger::httpd (
     hostname     => $hostname,
     dnsname      => $dnsnames_real,
     principal    => $principal,
-    postsave_cmd => $postsave_cmd_real,
+    postsave_cmd => $postsave_cmd,
     ca           => $certmonger_ca,
     wait         => true,
     tag          => 'apache-cert',
diff --git a/manifests/profile/base/certmonger_user.pp b/manifests/profile/base/certmonger_user.pp
index edad06c0d..41e7c9986 100644
--- a/manifests/profile/base/certmonger_user.pp
+++ b/manifests/profile/base/certmonger_user.pp
@@ -42,11 +42,6 @@
 #   it will create.
 #   Defaults to hiera('apache_certificate_specs', {}).
 #
-# [*apache_postsave_cmd*]
-#   (Optional) If set, it overrides the default way to restart apache when the
-#   certificate is renewed.
-#   Defaults to undef
-#
 # [*haproxy_certificates_specs*]
 #   (Optional) The specifications to give to certmonger for the certificate(s)
 #   it will create.
@@ -129,10 +124,14 @@
 #   certificate is renewed.
 #   Defaults to undef
 #
+# [*apache_postsave_cmd*]
+#   (Optional) If set, it overrides the default way to restart apache when the
+#   certificate is renewed.
+#   Defaults to undef
+#
 class tripleo::profile::base::certmonger_user (
   $certmonger_ca              = hiera('certmonger_ca', 'local'),
   $apache_certificates_specs  = hiera('apache_certificates_specs', {}),
-  $apache_postsave_cmd        = undef,
   $haproxy_certificates_specs = hiera('tripleo::profile::base::haproxy::certificates_specs', {}),
   $libvirt_certificates_specs = hiera('libvirt_certificates_specs', {}),
   $libvirt_postsave_cmd       = undef,
@@ -150,6 +149,7 @@ class tripleo::profile::base::certmonger_user (
   $novnc_proxy_postsave_cmd   = undef,
   # Deprecated
   $haproxy_postsave_cmd       = undef,
+  $apache_postsave_cmd        = undef,
 ) {
   include ::certmonger
 
@@ -179,8 +179,7 @@ class tripleo::profile::base::certmonger_user (
   $apache_certificates_specs_filtered = $apache_certificates_specs.filter | $specs, $keys | { ! empty($keys[hostname]) }
   unless empty($apache_certificates_specs_filtered) {
     include ::tripleo::certmonger::apache_dirs
-    ensure_resources('tripleo::certmonger::httpd', $apache_certificates_specs_filtered,
-                      {'postsave_cmd' => $apache_postsave_cmd})
+    ensure_resources('tripleo::certmonger::httpd', $apache_certificates_specs_filtered)
   }
   unless empty($libvirt_certificates_specs) {
     include ::tripleo::certmonger::libvirt_dirs