-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add class to configure generating certificates #449
base: master
Are you sure you want to change the base?
Conversation
See theforeman/foreman-installer#935 for example of how this is intended to be used. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I didn't see this before, but I recall a long time ago that I already discussed something like this with @timogoebel. Then we talked about making it a define
so you could easily declare it for multiple hosts.
In effect this is a more configurable version of certs::foreman_proxy_content.
We could even go a step further and generalize it to make certs_tar
an optional parameter.
Boolean $foreman_proxy = false, | ||
Boolean $puppet = false, | ||
) { | ||
if $certs::generate::apache { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can simplify all of these since the parameters are local
if $certs::generate::apache { | |
if $apache { |
let :pre_condition do | ||
"class {'certs::generate': apache => true,}" | ||
end |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since the subject is the class itself, you can use params
instead of a precondition
let :pre_condition do | |
"class {'certs::generate': apache => true,}" | |
end | |
let :params do | |
{ apache: true } | |
end |
"class {'certs::generate': apache => true,}" | ||
end | ||
|
||
it { should compile.with_all_deps } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The should
syntax is deprecated and we should (pun not intended) migrate to is_expected.to
it { should compile.with_all_deps } | |
it { is_expected.to compile.with_all_deps } |
The intent of this class is to allow generating any number of the sets of certificates from this module in a simple way. This is also a way to work around the fact that parsing params by Kafo doesn't cleanly work on classes such as
certs::apache
(see #424).