Giuseppe Lavagetto has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/370623 )

Change subject: puppet-compiler: generate files in the vardir, not libdir
......................................................................


puppet-compiler: generate files in the vardir, not libdir

I misinterpreted the puppet-compiler code. Which I wrote.

This is well worth wearing a brown paper bag.

Change-Id: Ic10e84b6c73c66e098432a88167635f4b09c6335
---
M modules/puppet_compiler/manifests/init.pp
M modules/puppet_compiler/manifests/setup.pp
2 files changed, 6 insertions(+), 17 deletions(-)

Approvals:
  Giuseppe Lavagetto: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/modules/puppet_compiler/manifests/init.pp 
b/modules/puppet_compiler/manifests/init.pp
index 7a44b2f..3175574 100644
--- a/modules/puppet_compiler/manifests/init.pp
+++ b/modules/puppet_compiler/manifests/init.pp
@@ -95,17 +95,6 @@
     }
 
 
-    # Hack: we need to ensure the CA for the jenkins-deploy user is
-    # created.
-
-    exec { 'Generate CA for the compiler':
-        command     => "/usr/bin/puppet cert generate --confdir 
${libdir}/production ${::fqdn}",
-        user        => $user,
-        creates     => "${libdir}/production/ssl/certs/${::fqdn}.pem",
-        require     => Git::Clone['operations/puppet'],
-        environment => "HOME=${homedir}"
-    }
-
     require_package('openjdk-8-jdk')
 
     # Add a puppetdb instance with a local database.
@@ -116,12 +105,12 @@
         db_rw_host => undef,
         perform_gc => true,
         bind_ip    => '0.0.0.0',
-        ssldir     => "${libdir}/production/ssl",
+        ssldir     => "${vardir}/ssl",
         require    => Exec['Generate CA for the compiler']
     }
 
     file { '/etc/puppetdb/ssl/ca.pem':
-        source => "${libdir}/production/ssl/certs/ca.pem",
+        source => "${vardir}/ssl/certs/ca.pem",
         owner  => $user,
         before => Service['puppetdb']
     }
@@ -131,7 +120,7 @@
         port => 8081,
     }
     # puppetdb configuration
-    file { "${libdir}/production/puppetdb.conf":
+    file { "${vardir}/puppetdb.conf":
         source  => '/etc/puppet/puppetdb.conf',
         owner   => $user,
         require => File['/etc/puppet/puppetdb.conf']
diff --git a/modules/puppet_compiler/manifests/setup.pp 
b/modules/puppet_compiler/manifests/setup.pp
index a0aa825..2347162 100644
--- a/modules/puppet_compiler/manifests/setup.pp
+++ b/modules/puppet_compiler/manifests/setup.pp
@@ -14,9 +14,9 @@
     }
 
     # Create the ssl directory, and the puppet ca
-    exec { 'create puppet ssl dir':
-        command     => "/usr/bin/puppet cert --ssldir ${vardir}/ssl --vardir 
${vardir} list -a",
-        creates     => "${vardir}/ssl/ca/inventory.txt",
+    exec { 'Generate CA for the compiler':
+        command     => "/usr/bin/puppet cert --ssldir ${vardir}/ssl --vardir 
${vardir} generate ${::fqdn}",
+        creates     => "${vardir}/ssl/certs/${::fqdn}.pem",
         user        => $user,
         cwd         => $homedir,
         environment => "HOME=${homedir}",

-- 
To view, visit https://gerrit.wikimedia.org/r/370623
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Ic10e84b6c73c66e098432a88167635f4b09c6335
Gerrit-PatchSet: 2
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Giuseppe Lavagetto <glavage...@wikimedia.org>
Gerrit-Reviewer: Giuseppe Lavagetto <glavage...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to