-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deploy the CA password file to ssl build directory #416
Conversation
e1fea43
to
535d201
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we ensure the old path is absent as well, just to clean things up?
Something appears to be very broken in the acceptance tests. |
I think we should ensure we are managing the build directory first -- #419 |
As the pki_dir is intended for deployment rather than generation, and the CA password file is needed primarily for certificate generation it should reside in the build directory.
535d201
to
08dac8e
Compare
@@ -23,6 +23,10 @@ | |||
String $ca_key_password = $certs::ca_key_password, | |||
Stdlib::Absolutepath $ca_key_password_file = $certs::ca_key_password_file, | |||
) { | |||
file { "${certs::pki_dir}/private/${default_ca_name}.pwd": | |||
ensure => absent, | |||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added the cleanup
As the pki_dir is intended for deployment rather than generation, and the CA password file is needed primarily for certificate generation it should reside in the build directory.