From 99dc088753f21ff69be22526ad1ba0360eba611f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Douglas=20Mendiz=C3=A1bal?= <dmendiza@redhat.com>
Date: Mon, 31 Aug 2020 16:33:02 -0500
Subject: [PATCH] Fix certificate file name

This patch fixes the file name used for the certificate
generated for each client.

Change-Id: I92390347656e223bcfe270397d33da45fb2566da
---
 tasks/main.yaml            | 3 ++-
 tasks/register_client.yaml | 4 ++--
 tox.ini                    | 6 +++++-
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/tasks/main.yaml b/tasks/main.yaml
index 20f93c1..e760f8d 100644
--- a/tasks/main.yaml
+++ b/tasks/main.yaml
@@ -15,6 +15,7 @@
   unarchive:
     src: "{{ lunasa_client_working_dir }}/{{ lunasa_client_tarball_name }}"
     dest: "{{ lunasa_client_working_dir }}"
+    mode: preserve
     creates: "{{ lunasa_client_working_dir }}/{{ lunasa_client_installer_path }}"
     remote_src: yes
 
@@ -44,7 +45,7 @@
 
 - name: Check for existing client cert
   stat:
-    path: "/usr/safenet/lunaclient/cert/client/{{ client_host }}.pem"
+    path: "/usr/safenet/lunaclient/cert/client/{{ client_cert_cn }}.pem"
   register: client_cert
 
 - name: Generate a new client cert for NTL
diff --git a/tasks/register_client.yaml b/tasks/register_client.yaml
index 401fccc..4ebe84e 100644
--- a/tasks/register_client.yaml
+++ b/tasks/register_client.yaml
@@ -1,7 +1,7 @@
 ---
 - name: Log when client is being registered to HSM
   debug:
-    msg: "Registering client: {{ client_name }} [{{ client_host }}] with HSM: {{ hsm_hostname }}"
+    msg: "Registering client: {{ client_name }} [host: {{ client_host }}, CN: {{ client_cert_cn }}] with HSM: {{ hsm_hostname }}"
 
 - name: Get the hsm server cert from the hsm_server
   shell: >
@@ -51,7 +51,7 @@
     - name: Copy the NTL client cert to the HSM
       shell: >
         sshpass -p '{{ hsm_admin_password }}' scp -c aes256-cbc
-        /usr/safenet/lunaclient/cert/client/{{ client_host }}.pem
+        /usr/safenet/lunaclient/cert/client/{{ client_cert_cn }}.pem
         admin@{{ hsm_hostname }}:{{ client_host }}.pem
 
     - name: Register the client
diff --git a/tox.ini b/tox.ini
index a3c9732..66791da 100644
--- a/tox.ini
+++ b/tox.ini
@@ -8,5 +8,9 @@ basepython = python3
 deps = -r{toxinidir}/test-requirements.txt
 
 [testenv:linters]
+# We ignore 106 because the role name is inferred from the directory name as
+# "lunasa-hsm", but the role is actually installed as "lunasa_hsm"
+# (see setup.cfg).  We would need to rename the repository to fix this without
+# ignoring it.
 # TODO(redrobot): Don't ignore 301
-commands = ansible-lint -x 301 {toxinidir}
+commands = ansible-lint -x 106,301 {toxinidir}