Fix certificate file name

This patch fixes the file name used for the certificate
generated for each client.

Change-Id: I92390347656e223bcfe270397d33da45fb2566da

tasks/main.yaml

@@ -15,6 +15,7 @@
   unarchive:
     src: "{{ lunasa_client_working_dir }}/{{ lunasa_client_tarball_name }}"
     dest: "{{ lunasa_client_working_dir }}"
+    mode: preserve
     creates: "{{ lunasa_client_working_dir }}/{{ lunasa_client_installer_path }}"
     remote_src: yes
 
@@ -44,7 +45,7 @@
 
 - name: Check for existing client cert
   stat:
-    path: "/usr/safenet/lunaclient/cert/client/{{ client_host }}.pem"
+    path: "/usr/safenet/lunaclient/cert/client/{{ client_cert_cn }}.pem"
   register: client_cert
 
 - name: Generate a new client cert for NTL

tasks/register_client.yaml

@@ -1,7 +1,7 @@
 ---
 - name: Log when client is being registered to HSM
   debug:
-    msg: "Registering client: {{ client_name }} [{{ client_host }}] with HSM: {{ hsm_hostname }}"
+    msg: "Registering client: {{ client_name }} [host: {{ client_host }}, CN: {{ client_cert_cn }}] with HSM: {{ hsm_hostname }}"
 
 - name: Get the hsm server cert from the hsm_server
   shell: >
@@ -51,7 +51,7 @@
     - name: Copy the NTL client cert to the HSM
       shell: >
         sshpass -p '{{ hsm_admin_password }}' scp -c aes256-cbc
-        /usr/safenet/lunaclient/cert/client/{{ client_host }}.pem
+        /usr/safenet/lunaclient/cert/client/{{ client_cert_cn }}.pem
         admin@{{ hsm_hostname }}:{{ client_host }}.pem
 
     - name: Register the client

tox.ini

@@ -8,5 +8,9 @@ basepython = python3
 deps = -r{toxinidir}/test-requirements.txt
 
 [testenv:linters]
+# We ignore 106 because the role name is inferred from the directory name as
+# "lunasa-hsm", but the role is actually installed as "lunasa_hsm"
+# (see setup.cfg).  We would need to rename the repository to fix this without
+# ignoring it.
 # TODO(redrobot): Don't ignore 301
-commands = ansible-lint -x 301 {toxinidir}
+commands = ansible-lint -x 106,301 {toxinidir}