openstack/puppet-tripleo
Code Issues Proposed changes

Merge "MySQL client: Make CA file configurable"

Browse Source
This commit is contained in:
Jenkins
2017-05-04 10:50:09 +00:00
committed by Gerrit Code Review
parent 2430ebd266 3b3d43e00a
commit c35ea72c29
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
manifests/profile/base/database/mysql/client.pp
View File

@@ -35,6 +35,10 @@
# (Optional) Client IP address of the host that will be written in the mysql_read_default_file # (Optional) Client IP address of the host that will be written in the mysql_read_default_file
# Defaults to undef # Defaults to undef
# #
# [*ssl_ca*]
# (Optional) The SSL CA file to use to verify the MySQL server's certificate.
# Defaults to '/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt'
#
# [*step*] # [*step*]
# (Optional) The current step in deployment. See tripleo-heat-templates # (Optional) The current step in deployment. See tripleo-heat-templates
# for more details. # for more details.
@@ -45,6 +49,7 @@ class tripleo::profile::base::database::mysql::client (
$mysql_read_default_file = '/etc/my.cnf.d/tripleo.cnf', $mysql_read_default_file = '/etc/my.cnf.d/tripleo.cnf',
$mysql_read_default_group = 'tripleo', $mysql_read_default_group = 'tripleo',
$mysql_client_bind_address = undef, $mysql_client_bind_address = undef,
$ssl_ca = '/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt',
$step = hiera('step'), $step = hiera('step'),
) { ) {
if $step >= 1 { if $step >= 1 {
@@ -68,7 +73,7 @@ class tripleo::profile::base::database::mysql::client (
if $enable_ssl { if $enable_ssl {
$changes_ssl = [ $changes_ssl = [
"set ${mysql_read_default_group}/ssl '1'", "set ${mysql_read_default_group}/ssl '1'",
"set ${mysql_read_default_group}/ssl-ca '/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt'" "set ${mysql_read_default_group}/ssl-ca '${ssl_ca}'"
] ]
} else { } else {
$changes_ssl = [ $changes_ssl = [