Correct TLS cert permission
This patch corrects file permission of cert directory and certificates
for QDR.
Depends-On: If75c8d42891efa87ca1922e2189027b077e37fd9
Change-Id: I5a8e4b3598d5e5a30ec967fba504bac91c7f51ec
(cherry picked from commit 109a62a61e
)
This commit is contained in:
parent
0ab70ac702
commit
e0687aa02b
@ -218,7 +218,7 @@ class tripleo::profile::base::metrics::qdr (
|
||||
|
||||
file { $ssl_cert_dir:
|
||||
ensure => directory,
|
||||
mode => '0700'
|
||||
mode => '0755'
|
||||
}
|
||||
$prep_ssl_profiles = qdr_ssl_certificate($ssl_profiles, $ssl_cert_dir)
|
||||
$final_ssl_profiles = $prep_ssl_profiles.reduce( [] ) |$memo, $prf| {
|
||||
@ -226,7 +226,7 @@ class tripleo::profile::base::metrics::qdr (
|
||||
file { $prf['caCertFile']:
|
||||
ensure => present,
|
||||
content => $prf['caCertFileContent'],
|
||||
mode => '0600',
|
||||
mode => '0644',
|
||||
require => File[$ssl_cert_dir]
|
||||
}
|
||||
$memo << delete($prf, 'caCertFileContent')
|
||||
|
@ -207,17 +207,17 @@ describe 'tripleo::profile::base::metrics::qdr' do
|
||||
])
|
||||
is_expected.to contain_file('/tmp/certs').with(
|
||||
:ensure => 'directory',
|
||||
:mode => '0700'
|
||||
:mode => '0755'
|
||||
)
|
||||
is_expected.to contain_file('/tmp/certs/CA_wubba.pem').with(
|
||||
:ensure => 'present',
|
||||
:content => 'ca_wubba',
|
||||
:mode => '0600'
|
||||
:mode => '0644'
|
||||
)
|
||||
is_expected.to contain_file('/tmp/certs/CA_lubba.pem').with(
|
||||
:ensure => 'present',
|
||||
:content => 'ca_lubba',
|
||||
:mode => '0600'
|
||||
:mode => '0644'
|
||||
)
|
||||
end
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user