From 2e2750b72d316476983e19dc150dd19cb5421269 Mon Sep 17 00:00:00 2001
From: Dan Prince <dprince@redhat.com>
Date: Wed, 24 Apr 2019 13:31:07 -0400
Subject: [PATCH] Move auditd, ca-cert, certmonger to deployment

Change-Id: I152762c33ef31a580ce1c7fba5f5e81146b2f00b
Related-Blueprint: services-yaml-flattening
---
 .../auditd/auditd-baremetal-puppet.yaml                      | 0
 .../certs/ca-certs-baremetal-puppet.yaml                     | 0
 .../certs/certmonger-user-baremetal-puppet.yaml              | 0
 environments/auditd.yaml                                     | 3 +--
 environments/ssl/enable-internal-tls.j2.yaml                 | 2 +-
 overcloud-resource-registry-puppet.j2.yaml                   | 4 ++--
 sample-env-generator/ssl.yaml                                | 5 ++---
 7 files changed, 6 insertions(+), 8 deletions(-)
 rename puppet/services/auditd.yaml => deployment/auditd/auditd-baremetal-puppet.yaml (100%)
 rename puppet/services/ca-certs.yaml => deployment/certs/ca-certs-baremetal-puppet.yaml (100%)
 rename puppet/services/certmonger-user.yaml => deployment/certs/certmonger-user-baremetal-puppet.yaml (100%)

diff --git a/puppet/services/auditd.yaml b/deployment/auditd/auditd-baremetal-puppet.yaml
similarity index 100%
rename from puppet/services/auditd.yaml
rename to deployment/auditd/auditd-baremetal-puppet.yaml
diff --git a/puppet/services/ca-certs.yaml b/deployment/certs/ca-certs-baremetal-puppet.yaml
similarity index 100%
rename from puppet/services/ca-certs.yaml
rename to deployment/certs/ca-certs-baremetal-puppet.yaml
diff --git a/puppet/services/certmonger-user.yaml b/deployment/certs/certmonger-user-baremetal-puppet.yaml
similarity index 100%
rename from puppet/services/certmonger-user.yaml
rename to deployment/certs/certmonger-user-baremetal-puppet.yaml
diff --git a/environments/auditd.yaml b/environments/auditd.yaml
index a4f28f3fd4..820b2d92e1 100644
--- a/environments/auditd.yaml
+++ b/environments/auditd.yaml
@@ -1,6 +1,5 @@
 resource_registry:
-  # FIXME(bogdando): switch it, once it is containerized
-  OS::TripleO::Services::AuditD: ../puppet/services/auditd.yaml
+  OS::TripleO::Services::AuditD: ../deployment/auditd/auditd-baremetal-puppet.yaml
 
 parameter_defaults:
   AuditdRules:
diff --git a/environments/ssl/enable-internal-tls.j2.yaml b/environments/ssl/enable-internal-tls.j2.yaml
index f6208f46f9..c03b8b4a0d 100644
--- a/environments/ssl/enable-internal-tls.j2.yaml
+++ b/environments/ssl/enable-internal-tls.j2.yaml
@@ -34,7 +34,7 @@ parameter_defaults:
   # End static parameters
   # *********************
 resource_registry:
-  OS::TripleO::Services::CertmongerUser: ../../puppet/services/certmonger-user.yaml
+  OS::TripleO::Services::CertmongerUser: ../../deployment/certs/certmonger-user-baremetal-puppet.yaml
   OS::TripleO::Services::HAProxyInternalTLS: ../../deployment/haproxy/haproxy-internal-tls-certmonger.yaml
   OS::TripleO::Services::IpaClient: ../../extraconfig/services/ipaclient.yaml
   OS::TripleO::Services::TLSProxyBase: ../../deployment/apache/apache-baremetal-puppet.yaml
diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml
index 6df0ec144a..6c77733bd5 100644
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@@ -111,7 +111,7 @@ resource_registry:
 {%- endfor %}
   OS::TripleO::Services::Aide: OS::Heat::None
   OS::TripleO::Services::Apache: deployment/apache/apache-baremetal-puppet.yaml
-  OS::TripleO::Services::CACerts: puppet/services/ca-certs.yaml
+  OS::TripleO::Services::CACerts: deployment/certs/ca-certs-baremetal-puppet.yaml
   OS::TripleO::Services::CephMds: OS::Heat::None
   OS::TripleO::Services::CephMgr: OS::Heat::None
   OS::TripleO::Services::CephMon: OS::Heat::None
@@ -322,7 +322,7 @@ resource_registry:
   OS::TripleO::Services::Docker: deployment/deprecated/docker/docker-baremetal-ansible.yaml
   OS::TripleO::Services::DockerRegistry: OS::Heat::None
   OS::TripleO::Services::ContainerImagePrepare: deployment/container-image-prepare/container-image-prepare-baremetal-ansible.yaml
-  OS::TripleO::Services::CertmongerUser: puppet/services/certmonger-user.yaml
+  OS::TripleO::Services::CertmongerUser: deployment/certs/certmonger-user-baremetal-puppet.yaml
   OS::TripleO::Services::Clustercheck: OS::Heat::None
   OS::TripleO::Services::RsyslogSidecar: OS::Heat::None
   OS::TripleO::Services::VRTSHyperScale: OS::Heat::None
diff --git a/sample-env-generator/ssl.yaml b/sample-env-generator/ssl.yaml
index 806cdcffc3..b0435d4679 100644
--- a/sample-env-generator/ssl.yaml
+++ b/sample-env-generator/ssl.yaml
@@ -56,8 +56,7 @@ environments:
 
             ipa_enroll: True
     resource_registry:
-      # FIXME(bogdando): switch it, once it is containerized
-      OS::TripleO::Services::CertmongerUser: ../../puppet/services/certmonger-user.yaml
+      OS::TripleO::Services::CertmongerUser: ../../deployment/certs/certmonger-user-baremetal-puppet.yaml
       OS::TripleO::Services::HAProxyInternalTLS: ../../deployment/haproxy/haproxy-internal-tls-certmonger.yaml
       # We use apache as a TLS proxy
       # FIXME(bogdando): switch it, once it is containerized
@@ -89,7 +88,7 @@ environments:
     children:
       - name: ssl/inject-trust-anchor-hiera
         files:
-          puppet/services/ca-certs.yaml:
+          deployment/certs/ca-certs-baremetal-puppet.yaml:
             parameters:
               - CAMap
         # Need to clear this so we don't inherit the parent registry