-
-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Don't run enable_ca_trust on EL7 #40
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
fixtures: | ||
repositories: | ||
stdlib: "git://github.com/puppetlabs/puppetlabs-stdlib.git" | ||
remote_file: "git://github.com/lwf/puppet-remote_file.git" | ||
stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" | ||
remote_file: "https://github.com/lwf/puppet-remote_file.git" | ||
symlinks: | ||
ca_cert: "#{source_dir}" |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,7 +2,7 @@ | |
class ca_cert::update { | ||
include ::ca_cert::params | ||
|
||
if $::osfamily == 'RedHat' { | ||
if ($::osfamily == 'RedHat' and versioncmp($::operatingsystemrelease, '7') < 0) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I'm not sure how long this module will continue to support puppet 3, but since it is currently marked as supported, I've not switched to the newer non-legacy facts. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't think we need to support Puppet 3 any longer - I just haven't run across anything that breaks it yet either. Feel free to break it and update metadata if you want/need to. |
||
exec { 'enable_ca_trust': | ||
command => 'update-ca-trust enable', | ||
logoutput => 'on_failure', | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -46,6 +46,7 @@ | |
let :facts do | ||
{ | ||
:osfamily => 'RedHat', | ||
:operatingsystemrelease => '7.0' | ||
} | ||
end | ||
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,81 +1,47 @@ | ||
require 'spec_helper' | ||
|
||
describe 'ca_cert::update', :type => :class do | ||
|
||
shared_examples 'compiles and includes params class' do | ||
it { should compile } | ||
it { should contain_class('ca_cert::params') } | ||
end | ||
|
||
context "on a Debian based OS" do | ||
let :facts do | ||
{ | ||
:osfamily => 'Debian', | ||
:operatingsystem => 'Ubuntu' | ||
} | ||
end | ||
|
||
it_behaves_like 'compiles and includes params class' do | ||
end | ||
it { is_expected.not_to contain_exec('enable_ca_trust') } | ||
it { is_expected.to contain_exec('ca_cert_update').with( | ||
:command => 'update-ca-certificates', | ||
:refreshonly => true, | ||
)} | ||
|
||
end | ||
context "on a RedHat based OS" do | ||
let :facts do | ||
{ | ||
:osfamily => 'RedHat', | ||
} | ||
end | ||
|
||
it_behaves_like 'compiles and includes params class' do | ||
end | ||
it { is_expected.to contain_exec('enable_ca_trust').with( | ||
:command => 'update-ca-trust enable', | ||
) } | ||
it { is_expected.to contain_exec('ca_cert_update').with( | ||
:command => 'update-ca-trust extract', | ||
:refreshonly => true, | ||
)} | ||
|
||
end | ||
['10','11'].each do |osmajrel| | ||
context "on a Suse #{osmajrel} based OS" do | ||
let :facts do | ||
{ | ||
:osfamily => 'Suse', | ||
:operatingsystemmajrelease => "#{osmajrel}", | ||
} | ||
on_supported_os.each do |os, facts| | ||
context "on #{os}" do | ||
let(:facts) do | ||
facts | ||
end | ||
|
||
it_behaves_like 'compiles and includes params class' do | ||
it { is_expected.to compile.with_all_deps } | ||
it { is_expected.to contain_class('ca_cert::params') } | ||
|
||
case facts[:osfamily] | ||
when 'Debian' | ||
it { is_expected.not_to contain_exec('enable_ca_trust') } | ||
it { is_expected.to contain_exec('ca_cert_update').with( | ||
:command => 'update-ca-certificates', | ||
:refreshonly => true, | ||
)} | ||
when 'RedHat' | ||
if facts[:operatingsystemrelease] == '7.0' | ||
it { is_expected.not_to contain_exec('enable_ca_trust') } | ||
else | ||
it { is_expected.to contain_exec('enable_ca_trust').with_command('update-ca-trust enable') } | ||
end | ||
it { is_expected.to contain_exec('ca_cert_update').with( | ||
:command => 'update-ca-trust extract', | ||
:refreshonly => true, | ||
)} | ||
when 'Suse' | ||
it { is_expected.not_to contain_exec('enable_ca_trust') } | ||
case facts[:operatingsystemmajrelease] | ||
when '10','11' | ||
it { is_expected.to contain_exec('ca_cert_update').with( | ||
:command => 'c_rehash', | ||
:refreshonly => true, | ||
)} | ||
when '12','13','42' | ||
it { is_expected.to contain_exec('ca_cert_update').with( | ||
:command => 'update-ca-certificates', | ||
:refreshonly => true, | ||
)} | ||
end | ||
end | ||
it { is_expected.not_to contain_exec('enable_ca_trust') } | ||
it { is_expected.to contain_exec('ca_cert_update').with( | ||
:command => 'c_rehash', | ||
:refreshonly => true, | ||
)} | ||
|
||
end | ||
end | ||
context "on a Suse 12 based OS" do | ||
let :facts do | ||
{ | ||
:osfamily => 'Suse', | ||
:operatingsystemmajrelease => '12', | ||
} | ||
end | ||
|
||
it_behaves_like 'compiles and includes params class' do | ||
end | ||
it { is_expected.not_to contain_exec('enable_ca_trust') } | ||
it { is_expected.to contain_exec('ca_cert_update').with( | ||
:command => 'update-ca-certificates', | ||
:refreshonly => true, | ||
)} | ||
|
||
end | ||
end |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -55,6 +55,7 @@ | |
{ | ||
:osfamily => 'RedHat', | ||
:operatingsystem => 'RedHat', | ||
:operatingsystemrelease => '7.0' | ||
} | ||
end | ||
|
||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This makes it nicer for those of us stuck behind corporate firewalls.