be explicit about ordering between nssdb::create & nssdb::add* types

Contargo · Jan 15, 2014 · 5011b56 · 5011b56
1 parent c585c7e
commit 5011b56
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 11 deletions.
diff --git a/manifests/add_cert.pp b/manifests/add_cert.pp
@@ -34,6 +34,7 @@
     unless    => "certutil -d ${certdir} -L -n '${nickname}'",
     logoutput => true,
     require   => [
+      Nssdb::Create[$certdir],
       Class['nssdb'],
     ],
   }

diff --git a/manifests/add_cert_and_key.pp b/manifests/add_cert_and_key.pp
@@ -36,8 +36,7 @@
   exec {"generate_pkcs12_${title}":
     command     => "/usr/bin/openssl pkcs12 -export -in ${cert} -inkey ${key} -password 'file:${certdir}/password.conf' -out '${certdir}/${pkcs12_name}' -name '${nickname}'",
     require     => [
-      File["${certdir}/password.conf"],
-      File["${certdir}/cert8.db"],
+      Nssdb::Create[$certdir],
       Class['nssdb'],
     ],
     subscribe   => File["${certdir}/password.conf"],
@@ -51,8 +50,9 @@
     logoutput => true,
     require   => [
       Exec["generate_pkcs12_${title}"],
+      Nssdb::Create[$certdir],
       Class['nssdb'],
-    ]
+    ],
   }
 
 }
diff --git a/manifests/create.pp b/manifests/create.pp
@@ -5,11 +5,7 @@
 #   $group_id         - required - the file/directory group
 #   $password         - required - password to set on the database
 #   $mode             - optional - defaults to '0600'
-#   $certdir          - optional - defaults to $title
 #   $certdir_mode     - optional - defaults to '0700'
-#   $cacert           - optional - path to CA certificate in PEM format
-#   $canickname       - default CA nickname
-#   $catrust          - default CT,CT,
 #
 # Actions:
 #   creates a new NSS database, consisting of 4 files:
@@ -34,12 +30,14 @@
   $group_id,
   $password,
   $mode           = '0600',
-  $certdir        = $title,
   $certdir_mode   = '0700',
   $manage_certdir = true
 ) {
   include nssdb
 
+  validate_absolute_path($title)
+  $certdir = $title
+
   if $manage_certdir {
     file { $certdir:
       ensure  => directory,

diff --git a/spec/defines/nssdb_add_cert_and_key_spec.rb b/spec/defines/nssdb_add_cert_and_key_spec.rb
@@ -15,8 +15,7 @@
       should contain_exec('generate_pkcs12_/dne').with(
         :command   => "/usr/bin/openssl pkcs12 -export -in /tmp/server.cert -inkey /tmp/server.key -password 'file:/dne/password.conf' -out '/dne/server-cert.p12' -name 'Server-Cert'",
         :require   => [
-          'File[/dne/password.conf]',
-          'File[/dne/cert8.db]',
+          'Nssdb::Create[/dne]',
           'Class[Nssdb]'
         ],
         :subscribe => 'File[/dne/password.conf]'
@@ -33,6 +32,7 @@
         :logoutput => true,
         :require   => [
           'Exec[generate_pkcs12_/dne]',
+          'Nssdb::Create[/dne]',
           'Class[Nssdb]'
         ]
       )

diff --git a/spec/defines/nssdb_add_cert_spec.rb b/spec/defines/nssdb_add_cert_spec.rb
@@ -17,8 +17,9 @@
         :unless    => "certutil -d /dne -L -n 'GlobalSign Root CA'",
         :logoutput => true,
         :require   => [
+          'Nssdb::Create[/dne]',
           'Class[Nssdb]'
-        ],
+        ]
       )
     end
   end