change nssdb::add_cert_and_key type to treat it's title as the default nickname

Joshua Hoblitt · Joshua Hoblitt · commit ee1b60e4a9bb · 2014-02-10T15:38:03.000-07:00
Previously, the title was being used as the default certdir param value.
diff --git a/README.md b/README.md
@@ -14,22 +14,19 @@ nssdb::create { '/etc/dirsrv/slapd-ldap1':
   manage_certdir => false,
 }
 
-nssdb::add_cert_and_key{ '/etc/dirsrv/slapd-ldap1':
+nssdb::add_cert_and_key{ 'Server-Cert':
   certdir  => '/etc/dirsrv/slapd-ldap1',
-  nickname => 'Server-Cert',
   cert     => '/tmp/foo.pem',
   key      => '/tmp/foo.key',
 }
 
 nssdb::add_cert { 'AlphaSSL CA':
   certdir  => '/etc/dirsrv/slapd-ldap1',
-  nickname => 'AlphaSSL CA',
   cert     => '/tmp/alphassl_intermediate.pem',
 }
 
 nssdb::add_cert { 'GlobalSign Root CA':
   certdir  => '/etc/dirsrv/slapd-ldap1',
-  nickname => 'GlobalSign Root CA',
   cert     => '/tmp/globalsign_root.pem',
 }
 ```
diff --git a/manifests/add_cert_and_key.pp b/manifests/add_cert_and_key.pp
@@ -1,32 +1,32 @@
 # Loads a certificate and key into an NSS database.
 #
 # Parameters:
-#   $nickname         - required - the nickname for the NSS certificate
-#   $cert             - required - path to certificate in PEM format
-#   $key              - required - path to unencrypted key in PEM format
-#   $certdir          - optional - defaults to $title
+#   $certdir  - required - defaults to $title
+#   $cert     - required - path to certificate in PEM format
+#   $key      - required - path to unencrypted key in PEM format
+#   $nickname - optional - the nickname for the NSS certificate
 #
 # Actions:
 #   loads certificate and key into the NSS database.
 #
 # Requires:
-#   $nickname
+#   $certdir
 #   $cert
 #   $key
 #
 # Sample Usage:
 #
-#      nssdb::add_cert_and_key{"qpidd":
-#        nickname=> 'Server-Cert',
-#        cert => '/tmp/server.crt',
-#        key  => '/tmp/server.key',
-#      }
+#     nssdb::add_cert_and_key{ 'Server-Cert':
+#       certdir => '/dne',
+#       cert    => '/tmp/server.crt',
+#       key     => '/tmp/server.key',
+#     }
 #
 define nssdb::add_cert_and_key (
-  $nickname,
+  $certdir,
   $cert,
   $key,
-  $certdir = $title
+  $nickname = $title
 ) {
   include nssdb
 
diff --git a/spec/defines/nssdb_add_cert_and_key_spec.rb b/spec/defines/nssdb_add_cert_and_key_spec.rb
@@ -1,43 +1,86 @@
 require 'spec_helper'
 
 describe 'nssdb::add_cert_and_key', :type => :define do
-  let(:title) { '/dne' }
-  let(:params) do
-    {
-      :nickname => 'Server-Cert',
-      :cert     => '/tmp/server.cert',
-      :key      => '/tmp/server.key',
-    }
-  end
+  context 'default params' do
+    let(:title) { 'Server-Cert' }
+    let(:params) do
+      {
+        :certdir => '/dne',
+        :cert    => '/tmp/server.cert',
+        :key     => '/tmp/server.key',
+      }
+    end
+
+    context 'generate_pkcs12' do
+      it do
+        should contain_exec('generate_pkcs12_Server-Cert').with(
+          :command   => "/usr/bin/openssl pkcs12 -export -in /tmp/server.cert -inkey /tmp/server.key -password 'file:/dne/password.conf' -out '/dne/server-cert.p12' -name 'Server-Cert'",
+          :require   => [
+            'Nssdb::Create[/dne]',
+            'Class[Nssdb]'
+          ],
+          :creates   => '/dne/server-cert.p12',
+          :subscribe => 'File[/dne/password.conf]'
+        )
+      end
+    end
 
-  context 'generate_pkcs12' do
-    it do
-      should contain_exec('generate_pkcs12_/dne').with(
-        :command   => "/usr/bin/openssl pkcs12 -export -in /tmp/server.cert -inkey /tmp/server.key -password 'file:/dne/password.conf' -out '/dne/server-cert.p12' -name 'Server-Cert'",
-        :require   => [
-          'Nssdb::Create[/dne]',
-          'Class[Nssdb]'
-        ],
-        :creates   => '/dne/server-cert.p12',
-        :subscribe => 'File[/dne/password.conf]'
-      )
+    context 'add_pkcs12' do
+      it do
+        should contain_exec('add_pkcs12_Server-Cert').with(
+          :path      => ['/usr/bin'],
+          :command   => "pk12util -d /dne -i /dne/server-cert.p12 -w /dne/password.conf -k /dne/password.conf",
+          :unless    => "certutil -d /dne -L -n 'Server-Cert'",
+          :logoutput => true,
+          :require   => [
+            'Exec[generate_pkcs12_Server-Cert]',
+            'Nssdb::Create[/dne]',
+            'Class[Nssdb]'
+          ]
+        )
+      end
     end
-  end
+  end # default params
 
-  context 'add_pkcs12' do
-    it do
-      should contain_exec('add_pkcs12_/dne').with(
-        :path      => ['/usr/bin'],
-        :command   => "pk12util -d /dne -i /dne/server-cert.p12 -w /dne/password.conf -k /dne/password.conf",
-        :unless    => "certutil -d /dne -L -n 'Server-Cert'",
-        :logoutput => true,
-        :require   => [
-          'Exec[generate_pkcs12_/dne]',
-          'Nssdb::Create[/dne]',
-          'Class[Nssdb]'
-        ]
-      )
+  context 'all params' do
+    let(:title) { 'foo' }
+    let(:params) do
+      {
+        :nickname => 'Server-Cert',
+        :certdir  => '/dne',
+        :cert     => '/tmp/server.cert',
+        :key      => '/tmp/server.key',
+      }
     end
-  end
 
+    context 'generate_pkcs12' do
+      it do
+        should contain_exec('generate_pkcs12_foo').with(
+          :command   => "/usr/bin/openssl pkcs12 -export -in /tmp/server.cert -inkey /tmp/server.key -password 'file:/dne/password.conf' -out '/dne/server-cert.p12' -name 'Server-Cert'",
+          :require   => [
+            'Nssdb::Create[/dne]',
+            'Class[Nssdb]'
+          ],
+          :creates   => '/dne/server-cert.p12',
+          :subscribe => 'File[/dne/password.conf]'
+        )
+      end
+    end
+
+    context 'add_pkcs12' do
+      it do
+        should contain_exec('add_pkcs12_foo').with(
+          :path      => ['/usr/bin'],
+          :command   => "pk12util -d /dne -i /dne/server-cert.p12 -w /dne/password.conf -k /dne/password.conf",
+          :unless    => "certutil -d /dne -L -n 'Server-Cert'",
+          :logoutput => true,
+          :require   => [
+            'Exec[generate_pkcs12_foo]',
+            'Nssdb::Create[/dne]',
+            'Class[Nssdb]'
+          ]
+        )
+      end
+    end
+  end # all params
 end
diff --git a/tests/create.pp b/tests/create.pp
@@ -12,7 +12,6 @@
   certdir  => '/tmp/nssdb',
   cert     => '/tmp/cert.pem',
   key      => '/tmp/key.pem',
-  nickname => 'test',
 }
 
 # You can confirm that things are loaded properly with:

Original file line number	Diff line number	Diff line change
`@@ -14,22 +14,19 @@ nssdb::create { '/etc/dirsrv/slapd-ldap1':`
`14`	`14`	`manage_certdir => false,`
`15`	`15`	`}`
`16`	`16`
`17`		`-nssdb::add_cert_and_key{ '/etc/dirsrv/slapd-ldap1':`
	`17`	`+nssdb::add_cert_and_key{ 'Server-Cert':`
`18`	`18`	`certdir => '/etc/dirsrv/slapd-ldap1',`
`19`		`- nickname => 'Server-Cert',`
`20`	`19`	`cert => '/tmp/foo.pem',`
`21`	`20`	`key => '/tmp/foo.key',`
`22`	`21`	`}`
`23`	`22`
`24`	`23`	`nssdb::add_cert { 'AlphaSSL CA':`
`25`	`24`	`certdir => '/etc/dirsrv/slapd-ldap1',`
`26`		`- nickname => 'AlphaSSL CA',`
`27`	`25`	`cert => '/tmp/alphassl_intermediate.pem',`
`28`	`26`	`}`
`29`	`27`
`30`	`28`	`nssdb::add_cert { 'GlobalSign Root CA':`
`31`	`29`	`certdir => '/etc/dirsrv/slapd-ldap1',`
`32`		`- nickname => 'GlobalSign Root CA',`
`33`	`30`	`cert => '/tmp/globalsign_root.pem',`
`34`	`31`	`}`
`35`	`32`	```
Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,6 @@`
`12`	`12`	`certdir => '/tmp/nssdb',`
`13`	`13`	`cert => '/tmp/cert.pem',`
`14`	`14`	`key => '/tmp/key.pem',`
`15`		`- nickname => 'test',`
`16`	`15`	`}`
`17`	`16`
`18`	`17`	`# You can confirm that things are loaded properly with:`