diff --git a/manifests/agent/config.pp b/manifests/agent/config.pp index f9b12d28..4ffc2d99 100644 --- a/manifests/agent/config.pp +++ b/manifests/agent/config.pp @@ -31,11 +31,6 @@ 'postrun_command': value => $::puppet::postrun_command; } } - if $::puppet::client_certname { - puppet::config::agent { - 'certname': value => $::puppet::client_certname; - } - } $::puppet::agent_additional_settings.each |$key,$value| { puppet::config::agent { $key: value => $value } diff --git a/manifests/config.pp b/manifests/config.pp index 7bd53599..8beb9f96 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -17,6 +17,7 @@ $srv_domain = $::puppet::srv_domain, $use_srv_records = $::puppet::use_srv_records, $additional_settings = $::puppet::additional_settings, + $client_certname = $::puppet::client_certname, ) { puppet::config::main{ 'vardir': value => $::puppet::vardir; @@ -63,6 +64,11 @@ if $syslogfacility and !empty($syslogfacility) { puppet::config::main{'syslogfacility': value => $syslogfacility; } } + if $client_certname { + puppet::config::main { + 'certname': value => $client_certname; + } + } $additional_settings.each |$key,$value| { puppet::config::main { $key: value => $value } diff --git a/spec/classes/puppet_agent_spec.rb b/spec/classes/puppet_agent_spec.rb index 45c23de5..a3fbc0a0 100644 --- a/spec/classes/puppet_agent_spec.rb +++ b/spec/classes/puppet_agent_spec.rb @@ -31,8 +31,6 @@ let :facts do facts.deep_merge( - # rspec-puppet(-facts) doesn't mock this - clientcert: 'client.example.com', # Cron/systemd timers are based on the IP - make it consistent networking: { ip: '192.0.2.100' } ) @@ -73,7 +71,6 @@ it { is_expected.to contain_file(confdir).with_ensure('directory') } it { is_expected.to contain_concat("#{confdir}/puppet.conf") } it { is_expected.to contain_concat__fragment('puppet.conf_agent').with_content(/^\[agent\]/) } - it { is_expected.to contain_puppet__config__agent('certname').with_value(facts[:clientcert]) } it { is_expected.to contain_puppet__config__agent('report').with_value('true') } it { is_expected.not_to contain_puppet__config__agent('prerun_command') } it { is_expected.not_to contain_puppet__config__agent('postrun_command') } @@ -351,14 +348,6 @@ it { should_not contain_file('/var/lib/puppet/state/agent_disabled.lock') } end - context 'with client_certname => false' do - let :params do - super().merge(client_certname: false) - end - - it { is_expected.not_to contain_puppet__config__agent('certname') } - end - context 'with report => false' do let :params do super().merge(report: false) diff --git a/spec/classes/puppet_config_spec.rb b/spec/classes/puppet_config_spec.rb index 4fb38ff4..4df6713f 100644 --- a/spec/classes/puppet_config_spec.rb +++ b/spec/classes/puppet_config_spec.rb @@ -1,4 +1,5 @@ require 'spec_helper' +require 'deep_merge' describe 'puppet' do on_os_under_test.each do |os, facts| @@ -132,6 +133,36 @@ end end + describe 'client_certname' do + context 'with client_certname => $::clientcert' do + let :facts do + # rspec-puppet(-facts) doesn't mock this + facts.deep_merge(clientcert: 'client.example.com') + end + let :params do + super().merge(client_certname: facts[:clientcert]) + end + + it { is_expected.to contain_puppet__config__main('certname').with_value(facts[:clientcert]) } + end + + context 'with client_certname => "foobar"' do + let :params do + super().merge(client_certname: 'foobar') + end + + it { is_expected.to contain_puppet__config__main('certname').with_value('foobar') } + end + + context 'with client_certname => false' do + let :params do + super().merge(client_certname: false) + end + + it { is_expected.not_to contain_puppet__config__main('certname') } + end + end + context 'puppetmaster' do describe "when puppetmaster => 'mymaster.example.com'" do let :params do