cloud-init-dev team mailing list archive

[Chad Smith <chad.smith@xxxxxxxxxxxxx>]

Chad Smith has proposed merging ~chad.smith/cloud-init:puppet-flakes into cloud-init:master.

Requested reviews:
  cloud-init commiters (cloud-init-dev)

For more details, see:
https://code.launchpad.net/~chad.smith/cloud-init/+git/cloud-init/+merge/342154

cc_puppet: Revert regression of puppet creating ssl and ssl_cert dirs

Replace regressed cc_puppet functionality from a1f678f8.

The following content was inadvertently dropped:
 - chown /var/lib/puppet/ssl as puppet:root.
 - Automatic creation of /var/lib/puppet/ssl/certs

-- 
Your team cloud-init commiters is requested to review the proposed merge of ~chad.smith/cloud-init:puppet-flakes into cloud-init:master.

diff --git a/cloudinit/config/cc_puppet.py b/cloudinit/config/cc_puppet.py
index 297e072..4190a20 100644
--- a/cloudinit/config/cc_puppet.py
+++ b/cloudinit/config/cc_puppet.py
@@ -140,6 +140,7 @@ def handle(name, cfg, cloud, log, _args):
         # (TODO(harlowja) is this really needed??)
         cleaned_lines = [i.lstrip() for i in contents.splitlines()]
         cleaned_contents = '\n'.join(cleaned_lines)
+        # Move to puppet_config.read_file when dropping py2.7
         puppet_config.readfp(   # pylint: disable=W1505
             StringIO(cleaned_contents),
             filename=p_constants.conf_path)
@@ -150,6 +151,8 @@ def handle(name, cfg, cloud, log, _args):
                 # Puppet ssl sub-directory isn't created yet
                 # Create it with the proper permissions and ownership
                 util.ensure_dir(p_constants.ssl_dir, 0o771)
+                util.chownbyname(p_constants.ssl_dir, 'puppet', 'root')
+                util.ensure_dir(p_constants.ssl_cert_dir)
 
                 util.chownbyname(p_constants.ssl_cert_dir, 'puppet', 'root')
                 util.write_file(p_constants.ssl_cert_path, cfg)