ssl: Reject if only one of cert_file and key_file is set
Both of cert_file and key_file should be set to use SSL feature. Change-Id: I6fa5353e3af18b97f720f6acb6eaf25a25413942
This commit is contained in:
2 changed files with 28 additions and 0 deletions
@@ -40,6 +40,10 @@ define oslo::service::ssl (
$version=$facts['os_service_default'],
){
if is_service_default($cert_file) != is_service_default($key_file) {
fail('Both of cert_file and key_file should be set or unset.')
}
$service_options={
'ssl/ca_file' => { value => $ca_file },
'ssl/cert_file'=>{ value => $cert_file },
@@ -35,6 +35,30 @@ describe 'oslo::service::ssl' do
is_expected.to contain_keystone_config('ssl/version').with_value('TLSv1')
end
end
context 'with only cert_file' do
let :params do
{
:cert_file => '/path/to/cert/file',
}
end
it 'fails because of incomplete input' do
should raise_error(Puppet::Error)
end
end
context 'with only key_file' do
let :params do
{
:key_file => '/path/to/key/file',
}
end
it 'fails because of incomplete input' do
should raise_error(Puppet::Error)
end
end
end
on_supported_os({
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.