Add '/etc/pki' item for puppet ensure directory

The ssl_ca installation is failing for worker nodes because it does not find the /etc/pki folder created already. This commit adds /etc/pki individually as an item to a puppet ensure directory statement. This will make sure that puppet creates this directory first when it does not exists. If the dir already exists puppet will also be satisfied and execute with success. Test plan: PASS: Add a ssl_ca certificate with system certificate-install and verify that certificates where added to etc/pki/ca-trust/source/anchors/ca-cert.crt in a compute node. PASS: Run a full deploy of a standard lab and verify that compute nodes become unlocked and available. Closes-Bug: 1999588 Signed-off-by: Rei Oliveira <Reinildes.JoseMateusOliveira@windriver.com> Change-Id: Ib59ab88a9d4d1112e35f98d92aef72cbac01af07
2022-12-13 21:50:15 -03:00 · 2022-12-13 21:50:15 -03:00 · b4ab0829e1
commit b4ab0829e1
parent 65608ca206
1 changed files with 1 additions and 1 deletions
--- a/puppet-manifests/src/modules/platform/manifests/config.pp
+++ b/puppet-manifests/src/modules/platform/manifests/config.pp
@ -310,7 +310,7 @@ class platform::config::certs::ssl_ca
    default: {
      # This directory does not exist by default on debian
      $ca_trust_dir = '/etc/pki/ca-trust/source/anchors'
-      file { ['/etc/pki/ca-trust', '/etc/pki/ca-trust/source', $ca_trust_dir]:
+      file { ['/etc/pki', '/etc/pki/ca-trust', '/etc/pki/ca-trust/source', $ca_trust_dir]:
        ensure => 'directory',
        owner  => root,
        group  => root,