Enable certmonger to restart on reboot

Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1670604
ManageIQ · Feb 12, 2019 · 99af5e1 · 99af5e1
1 parent ca27929
commit 99af5e1
Show file tree

Hide file tree

Showing 2 changed files with 69 additions and 3 deletions.
diff --git a/lib/manageiq/appliance_console/certificate_authority.rb b/lib/manageiq/appliance_console/certificate_authority.rb
@@ -63,15 +63,21 @@ def configure_pgclient
         AwesomeSpawn.run!("/sbin/restorecon -R #{PSQL_CLIENT_DIR}")
       end
 
-      self.pgclient = Certificate.new(
+      cert = Certificate.new(
         :cert_filename => "#{PSQL_CLIENT_DIR}/postgresql.crt",
         :root_filename => "#{PSQL_CLIENT_DIR}/root.crt",
         :service       => "manageiq",
         :extensions    => %w(client),
         :ca_name       => ca_name,
         :hostname      => hostname,
         :realm         => realm,
-      ).request.status
+      ).request
+
+      if cert.complete?
+        say "configuring certmonger to start on reboot"
+        LinuxAdmin::Service.new("certmonger").enable.start
+      end
+      self.pgclient = cert.status
     end
 
     def configure_pgserver
@@ -92,6 +98,9 @@ def configure_pgserver
         # no need for username/password since not writing database.yml
         InternalDatabaseConfiguration.new(:ssl => true).configure_postgres
         LinuxAdmin::Service.new(PostgresAdmin.service_name).restart
+
+        say "configuring certmonger to start on reboot"
+        LinuxAdmin::Service.new("certmonger").enable.start
       end
       self.pgserver = cert.status
     end
@@ -110,6 +119,9 @@ def configure_http
       if cert.complete?
         say "configuring apache to use new certs"
         LinuxAdmin::Service.new("httpd").restart
+
+        say "configuring certmonger to start on reboot"
+        LinuxAdmin::Service.new("certmonger").enable.start
       end
       self.http = cert.status
     end

diff --git a/spec/certificate_authority_spec.rb b/spec/certificate_authority_spec.rb
@@ -28,6 +28,59 @@
     end
   end
 
+  context "#http" do
+    before do
+      subject.http = true
+    end
+
+    it "without ipa client should not install" do
+      ipa_configured(false)
+      expect { subject.activate }.to raise_error(ArgumentError, /ipa client/)
+    end
+
+    it "should configure http" do
+      ipa_configured(true)
+      expect_run(/getcert/, anything, response) # getcert returns: the certificate already exist
+
+      expect(LinuxAdmin::Service).to receive(:new).and_return(double("Service", :restart => true))
+      expect(LinuxAdmin::Service).to receive(:new).and_return(double(:enable => double(:start => nil)))
+      expect(FileUtils).to receive(:chmod).with(0644, anything)
+
+      expect(subject).to receive(:say).twice
+      subject.activate
+      expect(subject.http).to eq(:complete)
+      expect(subject.status_string).to eq("http: complete")
+      expect(subject).to be_complete
+    end
+
+  end
+
+  context "#postgres client" do
+    before do
+      subject.pgclient = true
+    end
+
+    it "without ipa client should not install" do
+      ipa_configured(false)
+      expect { subject.activate }.to raise_error(ArgumentError, /ipa client/)
+    end
+
+    it "should configure postgres client" do
+      ipa_configured(true)
+      expect_run(/getcert/, anything, response) # getcert returns: the certificate already exist
+
+      allow(File).to receive(:exist?).and_return(true)
+      expect(LinuxAdmin::Service).to receive(:new).and_return(double(:enable => double(:start => nil)))
+      expect(FileUtils).to receive(:chmod).with(0644, anything)
+
+      expect(subject).to receive(:say)
+      subject.activate
+      expect(subject.pgclient).to eq(:complete)
+      expect(subject.status_string).to eq("pgclient: complete")
+      expect(subject).to be_complete
+    end
+  end
+
   context "#postgres server" do
     before do
       subject.pgserver = true
@@ -46,9 +99,10 @@
         .and_return(double("config", :activate => true, :configure_postgres => true))
       allow(PostgresAdmin).to receive_messages(:service_name => "postgresql")
       expect(LinuxAdmin::Service).to receive(:new).and_return(double("Service", :restart => true))
+      expect(LinuxAdmin::Service).to receive(:new).and_return(double(:enable => double(:start => nil)))
       expect(FileUtils).to receive(:chmod).with(0644, anything)
 
-      expect(subject).to receive(:say)
+      expect(subject).to receive(:say).twice
       subject.activate
       expect(subject.pgserver).to eq(:complete)
       expect(subject.status_string).to eq("pgserver: complete")