Project

General

Profile

« Previous | Next » 

Revision e0c6e711

Added by Stephen Benjamin almost 6 years ago

Support ssl-protocols option for puppetserver configuration

View differences:

manifests/server/puppetserver.pp
'webserver.ssl-key' => $server_ssl_cert_key,
'webserver.ssl-ca-cert' => $server_ssl_ca_cert,
'webserver.idle-timeout-milliseconds' => $server_web_idle_timeout,
'webserver.ssl-protocols' => $server_ssl_protocols,
'webserver.cipher-suites' => $server_cipher_suites,
}
$webserver_general_settings.each |$setting, $value| {
spec/classes/puppet_server_config_spec.rb
end
end
describe 'with ssl_protocols overwritten' do
let :pre_condition do
"class {'puppet':
server => true,
server_implementation => 'puppetserver',
server_ca => true,
server_puppetserver_dir => '/etc/custom/puppetserver',
server_ssl_protocols => ['TLSv1.1', 'TLSv1.2'],
}"
end
it 'should set the ssl protocols' do
should contain_hocon_setting('webserver.ssl-protocols').
with_path('/etc/custom/puppetserver/conf.d/webserver.conf').
with_setting('webserver.ssl-protocols').
with_value(['TLSv1.1', 'TLSv1.2']).
with_ensure('present')
end
end
describe 'with cipher-suites overwritten' do
let :pre_condition do
"class {'puppet':
server => true,
server_implementation => 'puppetserver',
server_ca => true,
server_puppetserver_dir => '/etc/custom/puppetserver',
server_cipher_suites => ['TLS_RSA_WITH_AES_256_CBC_SHA256', 'TLS_RSA_WITH_AES_256_CBC_SHA'],
}"
end
it 'should set the cipher suite' do
should contain_hocon_setting('webserver.cipher-suites').
with_path('/etc/custom/puppetserver/conf.d/webserver.conf').
with_setting('webserver.cipher-suites').
with_value(['TLS_RSA_WITH_AES_256_CBC_SHA256', 'TLS_RSA_WITH_AES_256_CBC_SHA']).
with_ensure('present')
end
end
describe 'with ssl_chain_filepath overwritten' do
let :pre_condition do
"class {'puppet':

Also available in: Unified diff