From 2207a1ac2bde2fcc766ab8b8f6a8d4443166db89 Mon Sep 17 00:00:00 2001
From: Clark Boylan <clark.boylan@gmail.com>
Date: Tue, 23 Feb 2016 13:02:49 -0800
Subject: [PATCH] Put infracloud cert next to nodepool clouds.yaml

We are installing a cert to trust the infracloud but were trying to put
it in a dir that does not exist. Put it next to the clouds.yaml in
~nodepool/.config/openstack as that will exist because nodepool consumes
clouds.yaml from there.

Change-Id: I27e1a1d340e9864308c89c660ae014d7110fbe9f
---
 manifests/site.pp                                 | 15 ++++++++-------
 .../templates/nodepool/clouds.yaml.erb            |  2 +-
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/manifests/site.pp b/manifests/site.pp
index c6fb4d419f..75aeca8bf7 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -674,13 +674,6 @@ node 'nodepool.openstack.org' {
   $infracloud_password = hiera('nodepool_infracloud_password')
   $infracloud_project  = hiera('nodepool_infracloud_project', 'project')
   $clouds_yaml = template("openstack_project/nodepool/clouds.yaml.erb")
-  file { '/etc/openstack/infracloud_west_cacert.pem':
-    ensure  => present,
-    owner   => 'root',
-    group   => 'root',
-    mode    => '0600',
-    content => hiera('infracloud_hpuswest_ssl_cert_file_contents'),
-  }
   class { 'openstack_project::server':
     sysadmins                 => hiera('sysadmins', []),
     iptables_public_tcp_ports => [80],
@@ -749,6 +742,14 @@ node 'nodepool.openstack.org' {
       },
     ],
   }
+  file { '/home/nodepool/.config/openstack/infracloud_west_cacert.pem':
+    ensure  => present,
+    owner   => 'nodepool',
+    group   => 'nodepool',
+    mode    => '0600',
+    content => hiera('infracloud_hpuswest_ssl_cert_file_contents'),
+    require => Class['::openstackci::nodepool'],
+  }
 }
 
 # Node-OS: precise
diff --git a/modules/openstack_project/templates/nodepool/clouds.yaml.erb b/modules/openstack_project/templates/nodepool/clouds.yaml.erb
index b8b6fc52e0..fa26ec8f74 100644
--- a/modules/openstack_project/templates/nodepool/clouds.yaml.erb
+++ b/modules/openstack_project/templates/nodepool/clouds.yaml.erb
@@ -56,6 +56,6 @@ clouds:
       project_domain_name: 'infra'
       auth_url: 'https://controller00.hpuswest.ic.openstack.org:35357/v3'
     auth_type: 'v3password'
-    cacert: '/etc/openstack/infracloud_west_cacert.pem'
+    cacert: '/home/nodepool/.config/openstack/infracloud_west_cacert.pem'
     identity_api_version: '3'
     floating_ip_source: 'None'