Add additional require for certs
Explicitly set dependency for ALL certs file on CA cert
Related-Prod: PROD-35510
Change-Id: I99824329760a518d7c9fb7829d0a8dd71b31200c
diff --git a/.kitchen.yml b/.kitchen.yml
index 18f797d..c49f91f 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -17,10 +17,10 @@
noservices: true
vendor_repo:
- type: apt
- url: http://apt.mirantis.com/xenial
- key_url: http://apt.mirantis.com/public.gpg
- components: salt
- distribution: nightly
+ url: http://mirror.mirantis.com/nightly/salt-formulas/xenial
+ key_url: http://mirror.mirantis.com/nightly/salt-formulas/xenial/archive-salt-formulas.key
+ components: main
+ distribution: xenial
state_top:
base:
"*":
@@ -75,9 +75,9 @@
repo: git
source: https://gerrit.mcp.mirantis.com/salt-formulas/prometheus
branch: <%=ENV['GERRIT_BRANCH'] || 'master' %>
- - name: telegraph
+ - name: telegraf
repo: git
- source: https://gerrit.mcp.mirantis.com/salt-formulas/telegraph
+ source: https://gerrit.mcp.mirantis.com/salt-formulas/telegraf
branch: <%=ENV['GERRIT_BRANCH'] || 'master' %>
verifier:
diff --git a/salt/minion/cert.sls b/salt/minion/cert.sls
index eb8b4db..ea37d9b 100644
--- a/salt/minion/cert.sls
+++ b/salt/minion/cert.sls
@@ -156,6 +156,8 @@
salt_minion_cert_{{ cert_name }}_all:
cmd.wait:
- name: cat {{ key_file }} {{ cert_file }} {{ ca_file }} > {{ cert.all_file }}
+ - require:
+ - x509: {{ ca_file }}
{{ cert.all_file }}_cert_permissions:
file.managed: