2 c.include PuppetlabsSpec::Files
6 # Suppress cert fingerprint logging
7 allow_any_instance_of(Puppet::SSL::CertificateAuthority).to receive(:puts)
9 # remove the stub that causes puppet to believe it is
10 # always being run as root.
11 # See https://github.com/puppetlabs/puppetlabs_spec_helper/blob/master/lib/puppetlabs_spec_helper/module_spec_helper.rb#L29
12 Puppet.features.unstub(:root?)
14 Puppet[:vardir] = tmpdir('var')
15 Puppet[:confdir] = tmpdir('conf')
18 def backdate_certificate(ca, cert, not_before, not_after)
19 cert.content.not_before = not_before
20 cert.content.not_after = not_after
21 signer = Puppet::SSL::CertificateSigner.new
22 signer.sign(cert.content, ca.host.key.content)
26 def make_certificate(name, not_before, not_after)
27 ca = Puppet::SSL::CertificateAuthority.new
28 cert = ca.generate(name)
29 backdate_certificate(ca, cert, not_before, not_after)
33 RSpec.shared_context "Initialize CA" do
34 # PKI generation is done by initializing a CertificateAuthority object, which has the effect of
35 # applying the settings catalog, generating a RSA keypair, and generating a CA certificate.
36 # Since we're regenerating the CA state between each test we need to create a new
37 # CertificateAuthority object instead of using CertificateAuthority.instance, since that will
38 # memoize a single instance and will not generate the ca folder structure and PKI files.
40 Puppet::SSL::CertificateAuthority.new
44 Puppet::SSL::Host.ca_location = :only
45 Puppet.settings.preferred_run_mode = "master"
48 Puppet[:ca_name] = 'Puppet CA: foo'