From dcb32f7efba528e9646a1b97990c5a7affa01b8c Mon Sep 17 00:00:00 2001
From: Mikael Frykholm <mifr@sunet.se>
Date: Fri, 1 Mar 2024 13:55:23 +0100
Subject: [PATCH] Add infra certs.

---
 global/overlay/etc/puppet/cosmos-rules.yaml                   | 1 +
 global/overlay/etc/puppet/manifests/cosmos-site.pp            | 4 +++-
 .../overlay/etc/puppet/modules/rut/manifests/infra_ca_rp.pp   | 4 ++++
 global/overlay/etc/puppet/modules/rut/manifests/init.pp       | 1 +
 4 files changed, 9 insertions(+), 1 deletion(-)
 create mode 100644 global/overlay/etc/puppet/modules/rut/manifests/infra_ca_rp.pp

diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml
index b728747..c186864 100644
--- a/global/overlay/etc/puppet/cosmos-rules.yaml
+++ b/global/overlay/etc/puppet/cosmos-rules.yaml
@@ -4,6 +4,7 @@
   rut:
 
 '^internal-sto4-test-k8sm-[0-9].rut.sunet.se$':
+  rut::infra_ca_rp:
   sunet::microk8s::node: 
     channel: 1.29/stable
   sunet::frontend::register_sites:
diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp
index 1549a00..631863d 100644
--- a/global/overlay/etc/puppet/manifests/cosmos-site.pp
+++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp
@@ -20,7 +20,9 @@ Exec {
 node default {
 
 }
-
+class infra_ca_rp {
+   sunet::ici_ca::rp { 'infra': }
+}
 # edit and uncomment to manage ssh root keys in a simple way
 
 #class { 'cosmos::access':
diff --git a/global/overlay/etc/puppet/modules/rut/manifests/infra_ca_rp.pp b/global/overlay/etc/puppet/modules/rut/manifests/infra_ca_rp.pp
new file mode 100644
index 0000000..28f76d6
--- /dev/null
+++ b/global/overlay/etc/puppet/modules/rut/manifests/infra_ca_rp.pp
@@ -0,0 +1,4 @@
+# Everything is awesome!
+class rut::infra_ca_rp {
+   sunet::ici_ca::rp { 'infra': }
+}
diff --git a/global/overlay/etc/puppet/modules/rut/manifests/init.pp b/global/overlay/etc/puppet/modules/rut/manifests/init.pp
index 00ab0a1..5796a23 100644
--- a/global/overlay/etc/puppet/modules/rut/manifests/init.pp
+++ b/global/overlay/etc/puppet/modules/rut/manifests/init.pp
@@ -11,3 +11,4 @@ class rut {
 
   include sunet::rsyslog
 }
+