Browse Source

Fix cert_manager_api with x509keypair

When magnum is using x509keypair as backend
the db query fails to apply the tenant filters
due to the missing context.

Pass the context to the the cert_manager.

story: 2006897
task: 37533

Change-Id: Ifdedac420fe4384013704865fa05ea6f1c15feb5
Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch>
tags/10.0.0.0rc1
Spyros Trigazis 1 year ago
committed by Feilong Wang
parent
commit
0205534f90
1 changed files with 4 additions and 3 deletions
  1. +4
    -3
      magnum/drivers/heat/k8s_fedora_template_def.py

+ 4
- 3
magnum/drivers/heat/k8s_fedora_template_def.py View File

@@ -119,7 +119,7 @@ class K8sFedoraTemplateDefinition(k8s_template_def.K8sTemplateDefinition):
if not extra_params.get('max_node_count'):
extra_params['max_node_count'] = cluster.node_count + 1

self._set_cert_manager_params(cluster, extra_params)
self._set_cert_manager_params(context, cluster, extra_params)
self._get_keystone_auth_default_policy(extra_params)
self._set_volumes(context, cluster, extra_params)

@@ -128,11 +128,12 @@ class K8sFedoraTemplateDefinition(k8s_template_def.K8sTemplateDefinition):
extra_params=extra_params,
**kwargs)

def _set_cert_manager_params(self, cluster, extra_params):
def _set_cert_manager_params(self, context, cluster, extra_params):
cert_manager_api = cluster.labels.get('cert_manager_api')
if strutils.bool_from_string(cert_manager_api):
extra_params['cert_manager_api'] = cert_manager_api
ca_cert = cert_manager.get_cluster_ca_certificate(cluster)
ca_cert = cert_manager.get_cluster_ca_certificate(cluster,
context=context)
if six.PY3 and isinstance(ca_cert.get_private_key_passphrase(),
six.text_type):
extra_params['ca_key'] = x509.decrypt_key(


Loading…
Cancel
Save