From 4731f08b835242b50b194320b6f7143895f2eb7d Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Wed, 9 Jun 2021 18:43:28 +0300 Subject: [PATCH] Run certificate-authority independently during upgrade localhost is not part of the `all` and excluded from play with any limit Because of that CA is not being generated during upgrade and things fail later with being unable to retrieve CA. This being workedaround with adding another task, that will setup root and intermediate certificates in advance. Change-Id: Ia5d82a7c8172407a0389ec9504ec80b3e842f88b --- scripts/run-upgrade.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/run-upgrade.sh b/scripts/run-upgrade.sh index 7d86cb39c7..718077fc74 100755 --- a/scripts/run-upgrade.sh +++ b/scripts/run-upgrade.sh @@ -169,6 +169,7 @@ function main { pushd ${MAIN_PATH}/playbooks RUN_TASKS+=("${SCRIPTS_PATH}/upgrade-utilities/deploy-config-changes.yml") + RUN_TASKS+=("certificate-authority.yml") # we don't want to trigger container restarts for galera and rabbit # but as there will be no hosts available for metal deployments, # as a fallback option we just run setup-hosts.yml without any arguments