Update git submodules
* Update puppet-iptables from branch 'master' - Replace openstack.org git:// URLs with https:// This is a mechanically generated change to replace openstack.org git:// URLs with https:// equivalents. This is in aid of a planned future move of the git hosting infrastructure to a self-hosted instance of gitea (https://gitea.io), which does not support the git wire protocol at this stage. This update should result in no functional change. For more information see the thread at http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003825.html Change-Id: Id8c256042f2f6dff4e736cadd93f3bf91d6cfaa9 - Merge "Explicitly set selinux seltype for rules link" - Merge "Ensure iptables service is running" - Merge "Ensure firewalld package is absent, not purged" - Update Gemfile for Zuulv3 The logic in the Gemfile was relying on Zuulv2 variables to find out whether the spec helper gem was already available on disk, and since Zuulv3 has changed things it was failing to find it and downloading the master version instead. This patch ensures the Gemfile looks for the gem in the right place when running in CI. Change-Id: Ib463032f91ecaa759f504fbf399ccfbdd94536b9 - Explicitly set selinux seltype for rules link Puppet seems to have some issue with creating a symlink in /etc/sysconfig on CentOS, where it creates the link on the first run and then corrects the seltype on the second run, breaking idempotency tests. If we make sure to explicitly set it up front, puppet doesn't get confused. This patch also removes the mode setting since setting the permissions mode on a symlink doesn't make sense. Change-Id: I7019c48220425fc583b9b431eff08a6261ee2ebc - Ensure iptables service is running On Ubuntu, the iptables service starts running when it is installed. On CentOS, that's not the case, and signaling a restart in puppet does not actually start the service. The result is that while the iptables service is stopped, `iptables -S` is empty. This patch adds ensure => running to the service resources so that iptables behaves the same on CentOS and Ubuntu. Change-Id: I0584c988bcebeee5133f85d55f8d389d78ebac70 - Ensure firewalld package is absent, not purged There seems to be a longstanding, inexplicably unresolved bug[1][2] in the puppet package resource on CentOS where an uninstalled package will repeatedly be reported as being "created" when it is not installed and when the resource has ensure => purged. This breaks idempotency tests and is just confusing. Setting the resource to absent instead of purge works correctly and should be sufficient for ensuring firewalld isn't interfering.. [1] https://projects.puppetlabs.com/issues/2833 [2] https://projects.puppetlabs.com/issues/3707 Change-Id: I702cf0130b311a5cd6786b4c4dd76fa03adbd2f7
This commit is contained in:
parent
c190fba934
commit
faed246dee
|
@ -1 +1 @@
|
|||
Subproject commit ac4f7e77e38ef1092000e71c23ec0eef08a72766
|
||||
Subproject commit 79b7674ca151095dbe9b1155468585cc288398f2
|
Loading…
Reference in New Issue