Do not set [ssl] parameters
... because these parameters are unused. Closes-Bug: #1967713 Change-Id: I98e34cf49cf4b27077ef684cc416b58de526c4dc
This commit is contained in:
parent
f0c4ca64b1
commit
ed8371dac0
|
@ -666,35 +666,35 @@ but should be one of: ssh-rsa, ssh-dsa, ssh-ecdsa.")
|
|||
if $use_ssl {
|
||||
nova_config {
|
||||
'DEFAULT/enabled_ssl_apis': value => join($enabled_ssl_apis, ',');
|
||||
'ssl/cert_file': value => $cert_file;
|
||||
'ssl/key_file': value => $key_file;
|
||||
'wsgi/ssl_cert_file': value => $cert_file;
|
||||
'wsgi/ssl_key_file': value => $key_file;
|
||||
}
|
||||
|
||||
if $ca_file {
|
||||
nova_config {
|
||||
'ssl/ca_file': value => $ca_file;
|
||||
'wsgi/ssl_ca_file': value => $ca_file;
|
||||
}
|
||||
} else {
|
||||
nova_config {
|
||||
'ssl/ca_file': ensure => absent;
|
||||
'wsgi/ssl_ca_file': ensure => absent;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
nova_config {
|
||||
'DEFAULT/enabled_ssl_apis': ensure => absent;
|
||||
'ssl/cert_file': ensure => absent;
|
||||
'ssl/key_file': ensure => absent;
|
||||
'ssl/ca_file': ensure => absent;
|
||||
'wsgi/ssl_cert_file': ensure => absent;
|
||||
'wsgi/ssl_key_file': ensure => absent;
|
||||
'wsgi/ssl_ca_file': ensure => absent;
|
||||
}
|
||||
}
|
||||
|
||||
# NOTE(tkajinam): Remove this after Zed release. See lp bug 1967713 .
|
||||
nova_config {
|
||||
'ssl/cert_file': ensure => absent;
|
||||
'ssl/key_file': ensure => absent;
|
||||
'ssl/ca_file': ensure => absent;
|
||||
}
|
||||
|
||||
oslo::messaging::default { 'nova_config':
|
||||
transport_url => $default_transport_url,
|
||||
rpc_response_timeout => $rpc_response_timeout,
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
fixes:
|
||||
- |
|
||||
The following parameters are no longer set by the ``nova`` class.
|
||||
The existing settings are removed from ``nova.conf`` automatically.
|
||||
|
||||
- ``[ssl] ca_cert``
|
||||
- ``[ssl] cert_file``
|
||||
- ``[ssl] key_file``
|
|
@ -411,9 +411,6 @@ describe 'nova' do
|
|||
end
|
||||
|
||||
it { is_expected.to contain_nova_config('DEFAULT/enabled_ssl_apis').with_value('osapi_compute') }
|
||||
it { is_expected.to contain_nova_config('ssl/ca_file').with_value('/path/to/ca') }
|
||||
it { is_expected.to contain_nova_config('ssl/cert_file').with_value('/path/to/cert') }
|
||||
it { is_expected.to contain_nova_config('ssl/key_file').with_value('/path/to/key') }
|
||||
it { is_expected.to contain_nova_config('wsgi/ssl_ca_file').with_value('/path/to/ca') }
|
||||
it { is_expected.to contain_nova_config('wsgi/ssl_cert_file').with_value('/path/to/cert') }
|
||||
it { is_expected.to contain_nova_config('wsgi/ssl_key_file').with_value('/path/to/key') }
|
||||
|
@ -444,9 +441,6 @@ describe 'nova' do
|
|||
end
|
||||
|
||||
it { is_expected.to contain_nova_config('DEFAULT/enabled_ssl_apis').with_ensure('absent') }
|
||||
it { is_expected.to contain_nova_config('ssl/ca_file').with_ensure('absent') }
|
||||
it { is_expected.to contain_nova_config('ssl/cert_file').with_ensure('absent') }
|
||||
it { is_expected.to contain_nova_config('ssl/key_file').with_ensure('absent') }
|
||||
it { is_expected.to contain_nova_config('wsgi/ssl_ca_file').with_ensure('absent') }
|
||||
it { is_expected.to contain_nova_config('wsgi/ssl_cert_file').with_ensure('absent') }
|
||||
it { is_expected.to contain_nova_config('wsgi/ssl_key_file').with_ensure('absent') }
|
||||
|
|
Loading…
Reference in New Issue