openstack
/
puppet-nova
Code Issues Proposed changes

Do not set [ssl] parameters 

... because these parameters are unused.

Closes-Bug: #1967713
Change-Id: I98e34cf49cf4b27077ef684cc416b58de526c4dc
This commit is contained in:
Takashi Kajinami 2022-04-04 14:22:00 +09:00
parent f0c4ca64b1
commit ed8371dac0
3 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
manifests/init.pp
View File

@ -666,35 +666,35 @@ but should be one of: ssh-rsa, ssh-dsa, ssh-ecdsa.")
if $use_ssl {
nova_config {
'DEFAULT/enabled_ssl_apis': value => join($enabled_ssl_apis, ',');
'ssl/cert_file': value => $cert_file;
'ssl/key_file': value => $key_file;
'wsgi/ssl_cert_file': value => $cert_file;
'wsgi/ssl_key_file': value => $key_file;
}
if $ca_file {
nova_config {
'ssl/ca_file': value => $ca_file;
'wsgi/ssl_ca_file': value => $ca_file;
}
} else {
nova_config {
'ssl/ca_file': ensure => absent;
'wsgi/ssl_ca_file': ensure => absent;
}
}
} else {
nova_config {
'DEFAULT/enabled_ssl_apis': ensure => absent;
'ssl/cert_file': ensure => absent;
'ssl/key_file': ensure => absent;
'ssl/ca_file': ensure => absent;
'wsgi/ssl_cert_file': ensure => absent;
'wsgi/ssl_key_file': ensure => absent;
'wsgi/ssl_ca_file': ensure => absent;
}
}
# NOTE(tkajinam): Remove this after Zed release. See lp bug 1967713 .
nova_config {
'ssl/cert_file': ensure => absent;
'ssl/key_file': ensure => absent;
'ssl/ca_file': ensure => absent;
}
oslo::messaging::default { 'nova_config':
transport_url => $default_transport_url,
rpc_response_timeout => $rpc_response_timeout,

9
releasenotes/notes/bug-1967713-69f905709f4410a5.yaml Normal file
View File

@ -0,0 +1,9 @@
---
fixes:
- |
The following parameters are no longer set by the ``nova`` class.
The existing settings are removed from ``nova.conf`` automatically.
- ``[ssl] ca_cert``
- ``[ssl] cert_file``
- ``[ssl] key_file``

6
spec/classes/nova_init_spec.rb
View File

@ -411,9 +411,6 @@ describe 'nova' do
end
it { is_expected.to contain_nova_config('DEFAULT/enabled_ssl_apis').with_value('osapi_compute') }
it { is_expected.to contain_nova_config('ssl/ca_file').with_value('/path/to/ca') }
it { is_expected.to contain_nova_config('ssl/cert_file').with_value('/path/to/cert') }
it { is_expected.to contain_nova_config('ssl/key_file').with_value('/path/to/key') }
it { is_expected.to contain_nova_config('wsgi/ssl_ca_file').with_value('/path/to/ca') }
it { is_expected.to contain_nova_config('wsgi/ssl_cert_file').with_value('/path/to/cert') }
it { is_expected.to contain_nova_config('wsgi/ssl_key_file').with_value('/path/to/key') }
@ -444,9 +441,6 @@ describe 'nova' do
end
it { is_expected.to contain_nova_config('DEFAULT/enabled_ssl_apis').with_ensure('absent') }
it { is_expected.to contain_nova_config('ssl/ca_file').with_ensure('absent') }
it { is_expected.to contain_nova_config('ssl/cert_file').with_ensure('absent') }
it { is_expected.to contain_nova_config('ssl/key_file').with_ensure('absent') }
it { is_expected.to contain_nova_config('wsgi/ssl_ca_file').with_ensure('absent') }
it { is_expected.to contain_nova_config('wsgi/ssl_cert_file').with_ensure('absent') }
it { is_expected.to contain_nova_config('wsgi/ssl_key_file').with_ensure('absent') }