Fix rabbitmq certificate reload after it is resubmitted
When certmonger resubmit a certificate, make sure that
the post_save command reads the right hiera key to
update the certificate file into the running rabbitmq
container.
Change-Id: Ic7f66b83611794d41105941c15c32479fe876980
Closes-Bug: #1941727
(cherry picked from commit 42a29d0413
)
This commit is contained in:
parent
7317546c28
commit
48d6566567
|
@ -5,8 +5,8 @@ container_cli=$(hiera -c /etc/puppet/hiera.yaml container_cli docker)
|
|||
|
||||
container_name=$($container_cli ps --format="{{.Names}}" | grep -w -E 'rabbitmq(-bundle-.*-[0-9]+)?')
|
||||
|
||||
service_crt="$(hiera -c /etc/puppet/hiera.yaml tripleo::rabbitmq::service_certificate.service_certificate)"
|
||||
service_key="$(hiera -c /etc/puppet/hiera.yaml tripleo::rabbitmq::service_certificate.service_key)"
|
||||
service_crt="$(hiera -c /etc/puppet/hiera.yaml tripleo::profile::base::rabbitmq::certificate_specs.service_certificate)"
|
||||
service_key="$(hiera -c /etc/puppet/hiera.yaml tripleo::profile::base::rabbitmq::certificate_specs.service_key)"
|
||||
|
||||
if echo "$container_name" | grep -q "^rabbitmq-bundle"; then
|
||||
# lp#1917868: Do not use podman cp with HA containers as they get
|
||||
|
@ -25,9 +25,6 @@ else
|
|||
$container_cli exec -u root "$container_name" cp "/var/lib/kolla/config_files/src-tls$service_key" "$service_key"
|
||||
fi
|
||||
|
||||
# Copy the new cert from the mount-point to the real path
|
||||
$container_cli exec "$container_name" cp "/var/lib/kolla/config_files/src-tls$service_pem" "$service_pem"
|
||||
|
||||
# Set appropriate permissions
|
||||
$container_cli exec -u root "$container_name" chown rabbitmq:rabbitmq "$service_crt"
|
||||
$container_cli exec -u root "$container_name" chown rabbitmq:rabbitmq "$service_key"
|
||||
|
|
Loading…
Reference in New Issue