Fixes incorrect ownership of ODL TLS cert/key
Deployments were failing because the owner/group of the TLS generated certificate and key were set to 'odl'. This user and group does not exist in a containerized deployment because the ODL RPM is only installed in the container. This patch leaves the owner as root for the files which works because the files are only used to generate a keystore for ODL (which is owned by odl), and the cert/key files themselves are never read by ODL. Closes-Bug: 1757135 Change-Id: Ie5b9e98ea2fc16b820d56272653df4874e81cf68 Signed-off-by: Tim Rozet <trozet@redhat.com>
This commit is contained in:
parent
31cb691bce
commit
e11804237e
@ -62,13 +62,9 @@ class tripleo::certmonger::opendaylight (
|
||||
require => Class['::certmonger'],
|
||||
}
|
||||
file { $service_certificate :
|
||||
owner => 'odl',
|
||||
group => 'odl',
|
||||
require => Certmonger_certificate['opendaylight']
|
||||
}
|
||||
file { $service_key :
|
||||
owner => 'odl',
|
||||
group => 'odl',
|
||||
require => Certmonger_certificate['opendaylight']
|
||||
}
|
||||
|
||||
|
@ -0,0 +1,5 @@
|
||||
---
|
||||
fixes:
|
||||
- |
|
||||
Fixes a bug where TLS certificates for ODL could not be generated correctly
|
||||
for deployment due to wrong owner/group applied to the files.
|
@ -47,13 +47,9 @@ describe 'tripleo::certmonger::opendaylight' do
|
||||
:wait => true,
|
||||
)
|
||||
is_expected.to contain_file(params[:service_certificate]).with(
|
||||
:owner => 'odl',
|
||||
:group => 'odl',
|
||||
:require => 'Certmonger_certificate[opendaylight]'
|
||||
)
|
||||
is_expected.to contain_file(params[:service_key]).with(
|
||||
:owner => 'odl',
|
||||
:group => 'odl',
|
||||
:require => 'Certmonger_certificate[opendaylight]'
|
||||
)
|
||||
end
|
||||
|
Loading…
x
Reference in New Issue
Block a user