Merge "Don't write <stack_name>-passwords.conf"
This commit is contained in:
commit
2949ae5347
|
@ -297,11 +297,13 @@ class TestDeployUndercloud(TestPluginV1):
|
||||||
'undercloud_rpc_password = pick-me-rpc\n'
|
'undercloud_rpc_password = pick-me-rpc\n'
|
||||||
'undercloud_legacy_pass = pick-me-legacy-instack\n')
|
'undercloud_legacy_pass = pick-me-legacy-instack\n')
|
||||||
|
|
||||||
self.cmd._update_passwords_env(self.temp_homedir,
|
with mock.patch('tripleoclient.constants.CLOUD_HOME_DIR',
|
||||||
'stack', upgrade=True,
|
self.temp_homedir):
|
||||||
passwords={'ADefault': 456,
|
self.cmd._update_passwords_env(self.temp_homedir,
|
||||||
'ExistingKey':
|
'stack', upgrade=True,
|
||||||
'dontupdate'})
|
passwords={'ADefault': 456,
|
||||||
|
'ExistingKey':
|
||||||
|
'dontupdate'})
|
||||||
expected_dict = {
|
expected_dict = {
|
||||||
'parameter_defaults': {'GeneratedPassword': 123,
|
'parameter_defaults': {'GeneratedPassword': 123,
|
||||||
'ExistingKey': 'xyz',
|
'ExistingKey': 'xyz',
|
||||||
|
|
|
@ -19,7 +19,6 @@ import logging
|
||||||
import netaddr
|
import netaddr
|
||||||
import os
|
import os
|
||||||
import pwd
|
import pwd
|
||||||
import re
|
|
||||||
import shutil
|
import shutil
|
||||||
import six
|
import six
|
||||||
import subprocess
|
import subprocess
|
||||||
|
@ -279,7 +278,7 @@ class Deploy(command.Command):
|
||||||
passwords=None, stack_name='undercloud'):
|
passwords=None, stack_name='undercloud'):
|
||||||
pw_file = os.path.join(output_dir,
|
pw_file = os.path.join(output_dir,
|
||||||
'tripleo-' + stack_name + '-passwords.yaml')
|
'tripleo-' + stack_name + '-passwords.yaml')
|
||||||
undercloud_pw_file = os.path.join(output_dir,
|
undercloud_pw_file = os.path.join(constants.CLOUD_HOME_DIR,
|
||||||
stack_name + '-passwords.conf')
|
stack_name + '-passwords.conf')
|
||||||
|
|
||||||
# Generated passwords take the lowest precedence, allowing
|
# Generated passwords take the lowest precedence, allowing
|
||||||
|
@ -329,6 +328,7 @@ class Deploy(command.Command):
|
||||||
else:
|
else:
|
||||||
k = ''.join(i.capitalize() for i in k.split('_')[1:])
|
k = ''.join(i.capitalize() for i in k.split('_')[1:])
|
||||||
legacy_env[k] = v
|
legacy_env[k] = v
|
||||||
|
os.remove(undercloud_pw_file)
|
||||||
|
|
||||||
# Get the keystone keys before upgrade
|
# Get the keystone keys before upgrade
|
||||||
keystone_fernet_repo = '/etc/keystone/fernet-keys/'
|
keystone_fernet_repo = '/etc/keystone/fernet-keys/'
|
||||||
|
@ -374,22 +374,6 @@ class Deploy(command.Command):
|
||||||
# TODO(cjeanner) drop that once using oslo.privsep
|
# TODO(cjeanner) drop that once using oslo.privsep
|
||||||
# Do not forget to re-add os.chmod 0o600 on that one!
|
# Do not forget to re-add os.chmod 0o600 on that one!
|
||||||
self._set_data_rights(pw_file, user=user)
|
self._set_data_rights(pw_file, user=user)
|
||||||
# Write out an instack undercloud compatible version.
|
|
||||||
# This contains sensitive data so ensure it's not world-readable
|
|
||||||
with open(undercloud_pw_file, 'w') as pf:
|
|
||||||
pf.write('[auth]\n')
|
|
||||||
for p, v in stack_env['parameter_defaults'].items():
|
|
||||||
if 'Password' in p or 'Token' in p or p.endswith('Kek'):
|
|
||||||
# Convert camelcase from heat templates into the underscore
|
|
||||||
# format used by instack undercloud.
|
|
||||||
s1 = re.sub('(.)([A-Z][a-z]+)', r'\1_\2', p)
|
|
||||||
pw_key = re.sub('([a-z0-9])([A-Z])',
|
|
||||||
r'\1_\2', s1).lower()
|
|
||||||
pf.write('undercloud_%s: %s\n' % (pw_key, v))
|
|
||||||
|
|
||||||
# TODO(cjeanner) drop that once using oslo.privsep
|
|
||||||
# Do not forget to re-add os.chmod 0o600 on that one!
|
|
||||||
self._set_data_rights(undercloud_pw_file, user=user)
|
|
||||||
|
|
||||||
return pw_file
|
return pw_file
|
||||||
|
|
||||||
|
|
|
@ -160,7 +160,7 @@ class InstallUndercloud(command.Command):
|
||||||
self.log.warning(UNDERCLOUD_COMPLETION_MESSAGE.format(
|
self.log.warning(UNDERCLOUD_COMPLETION_MESSAGE.format(
|
||||||
os.path.join(
|
os.path.join(
|
||||||
constants.UNDERCLOUD_OUTPUT_DIR,
|
constants.UNDERCLOUD_OUTPUT_DIR,
|
||||||
'undercloud-passwords.conf'
|
'tripleo-undercloud-passwords.yaml'
|
||||||
),
|
),
|
||||||
'~/stackrc'
|
'~/stackrc'
|
||||||
))
|
))
|
||||||
|
@ -221,7 +221,7 @@ class UpgradeUndercloud(InstallUndercloud):
|
||||||
UNDERCLOUD_UPGRADE_COMPLETION_MESSAGE.format(
|
UNDERCLOUD_UPGRADE_COMPLETION_MESSAGE.format(
|
||||||
os.path.join(
|
os.path.join(
|
||||||
constants.UNDERCLOUD_OUTPUT_DIR,
|
constants.UNDERCLOUD_OUTPUT_DIR,
|
||||||
'undercloud-passwords.conf'
|
'tripleo-undercloud-passwords.yaml'
|
||||||
),
|
),
|
||||||
'~/stackrc'))
|
'~/stackrc'))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
|
|
|
@ -334,7 +334,8 @@ def _validate_passwords_file():
|
||||||
else:
|
else:
|
||||||
output_dir = CONF['output_dir']
|
output_dir = CONF['output_dir']
|
||||||
|
|
||||||
passwd_path = os.path.join(output_dir, 'undercloud-passwords.conf')
|
passwd_path = os.path.join(output_dir,
|
||||||
|
'tripleo-undercloud-passwords.yaml')
|
||||||
if (os.path.isfile(os.path.join(constants.CLOUD_HOME_DIR, 'stackrc')) and
|
if (os.path.isfile(os.path.join(constants.CLOUD_HOME_DIR, 'stackrc')) and
|
||||||
not os.path.isfile(passwd_path)):
|
not os.path.isfile(passwd_path)):
|
||||||
message = (_('The %s file is missing. This will cause all service '
|
message = (_('The %s file is missing. This will cause all service '
|
||||||
|
|
Loading…
Reference in New Issue