Check for passwords at old path during tripleo deploy

Commit ecafbae4ee7c403a3ef62e362c261585aabbec5c updated tripleo deploy
to use a different working directory. That broke upgrades because the
passwords file was still at the old path, and the passwords can not
change during a tripleo deploy upgrade. This patch checks the old
location for a passwords file, and if present, migrates it to the new
location.

Signed-off-by: James Slagle <jslagle@redhat.com>
Change-Id: I547ba1a7409290f4888e53dd45a883c263f0670f
This commit is contained in:
James Slagle 2021-05-04 17:38:58 -04:00
parent 12ad0da38d
commit 3d28153ea1
2 changed files with 29 additions and 2 deletions

View File

@ -20,6 +20,8 @@ import tempfile
import yaml import yaml
from heatclient import exc as hc_exc from heatclient import exc as hc_exc
from tripleoclient import constants
from tripleoclient import exceptions from tripleoclient import exceptions
from tripleoclient.tests import fakes from tripleoclient.tests import fakes
from tripleoclient.tests.v1.test_plugin import TestPluginV1 from tripleoclient.tests.v1.test_plugin import TestPluginV1
@ -231,7 +233,14 @@ class TestDeployUndercloud(TestPluginV1):
self.temp_homedir, 'tripleo-undercloud-passwords.yaml') self.temp_homedir, 'tripleo-undercloud-passwords.yaml')
mock_pw.return_value = pw_dict mock_pw.return_value = pw_dict
mock_exists.return_value = True
old_pw_file = os.path.join(constants.CLOUD_HOME_DIR,
'tripleo-undercloud-passwords.yaml')
def mock_file_exists(file_name):
return not file_name == old_pw_file
mock_exists.side_effect = mock_file_exists
with open(t_pw_conf_path, 'w') as t_pw: with open(t_pw_conf_path, 'w') as t_pw:
t_pw.write('parameter_defaults: {ExistingKey: xyz, ' t_pw.write('parameter_defaults: {ExistingKey: xyz, '
'LegacyPass: pick-me-legacy-tht, ' 'LegacyPass: pick-me-legacy-tht, '
@ -276,8 +285,12 @@ class TestDeployUndercloud(TestPluginV1):
mock_pw.return_value = pw_dict mock_pw.return_value = pw_dict
old_pw_file = os.path.join(constants.CLOUD_HOME_DIR,
'tripleo-undercloud-passwords.yaml')
def mock_file_exists(file_name): def mock_file_exists(file_name):
return not file_name.startswith('/etc/keystone') return not (file_name.startswith('/etc/keystone') or
file_name == old_pw_file)
mock_exists.side_effect = mock_file_exists mock_exists.side_effect = mock_file_exists
with open(t_pw_conf_path, 'w') as t_pw: with open(t_pw_conf_path, 'w') as t_pw:
t_pw.write('parameter_defaults: {ExistingKey: xyz, ' t_pw.write('parameter_defaults: {ExistingKey: xyz, '

View File

@ -275,6 +275,8 @@ class Deploy(command.Command):
def _update_passwords_env(self, output_dir, user, upgrade=None, def _update_passwords_env(self, output_dir, user, upgrade=None,
passwords=None, stack_name='undercloud'): passwords=None, stack_name='undercloud'):
old_pw_file = os.path.join(constants.CLOUD_HOME_DIR,
'tripleo-' + stack_name + '-passwords.yaml')
pw_file = os.path.join(output_dir, pw_file = os.path.join(output_dir,
'tripleo-' + stack_name + '-passwords.yaml') 'tripleo-' + stack_name + '-passwords.yaml')
undercloud_pw_file = os.path.join(constants.CLOUD_HOME_DIR, undercloud_pw_file = os.path.join(constants.CLOUD_HOME_DIR,
@ -285,10 +287,22 @@ class Deploy(command.Command):
stack_env = {'parameter_defaults': {}} stack_env = {'parameter_defaults': {}}
stack_env['parameter_defaults'] = password_utils.generate_passwords( stack_env['parameter_defaults'] = password_utils.generate_passwords(
stack_env=stack_env) stack_env=stack_env)
# Check for the existence of a passwords file in the old location.
if os.path.exists(old_pw_file):
self.log.warning("Migrating {} to {}.".format(
old_pw_file, pw_file))
try:
os.rename(old_pw_file, pw_file)
except Exception as e:
self.log.error("Error moving {} to {}".format(
old_pw_file, pw_file))
self.log.error(e)
raise e
if os.path.exists(pw_file): if os.path.exists(pw_file):
with open(pw_file) as pf: with open(pw_file) as pf:
stack_env['parameter_defaults'].update( stack_env['parameter_defaults'].update(
yaml.safe_load(pf.read())['parameter_defaults']) yaml.safe_load(pf.read())['parameter_defaults'])
self.log.warning("Reading passwords from %s" % pw_file)
if upgrade: if upgrade:
# Getting passwords that were managed by instack-undercloud so # Getting passwords that were managed by instack-undercloud so