Merge "Re-use old fernet and credential keys in containerized undercloud"
This commit is contained in:
commit
867867d141
|
@ -140,7 +140,10 @@ class TestDeployUndercloud(TestPluginV1):
|
||||||
self.temp_homedir, 'tripleo-undercloud-passwords.yaml')
|
self.temp_homedir, 'tripleo-undercloud-passwords.yaml')
|
||||||
|
|
||||||
mock_pw.return_value = pw_dict
|
mock_pw.return_value = pw_dict
|
||||||
mock_exists.return_value = True
|
|
||||||
|
def mock_file_exists(file_name):
|
||||||
|
return not file_name.startswith('/etc/keystone')
|
||||||
|
mock_exists.side_effect = mock_file_exists
|
||||||
with open(t_pw_conf_path, 'w') as t_pw:
|
with open(t_pw_conf_path, 'w') as t_pw:
|
||||||
t_pw.write('parameter_defaults: {ExistingKey: xyz}\n')
|
t_pw.write('parameter_defaults: {ExistingKey: xyz}\n')
|
||||||
|
|
||||||
|
|
|
@ -306,6 +306,33 @@ class Deploy(command.Command):
|
||||||
with open(pw_file) as pf:
|
with open(pw_file) as pf:
|
||||||
stack_env = yaml.safe_load(pf.read())
|
stack_env = yaml.safe_load(pf.read())
|
||||||
|
|
||||||
|
# Get the keystone keys before upgrade
|
||||||
|
keystone_fernet_repo = '/etc/keystone/fernet-keys/'
|
||||||
|
keystone_credential_repo = '/etc/keystone/credential-keys/'
|
||||||
|
self._set_data_rights('/etc/keystone', user=user)
|
||||||
|
|
||||||
|
for key_index in range(0, 2):
|
||||||
|
file_name = keystone_credential_repo + str(key_index)
|
||||||
|
key = 'KeystoneCredential' + str(key_index)
|
||||||
|
if os.path.exists(file_name):
|
||||||
|
with open(file_name, 'r') as file_content:
|
||||||
|
content = file_content.read()
|
||||||
|
legacy_env[key] = content
|
||||||
|
|
||||||
|
fernet_keys = {}
|
||||||
|
file_count = 0
|
||||||
|
if os.path.exists(keystone_fernet_repo):
|
||||||
|
file_count = len(os.listdir(keystone_fernet_repo))
|
||||||
|
|
||||||
|
for key_index in range(0, file_count):
|
||||||
|
file_name = keystone_fernet_repo + str(key_index)
|
||||||
|
if os.path.exists(file_name):
|
||||||
|
with open(file_name, 'r') as file_content:
|
||||||
|
content = file_content.read()
|
||||||
|
fernet_keys[file_name] = {'content': content}
|
||||||
|
if fernet_keys:
|
||||||
|
legacy_env['KeystoneFernetKeys'] = fernet_keys
|
||||||
|
|
||||||
pw = password_utils.generate_passwords(stack_env=stack_env)
|
pw = password_utils.generate_passwords(stack_env=stack_env)
|
||||||
stack_env['parameter_defaults'].update(pw)
|
stack_env['parameter_defaults'].update(pw)
|
||||||
# Override what has been generated by tripleo-common with old passwords
|
# Override what has been generated by tripleo-common with old passwords
|
||||||
|
|
Loading…
Reference in New Issue