openstack/tripleo-ansible
Code Issues Proposed changes
67a865f123
tripleo-ansible/tripleo_ansible/ansible_plugins
History
Emilien Macchi 888f6d72cb container_puppet_config: disable SElinux labelling 
This is a leftover from container-puppet.py that was missed in the
migration to Ansible. If we don't do that, SElinux will report alerts
because the entrypoint (container-puppet.sh) tries to copy (and
therefore read) the content of /tmp/puppet-tmp which isn't readable per
current OpenStack SElinux podman policies.

While this is done in the policy, let's port the configuration that was
done before in container-puppet.py and this patch will be reverted once
the policy is less restritive.

Change-Id: I5baefe16f313cc17d369c9f16529516fc8d6f6e5
Related-Bug: #1864501
(cherry picked from commit 99448e20fe)
2020-02-24 20:48:37 -05:00
..
action Add action plugin for all_nodes data 2020-01-29 20:37:50 +00:00
filter tripleo_container_manage: reduce downtime for minor updates 2020-02-17 15:12:46 -05:00
module_utils Update project structure 2019-06-05 14:27:22 +00:00
modules container_puppet_config: disable SElinux labelling 2020-02-24 20:48:37 -05:00
tests Improve idempotency of podman_container 2020-02-06 13:39:04 -05:00