openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Merge "Update container certificate" into stable/train

This commit is contained in:
Zuul 2020-06-11 07:36:27 +00:00 committed by Gerrit Code Review
parent 396ad062bd f238c25c99
commit 1148976e57
1 changed files with 4 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
deployment/haproxy/haproxy-public-tls-inject.yaml
View File

@ -173,42 +173,9 @@ outputs:
- container_id.stdout is defined - container_id.stdout is defined
- container_id.stdout != '' - container_id.stdout != ''
block: block:
- name: set kolla_dir fact - name: copy certificate from host to container
set_fact: kolla_dir="/var/lib/kolla/config_files/src-tls" shell: "{{ container_cli }} cp {{ cert_path }} {{ container_id.stdout }}:{{ cert_path }}"
- name: assert {{ kolla_dir }}{{ cert_path }} exists
stat:
path: "{{ kolla_dir }}{{cert_path}}"
register: kolla_cert_exists
- name: set certificate group on host via container - name: set certificate group on host via container
shell: | command: "{{ container_cli }} exec --user root {{container_id.stdout}} chgrp haproxy {{ cert_path }}"
if {{ container_cli }} ps | grep {{container_id.stdout}}; then
{{ container_cli }} exec {{container_id.stdout}} chgrp haproxy {{kolla_dir}}{{cert_path}}
# handle situation when container_cli is podman but
# the containers are still under docker
elif docker ps | grep {{container_id.stdout}}; then
docker exec {{container_id.stdout}} chgrp haproxy {{kolla_dir}}{{cert_path}}
else
echo "Error: {{container_id.stdout}} container not found"
exit 1
fi
when: kolla_cert_exists.stat.exists
- name: copy certificate from kolla directory to final location
shell: |
if {{ container_cli }} ps | grep {{container_id.stdout}}; then
{{ container_cli }} exec {{container_id.stdout}} cp {{kolla_dir}}{{cert_path}} {{cert_path}}
# handle situation when container_cli is podman but
# the containers are still under docker
elif docker ps | grep {{container_id.stdout}}; then
docker exec {{container_id.stdout}} cp {{kolla_dir}}{{cert_path}} {{cert_path}}
else
echo "Error: {{container_id.stdout}} container not found"
exit 1
fi
when: kolla_cert_exists.stat.exists
- name: send restart order to haproxy container - name: send restart order to haproxy container
command: "{{ container_cli }} kill --signal=HUP {{container_id.stdout}}" command: "{{ container_cli }} kill --signal=HUP {{ container_id.stdout }}"
when: kolla_cert_exists.stat.exists