Browse Source

Merge "Per-Role krb-service-principal for CompactServices" into stable/queens

tags/8.4.1
Zuul 2 months ago
parent
commit
df4781e49d
1 changed files with 14 additions and 3 deletions
  1. 14
    3
      extraconfig/nova_metadata/krb-service-principals/role.role.j2.yaml

+ 14
- 3
extraconfig/nova_metadata/krb-service-principals/role.role.j2.yaml View File

@@ -53,9 +53,20 @@ resources:
53 53
         yaql:
54 54
           # Filter null values and values that contain don't contain
55 55
           # 'metadata_settings', get the values from that key and get the
56
-          # unique ones.
57
-          expression: list(coalesce($.data, []).where($ != null).where($.containsKey('metadata_settings')).metadata_settings.flatten().distinct())
58
-          data: {get_param: RoleData}
56
+          # unique ones. Also, filter values for networks not associated with
57
+          # this role.
58
+          expression: let(role_networks => $.data.role_networks) -> list(coalesce($.data.role_data, []).where($ != null).where($.containsKey('metadata_settings')).metadata_settings.flatten().distinct().where($ != null and $.containsKey('network')).where($role_networks.contains($.network)))
59
+          data:
60
+            role_data: {get_param: RoleData}
61
+            role_networks:
62
+              - ctlplane
63
+{%- for network in networks if network.vip|default(false) and network.name in role.networks %}
64
+  {%- if network.service_net_map_replace is defined %}
65
+              - {{network.service_net_map_replace}}
66
+  {%- else %}
67
+              - {{network.name_lower}}
68
+  {%- endif %}
69
+{%- endfor %}
59 70
 
60 71
   # Generates entries for nova metadata with the following format:
61 72
   #   'managed_service_<id>' : <service>/<fqdn>

Loading…
Cancel
Save