openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Merge "HA: inject public certificates without blocking container" into stable/victoria

This commit is contained in:
Zuul 2021-04-22 23:14:02 +00:00 committed by Gerrit Code Review
parent aba63e822f 63001263ad
commit edf9bfedc7
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
deployment/haproxy/haproxy-public-tls-inject.yaml
View File

@ -178,7 +178,11 @@ outputs:
- name: copy certificate, chgrp, restart haproxy - name: copy certificate, chgrp, restart haproxy
shell: | shell: |
set -e set -e
{{ container_cli }} cp {{ cert_path }} {{ item }}:{{ cert_path }} if {{ container_cli }} ps -f "id={{ item }}" --format "{{ '{{' }}.Names{{ '}}' }}" | grep -q "^haproxy-bundle"; then
tar -c {{ cert_path }} | {{container_cli}} exec -i {{ item }} tar -C / -xv
else
{{ container_cli }} cp {{ cert_path }} {{ item }}:{{ cert_path }}
fi
{{ container_cli }} exec --user root {{ item }} chgrp haproxy {{ cert_path }} {{ container_cli }} exec --user root {{ item }} chgrp haproxy {{ cert_path }}
{{ container_cli }} kill --signal=HUP {{ item }} {{ container_cli }} kill --signal=HUP {{ item }}
with_items: "{{ container_id.stdout.split('\n') }}" with_items: "{{ container_id.stdout.split('\n') }}"