Browse Source

Do not generate apache/haproxy certs for invalid networks

Certs were being generated for all networks in service net map.
This was failing as we do not generate hieradata for all of these networks.

Switching from yaql to jinga templating to match the logic that
generates the hieradata.

Change-Id: Ic6c25aceb07ea3824a8fb23549bc5d1205e5cefc
Closes-bug: 1748023
Closes-Bug: 1748053
changes/22/541922/5
Oliver Walsh 3 years ago
parent
commit
fa66c327fc
3 changed files with 12 additions and 19 deletions
  1. +6
    -4
      puppet/services/apache.j2.yaml
  2. +6
    -5
      puppet/services/haproxy-internal-tls-certmonger.j2.yaml
  3. +0
    -10
      tripleo_heat_templates/tests/test_yaql.py

puppet/services/apache.yaml → puppet/services/apache.j2.yaml View File


puppet/services/haproxy-internal-tls-certmonger.yaml → puppet/services/haproxy-internal-tls-certmonger.j2.yaml View File


+ 0
- 10
tripleo_heat_templates/tests/test_yaql.py View File

@ -33,13 +33,3 @@ class YAQLTestCase(base.BaseTestCase):
data = data[i]
return data['yaql']['expression']
def test_apache_networks(self):
snippet = self.get_snippet(
'puppet/services/apache.yaml',
'resources.ApacheNetworks.properties.value')
self.assertEqual(
['service'],
yaql.eval(
snippet,
{'data': {'nova': 'tenant', 'cinder': 'service',
'glance': 'service'}}))

Loading…
Cancel
Save