tripleo-heat-templates/puppet/services/auditd.yaml
Carlos Camacho 0a0e2ee629 Update the template_version alias for all the templates to pike.
Master is now the development branch for pike
changing the release alias name.

Change-Id: I938e4a983e361aefcaa0bd9a4226c296c5823127
2017-05-19 09:58:07 +02:00

59 lines
1.7 KiB
YAML

heat_template_version: pike
description: >
AuditD configured with Puppet
parameters:
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
AuditdRules:
description: Mapping of auditd rules
type: json
default: {}
outputs:
role_data:
description: Role data for the auditd service
value:
service_name: auditd
config_settings:
auditd::rules: {get_param: AuditdRules}
step_config: |
include ::tripleo::profile::base::auditd
upgrade_tasks:
- name: Check if auditd is deployed
command: systemctl is-enabled auditd
tags: common
ignore_errors: True
register: auditd_enabled
- name: "PreUpgrade step0,validation: Check if auditd is running"
shell: >
/usr/bin/systemctl show 'auditd' --property ActiveState |
grep '\bactive\b'
when: auditd_enabled.rc == 0
tags: step0,validation
- name: Stop auditd service
tags: step2
when: auditd_enabled.rc == 0
service: name=auditd state=stopped