openstack/tripleo-quickstart-extras
Code Issues Proposed changes

Fix TLS resource_registry key error

Browse Source 
Via I1bfdb6d064f3b10b269dedafd36ca367139fe1df we moved to using
environments/ssl/enable-tls.yaml. The problem is that
the code in roles/overcloud-ssl/library/tls_tht.py assumes that
the parsed yaml file already has the 'resource_registry' key in the
dictionary.

That was true with environments/enable-tls.yaml but is not
true any longer for environments/ssl/enable-tls.yaml.

Since Iaf7386207e5bd8b336759f51e4405fe15114123a in rocky
NodeTLSData is not used anymore, so let's just skip the whole assignment
starting with rocky.

Closes-Bug: #1796626

Depends-On: Ibee6ba188585f80f0f7d136c81146096cb4432c2
Change-Id: I53851edbb8bb562dc4194fb99d6ade259227d2f9
This commit is contained in:
Michele Baldessari 2018-10-08 08:55:42 +02:00 committed by wes hayutin
parent 156d14e573
commit 00ea9d5623
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
roles/overcloud-ssl/library/tls_tht.py
View File

@ -74,7 +74,11 @@ def _open_yaml(filename):
def create_enable_file(certpem, keypem, source_dir, dest_dir, tht_release):
output_dict = _open_yaml("{}environments/ssl/enable-tls.yaml".format(source_dir))
# environments/ssl/* is preferred starting with pike
if tht_release in ['mitaka', 'newton', 'ocata']:
output_dict = _open_yaml("{}environments/enable-tls.yaml".format(source_dir))
else:
output_dict = _open_yaml("{}environments/ssl/enable-tls.yaml".format(source_dir))
if tht_release == 'mitaka':
for key in output_dict["parameter_defaults"]["EndpointMap"]:
@ -84,8 +88,10 @@ def create_enable_file(certpem, keypem, source_dir, dest_dir, tht_release):
output_dict["parameter_defaults"]["SSLCertificate"] = certpem
output_dict["parameter_defaults"]["SSLKey"] = keypem
output_dict["resource_registry"]["OS::TripleO::NodeTLSData"] = \
"{}/puppet/extraconfig/tls/tls-cert-inject.yaml".format(source_dir)
# NoteTLSData has been deprecated/removed in rocky and onwards
if tht_release in ['mitaka', 'newton', 'ocata', 'pike', 'queens']:
output_dict["resource_registry"]["OS::TripleO::NodeTLSData"] = \
"{}/puppet/extraconfig/tls/tls-cert-inject.yaml".format(source_dir)
with open("{}enable-tls.yaml".format(dest_dir), "w") as stream:
yaml.safe_dump(output_dict, stream, default_style='|')