Included a default entries for the fields:
- 'commonName' - default now is <cert_short_name>
- 'localities' - default now is <region>
- 'organization' - default now is 'starlingx'
Where:
<region> is the region name
<cert_short_name> is an internal proper name used for each of the
platform certs.
These fields can still be overridden by the user during bootstrap / CA
update. The override 'subject_prefix' is now removed.
Modified update_platform_certificates.yml playbook to delete/recreate
the leaf certificates instead of re-configuring it. In some cases,
just re-configuring would not change nested values in the Certificate
spec entries. Also, waited for the local OpenLDAP cert to be ready
before progressing, avoiding issues with remaining tasks caused by
delays in cert-manager.
Test plan:
PASS: Bootstrap system without overriding 'subject_L', 'subject_O'
or 'subject_CN'.
Verify that the default fields are included.
PASS: W/ default values, test Horizon access.
PASS: W/ default values, test access through remote CLI.
PASS: W/ default values, test pulling images from the local
registry externally (outside the system).
PASS: Update platform certificates overriding all 'subject_*' fields.
Verify that the overridden values are included in the
respective fields.
Story: 2009811
Task: 49831
Change-Id: I208c30a6eb2c60397d50e6ea411ee5994fa27f9a
Signed-off-by: Marcelo Loebens <Marcelo.DeCastroLoebens@windriver.com>
85712e2fb9