03443ef16c
This commit adds a filter for querying all subclouds from dcmanager, to account for secondary subclouds that should not be audited by cert-mon for this system controller. The filter is performed against a list of invalid deploy states that should be considered when querying the list of subcloud from dcmanager. Likewise, the DC_CertWatcher -> DCIntermediateCertRenew flow must ensure that subclouds which are secondary to this system controller are ignored by the kubernetes watch in place for the DC intermediate cert renewal detection. Subclouds are filtered by the watch based on their online state and their deploy-status. A subcloud with invalid deploy state is ignored by this system controller. Test Cases PASS: - Trigger audits on service restart. Verify that offline/secondary subclouds are excluded. - Ensure full daily audit is executed. Verify that all subclouds belonging to this system controller are audited. Secondary subclouds are not audited. - Verify that DC_CertWatcher -> DCIntermediateCertRenew watch fires are ignored for offline and/or invalid deploy state Closes-Bug: 2060068 Change-Id: Iffe3d7c76db8d2f17aed0bfebc792af0f9d75ca2 Signed-off-by: Kyle MacLeod <kyle.macleod@windriver.com> |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| certificate_mon_manager.py | ||
| context.py | ||
| messaging.py | ||
| service.py | ||
| subcloud_audit_queue.py | ||
| utils.py | ||
| watcher.py | ||