DC sync ssl and docker registry certificates
This change added support to synchronize ssl and docker registry certificates from central cloud to subclouds. Change-Id: I4cdcf32264d8e177fee3549ce17d172f9fc36c36 Closes-Bug: 1851252 Depends-On: https://review.opendev.org/#/c/695308 Signed-off-by: Andy Ning <andy.ning@windriver.com>
This commit is contained in:
parent
a550473d9e
commit
2f5eb38cb2
|
@ -514,12 +514,6 @@ class SysinvClient(base.DriverBase):
|
||||||
LOG.info("update_certificate signature {} data {}".format(
|
LOG.info("update_certificate signature {} data {}".format(
|
||||||
signature, data))
|
signature, data))
|
||||||
if not certificate:
|
if not certificate:
|
||||||
tpmconfigs = self.client.tpmconfig.list()
|
|
||||||
if tpmconfigs:
|
|
||||||
LOG.info("region={} no certificates available, "
|
|
||||||
"tpm configured".format(self.region_name))
|
|
||||||
return
|
|
||||||
|
|
||||||
if data:
|
if data:
|
||||||
data['passphrase'] = None
|
data['passphrase'] = None
|
||||||
mode = data.get('mode', sysinv_constants.CERT_MODE_SSL)
|
mode = data.get('mode', sysinv_constants.CERT_MODE_SSL)
|
||||||
|
@ -527,11 +521,10 @@ class SysinvClient(base.DriverBase):
|
||||||
certificate_files = [sysinv_constants.SSL_CERT_CA_FILE]
|
certificate_files = [sysinv_constants.SSL_CERT_CA_FILE]
|
||||||
elif mode == sysinv_constants.CERT_MODE_SSL:
|
elif mode == sysinv_constants.CERT_MODE_SSL:
|
||||||
certificate_files = [sysinv_constants.SSL_PEM_FILE]
|
certificate_files = [sysinv_constants.SSL_PEM_FILE]
|
||||||
elif mode == sysinv_constants.CERT_MODE_MURANO_CA:
|
elif mode == sysinv_constants.CERT_MODE_DOCKER_REGISTRY:
|
||||||
certificate_files = [sysinv_constants.MURANO_CERT_CA_FILE]
|
certificate_files = \
|
||||||
elif mode == sysinv_constants.CERT_MODE_MURANO:
|
[sysinv_constants.DOCKER_REGISTRY_KEY_FILE,
|
||||||
certificate_files = [sysinv_constants.MURANO_CERT_KEY_FILE,
|
sysinv_constants.DOCKER_REGISTRY_CERT_FILE]
|
||||||
sysinv_constants.MURANO_CERT_FILE]
|
|
||||||
else:
|
else:
|
||||||
LOG.warn("update_certificate mode {} not supported".format(
|
LOG.warn("update_certificate mode {} not supported".format(
|
||||||
mode))
|
mode))
|
||||||
|
@ -545,14 +538,11 @@ class SysinvClient(base.DriverBase):
|
||||||
data['mode'] = sysinv_constants.CERT_MODE_SSL
|
data['mode'] = sysinv_constants.CERT_MODE_SSL
|
||||||
certificate_files = [sysinv_constants.SSL_PEM_FILE]
|
certificate_files = [sysinv_constants.SSL_PEM_FILE]
|
||||||
elif signature and signature.startswith(
|
elif signature and signature.startswith(
|
||||||
sysinv_constants.CERT_MODE_MURANO_CA):
|
sysinv_constants.CERT_MODE_DOCKER_REGISTRY):
|
||||||
data['mode'] = sysinv_constants.CERT_MODE_MURANO_CA
|
data['mode'] = sysinv_constants.CERT_MODE_DOCKER_REGISTRY
|
||||||
certificate_files = [sysinv_constants.MURANO_CERT_CA_FILE]
|
certificate_files = \
|
||||||
elif signature and signature.startswith(
|
[sysinv_constants.DOCKER_REGISTRY_KEY_FILE,
|
||||||
sysinv_constants.CERT_MODE_MURANO + '_'):
|
sysinv_constants.DOCKER_REGISTRY_CERT_FILE]
|
||||||
data['mode'] = sysinv_constants.CERT_MODE_MURANO
|
|
||||||
certificate_files = [sysinv_constants.MURANO_CERT_KEY_FILE,
|
|
||||||
sysinv_constants.MURANO_CERT_FILE]
|
|
||||||
else:
|
else:
|
||||||
LOG.warn("update_certificate signature {} "
|
LOG.warn("update_certificate signature {} "
|
||||||
"not supported".format(signature))
|
"not supported".format(signature))
|
||||||
|
|
Loading…
Reference in New Issue