This reverts commit 54efe6bcd5778992b3b6d31bbc86fdf8770b4b5f.
Reason for revert: changes are affecting DC installation/bootstraping
Change-Id: Id66f9dd18f2af9824b450c364f77f2ce9b443e23
In PostgreSQL 13, the default authentication and
password encryption method is 'md5'. To enhance
security, both methods are updated to
'scram-sha-256' in the new software version.
This change configures the new database created
during migrate stage to encrypt passwords using
the scram-sha-256' encryption method.
As a result, all roles will be created using the
authentication and password encryption protocols
required by the new software version. To
ensure successful authentication, both the
password encryption and authentication methods
must be consistent.
Test Plan:
- PASS Fresh Install SX env
* Verify system status unlock/available
* Login as admin user in psql
(psql -U admin -h 127.0.0.1 -d sysinv)
* Check postgres authorization configuration
(SELECT * from pg_hba_file_rules;)
* Check postgres password encryption configuration
(SELECT rolname, rolpassword
FROM pg_authid WHERE rolpassword IS NOT NULL;).
- PASS Fresh Install DX env
* Verify system status unlock/available
* Login as admin user in psql
(psql -U admin -h 127.0.0.1 -d sysinv)
* Check postgres authorization configuration
(SELECT * from pg_hba_file_rules;)
* Check postgres password encryption configuration
(SELECT rolname, rolpassword
FROM pg_authid WHERE rolpassword IS NOT NULL;).
* Host swact to controller-1
* Login as admin user in psql
(psql -U admin -h 127.0.0.1 -d sysinv)
* Check postgres authorization configuration
(SELECT * from pg_hba_file_rules;)
* Check postgres password encryption configuration
(SELECT rolname, rolpassword
FROM pg_authid WHERE rolpassword IS NOT NULL;).
* collect logs (collect)
* verify '/var/extra/database/' content
- PASS Upgrade SX
- PASS Upgrade SX-rollback
- PASS Upgrade DX
- PASS Upgrade DX-rollback
Partial-bug: 2069842
Depends-On: https://review.opendev.org/c/starlingx/integ/+/922346
Change-Id: I5276372e2cd3db26a8b20e561543865a22086248
Signed-off-by: Jorge Saffe <jorge.saffe@windriver.com>
This commit improves logging during deploy start by:
1. Creating a common module to be sourced by shell scripts to
load general-use functions, thus reducing code duplication
between the scripts
2. Replacing plain "echo" commands on the scripts by logging
functions present on the common module
3. Adding timestamps to the log messages
4. Centralizing all scripts logs into software.log, favouring
the troubleshooting, now that log lines contain timestamps
and the process/script that generated them
This commit also deletes the ostree_mounts.yaml file since
it would be used by apt-ostree integration, which was dropped.
Test Plan
PASS: run deploy start successfully and verify that deploy start
log messages are logged with the expected format
Story: 2010676
Task: 49607
Change-Id: I0bdebde8147faa5b29a642e35bfaf26e9862ed0a
Signed-off-by: Heitor Matsui <heitorvieira.matsui@windriver.com>
This commit changes the previous create database method in order
to attend the upcoming new upgrade framework.
PASS: Database create successfully
PASS: Software package and image built successfully
Story: 2010651
Task: 48082
Signed-off-by: Luis Eduardo Bonatti <LuizEduardo.Bonatti@windriver.com>
Change-Id: I5d25742441bb005094baa5b3329f32e29e108e98
