From 14094eb311422953d59b14ed054428111aa04b59 Mon Sep 17 00:00:00 2001
From: Dmitriy Rabotyagov <dmitriy.rabotyagov@cleura.com>
Date: Wed, 13 Mar 2024 12:16:28 +0100
Subject: [PATCH] Restart OVN on certificate changes

In cases where certificates were regenerated for OVN, a service restart
is required in order to apply and use new certs.

We provide also a unique handler name to distinguish certs between ones
installed for neutron-server and OVN.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/912768
Change-Id: Iedea6f1a67349bafecca5c792072fcd8f95cc546
---
 handlers/main.yml | 2 ++
 tasks/main.yml    | 1 +
 2 files changed, 3 insertions(+)

diff --git a/handlers/main.yml b/handlers/main.yml
index f6807f47..62a44e0f 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -154,6 +154,7 @@
     - neutron_services['neutron-ovn-northd']['group'] in group_names and neutron_plugin_type == 'ml2.ovn'
   listen:
     - restart ovn service
+    - ovn cert installed
 
 - name: Restart ovn controller
   service:
@@ -163,3 +164,4 @@
     - neutron_services['neutron-ovn-controller']['group'] in group_names and neutron_plugin_type == 'ml2.ovn'
   listen:
     - restart ovn service
+    - ovn cert installed
diff --git a/tasks/main.yml b/tasks/main.yml
index c6d22f6b..15037486 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -163,6 +163,7 @@
     pki_regen_cert: "{{ neutron_ovn_pki_regen_cert }}"
     pki_certificates: "{{ neutron_ovn_pki_certificates }}"
     pki_install_certificates: "{{ neutron_ovn_pki_install_certificates }}"
+    pki_handler_cert_installed: "ovn cert installed"
   when:
     - neutron_plugin_type == 'ml2.ovn'
     - neutron_ovn_ssl