Remove usage of resource registry for undercloud TLS
A recent patch [1] removed the usage of the extra resource for TLS enablement, and now relies solely on ansible which is ran on the HAProxy service template. We therefore no longer need to use this for the containerized undercloud (which was causing an issue). [1] https://review.openstack.org/#/c/570627 Change-Id: Ifc4ca07312d85a980511dd71b2f9af2981bfe883 Closes-Bug: #1784999
This commit is contained in:
parent
644366469e
commit
f1fc04ed3e
|
@ -202,47 +202,6 @@ class TestTLSSettings(base.TestCase):
|
|||
undercloud_config._get_public_tls_parameters,
|
||||
'/tmp/unexistent-file-12345.pem')
|
||||
|
||||
def test_get_resource_registry_overwrites(self):
|
||||
enable_tls_yaml = {
|
||||
"parameter_defaults": {
|
||||
"SSLCertificate": "12345"
|
||||
},
|
||||
"resource_registry": {
|
||||
"registry_overwrite_key": "registry_overwrite_value"
|
||||
}
|
||||
}
|
||||
with tempfile.NamedTemporaryFile() as enable_tls_file:
|
||||
enable_tls_file.write(yaml.dump(enable_tls_yaml, encoding='utf-8'))
|
||||
enable_tls_file.seek(0)
|
||||
|
||||
overwrites = \
|
||||
undercloud_config._get_public_tls_resource_registry_overwrites(
|
||||
enable_tls_file.name)
|
||||
|
||||
self.assertEqual(enable_tls_yaml["resource_registry"], overwrites)
|
||||
|
||||
def test_get_resource_registry_overwrites_fails_cause_no_registry_entry(
|
||||
self):
|
||||
enable_tls_yaml = {
|
||||
"parameter_defaults": {
|
||||
"SSLCertificate": "12345"
|
||||
},
|
||||
}
|
||||
with tempfile.NamedTemporaryFile() as enable_tls_file:
|
||||
enable_tls_file.write(yaml.dump(enable_tls_yaml, encoding='utf-8'))
|
||||
enable_tls_file.seek(0)
|
||||
|
||||
self.assertRaises(
|
||||
RuntimeError,
|
||||
undercloud_config._get_public_tls_resource_registry_overwrites,
|
||||
enable_tls_file.name)
|
||||
|
||||
def test_get_resource_registry_overwrites_fails_cause_missing_file(self):
|
||||
self.assertRaises(
|
||||
IOError,
|
||||
undercloud_config._get_public_tls_resource_registry_overwrites,
|
||||
'/tmp/unexistent-file-12345.yaml')
|
||||
|
||||
|
||||
class TestContainerImageConfig(base.TestCase):
|
||||
def setUp(self):
|
||||
|
|
|
@ -20,7 +20,6 @@ import logging
|
|||
import netaddr
|
||||
import os
|
||||
import shutil
|
||||
import yaml
|
||||
|
||||
from cryptography import x509
|
||||
|
||||
|
@ -428,13 +427,9 @@ def prepare_undercloud_deploy(upgrade=False, no_validations=False,
|
|||
env_data['SwiftEncryptionEnabled'] = True
|
||||
|
||||
if CONF.get('undercloud_service_certificate'):
|
||||
enable_tls_yaml_path = os.path.join(tht_templates,
|
||||
"environments/ssl/enable-tls.yaml")
|
||||
env_data.update(
|
||||
_get_public_tls_parameters(
|
||||
CONF.get('undercloud_service_certificate')))
|
||||
registry_overwrites.update(
|
||||
_get_public_tls_resource_registry_overwrites(enable_tls_yaml_path))
|
||||
deploy_args += [
|
||||
'-e', os.path.join(tht_templates, 'environments/services/'
|
||||
'undercloud-haproxy.yaml'),
|
||||
|
@ -628,18 +623,6 @@ def _get_public_tls_parameters(service_certificate_path):
|
|||
}
|
||||
|
||||
|
||||
def _get_public_tls_resource_registry_overwrites(enable_tls_yaml_path):
|
||||
with open(enable_tls_yaml_path, 'rb') as enable_tls_file:
|
||||
enable_tls_dict = yaml.load(enable_tls_file.read())
|
||||
try:
|
||||
return enable_tls_dict['resource_registry']
|
||||
except KeyError:
|
||||
msg = _('%s is malformed and is missing the resource '
|
||||
'registry.') % enable_tls_yaml_path
|
||||
LOG.error(msg)
|
||||
raise RuntimeError(msg)
|
||||
|
||||
|
||||
def _container_images_config(conf, deploy_args, env_data, tempdir):
|
||||
if conf.container_images_file:
|
||||
deploy_args += ['-e', conf.container_images_file]
|
||||
|
|
Loading…
Reference in New Issue