Merge "Fix generation of configs that contain password files" into stable/rocky
This commit is contained in:
commit
47245b40bd
|
@ -273,18 +273,15 @@ with open(sh_script, 'w') as script_file:
|
|||
# they need the old password to achieve that.
|
||||
# For those services, we update the config hash to notify
|
||||
# paunch that a restart is needed, but we do not update the
|
||||
# password file in docker-puppet and let the service
|
||||
# regenerate it instead.
|
||||
action=$(hiera -c /etc/puppet/hiera.yaml stack_action)
|
||||
if [ "x$action" = "xUPDATE" ];then
|
||||
password_files="/root/.my.cnf"
|
||||
else
|
||||
password_files=""
|
||||
fi
|
||||
# password file in docker-puppet if the file already existed
|
||||
# before and let the service regenerate it instead.
|
||||
password_files="/root/.my.cnf"
|
||||
|
||||
exclude_files=""
|
||||
for p in $password_files; do
|
||||
exclude_files+=" --exclude=$p"
|
||||
if [ -f "$p" -a -f "/var/lib/config-data/${NAME}$p" ]; then
|
||||
exclude_files+=" --exclude=$p"
|
||||
fi
|
||||
done
|
||||
rsync -a -R --delay-updates --delete-after $exclude_files $rsync_srcs /var/lib/config-data/${NAME}
|
||||
|
||||
|
@ -302,14 +299,17 @@ with open(sh_script, 'w') as script_file:
|
|||
# note: while being excluded from the output, password files
|
||||
# are still included in checksum computation
|
||||
additional_checksum_files=""
|
||||
excluded_original_passwords=""
|
||||
for p in $password_files; do
|
||||
if [ -f "$p" ]; then
|
||||
additional_checksum_files+=" $p"
|
||||
excluded_original_passwords+=" --exclude=/var/lib/config-data/*${p}"
|
||||
fi
|
||||
done
|
||||
|
||||
# We need to exclude the swift rings and their backup as those change over time and
|
||||
# containers do not need to restart if they change
|
||||
EXCLUDE=--exclude='*/etc/swift/backups/*'\ --exclude='*/etc/swift/*.ring.gz'\ --exclude='*/etc/swift/*.builder'\ --exclude='*/etc/libvirt/passwd.db'
|
||||
EXCLUDE=--exclude='*/etc/swift/backups/*'\ --exclude='*/etc/swift/*.ring.gz'\ --exclude='*/etc/swift/*.builder'\ --exclude='*/etc/libvirt/passwd.db'\ ${excluded_original_passwords}
|
||||
# We need to repipe the tar command through 'tar xO' to force text
|
||||
# output because otherwise the sed command cannot work. The sed is
|
||||
# needed because puppet puts timestamps as comments in cron and
|
||||
|
|
Loading…
Reference in New Issue