Enable upgrade script to create platform certs
Enabled upgrade script to verify the existence and issue if necessary the now (after this Story) required platform certificates (REST API & Web Server, Docker Registry and local OpenLDAP), using the 'system-local-ca' ClusterIssuer for DX systems. The proper system upgrades tests weren't executed due to instability in upgrades to stx 9.0. Manual tests were executed instead, and should cover the upgrade scenario correctly. Test plan: PASS: Execute the upgrade script manually and verify that the required platform certificates are not altered. PASS: Delete the required platform certificates. Execute the upgrade script manually and verify that the required platform certificates are issued. Story: 2009811 Task: 49160 Depends-on: https://review.opendev.org/c/starlingx/ansible-playbooks/+/902088 Change-Id: I50c98bfa289b3a37e1a53a79315594e5ac3bd344 Signed-off-by: Marcelo Loebens <Marcelo.DeCastroLoebens@windriver.com>
This commit is contained in:
parent
33cbbaf51f
commit
21e952d975
|
@ -6,15 +6,9 @@
|
|||
# This script creates required platform certificates for DX systems.
|
||||
# SX systems leverage the execution ansible upgrade playbook for this.
|
||||
#
|
||||
# Note: A file is used as temporary feature flag for
|
||||
# https://storyboard.openstack.org/#!/story/2009811
|
||||
# to avoid interfering with current behavior before the feature is
|
||||
# completed (see variable 'feature_flag').
|
||||
#
|
||||
|
||||
import subprocess
|
||||
import sys
|
||||
import os.path
|
||||
from controllerconfig.common import log
|
||||
LOG = log.get_logger(__name__)
|
||||
|
||||
|
@ -30,12 +24,13 @@ def get_system_mode():
|
|||
return None
|
||||
|
||||
|
||||
def create_platform_certificates():
|
||||
def create_platform_certificates(to_release):
|
||||
"""Run ansible playbook to create platform certificates
|
||||
"""
|
||||
playbooks_root = '/usr/share/ansible/stx-ansible/playbooks'
|
||||
upgrade_script = 'create-platform-certificates-in-upgrade.yml'
|
||||
cmd = 'ansible-playbook {}/{}'.format(playbooks_root, upgrade_script)
|
||||
cmd = 'ansible-playbook {}/{} -e "software_version={}"'.format(
|
||||
playbooks_root, upgrade_script, to_release)
|
||||
sub = subprocess.Popen(cmd, shell=True,
|
||||
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
stdout, stderr = sub.communicate()
|
||||
|
@ -63,13 +58,7 @@ def main():
|
|||
arg += 1
|
||||
log.configure()
|
||||
|
||||
# Temporary feature flag file
|
||||
config_dir = '/opt/platform/config/' + to_release
|
||||
feature_flag = config_dir + '/.create_platform_certificates'
|
||||
|
||||
if (action == 'activate' and
|
||||
from_release == '22.12' and
|
||||
os.path.exists(feature_flag)):
|
||||
if (action == 'activate' and from_release == '22.12'):
|
||||
LOG.info("%s invoked with from_release = %s to_release = %s "
|
||||
"action = %s"
|
||||
% (sys.argv[0], from_release, to_release, action))
|
||||
|
@ -81,7 +70,7 @@ def main():
|
|||
% (sys.argv[0], mode))
|
||||
return 0
|
||||
|
||||
create_platform_certificates()
|
||||
create_platform_certificates(to_release)
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
|
|
Loading…
Reference in New Issue