starlingx
/
config
Code Issues Proposed changes
StarlingX System Configuration Management
1,758 Commits 22 Branches 10 Tags 78 MiB
Python 97.3%
Shell 2.3%
CSS 0.2%
Go to file
Shuicheng Lin 7e5e887eb3 Audit local registry secret info when there is user update in keystone 
local registry uses admin's username&password for authentication.
And admin's password could be changed by openstack client cmd. It will
cause auth info in secrets obsolete, and lead to invalid authentication
in keystone.
To keep secrets info updated, keystone event notification is enabled.
And event notification listener is added in sysinv. So when there is
user password change, a user update event will be sent out by keystone.
And sysinv will call function audit_local_registry_secrets to check
whether kubernetes secret info need be updated or not.

A periodic task is added also to ensure secrets are always synced, in
case notification is missed or there is failure in handle notification.

oslo_messaging is added to tox's requirements.txt to avoid tox failure.
The version is based on global-requirements.txt from Openstack Train.

Test:
Pass deployment and secrets could be updated automatically with new auth
info.
Pass host-swact in duplex mode.

We lack of info how LP1853093 was triggered by the user, but this patch
can address the issue that local registry secrets are not updated 
accordingly after the password of "admin" is changed. 
And this fix will help technically.

Closes-Bug: 1853017
Closes-Bug: 1853093
Depends-On: https://review.opendev.org/707522
Depends-On: https://review.opendev.org/707523
Change-Id: I959b65288e0834b989aa87e40506e41d0bba0d59
Signed-off-by: Shuicheng Lin <shuicheng.lin@intel.com>
(cherry picked from commit 8ab1e2d7c6)
 		2020-02-22 08:13:40 +00:00
api-ref/source New host_fs APIs documentation 2019-07-09 10:34:41 -04:00
config-gate Add notices on Intel authored files. 2019-03-20 10:03:44 -06:00
controllerconfig Create host state for determining initial inventory complete 2019-07-30 11:13:56 -04:00
devstack Followup opendev cleanup and test jobs 2019-04-20 21:04:15 -05:00
doc Fix the error links for config docs 2019-07-03 12:49:04 +00:00
kubernetes Expose the novncproxy port 2019-09-25 18:44:09 +08:00
playbooks/tox-puppet-lint Fixing puppet-lint failures in zuul 2019-06-26 11:30:59 -05:00
pm-qos-mgr Fix invalid syntax in pm_qos_mgr.py 2019-07-09 12:00:59 +00:00
puppet-manifests Merge "Enable keystone to send out event notification" into r/stx.2.0 2020-02-20 14:26:38 +00:00
puppet-modules-wrs Merge "ANSIBLE Bootstrap changes for System Controller" 2019-07-11 17:29:48 +00:00
releasenotes Update config for release notes to include project name 2019-02-05 14:03:49 -08:00
storageconfig Add notices on Intel authored files. 2019-03-20 10:03:44 -06:00
sysinv Audit local registry secret info when there is user update in keystone 2020-02-22 08:13:40 +00:00
tmp/patch-scripts/EXAMPLE_SYSINV/scripts StarlingX open source release updates 2018-05-31 07:35:52 -07:00
worker-utils add get_platform_cpus 2019-08-01 11:23:22 +08:00
workerconfig Add to worker_config and worker_services keywords to be LSB compliant 2019-06-12 12:46:42 -05:00
.gitignore Update tox.ini files to use stein constraints 2019-06-25 14:45:54 -04:00
.gitreview Update .gitreview for r/stx.2.0 2019-08-06 10:09:32 -05:00
.yamllint clear yamllint errors under stx-config 2018-09-12 21:11:57 +08:00
.zuul.yaml Provide env settings to allow zuul and developers to both run tox 2019-04-30 09:18:46 -05:00
CONTRIBUTORS.wrs StarlingX open source release updates 2018-05-31 07:35:52 -07:00
LICENSE StarlingX open source release updates 2018-05-31 07:35:52 -07:00
README.rst StarlingX open source release updates 2018-05-31 07:35:52 -07:00
centos_helm.inc Add stx-openstack-helm to the containers build 2018-11-14 11:55:29 -05:00
centos_iso_image.inc Remove playbookconfig from StarlingX config repo 2019-06-14 13:38:50 -04:00
centos_pkg_dirs Remove playbookconfig from StarlingX config repo 2019-06-14 13:38:50 -04:00
centos_pkg_dirs_containers Add stx-openstack-helm to the containers build 2018-11-14 11:55:29 -05:00
centos_stable_wheels.inc Remove wrs-configutilities SDK Module 2019-04-02 11:50:23 -04:00
test-requirements.txt Properly enable hacking checks for flake8 2018-12-18 11:28:56 -06:00
tox.ini Update tox.ini files to use stein constraints 2019-06-25 14:45:54 -04:00

README.rst

stx-config

StarlingX Configuration Management