puppet-ironic

inspector: policy.yaml file should be readable by ironinc-inspector group

Bug #2003681 reported by Takashi Kajinami on 2023-01-23

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	puppet-ironic	Fix Released	Critical	Takashi Kajinami

Bug Description

Currently when the module manages policy.yaml for conductor, the file is owned by the ironic group.
However ironic-inspector runs with the different group(ironic-inspector) and can't access the policy file with that ownership.

See original description

Tags:

Takashi Kajinami (kajinamit) on 2023-01-23

Changed in puppet-ironic:
importance:	Undecided → Critical
assignee:	nobody → Takashi Kajinami (kajinamit)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-01-23: Fix proposed to puppet-ironic (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/puppet-ironic/+/871443

Changed in puppet-ironic:
status:	New → In Progress

Takashi Kajinami (kajinamit) on 2023-01-23

description:

updated

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-01-24: Fix merged to puppet-ironic (master)

Reviewed: https://review.opendev.org/c/openstack/puppet-ironic/+/871443
Committed: https://opendev.org/openstack/puppet-ironic/commit/439927462fe651a8d4ee7788e5f0b00ed0f64d09
Submitter: "Zuul (22348)"
Branch: master

commit 439927462fe651a8d4ee7788e5f0b00ed0f64d09
Author: Takashi Kajinami <email address hidden>
Date: Mon Jan 23 15:04:24 2023 +0900

inspector: Fix wrong group of policy file

    The ironic-inspector service is launched using the separate user/group
    (ironic-inspector) so the file should be owned by that group instead of
    the ironic group.

Closes-Bug: #2003681
Change-Id: I49a295dd23eedd758bc9bb2e8a7ff9e740cb2c42

Changed in puppet-ironic:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-01-24: Fix proposed to puppet-ironic (stable/zed)

Fix proposed to branch: stable/zed
Review: https://review.opendev.org/c/openstack/puppet-ironic/+/871553

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-01-26: Fix merged to puppet-ironic (stable/zed)

Reviewed: https://review.opendev.org/c/openstack/puppet-ironic/+/871553
Committed: https://opendev.org/openstack/puppet-ironic/commit/3802e37495513b9c306d57a90159eac028611d59
Submitter: "Zuul (22348)"
Branch: stable/zed

commit 3802e37495513b9c306d57a90159eac028611d59
Author: Takashi Kajinami <email address hidden>
Date: Mon Jan 23 15:04:24 2023 +0900

inspector: Fix wrong group of policy file

    The ironic-inspector service is launched using the separate user/group
    (ironic-inspector) so the file should be owned by that group instead of
    the ironic group.

    Closes-Bug: #2003681
    Change-Id: I49a295dd23eedd758bc9bb2e8a7ff9e740cb2c42
    (cherry picked from commit 439927462fe651a8d4ee7788e5f0b00ed0f64d09)

tags:

added: in-stable-zed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-01-27: Fix proposed to puppet-ironic (stable/yoga)

Fix proposed to branch: stable/yoga
Review: https://review.opendev.org/c/openstack/puppet-ironic/+/871900

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-02-06: Fix merged to puppet-ironic (stable/yoga)

Reviewed: https://review.opendev.org/c/openstack/puppet-ironic/+/871900
Committed: https://opendev.org/openstack/puppet-ironic/commit/2745385b26c921ca5469d43544d129c57b35e31e
Submitter: "Zuul (22348)"
Branch: stable/yoga

commit 2745385b26c921ca5469d43544d129c57b35e31e
Author: Takashi Kajinami <email address hidden>
Date: Mon Jan 23 15:04:24 2023 +0900

inspector: Fix wrong group of policy file

    The ironic-inspector service is launched using the separate user/group
    (ironic-inspector) so the file should be owned by that group instead of
    the ironic group.

    Closes-Bug: #2003681
    Change-Id: I49a295dd23eedd758bc9bb2e8a7ff9e740cb2c42
    (cherry picked from commit 439927462fe651a8d4ee7788e5f0b00ed0f64d09)
    (cherry picked from commit 3802e37495513b9c306d57a90159eac028611d59)

tags:

added: in-stable-yoga

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-02-07: Fix proposed to puppet-ironic (stable/xena)

Fix proposed to branch: stable/xena
Review: https://review.opendev.org/c/openstack/puppet-ironic/+/872811

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-02-10: Fix merged to puppet-ironic (stable/xena)

Reviewed: https://review.opendev.org/c/openstack/puppet-ironic/+/872811
Committed: https://opendev.org/openstack/puppet-ironic/commit/181cb0775838c3d124bb95a112aab248627e4815
Submitter: "Zuul (22348)"
Branch: stable/xena

commit 181cb0775838c3d124bb95a112aab248627e4815
Author: Takashi Kajinami <email address hidden>
Date: Mon Jan 23 15:04:24 2023 +0900

inspector: Fix wrong group of policy file

    The ironic-inspector service is launched using the separate user/group
    (ironic-inspector) so the file should be owned by that group instead of
    the ironic group.

    Backport note:
    The user parameters do not exist in the params class in stable/xena and
    older branches so the raw string is used instead.