StarlingX

  1. Bug #1989150
  2. Comment #2

Comment 2 for bug 1989150

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to ansible-playbooks (master)

Reviewed: https://review.opendev.org/c/starlingx/ansible-playbooks/+/856845
Committed: https://opendev.org/starlingx/ansible-playbooks/commit/70c19c7c961d086f303623dcf5dca867a7b569d6
Submitter: "Zuul (22348)"
Branch: master

commit 70c19c7c961d086f303623dcf5dca867a7b569d6
Author: Joshua Kraitberg <email address hidden>
Date: Fri Sep 9 11:50:10 2022 -0400

    Refine ca-cert.pem extraction command

    During restore, the ca-cert.pem file is extracted from the backup tar.
    Because there are multiple ca-cert.pem files in the tar and
    both wildcard and transform options are used, the wrong
    one was being selected.

    The tar extract command has been narrowed to use an exact file path for
    the copy in platform config.

    By using the copy from /opt, backing up the ca-cert in /etc can be skipped.

    TEST PLAN
    PASS Create a backup (Debian SX/DX)
    PASS Restore from backup
    PASS Confirm that ca-cert was installed:
            source /etc/platform/openrc; system certificate-list
    PASS Confirm ca-certs all match:
            sha256sum /etc/ssl/certs/ca-cert.pem
            sha256sum /opt/platform/config/22.12/ca-cert.pem
            tar xfO ~/localhost_platform_backup.tgz \
                    opt/platform/config/22.12/ca-cert.pem | sha256sum

    Closes-Bug: 1989150
    Signed-off-by: Joshua Kraitberg <email address hidden>
    Change-Id: I451d49e52e32e78eff74643886ca8db6f9faff13