StarlingX

  1. Bug #2008250
  2. Comment #2

Comment 2 for bug 2008250

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to ansible-playbooks (master)

Reviewed: https://review.opendev.org/c/starlingx/ansible-playbooks/+/874801
Committed: https://opendev.org/starlingx/ansible-playbooks/commit/048ef49135e6d37661d93aa2cefc8f727422e084
Submitter: "Zuul (22348)"
Branch: master

commit 048ef49135e6d37661d93aa2cefc8f727422e084
Author: Marcelo de Castro Loebens <email address hidden>
Date: Wed Feb 22 15:01:31 2023 -0400

    Delete certs spec file after migration playbook

    In migrate-platform-certificates-to-certmanager playbook, a file is
    created to store certificate spec before applying it to cert-manager.
    This file has sensible data, and should not be maintained in the
    system after the usage.

    File ownership will be 'root' and permissions '0640' to limit access
    while it is still in the system. File will be removed after usage in
    the playbook.

    Test Plan:
    PASS: Follow the steps in
          https://docs.starlingx.io/security/kubernetes/migrate-platform-certificates-to-use-cert-manager-c0b1727e4e5d.html
          to execute the cert manager migration playbook.
          Wait for the playbook to finish.
          List the files for the folder '/tmp'.
          Verify that the file 'platform_certificates.yaml' is absent.

    Closes-Bug: 2008250

    Signed-off-by: Marcelo de Castro Loebens <email address hidden>
    Change-Id: I899bf6920fe2e50079fd1dafc922bae22da47b6c