Fix generation of configs that contain password files
In I8fe9a640ba36288a1f9cb18563b363159d4731c0 we added the ability
to prevent overwriting password files during docker-puppet runs, to
give the service the ability to update his own user credentials.
This doesn't work in case a stack update is running and config files
don't exist on the host in the first place (e.g. because of a
previous deploy failure, or due to a controller node replacement).
This also causes complications if a password file is already present
during a stack creation (e.g re-creating a stack on a split-stack
environment).
Change the way password files are handled:
. if a previous password file exists on the host, do not overwrite
it with the new password. Only use the new password for
computing the hash.
. otherwise, always copy the newly generated password file on the
host.
Also, fix the config hash generation that currently considers the
password file twice, which makes the hash vary and cause
unexpected service restart at each stack update.
Reviewed: https:/ /review. openstack. org/633768 /git.openstack. org/cgit/ openstack/ tripleo- heat-templates/ commit/ ?id=ec5fbe8de78 ad37ec8ed4f6642 be0e545da7fcf9
Committed: https:/
Submitter: Zuul
Branch: master
commit ec5fbe8de78ad37 ec8ed4f6642be0e 545da7fcf9
Author: Damien Ciabrini <email address hidden>
Date: Tue Jan 29 14:49:46 2019 +0000
Fix generation of configs that contain password files
In I8fe9a640ba3628 8a1f9cb18563b36 3159d4731c0 we added the ability
to prevent overwriting password files during docker-puppet runs, to
give the service the ability to update his own user credentials.
This doesn't work in case a stack update is running and config files
don't exist on the host in the first place (e.g. because of a
previous deploy failure, or due to a controller node replacement).
This also causes complications if a password file is already present
during a stack creation (e.g re-creating a stack on a split-stack
environment).
Change the way password files are handled:
. if a previous password file exists on the host, do not overwrite
it with the new password. Only use the new password for
computing the hash.
. otherwise, always copy the newly generated password file on the
host.
Also, fix the config hash generation that currently considers the
password file twice, which makes the hash vary and cause
unexpected service restart at each stack update.
Change-Id: Ia77f1a82c4164f 53fa90a6f05ba72 8787622285d
Closes-bug: #1809145