Bind mount the IPA crt when internal_tls is enabled
In order for later reviews to make use of the FreeIPA internal
CA we need to first bind mount it within the container.
We need to add a default in the hiera definition (/etc/ipa/ca.crt)
in order to break a cyclic dependency on the subsequent patches.
(THT child change will set the rabbitmq::ssl_cacert key)
Related-Bug: #1946374
Change-Id: Ib0236f9c086d520d0a27e3aa8b41927bc7b50c26
(cherry picked from commit fdca31a2009a0aaf3f3ee9c5e30083ac59bf067f)
Reviewed: https:/ /review. opendev. org/c/openstack /puppet- tripleo/ +/813572 /opendev. org/openstack/ puppet- tripleo/ commit/ 28135309d9b8eae 604d3a5116866a6 25621e65a7
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/wallaby
commit 28135309d9b8eae 604d3a5116866a6 25621e65a7
Author: Michele Baldessari <email address hidden>
Date: Fri Oct 8 23:25:38 2021 +0200
Bind mount the IPA crt when internal_tls is enabled
In order for later reviews to make use of the FreeIPA internal
CA we need to first bind mount it within the container.
We need to add a default in the hiera definition (/etc/ipa/ca.crt) :ssl_cacert key)
in order to break a cyclic dependency on the subsequent patches.
(THT child change will set the rabbitmq:
Related-Bug: #1946374 0d0a27e3aa8b419 27bc7b50c26 f3f3ee9c5e30083 ac59bf067f)
Change-Id: Ib0236f9c086d52
(cherry picked from commit fdca31a2009a0aa