From e5440cfcbec2f15b1561d920eaa138fef2768564 Mon Sep 17 00:00:00 2001 From: Jesse Pretorius Date: Thu, 6 Aug 2015 08:14:52 +0100 Subject: [PATCH] Verify lxc cache file after download This patch adds a sha256sum verification to the lxc cache file download task and also sets the task to retry. Change-Id: Ie6342c1ee004a3d2de2256408361259d2fb47f1b Closes-Bug: #1482091 (cherry picked from commit 0ccf11eeddaad8b8f4b53e3a7cf3f33f81d208ee) --- playbooks/inventory/group_vars/hosts.yml | 1 + playbooks/roles/lxc_hosts/defaults/main.yml | 1 + playbooks/roles/lxc_hosts/tasks/lxc_cache.yml | 3 +++ 3 files changed, 5 insertions(+) diff --git a/playbooks/inventory/group_vars/hosts.yml b/playbooks/inventory/group_vars/hosts.yml index 77bc8ae850..46b7e3bf16 100644 --- a/playbooks/inventory/group_vars/hosts.yml +++ b/playbooks/inventory/group_vars/hosts.yml @@ -40,6 +40,7 @@ openstack_upstream_url: "http://{{ openstack_upstream_domain }}" lxc_container_caches: - url: "{{ openstack_upstream_url }}/container_images/rpc-trusty-container.tgz" name: "trusty.tgz" + sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c" ## RabbitMQ diff --git a/playbooks/roles/lxc_hosts/defaults/main.yml b/playbooks/roles/lxc_hosts/defaults/main.yml index d553ce351f..7ece3eaf76 100644 --- a/playbooks/roles/lxc_hosts/defaults/main.yml +++ b/playbooks/roles/lxc_hosts/defaults/main.yml @@ -68,3 +68,4 @@ lxc_apt_packages: # lxc_container_caches: # - url: "{{ openstack_upstream_url }}/container_images/rpc-trusty-container.tgz" # name: "trusty.tgz" +# sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c" diff --git a/playbooks/roles/lxc_hosts/tasks/lxc_cache.yml b/playbooks/roles/lxc_hosts/tasks/lxc_cache.yml index f2b9145681..81d1f226f9 100644 --- a/playbooks/roles/lxc_hosts/tasks/lxc_cache.yml +++ b/playbooks/roles/lxc_hosts/tasks/lxc_cache.yml @@ -19,7 +19,10 @@ dest: "/var/cache/lxc_{{ item.name }}" mode: "0644" force: no + sha256sum: "{{ item.sha256sum }}" register: cache_download + retries: 3 + delay: 10 until: cache_download|success with_items: lxc_container_caches tags: