From 919678718ad005ff2609e134fba046809a8e5a8c Mon Sep 17 00:00:00 2001 From: "Ritchie, Frank (fr801x)" Date: Fri, 19 Mar 2021 15:31:16 -0400 Subject: [PATCH] Enable tls for glance storage init Change-Id: Iaa84e16c60cd99cb9e2f391ab147cf84d1163ac7 --- glance/Chart.yaml | 2 +- glance/templates/bin/_storage-init.sh.tpl | 5 +++++ releasenotes/notes/glance.yaml | 1 + 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/glance/Chart.yaml b/glance/Chart.yaml index 83173350e3..73b101cb6f 100644 --- a/glance/Chart.yaml +++ b/glance/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Glance name: glance -version: 0.1.6 +version: 0.1.7 home: https://docs.openstack.org/glance/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Glance/OpenStack_Project_Glance_vertical.png sources: diff --git a/glance/templates/bin/_storage-init.sh.tpl b/glance/templates/bin/_storage-init.sh.tpl index 6f5a589715..18fdf81d14 100644 --- a/glance/templates/bin/_storage-init.sh.tpl +++ b/glance/templates/bin/_storage-init.sh.tpl @@ -24,6 +24,11 @@ if [ "x$STORAGE_BACKEND" == "xrbd" ]; then trap cleanup EXIT fi +SCHEME={{ tuple "object_store" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" }} +if [[ "$SCHEME" == "https" && -f /etc/ssl/certs/openstack-helm.crt ]]; then + export CURL_CA_BUNDLE="/etc/ssl/certs/openstack-helm.crt" +fi + set -ex if [ "x$STORAGE_BACKEND" == "xpvc" ]; then echo "No action required." diff --git a/releasenotes/notes/glance.yaml b/releasenotes/notes/glance.yaml index 7dfcd8c3ed..4426007fd4 100644 --- a/releasenotes/notes/glance.yaml +++ b/releasenotes/notes/glance.yaml @@ -7,3 +7,4 @@ glance: - 0.1.4 Update RBAC apiVersion from /v1beta1 to /v1 - 0.1.5 Change Issuer to ClusterIssuer - 0.1.6 Update glance default policy values + - 0.1.7 Update storage init script with cacert