Revert "fix(log): reduces chattiness in keystone log"

This reverts commit 73531436e9.

Reason for revert: When the keys are rotated, the links become
broken and keystone only uses the 0 key.

Change-Id: Iffc4ab5d659b01babe7b4f9ee35b0a5789dac3ec

keystone/Chart.yaml

@@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Keystone
 name: keystone
-version: 0.2.18
+version: 0.2.19
 home: https://docs.openstack.org/keystone/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Keystone/OpenStack_Project_Keystone_vertical.png
 sources:

keystone/templates/deployment-api.yaml

@@ -61,23 +61,6 @@ spec:
       terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }}
       initContainers:
 {{ tuple $envAll "api" $mounts_keystone_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
-        - name: link-keys
-          image: {{ .Values.images.tags.keystone_api }}
-          imagePullPolicy: IfNotPresent
-          command:
-            - /bin/sh
-            - -c
-          args:
-            - set -xe;
-              find /etc/keystone/mounted-keys -type l -exec ln -sfn {} {{ .Values.conf.keystone.fernet_tokens.key_repository }} \; ;
-              chmod o-wrx {{ .Values.conf.keystone.fernet_tokens.key_repository }} ;
-          securityContext:
-            runAsUser: 0
-          volumeMounts:
-            - name: keystone-fernet-keys
-              mountPath: /etc/keystone/mounted-keys
-            - name: post-keystone-fernet-keys
-              mountPath: {{ .Values.conf.keystone.fernet_tokens.key_repository }}
       containers:
         - name: keystone-api
 {{ tuple $envAll "keystone_api" | include "helm-toolkit.snippets.image" | indent 10 }}
@@ -160,8 +143,6 @@ spec:
 {{- end }}
 {{- if eq .Values.conf.keystone.token.provider "fernet" }}
             - name: keystone-fernet-keys
-              mountPath: /etc/keystone/mounted-keys
-            - name: post-keystone-fernet-keys
               mountPath: {{ .Values.conf.keystone.fernet_tokens.key_repository }}
 {{- end }}
             - name: keystone-credential-keys
@@ -190,7 +171,7 @@ spec:
         - name: keystone-etc
           secret:
             secretName: keystone-etc
-            defaultMode: 0440
+            defaultMode: 0444
         - name: keystone-bin
           configMap:
             name: keystone-bin
@@ -201,12 +182,9 @@ spec:
             secretName: keystone-ldap-tls
 {{- end }}
 {{- if eq .Values.conf.keystone.token.provider "fernet" }}
-        - name: post-keystone-fernet-keys
-          emptyDir: {}
         - name: keystone-fernet-keys
           secret:
             secretName: keystone-fernet-keys
-            defaultMode: 0440
 {{- end }}
         - name: keystone-credential-keys
           secret:

keystone/values.yaml

@@ -163,12 +163,10 @@ pod:
     keystone:
       pod:
         runAsUser: 42424
-        fsGroup: 42424
       container:
         keystone_api:
           readOnlyRootFilesystem: true
           allowPrivilegeEscalation: false
-          runAsGroup: 42424
     credential_setup:
       pod:
         runAsUser: 42424

releasenotes/notes/keystone.yaml

@@ -34,4 +34,5 @@ keystone:
   - 0.2.16 Remove extra fsGroup
   - 0.2.17 Update default image references
   - 0.2.18 Remove default policy
+  - 0.2.19 Revert Reduce log chattiness
 ...