Merge "Update puppet-keystone to handle $ in admin password"
This commit is contained in:
commit
e51e090e1e
@ -1 +1 @@
|
||||
TIS_PATCH_VER=5
|
||||
TIS_PATCH_VER=6
|
||||
|
@ -0,0 +1,33 @@
|
||||
From f3282651cd75697bbf7be3a07c1093c03964b5e1 Mon Sep 17 00:00:00 2001
|
||||
From: Kam Nasim <kam.nasim@windriver.com>
|
||||
Date: Mon, 2 Apr 2018 16:20:52 -0400
|
||||
Subject: [PATCH] meta patch for
|
||||
0004-escape-special-characters-in-bootstrap.patch
|
||||
|
||||
---
|
||||
SPECS/puppet-keystone.spec | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/SPECS/puppet-keystone.spec b/SPECS/puppet-keystone.spec
|
||||
index 36cf461..301002a 100644
|
||||
--- a/SPECS/puppet-keystone.spec
|
||||
+++ b/SPECS/puppet-keystone.spec
|
||||
@@ -13,6 +13,7 @@ Source0: https://tarballs.openstack.org/%{name}/%{name}-%{upstream_versio
|
||||
Patch0001: 0001-pike-rebase-squash-titanium-patches.patch
|
||||
Patch0002: 0002-remove-the-Keystone-admin-app.patch
|
||||
Patch0003: 0003-remove-eventlet_bindhost-from-Keystoneconf.patch
|
||||
+Patch0004: 0004-escape-special-characters-in-bootstrap.patch
|
||||
|
||||
BuildArch: noarch
|
||||
|
||||
@@ -33,6 +34,7 @@ Puppet module for OpenStack Keystone
|
||||
%patch0001 -p1
|
||||
%patch0002 -p1
|
||||
%patch0003 -p1
|
||||
+%patch0004 -p1
|
||||
|
||||
find . -type f -name ".*" -exec rm {} +
|
||||
find . -size 0 -exec rm {} +
|
||||
--
|
||||
1.8.3.1
|
||||
|
@ -2,3 +2,4 @@
|
||||
0002-squash-titanium-patches.patch
|
||||
0003-remove-the-keystone-admin-app.patch
|
||||
0004-remove-eventlet_and_bindhost-from-keystoneconf.patch
|
||||
0005-escape-special-characters-in-bootstrap.patch
|
||||
|
@ -0,0 +1,39 @@
|
||||
From 70d22113cc8d58b6546cb4917c27f9aae51787c5 Mon Sep 17 00:00:00 2001
|
||||
From: Kam Nasim <kam.nasim@windriver.com>
|
||||
Date: Mon, 2 Apr 2018 16:13:31 -0400
|
||||
Subject: [PATCH] CGTS-9320: config_controller fails when admin pw containing $
|
||||
|
||||
Escape special characters when executing the keystone-manage bootstrap
|
||||
command since the keystone CLI argparse will parse "Madawa$ka1" as
|
||||
"Madawa" which will cause the Keystone ADMIN acct to be created with an
|
||||
incorrect password. Puppet will detect this and attempt to course
|
||||
correct by sending an UPDATE User request to Keystone, which does set
|
||||
the right password but causes other failures in config_controller
|
||||
---
|
||||
manifests/init.pp | 7 ++++++-
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/manifests/init.pp b/manifests/init.pp
|
||||
index d64638c..89af303 100644
|
||||
--- a/manifests/init.pp
|
||||
+++ b/manifests/init.pp
|
||||
@@ -1292,10 +1292,15 @@ running as a standalone service, or httpd for being run by a httpd server")
|
||||
}
|
||||
|
||||
if $enable_bootstrap {
|
||||
+ #(NOTE: knasim-wrs): escape special characters in the password otherwise the
|
||||
+ # keyword-manage bootstrap CLI may parse the password incorrectly, causing
|
||||
+ # the admin account to be created with an incorrect password
|
||||
+ $admin_password_escaped = shell_escape($admin_password_real)
|
||||
+
|
||||
# this requires the database to be up and running and configured
|
||||
# and is only run once, so we don't need to notify the service
|
||||
exec { 'keystone-manage bootstrap':
|
||||
- command => "keystone-manage bootstrap --bootstrap-password ${admin_password_real}",
|
||||
+ command => "keystone-manage bootstrap --bootstrap-password ${admin_password_escaped}",
|
||||
user => $keystone_user,
|
||||
path => '/usr/bin',
|
||||
refreshonly => true,
|
||||
--
|
||||
1.8.3.1
|
||||
|
Loading…
x
Reference in New Issue
Block a user