Commit 04d1a043 authored by Keith Schincke's avatar Keith Schincke

Update unless statement for cephx key checking.

Some cephx keys (manila) have specail features enabled via quoted
words in their capabilities list. The initial key is created on the
file system with escaped quotes (\"auth del\" and \"auth caps\").
However the output of ceph auth get does not excape these quotes.
This results in the grep in unless satement always failing and
causing the key to be reimported multiple times.

A Ceph tracker issue has been opend to for this issue. (1)

1: http://tracker.ceph.com/issues/22227

Change-Id: I2cf6d3ded28d2d37c10fbe9ffb29822b744a561c
parent ea84cb4c
......@@ -176,10 +176,13 @@ ceph ${cluster_option} ${inject_id_option} ${inject_keyring_option} auth import
unless => "/bin/true # comment to satisfy puppet syntax requirements
set -x
OLD_KEYRING=\$(mktemp)
TMP_KEYRING=\$(mktemp)
cat ${keyring_path} | sed -e 's/\\\\//g' > \$TMP_KEYRING
ceph ${cluster_option} ${inject_id_option} ${inject_keyring_option} auth get ${name} -o \$OLD_KEYRING || true
diff -N \$OLD_KEYRING ${keyring_path}
diff -N \$OLD_KEYRING \$TMP_KEYRING
rv=$?
rm \$OLD_KEYRING
rm \$TMP_KEYRING
exit \$rv",
require => [ Class['ceph'], Exec["ceph-key-${name}"], ],
logoutput => true,
......
---
fixes:
- |
Update ceph::key unless statement to work out ceph auth get not escaping
embedded quotes in the capabilities lists. Ceph tracker number 22227 has
been opened to resolve this issue
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment