e9ad44b...
by
OpenDev Sysadmins <email address hidden>
OpenDev Migration Patch
This commit was bulk generated and pushed by the OpenDev sysadmins
as a part of the Git hosting and code review systems migration
detailed in these mailing list posts:
Attempts have been made to correct repository namespaces and
hostnames based on simple pattern matching, but it's possible some
were updated incorrectly or missed entirely. Please reach out to us
via the contact information listed at https://opendev.org/ with any
questions you may have.
Several flags were not being managed properly, and certs were not being
re-issued when PKI was re-enabled.
Conflicts:
src/actions/actions.py
Conflicts in pload_signed_csr() and generate_root_ca() from
(8f490507bce678c9a2d79bff5efb04a852f19118) The order of the patches
changed which brings small conflicts
Closes-Bug: #1813180
Change-Id: Ifac75028897d22c277750a747f79d4dfedb4f987
(cherry picked from commit 3b947315200f295651eed07f5ca80a65abca459e)
The `@when_file_changed` decorator is not considered reliable.
Additionally, the way it was being used led to a race condition where
the Vault service might never get started. This also detects and reports
in a better way if Vault fails to start.
Conflicts:
unit_tests/test_reactive_vault_handlers.py
A test_tune_pki_backend() test was introduced by
(6f043bb7ca8710dd7c1746297b6f98f743c3499a). But because of the
race condition in CI I had to change the order of the patches and
put that one at the bottom.
Change-Id: If6153377cd516ed8121e09da627905036128a6ec
(cherry picked from commit 102b222fcec550d7b30eb10583887fa212c61eff)
220f0ee...
by
Vladimir Grevtsev <email address hidden>
Adjusting NRPE script to work with Vault HA and non-SSL Vault
According to Vault docs https://www.vaultproject.io/api/system/health.html,
in standby mode it will return non-200 code by default, causing our current
NRPE script to fail. This change is enforcing Vault to return HTTP 200 for
both active and standby units.
Also, a fix for lp:1813989 is here since Vault is running its healtcheck
interface on loopback interface only using port 8220.