commit 24640668d8d0667535f651ff24cc894bd7cbc212
author Kirill Bespalov <kbespalov@mirantis.com> Tue Nov 14 15:56:30 2017 +0300
committer Kirill Bespalov <kbespalov@mirantis.com> Tue Nov 14 16:05:55 2017 +0300
tree 4320092b1b8e40c1cc1059eec63f2f8424ced19f
parent d75275394c3039ac2e08940839dfa9de19595e60

[tls] Make a cert SLS IDs globally unique

At the moment most of openstack formulas have
the same ids of certs at state files, e.g.:

 nova/server.sls   - rabbitmq_ca : file_managed
 glance/server.sls - rabbitmq_ca : file_managed

So, any attempt to use the:

   salt-call state.apply

fails with:

  Detected conflicting IDs, SLS IDs need to be
  globally unique.

Change-Id: I4e454dcbef40ee086457bc46ddff215df5a32ab1

cinder/controller.sls

diff --git a/cinder/controller.sls b/cinder/controller.sls
index bfb36b0..79678de 100644
--- a/cinder/controller.sls
+++ b/cinder/controller.sls
@@ -64,7 +64,7 @@
   {%- endif %}
   - watch:
     {%- if controller.message_queue.get('ssl',{}).get('enabled', False) %}
-    - file: rabbitmq_ca
+    - file: rabbitmq_ca_cinder_controller
     {%- endif %}
     {%- if controller.database.get('ssl',{}).get('enabled', False) %}
     - file: mysql_ca_cinder_controller
@@ -84,7 +84,7 @@
   {%- endif %}
   - watch:
     {%- if controller.message_queue.get('ssl',{}).get('enabled', False) %}
-    - file: rabbitmq_ca
+    - file: rabbitmq_ca_cinder_controller
     {%- endif %}
     {%- if controller.database.get('ssl',{}).get('enabled', False) %}
     - file: mysql_ca_cinder_controller
@@ -115,7 +115,7 @@
   {%- endif %}
   - watch:
     {%- if controller.message_queue.get('ssl',{}).get('enabled', False) %}
-    - file: rabbitmq_ca
+    - file: rabbitmq_ca_cinder_controller
     {%- endif %}
     {%- if controller.database.get('ssl',{}).get('enabled', False) %}
     - file: mysql_ca_cinder_controller
@@ -205,7 +205,7 @@
   - enable: true
   - watch:
     {%- if controller.message_queue.get('ssl',{}).get('enabled', False) %}
-    - file: rabbitmq_ca
+    - file: rabbitmq_ca_cinder_controller
     {%- endif %}
     - file: /etc/cinder/cinder.conf
     - file: /etc/cinder/api-paste.ini
@@ -213,7 +213,7 @@
 {%- endif %}
 
 {%- if controller.message_queue.get('ssl',{}).get('enabled', False) %}
-rabbitmq_ca:
+rabbitmq_ca_cinder_controller:
 {%- if controller.message_queue.ssl.cacert is defined %}
   file.managed:
     - name: {{ controller.message_queue.ssl.cacert_file }}

cinder/volume.sls

diff --git a/cinder/volume.sls b/cinder/volume.sls
index 1fcd7a8..383f0ba 100644
--- a/cinder/volume.sls
+++ b/cinder/volume.sls
@@ -23,7 +23,7 @@
 {%- if not pillar.cinder.get('controller', {}).get('enabled', False) %}
 
 {%- if volume.message_queue.get('ssl',{}).get('enabled', False) %}
-rabbitmq_ca:
+rabbitmq_ca_cinder_volume:
 {%- if volume.message_queue.ssl.cacert is defined %}
   file.managed:
     - name: {{ volume.message_queue.ssl.cacert_file }}
@@ -79,7 +79,7 @@
   {%- endif %}
   - watch:
     {%- if volume.message_queue.get('ssl',{}).get('enabled', False) %}
-    - file: rabbitmq_ca
+    - file: rabbitmq_ca_cinder_volume
     {%- endif %}
     {%- if volume.database.get('ssl',{}).get('enabled', False) %}
     - file: mysql_ca_cinder_volume
@@ -100,7 +100,7 @@
   {%- endif %}
   - watch:
     {%- if volume.message_queue.get('ssl',{}).get('enabled', False) %}
-    - file: rabbitmq_ca
+    - file: rabbitmq_ca_cinder_volume
     {%- endif %}
     {%- if volume.database.get('ssl',{}).get('enabled', False) %}
     - file: mysql_ca_cinder_volume