[QUEENS] Implemented secure connection to MySQL. * It will be check exist x509 section in pillar, and prepare correct _data array for oslo_template. Related-PROD: PROD-23473 Change-Id: Id5e6c0c9a582ea401e050c7a29c1f1497ad3a5b9

commit: 822eaa4ce59fdc3434040f870bbd6532b5d0f8a0 [log] [tgz]
author: Oleksandr Shyshko <oshyshko@mirantis.com> Wed Sep 26 18:13:21 2018 +0300
committer: Oleksandr <oshyshko@mirantis.com> Wed Sep 26 22:49:11 2018 +0300
tree: f91a6443f731c8c0b12d0c002e541d028474b7d2
parent: 18939c9ae298b9946a8b9a25cb521c440cae84b0 [diff]
diff --git a/designate/files/queens/designate.conf.Debian b/designate/files/queens/designate.conf.Debian
index 906bf0d..d8c43a4 100644
--- a/designate/files/queens/designate.conf.Debian
+++ b/designate/files/queens/designate.conf.Debian

@@ -488,7 +488,13 @@
 [pool_manager_cache:sqlalchemy]
 {%- set _data = {} %}
 {%- do _data.update({'engine': server.database.engine, 'user': server.database.user, 'password': server.database.password, 'host': server.database.host, 'name': server.database.name.pool_manager})%}
-{%- if _data.ssl is defined and 'cacert_file' not in _data.get('ssl', {}).keys() %}{% do _data['ssl'].update({'cacert_file': server.cacert_file}) %}{% endif %}
+{%- if server.database.x509 is defined %}
+{%- do _data.update({'x509': server.database.x509}) %}
+{%- endif %}
+{%- if server.database.ssl is defined %}
+{%- do _data.update({'ssl': server.database.ssl}) %}
+{%- if 'cacert_file' not in server.database.ssl.keys() %}{% do _data['ssl'].update({'cacert_file': server.cacert_file}) %}{% endif %}
+{%- endif %}
 {%- include "oslo_templates/files/queens/oslo/_database.conf" %}
 
 [producer_task:delayed_notify]
@@ -1090,5 +1096,11 @@
 [storage:sqlalchemy]
 {%- set _data = {} %}
 {%- do _data.update({'engine': server.database.engine, 'user': server.database.user, 'password': server.database.password, 'host': server.database.host, 'name': server.database.name.main_database})%}
-{%- if _data.ssl is defined and 'cacert_file' not in _data.get('ssl', {}).keys() %}{% do _data['ssl'].update({'cacert_file': server.cacert_file}) %}{% endif %}
+{%- if server.database.x509 is defined %}
+{%- do _data.update({'x509': server.database.x509}) %}
+{%- endif %}
+{%- if server.database.ssl is defined %}
+{%- do _data.update({'ssl': server.database.ssl}) %}
+{%- if 'cacert_file' not in server.database.ssl.keys() %}{% do _data['ssl'].update({'cacert_file': server.cacert_file}) %}{% endif %}
+{%- endif %}
 {%- include "oslo_templates/files/queens/oslo/_database.conf" %}
commit	822eaa4ce59fdc3434040f870bbd6532b5d0f8a0	[log] [tgz]
author	Oleksandr Shyshko <oshyshko@mirantis.com>	Wed Sep 26 18:13:21 2018 +0300
committer	Oleksandr <oshyshko@mirantis.com>	Wed Sep 26 22:49:11 2018 +0300
tree	f91a6443f731c8c0b12d0c002e541d028474b7d2
parent	18939c9ae298b9946a8b9a25cb521c440cae84b0 [diff]