[tls] Make a cert SLS IDs globally unique
At the moment most of openstack formulas have
the same ids of certs at state files, e.g.:
nova/server.sls - rabbitmq_ca : file_managed
glance/server.sls - rabbitmq_ca : file_managed
So, any attempt to use the:
salt-call state.apply
fails with:
Detected conflicting IDs, SLS IDs need to be
globally unique.
Change-Id: I9af17230285a68a8e9c2774d02c9f4e8008f258e
diff --git a/ironic/_common.sls b/ironic/_common.sls
index cc4b4bf..992c49a 100644
--- a/ironic/_common.sls
+++ b/ironic/_common.sls
@@ -18,7 +18,7 @@
- pkg: ironic_common_pkgs
{%- if ironic.message_queue.get('ssl',{}).get('enabled', False) %}
-rabbitmq_ca:
+rabbitmq_ca_ironic_{{ service_name }}:
{%- if ironic.message_queue.ssl.cacert is defined %}
file.managed:
- name: {{ ironic.message_queue.ssl.cacert_file }}
diff --git a/ironic/api.sls b/ironic/api.sls
index 68df1a3..705f594 100644
--- a/ironic/api.sls
+++ b/ironic/api.sls
@@ -23,7 +23,7 @@
- file: /etc/ironic/ironic.conf
- file: /etc/ironic/policy.json
{%- if api.message_queue.get('ssl',{}).get('enabled', False) %}
- - file: rabbitmq_ca
+ - file: rabbitmq_ca_ironic_api
{%- endif %}
{%- if api.database.get('ssl',{}).get('enabled', False) %}
- file: mysql_ca_ironic_api
diff --git a/ironic/conductor.sls b/ironic/conductor.sls
index e16fccb..3241340 100644
--- a/ironic/conductor.sls
+++ b/ironic/conductor.sls
@@ -15,7 +15,7 @@
- watch:
- file: /etc/ironic/ironic.conf
{%- if conductor.message_queue.get('ssl',{}).get('enabled', False) %}
- - file: rabbitmq_ca
+ - file: rabbitmq_ca_ironic_conductor
{%- endif %}
{%- if conductor.database.get('ssl',{}).get('enabled', False) %}
- file: mysql_ca_ironic_conductor