Merge "Add octaviaclient"
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index 0dc20b0..498cc62 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -133,6 +133,7 @@
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods plus java.util.List java.util.Collection
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods println java.lang.Object java.lang.Object
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods putAt java.lang.Object java.lang.String java.lang.Object
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods readLines java.lang.String
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods sort java.util.Collection
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods split java.lang.String
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods takeRight java.util.List int
diff --git a/jenkins/client/job/deploy/update/cloud_update.yml b/jenkins/client/job/deploy/update/cloud_update.yml
index d4a05ec..4482324 100644
--- a/jenkins/client/job/deploy/update/cloud_update.yml
+++ b/jenkins/client/job/deploy/update/cloud_update.yml
@@ -165,3 +165,7 @@
type: boolean
default: 'false'
description: "Run cloud validation pipelines before and after update"
+ MINIONS_TEST_TIMEOUT:
+ type: string
+ default: 10
+ description: "Time in seconds for a Salt result to receive a response when calling a minionsReachable method."
diff --git a/jenkins/client/job/gating.yml b/jenkins/client/job/gating.yml
index 1ed093e..513df82 100644
--- a/jenkins/client/job/gating.yml
+++ b/jenkins/client/job/gating.yml
@@ -44,6 +44,8 @@
compare_type: REG_EXP
branches:
- master
+ - compare_type: ANT
+ name: release/*
skip_vote:
- successful
- failed
diff --git a/jenkins/client/job/oscore/cookiecutter.yml b/jenkins/client/job/oscore/cookiecutter.yml
index bc180b4..5ffe289 100644
--- a/jenkins/client/job/oscore/cookiecutter.yml
+++ b/jenkins/client/job/oscore/cookiecutter.yml
@@ -97,6 +97,8 @@
compare_type: 'REG_EXP'
branches:
- master
+ - compare_type: ANT
+ name: release/*
skip_vote:
- successful
- failed
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 81dfd36..983a88b 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -217,6 +217,8 @@
salt-models/{{name}}:
branches:
- master
+ - compare_type: ANT
+ name: release/*
event:
comment:
- addedContains:
@@ -260,6 +262,8 @@
mk/{{cookiecutter_template}}:
branches:
- master
+ - compare_type: ANT
+ name: release/*
event:
comment:
- addedContains:
diff --git a/jenkins/client/job/test_pipelines.yml b/jenkins/client/job/test_pipelines.yml
index c8eaab0..4d661da 100644
--- a/jenkins/client/job/test_pipelines.yml
+++ b/jenkins/client/job/test_pipelines.yml
@@ -35,6 +35,8 @@
"{{repo}}":
branches:
- master
+ - compare_type: ANT
+ name: release/*
event:
patchset:
- created:
diff --git a/keystone/client/core.yml b/keystone/client/core.yml
index 899f4aa..8c73b16 100644
--- a/keystone/client/core.yml
+++ b/keystone/client/core.yml
@@ -3,12 +3,13 @@
parameters:
_param:
keystone_service_protocol: http
+###TODO: the section below should be removed in the future together with same related changes in cookiecutter-templates (control_init.yml)
linux:
system:
job:
keystone_job_rotate:
command: '/usr/bin/keystone-manage fernet_rotate --keystone-user keystone --keystone-group keystone >> /var/log/key_rotation_log 2>> /var/log/key_rotation_log'
- enabled: true
+ enabled: false
user: root
minute: 0
keystone:
diff --git a/keystone/client/single.yml b/keystone/client/single.yml
index ad2d55a..b8ab7f1 100644
--- a/keystone/client/single.yml
+++ b/keystone/client/single.yml
@@ -10,12 +10,13 @@
parameters:
_param:
keystone_service_protocol: http
+###TODO: the section below should be removed in the future together with same related changes in cookiecutter-templates (control_init.yml)
linux:
system:
job:
keystone_job_rotate:
command: '/usr/bin/keystone-manage fernet_rotate --keystone-user keystone --keystone-group keystone >> /var/log/key_rotation_log 2>> /var/log/key_rotation_log'
- enabled: true
+ enabled: false
user: root
minute: 0
keystone:
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index d202987..2f411b5 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -14,6 +14,7 @@
metadata_password: metadataPass
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
linux:
system:
package:
@@ -48,6 +49,11 @@
password: ${_param:mysql_nova_password}
x509:
enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_nova_ssl_ca_file}
+ key_file: ${_param:mysql_nova_client_ssl_key_file}
+ cert_file: ${_param:mysql_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
engine: keystone
region: ${_param:openstack_region}
diff --git a/nova/control/single.yml b/nova/control/single.yml
index 4cc165d..e7d7671 100644
--- a/nova/control/single.yml
+++ b/nova/control/single.yml
@@ -5,6 +5,7 @@
_param:
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
linux:
system:
package:
@@ -18,6 +19,11 @@
host: ${_param:single_address}
x509:
enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_nova_ssl_ca_file}
+ key_file: ${_param:mysql_nova_client_ssl_key_file}
+ cert_file: ${_param:mysql_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
protocol: ${_param:cluster_internal_protocol}
region: ${_param:openstack_region}
diff --git a/openssh/server/team/members/pshchelo.yaml b/openssh/server/team/members/pshchelo.yml
similarity index 100%
rename from openssh/server/team/members/pshchelo.yaml
rename to openssh/server/team/members/pshchelo.yml
diff --git a/openssh/server/team/oscore_devops.yml b/openssh/server/team/oscore_devops.yml
index f629d9e..31830fc 100644
--- a/openssh/server/team/oscore_devops.yml
+++ b/openssh/server/team/oscore_devops.yml
@@ -11,6 +11,7 @@
- system.openssh.server.team.members.kkushaev
- system.openssh.server.team.members.sgarbuz
- system.openssh.server.team.members.oshyshko
+- system.openssh.server.team.members.pshchelo
parameters:
_param:
linux_system_user_sudo: true
diff --git a/rabbitmq/server/ssl/init.yml b/rabbitmq/server/ssl/init.yml
new file mode 100644
index 0000000..7fefae7
--- /dev/null
+++ b/rabbitmq/server/ssl/init.yml
@@ -0,0 +1,11 @@
+classes:
+- system.salt.minion.cert.rabbitmq_server
+- service.rabbitmq.server.ssl
+parameters:
+ _param:
+ rabbitmq_ssl_enabled: true
+ rabbitmq_port: 5671 # for non-ssl use 5672 / for ssl 5671
+ rabbitmq:
+ server:
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}