from teuthology import misc as teuthology
from teuthology import contextutil
from teuthology.exceptions import ConfigError
-from util import get_remote_for_role
-from util.rgw import rgwadmin, wait_for_radosgw
-from util.rados import (create_ec_pool,
- create_replicated_pool,
- create_cache_pool)
+from tasks.util import get_remote_for_role
+from tasks.util.rgw import rgwadmin, wait_for_radosgw
+from tasks.util.rados import (create_ec_pool,
+ create_replicated_pool,
+ create_cache_pool)
log = logging.getLogger(__name__)
])
- if client_config.get('dns-name'):
+ if client_config.get('dns-name') is not None:
rgw_cmd.extend(['--rgw-dns-name', endpoint.dns_name])
- if client_config.get('dns-s3website-name'):
+ if client_config.get('dns-s3website-name') is not None:
rgw_cmd.extend(['--rgw-dns-s3website-name', endpoint.website_dns_name])
vault_role = client_config.get('use-vault-role', None)
barbican_role = client_config.get('use-barbican-role', None)
- token_path = teuthology.get_testdir(ctx) + '/vault-token'
+ token_path = '/etc/ceph/vault-root-token'
if barbican_role is not None:
if not hasattr(ctx, 'barbican'):
raise ConfigError('rgw must run after the barbican task')
if not ctx.vault.root_token:
raise ConfigError('vault: no "root_token" specified')
# create token on file
- ctx.cluster.only(client).run(args=['echo', '-n', ctx.vault.root_token, run.Raw('>'), token_path])
- log.info("Restrict access to token file")
- ctx.cluster.only(client).run(args=['chmod', '600', token_path])
+ ctx.cluster.only(client).run(args=['sudo', 'echo', '-n', ctx.vault.root_token, run.Raw('|'), 'sudo', 'tee', token_path])
log.info("Token file content")
ctx.cluster.only(client).run(args=['cat', token_path])
+ log.info("Restrict access to token file")
+ ctx.cluster.only(client).run(args=['sudo', 'chmod', '600', token_path])
+ ctx.cluster.only(client).run(args=['sudo', 'chown', 'ceph', token_path])
rgw_cmd.extend([
'--rgw_crypt_vault_addr', "{}:{}".format(*ctx.vault.endpoints[vault_role]),
client=client_with_cluster),
],
)
- ctx.cluster.only(client).run(args=['rm', '-f', token_path])
+ ctx.cluster.only(client).run(args=['sudo', 'rm', '-f', token_path])
def assign_endpoints(ctx, config, default_cert):
role_endpoints = {}
dns_name += remote.hostname
website_dns_name = client_config.get('dns-s3website-name')
- if website_dns_name:
- if len(website_dns_name) == 0 or website_dns_name.endswith('.'):
- website_dns_name += remote.hostname
+ if website_dns_name is not None and (len(website_dns_name) == 0 or website_dns_name.endswith('.')):
+ website_dns_name += remote.hostname
role_endpoints[role] = RGWEndpoint(remote.hostname, port, ssl_certificate, dns_name, website_dns_name)