starlingx/config
Code Issues Proposed changes

Add flag to skip keystone password update

Browse Source 
When a keystone user password is changed, a keystone listener monitor
these changes and may run a custom manifest for certain users.
To better control when the manifest should be executed, this commit
introduces the flag skip_keystone_password_update to selectively
skip the manifest execution. This will be intergrated in the rehoming
and enrollment playbooks to speed up their timings.

Test plan:
  - PASS: Touch the flag and modify a user password. Verify the
          manifest execution was skipped.
  - PASS: Remove the flag and modify a user password. Verify the
          manifest execution was executed successfully.
  - PASS: Rehome a subcloud and verify the behavior is the same as
          before.
  - PASS: Enroll a subcloud and verify the behavior is the same as
          before.

Closes-bug: 2126803

Change-Id: Idd2f97265dea6a8041503f290094bd2f55d984b5
Signed-off-by: Victor Romano <victor.gluzromano@windriver.com>
This commit is contained in:
Victor Romano
2025-10-03 16:03:13 -03:00
parent 45896c5d45
commit c72aad6678
2 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
sysinv/sysinv/sysinv/sysinv/common/constants.py
View File

@@ -2410,6 +2410,9 @@ ANSIBLE_ENROLLMENT_FLAG = os.path.join(tsc.VOLATILE_PATH, ".enrollment_in_progre
ANSIBLE_ENROLLMENT_COMPLETED_FLAG = \ ANSIBLE_ENROLLMENT_COMPLETED_FLAG = \
os.path.join(tsc.VOLATILE_PATH, ".subcloud_enrollment_completed") os.path.join(tsc.VOLATILE_PATH, ".subcloud_enrollment_completed")
SKIP_KEYSTONE_PASSWORD_UPDATE = \
os.path.join(tsc.VOLATILE_PATH, ".skip_keystone_password_update")
# just used for upgrade purposes # just used for upgrade purposes
OLD_ANSIBLE_BOOTSTRAP_COMPLETED_FLAG = os.path.join(tsc.CONFIG_PATH, OLD_ANSIBLE_BOOTSTRAP_COMPLETED_FLAG = os.path.join(tsc.CONFIG_PATH,
".bootstrap_completed") ".bootstrap_completed")

4
sysinv/sysinv/sysinv/sysinv/conductor/manager.py
View File

@@ -2538,6 +2538,10 @@ class ConductorManager(service.PeriodicService):
reload the related service on keystone password change""" reload the related service on keystone password change"""
if os.path.isfile(constants.SKIP_KEYSTONE_PASSWORD_UPDATE):
LOG.info("Skipping service config for keystone user: %s" % username)
return
LOG.info("Updating service config for keystone user: %s" % username) LOG.info("Updating service config for keystone user: %s" % username)
personalities = [constants.CONTROLLER] personalities = [constants.CONTROLLER]
config_uuid = self._config_update_hosts(context, personalities) config_uuid = self._config_update_hosts(context, personalities)