weizhouapache commented on code in PR #7090:
URL: https://github.com/apache/cloudstack/pull/7090#discussion_r1071046126
##########
scripts/util/keystore-setup:
##########
@@ -46,6 +47,27 @@ keytool -genkey -storepass "$KS_PASS" -keypass "$KS_PASS"
-alias "$ALIAS" -keyal
rm -f "$CSR_FILE"
addresses=$(ip address | grep inet | awk '{print $2}' | sed 's/\/.*//g' | grep
-v '^169.254.' | grep -v '^127.0.0.1' | egrep -v '^::1|^fe80' | grep -v '^::1'
| sed 's/^/ip:/g' | tr '\r\n' ',')
keytool -certreq -storepass "$KS_PASS" -alias "$ALIAS" -file $CSR_FILE
-keystore "$KS_FILE" -ext san="$addresses" > /dev/null 2>&1
+
+if [ $? -ne 0 ];then
+ echo "Failed to generate CSR file, retrying after removing existing
settings"
+
+ if [ -f "$LIBVIRTD_FILE" ]; then
+ echo "Reverting libvirtd to not listen on TLS"
+ sed -i "s,^listen_tls=1,listen_tls=0,g" $LIBVIRTD_FILE
+ systemctl restart libvirtd
+ fi
+
+ echo "Removing cloud.* files in /etc/cloudstack/agent"
+ rm -f /etc/cloudstack/agent/cloud.*
+
+ echo "Retrying to generate CSR file"
+ keytool -certreq -storepass "$KS_PASS" -alias "$ALIAS" -file $CSR_FILE
-keystore "$KS_FILE" -ext san="$addresses" >/dev/null 2>&1
+ if [ $? -ne 0 ];then
+ echo "Failed to generate CSR file while retrying"
+ exit 1
+ fi
Review Comment:
It is only necessary to retry once, I think.
The following retries will have the same result as first retry.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
