Hello community,
here is the log from the commit of package habootstrap-formula for
openSUSE:Factory checked in at 2020-03-06 21:29:02
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/habootstrap-formula (Old)
and /work/SRC/openSUSE:Factory/.habootstrap-formula.new.26092 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "habootstrap-formula"
Fri Mar 6 21:29:02 2020 rev:8 rq:782126 version:0.3.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/habootstrap-formula/habootstrap-formula.changes
2020-01-14 21:13:35.302937492 +0100
+++
/work/SRC/openSUSE:Factory/.habootstrap-formula.new.26092/habootstrap-formula.changes
2020-03-06 21:33:34.829782421 +0100
@@ -2 +2 @@
-Mon Dec 16 09:33:20 UTC 2019 - Xabier Arbulu <[email protected]>
+Mon Feb 3 08:58:55 UTC 2020 - Xabier Arbulu <[email protected]>
@@ -4,17 +4,8 @@
-- Add automatic cloud detection
-
--------------------------------------------------------------------
-Wed Dec 11 15:55:33 UTC 2019 - Xabier Arbulu <[email protected]>
-
-- Add option to set multiple sbd disks to the cluster
-
--------------------------------------------------------------------
-Wed Dec 11 12:13:43 UTC 2019 - Xabier Arbulu <[email protected]>
-
-- Move the cluster configure part to a new state to be executed
- even when joining executions.
-
--------------------------------------------------------------------
-Wed Dec 11 09:46:41 UTC 2019 - Xabier Arbulu <[email protected]>
-
-- Add option to update hacluster user password
+- Version bump 0.3.0
+ * Add --no-overwrite-sshkey option to the formula
+ * Add automatic cloud detection
+ * Add option to set multiple sbd disks to the cluster
+ * Move the cluster configure part to a new state to be executed
+ even when joining executions
+ * Add option to update hacluster user password
+ (bsc#1165156, jsc#SLE-4031, boo#1137989)
Old:
----
habootstrap-formula-0.2.10.tar.gz
New:
----
habootstrap-formula-0.3.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ habootstrap-formula.spec ++++++
--- /var/tmp/diff_new_pack.ADMCTB/_old 2020-03-06 21:33:35.281782700 +0100
+++ /var/tmp/diff_new_pack.ADMCTB/_new 2020-03-06 21:33:35.281782700 +0100
@@ -21,7 +21,7 @@
%define fdir %{_datadir}/salt-formulas
Name: habootstrap-formula
-Version: 0.2.10
+Version: 0.3.0
Group: System/Packages
Release: 0
Summary: HA cluster (crmsh) deployment salt formula
++++++ habootstrap-formula-0.2.10.tar.gz -> habootstrap-formula-0.3.0.tar.gz
++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/habootstrap-formula-0.2.10/Gemfile.lock
new/habootstrap-formula-0.3.0/Gemfile.lock
--- old/habootstrap-formula-0.2.10/Gemfile.lock 2019-12-19 13:11:02.245712922
+0100
+++ new/habootstrap-formula-0.3.0/Gemfile.lock 2020-03-06 15:01:35.947485011
+0100
@@ -9,7 +9,7 @@
addressable (2.7.0)
public_suffix (>= 2.0.2, < 5.0)
aws-eventstream (1.0.3)
- aws-partitions (1.257.0)
+ aws-partitions (1.280.0)
aws-sdk-apigateway (1.36.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
@@ -25,22 +25,22 @@
aws-sdk-budgets (1.27.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-cloudformation (1.29.0)
+ aws-sdk-cloudformation (1.30.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudhsm (1.19.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-cloudhsmv2 (1.19.0)
+ aws-sdk-cloudhsmv2 (1.20.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudtrail (1.20.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-cloudwatch (1.31.0)
+ aws-sdk-cloudwatch (1.33.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-cloudwatchlogs (1.27.0)
+ aws-sdk-cloudwatchlogs (1.28.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
aws-sdk-codecommit (1.30.0)
@@ -49,13 +49,13 @@
aws-sdk-codedeploy (1.27.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-codepipeline (1.27.0)
+ aws-sdk-codepipeline (1.28.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-configservice (1.40.0)
+ aws-sdk-configservice (1.42.1)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-core (3.86.0)
+ aws-sdk-core (3.90.1)
aws-eventstream (~> 1.0, >= 1.0.2)
aws-partitions (~> 1, >= 1.239.0)
aws-sigv4 (~> 1.1)
@@ -63,19 +63,19 @@
aws-sdk-costandusagereportservice (1.18.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-dynamodb (1.41.0)
+ aws-sdk-dynamodb (1.44.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-ec2 (1.127.0)
+ aws-sdk-ec2 (1.147.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-ecr (1.23.0)
+ aws-sdk-ecr (1.25.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-ecs (1.55.0)
+ aws-sdk-ecs (1.57.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-eks (1.29.0)
+ aws-sdk-eks (1.32.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
aws-sdk-elasticache (1.29.0)
@@ -87,37 +87,37 @@
aws-sdk-elasticloadbalancing (1.19.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-elasticloadbalancingv2 (1.39.0)
+ aws-sdk-elasticloadbalancingv2 (1.40.1)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-elasticsearchservice (1.29.0)
+ aws-sdk-elasticsearchservice (1.30.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
aws-sdk-firehose (1.24.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-iam (1.32.0)
+ aws-sdk-iam (1.33.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-kafka (1.16.0)
+ aws-sdk-kafka (1.18.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
aws-sdk-kinesis (1.20.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-kms (1.27.0)
+ aws-sdk-kms (1.29.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-lambda (1.34.0)
+ aws-sdk-lambda (1.36.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
aws-sdk-organizations (1.17.0)
aws-sdk-core (~> 3, >= 3.39.0)
aws-sigv4 (~> 1.0)
- aws-sdk-rds (1.73.0)
+ aws-sdk-rds (1.78.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-redshift (1.34.0)
+ aws-sdk-redshift (1.37.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
aws-sdk-route53 (1.30.0)
@@ -129,11 +129,11 @@
aws-sdk-route53resolver (1.11.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-s3 (1.60.0)
+ aws-sdk-s3 (1.60.2)
aws-sdk-core (~> 3, >= 3.83.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.1)
- aws-sdk-securityhub (1.14.0)
+ aws-sdk-securityhub (1.19.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
aws-sdk-ses (1.27.0)
@@ -148,10 +148,10 @@
aws-sdk-sqs (1.23.1)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sdk-ssm (1.67.0)
+ aws-sdk-ssm (1.71.0)
aws-sdk-core (~> 3, >= 3.71.0)
aws-sigv4 (~> 1.1)
- aws-sigv4 (1.1.0)
+ aws-sigv4 (1.1.1)
aws-eventstream (~> 1.0, >= 1.0.2)
azure_graph_rbac (0.17.1)
ms_rest_azure (~> 0.11.0)
@@ -161,23 +161,25 @@
ms_rest_azure (~> 0.11.1)
azure_mgmt_security (0.18.0)
ms_rest_azure (~> 0.11.1)
+ azure_mgmt_storage (0.19.3)
+ ms_rest_azure (~> 0.11.1)
bcrypt_pbkdf (1.0.1)
builder (3.2.4)
- chef-config (15.6.10)
+ chef-config (15.8.23)
addressable
- chef-utils (= 15.6.10)
+ chef-utils (= 15.8.23)
fuzzyurl
mixlib-config (>= 2.2.12, < 4.0)
mixlib-shellout (>= 2.0, < 4.0)
tomlrb (~> 1.2)
- chef-telemetry (1.0.2)
+ chef-telemetry (1.0.3)
chef-config
concurrent-ruby (~> 1.0)
ffi-yajl (~> 2.2)
http (~> 2.2)
- chef-utils (15.6.10)
+ chef-utils (15.8.23)
coderay (1.1.2)
- concurrent-ruby (1.1.5)
+ concurrent-ruby (1.1.6)
declarative (0.0.10)
declarative-option (0.1.0)
diff-lcs (1.3)
@@ -186,19 +188,21 @@
multi_json
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
+ ecma-re-validator (0.2.0)
+ regexp_parser (~> 1.2)
ed25519 (1.2.4)
equatable (0.6.1)
erubi (1.9.0)
- excon (0.71.1)
- faraday (0.17.1)
+ excon (0.72.0)
+ faraday (0.17.3)
multipart-post (>= 1.2, < 3)
faraday-cookie_jar (0.0.6)
faraday (>= 0.7.4)
http-cookie (~> 1.0.0)
- faraday_middleware (0.13.1)
+ faraday_middleware (0.12.2)
faraday (>= 0.7.4, < 1.0)
- ffi (1.11.3)
- ffi-yajl (2.3.1)
+ ffi (1.12.2)
+ ffi-yajl (2.3.3)
libyajl2 (~> 1.2)
fuzzyurl (0.9.0)
google-api-client (0.34.1)
@@ -220,6 +224,7 @@
ffi (>= 1.0.1)
gyoku (1.3.1)
builder (>= 2.1.2)
+ hana (1.3.5)
hashie (3.6.0)
htmlentities (4.3.4)
http (2.2.2)
@@ -232,42 +237,48 @@
http-form_data (1.0.3)
http_parser.rb (0.6.0)
httpclient (2.8.3)
- i18n (1.7.0)
+ i18n (1.8.2)
concurrent-ruby (~> 1.0)
inifile (3.0.0)
- inspec (4.18.51)
+ inspec (4.18.100)
+ faraday_middleware (~> 0.12.2)
+ inspec-core (= 4.18.100)
+ train (~> 3.0)
+ train-aws (~> 0.1)
+ train-habitat (~> 0.1)
+ train-winrm (~> 0.2)
+ inspec-core (4.18.100)
addressable (~> 2.4)
chef-telemetry (~> 1.0)
faraday (>= 0.9.0)
- faraday_middleware (~> 0.12)
hashie (~> 3.4)
- htmlentities
- json-schema (~> 2.8)
+ htmlentities (~> 4.3)
+ json_schemer (~> 0.2.1)
license-acceptance (>= 0.2.13, < 2.0)
method_source (~> 0.8)
- mixlib-log
- multipart-post
+ mixlib-log (~> 3.0)
+ multipart-post (~> 2.0)
parallel (~> 1.9)
parslet (~> 1.5)
pry (~> 0)
rspec (~> 3.9)
rspec-its (~> 1.2)
rubyzip (~> 1.2, >= 1.2.2)
- semverse
+ semverse (~> 3.0)
sslshake (~> 1.2)
- term-ansicolor
- thor (~> 0.20)
+ term-ansicolor (~> 1.7)
+ thor (>= 0.20, < 2.0)
tomlrb (~> 1.2)
- train (~> 3.0)
- train-aws (~> 0.1)
- train-habitat (~> 0.1)
- train-winrm (~> 0.2)
+ train-core (~> 3.0)
tty-prompt (~> 0.17)
tty-table (~> 0.10)
jmespath (1.4.0)
json (2.3.0)
- json-schema (2.8.1)
- addressable (>= 2.4)
+ json_schemer (0.2.10)
+ ecma-re-validator (~> 0.2)
+ hana (~> 1.3)
+ regexp_parser (~> 1.5)
+ uri_template (~> 0.7)
jwt (2.2.1)
kitchen-docker (2.9.0)
test-kitchen (>= 1.0.0)
@@ -291,25 +302,25 @@
memoist (0.16.2)
method_source (0.9.2)
mini_mime (1.0.2)
- minitest (5.13.0)
- mixlib-config (3.0.5)
+ minitest (5.14.0)
+ mixlib-config (3.0.6)
tomlrb
- mixlib-install (3.11.24)
+ mixlib-install (3.11.28)
mixlib-shellout
mixlib-versioning
thor
- mixlib-log (3.0.1)
- mixlib-shellout (3.0.7)
- mixlib-versioning (1.2.7)
- ms_rest (0.7.5)
+ mixlib-log (3.0.8)
+ mixlib-shellout (3.0.9)
+ mixlib-versioning (1.2.12)
+ ms_rest (0.7.6)
concurrent-ruby (~> 1.0)
- faraday (~> 0.9)
+ faraday (>= 0.9, < 2.0.0)
timeliness (~> 0.3.10)
- ms_rest_azure (0.11.1)
+ ms_rest_azure (0.11.2)
concurrent-ruby (~> 1.0)
- faraday (~> 0.9)
+ faraday (>= 0.9, < 2.0.0)
faraday-cookie_jar (~> 0.0.6)
- ms_rest (~> 0.7.4)
+ ms_rest (~> 0.7.6)
unf_ext (= 0.0.7.2)
multi_json (1.14.1)
multipart-post (2.1.1)
@@ -329,7 +340,8 @@
pry (0.12.2)
coderay (~> 1.1.0)
method_source (~> 0.9.0)
- public_suffix (4.0.1)
+ public_suffix (4.0.3)
+ regexp_parser (1.7.0)
representable (3.0.4)
declarative (< 0.1.0)
declarative-option (< 0.2.0)
@@ -339,24 +351,24 @@
rspec-core (~> 3.9.0)
rspec-expectations (~> 3.9.0)
rspec-mocks (~> 3.9.0)
- rspec-core (3.9.0)
- rspec-support (~> 3.9.0)
+ rspec-core (3.9.1)
+ rspec-support (~> 3.9.1)
rspec-expectations (3.9.0)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.9.0)
rspec-its (1.3.0)
rspec-core (>= 3.0.0)
rspec-expectations (>= 3.0.0)
- rspec-mocks (3.9.0)
+ rspec-mocks (3.9.1)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.9.0)
- rspec-support (3.9.0)
+ rspec-support (3.9.2)
rubyntlm (0.6.2)
rubyzip (1.3.0)
semverse (3.0.0)
- signet (0.12.0)
+ signet (0.13.0)
addressable (~> 2.3)
- faraday (~> 0.9)
+ faraday (>= 0.17.3, < 2.0)
jwt (>= 1.5, < 3.0)
multi_json (~> 1.10)
sslshake (1.3.0)
@@ -365,9 +377,10 @@
unicode-display_width (~> 1.5)
unicode_utils (~> 1.4)
strings-ansi (0.2.0)
+ sync (0.5.0)
term-ansicolor (1.7.1)
tins (~> 1.0)
- test-kitchen (2.3.4)
+ test-kitchen (2.4.0)
bcrypt_pbkdf (~> 1.0)
ed25519 (~> 1.2)
license-acceptance (~> 1.0, >= 1.0.11)
@@ -383,37 +396,36 @@
thor (0.20.3)
thread_safe (0.3.6)
timeliness (0.3.10)
- tins (1.22.2)
+ tins (1.24.1)
+ sync
tomlrb (1.2.9)
- train (3.2.5)
+ train (3.2.23)
activesupport (~> 5.2.3)
azure_graph_rbac (~> 0.16)
azure_mgmt_key_vault (~> 0.17)
azure_mgmt_resources (~> 0.15)
azure_mgmt_security (~> 0.18)
+ azure_mgmt_storage (~> 0.18)
docker-api (~> 1.26)
google-api-client (>= 0.23.9, < 0.35.0)
googleauth (>= 0.6.6, < 0.11.0)
- inifile
- json (>= 1.8, < 3.0)
- mixlib-shellout (>= 2.0, < 4.0)
- net-scp (>= 1.2, < 3.0)
- net-ssh (>= 2.9, < 6.0)
- train-aws (0.1.13)
- aws-sdk-apigateway (~> 1)
- aws-sdk-apigatewayv2 (~> 1)
- aws-sdk-athena (~> 1)
+ train-core (= 3.2.23)
+ train-winrm (~> 0.2)
+ train-aws (0.1.15)
+ aws-sdk-apigateway (~> 1.0)
+ aws-sdk-apigatewayv2 (~> 1.0)
+ aws-sdk-athena (~> 1.0)
aws-sdk-autoscaling (~> 1.22.0)
- aws-sdk-budgets (~> 1)
- aws-sdk-cloudformation (~> 1)
- aws-sdk-cloudhsm (~> 1)
- aws-sdk-cloudhsmv2 (~> 1)
+ aws-sdk-budgets (~> 1.0)
+ aws-sdk-cloudformation (~> 1.0)
+ aws-sdk-cloudhsm (~> 1.0)
+ aws-sdk-cloudhsmv2 (~> 1.0)
aws-sdk-cloudtrail (~> 1.8)
aws-sdk-cloudwatch (~> 1.13)
aws-sdk-cloudwatchlogs (~> 1.13)
- aws-sdk-codecommit (~> 1)
- aws-sdk-codedeploy (~> 1)
- aws-sdk-codepipeline (~> 1)
+ aws-sdk-codecommit (~> 1.0)
+ aws-sdk-codedeploy (~> 1.0)
+ aws-sdk-codepipeline (~> 1.0)
aws-sdk-configservice (~> 1.21)
aws-sdk-core (~> 3.0)
aws-sdk-costandusagereportservice (~> 1.6)
@@ -422,40 +434,47 @@
aws-sdk-ecr (~> 1.18)
aws-sdk-ecs (~> 1.30)
aws-sdk-eks (~> 1.9)
- aws-sdk-elasticache (~> 1)
- aws-sdk-elasticbeanstalk (~> 1)
+ aws-sdk-elasticache (~> 1.0)
+ aws-sdk-elasticbeanstalk (~> 1.0)
aws-sdk-elasticloadbalancing (~> 1.8)
- aws-sdk-elasticloadbalancingv2 (~> 1)
- aws-sdk-elasticsearchservice (~> 1)
- aws-sdk-firehose (~> 1)
+ aws-sdk-elasticloadbalancingv2 (~> 1.0)
+ aws-sdk-elasticsearchservice (~> 1.0)
+ aws-sdk-firehose (~> 1.0)
aws-sdk-iam (~> 1.13)
- aws-sdk-kafka (~> 1)
- aws-sdk-kinesis (~> 1)
+ aws-sdk-kafka (~> 1.0)
+ aws-sdk-kinesis (~> 1.0)
aws-sdk-kms (~> 1.13)
- aws-sdk-lambda (~> 1)
+ aws-sdk-lambda (~> 1.0)
aws-sdk-organizations (~> 1.17.0)
aws-sdk-rds (~> 1.43)
- aws-sdk-redshift (~> 1)
- aws-sdk-route53 (~> 1)
- aws-sdk-route53domains (~> 1)
- aws-sdk-route53resolver (~> 1)
+ aws-sdk-redshift (~> 1.0)
+ aws-sdk-route53 (~> 1.0)
+ aws-sdk-route53domains (~> 1.0)
+ aws-sdk-route53resolver (~> 1.0)
aws-sdk-s3 (~> 1.30)
- aws-sdk-securityhub (~> 1)
- aws-sdk-ses (~> 1)
- aws-sdk-sms (~> 1)
+ aws-sdk-securityhub (~> 1.0)
+ aws-sdk-ses (~> 1.0)
+ aws-sdk-sms (~> 1.0)
aws-sdk-sns (~> 1.9)
aws-sdk-sqs (~> 1.10)
- aws-sdk-ssm (~> 1)
+ aws-sdk-ssm (~> 1.0)
+ train-core (3.2.23)
+ addressable (~> 2.5)
+ inifile (~> 3.0)
+ json (>= 1.8, < 3.0)
+ mixlib-shellout (>= 2.0, < 4.0)
+ net-scp (>= 1.2, < 3.0)
+ net-ssh (>= 2.9, < 6.0)
train-habitat (0.2.13)
- train-winrm (0.2.5)
+ train-winrm (0.2.6)
winrm (~> 2.0)
winrm-fs (~> 1.0)
tty-box (0.5.0)
pastel (~> 0.7.2)
strings (~> 0.1.6)
tty-cursor (~> 0.7)
- tty-color (0.5.0)
- tty-cursor (0.7.0)
+ tty-color (0.5.1)
+ tty-cursor (0.7.1)
tty-prompt (0.20.0)
necromancer (~> 0.5.0)
pastel (~> 0.7.0)
@@ -464,22 +483,23 @@
tty-cursor (~> 0.7)
tty-screen (~> 0.7)
wisper (~> 2.0.0)
- tty-screen (0.7.0)
+ tty-screen (0.7.1)
tty-table (0.11.0)
equatable (~> 0.6)
necromancer (~> 0.5)
pastel (~> 0.7.2)
strings (~> 0.1.5)
tty-screen (~> 0.7)
- tzinfo (1.2.5)
+ tzinfo (1.2.6)
thread_safe (~> 0.1)
uber (0.1.0)
unf (0.1.4)
unf_ext
unf_ext (0.0.7.2)
- unicode-display_width (1.6.0)
+ unicode-display_width (1.6.1)
unicode_utils (1.4.0)
- winrm (2.3.3)
+ uri_template (0.7.0)
+ winrm (2.3.4)
builder (>= 2.1.2)
erubi (~> 1.8)
gssapi (~> 1.2)
@@ -488,7 +508,7 @@
logging (>= 1.6.1, < 3.0)
nori (~> 2.0)
rubyntlm (~> 0.6.0, >= 0.6.1)
- winrm-elevated (1.1.2)
+ winrm-elevated (1.2.1)
erubi (~> 1.8)
winrm (~> 2.0)
winrm-fs (~> 1.0)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/habootstrap-formula-0.2.10/README.md
new/habootstrap-formula-0.3.0/README.md
--- old/habootstrap-formula-0.2.10/README.md 2019-12-19 13:11:02.245712922
+0100
+++ new/habootstrap-formula-0.3.0/README.md 2020-03-06 15:01:35.947485011
+0100
@@ -19,6 +19,21 @@
name. To see an example of how this is configured, see
`test/salt/common/hosts.sls` in this repository.
+## Salt pillar encryption
+
+Pillars are expected to contain private data such as user passwords required
for the automated installation or other operations. Therefore, such pillar data
need to be stored in an encrypted state, which can be decrypted during pillar
compilation.
+
+SaltStack GPG renderer provides a secure encryption/decryption of pillar data.
The configuration of GPG keys and procedure for pillar encryption are desribed
in the Saltstack documentation guide:
+
+- [SaltStack pillar
encryption](https://docs.saltstack.com/en/latest/topics/pillar/#pillar-encryption)
+
+- [SALT GPG
RENDERERS](https://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.gpg.html)
+
+**Note:**
+- Only passwordless gpg keys are supported, and the already existing keys
cannot be used.
+
+- If a masterless approach is used (as in the current automated deployment)
the gpg private key must be imported in all the nodes. This might require the
copy/paste of the keys.
+
## Integration with other formulas
The following formula pillars support HA cluster bootstrap-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/habootstrap-formula-0.2.10/cluster/create.sls
new/habootstrap-formula-0.3.0/cluster/create.sls
--- old/habootstrap-formula-0.2.10/cluster/create.sls 2019-12-19
13:11:02.245712922 +0100
+++ new/habootstrap-formula-0.3.0/cluster/create.sls 2020-03-06
15:01:35.947485011 +0100
@@ -23,6 +23,7 @@
- sbd_dev: {{ cluster.sbd.device|json }}
{% endif %}
{% endif %}
+ - no_overwrite_sshkey: {{ not cluster.sshkeys.overwrite }}
hawk:
service.running:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/habootstrap-formula-0.2.10/cluster/defaults.yaml
new/habootstrap-formula-0.3.0/cluster/defaults.yaml
--- old/habootstrap-formula-0.2.10/cluster/defaults.yaml 2019-12-19
13:11:02.245712922 +0100
+++ new/habootstrap-formula-0.3.0/cluster/defaults.yaml 2020-03-06
15:01:35.947485011 +0100
@@ -3,4 +3,6 @@
install_packages: true
join_timeout: 60
wait_for_initialization: 20
- remove: []
+ sshkeys:
+ overwrite: false
+ remove: []
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/habootstrap-formula-0.2.10/cluster/init.sls
new/habootstrap-formula-0.3.0/cluster/init.sls
--- old/habootstrap-formula-0.2.10/cluster/init.sls 2019-12-19
13:11:02.245712922 +0100
+++ new/habootstrap-formula-0.3.0/cluster/init.sls 2020-03-06
15:01:35.947485011 +0100
@@ -11,11 +11,7 @@
{% if cluster.ntp is defined %}
- .ntp
{% endif %}
-{% if cluster.sshkeys is defined %}
-{% if cluster.sshkeys.password is defined %}
- .sshkeys
-{% endif %}
-{% endif %}
{% if cluster.watchdog is defined %}
{% if cluster.watchdog.module is defined %}
- .watchdog
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/habootstrap-formula-0.2.10/cluster/sshkeys.sls
new/habootstrap-formula-0.3.0/cluster/sshkeys.sls
--- old/habootstrap-formula-0.2.10/cluster/sshkeys.sls 2019-12-19
13:11:02.245712922 +0100
+++ new/habootstrap-formula-0.3.0/cluster/sshkeys.sls 2020-03-06
15:01:35.951485011 +0100
@@ -1,6 +1,5 @@
{% from "cluster/map.jinja" import cluster with context %}
{% set host = grains['host'] %}
-{% set password = cluster.sshkeys.password %}
create_ssh_directory:
file.directory:
@@ -11,10 +10,14 @@
{% if cluster.init != host %}
-{% if cluster.sshkeys.overwrite is defined and cluster.sshkeys.overwrite is
sameas true %}
+{% if cluster.sshkeys.get('password', False) %}
+{% set password = cluster.sshkeys.get('password') %}
+
+# Create a temporary key to provide access for the joining node to the 1st node
+{% if cluster.sshkeys.overwrite is sameas true %}
create_key:
cmd.run:
- - name: yes y | sudo ssh-keygen -f /root/.ssh/id_rsa -C 'Initial key' -N ''
+ - name: yes y | sudo ssh-keygen -f /root/.ssh/id_rsa -C 'Cluster key' -N ''
{% endif %}
copy_ask_pass:
@@ -61,3 +64,15 @@
- copy_ssh_pub
{% endif %}
+{% endif %}
+
+# ssh keys must always exist if overwrite is false or if the node is joining
+{% if cluster.sshkeys.overwrite is sameas false or cluster.init != host %}
+check_sshkey_exists:
+ file.exists:
+ - name: /root/.ssh/id_rsa
+
+check_sshkey_pub_exists:
+ file.exists:
+ - name: /root/.ssh/id_rsa.pub
+{% endif %}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/habootstrap-formula-0.2.10/habootstrap-formula.changes
new/habootstrap-formula-0.3.0/habootstrap-formula.changes
--- old/habootstrap-formula-0.2.10/habootstrap-formula.changes 2019-12-19
13:11:02.245712922 +0100
+++ new/habootstrap-formula-0.3.0/habootstrap-formula.changes 2020-03-06
15:01:35.951485011 +0100
@@ -1,30 +1,21 @@
-------------------------------------------------------------------
-Mon Dec 16 09:33:20 UTC 2019 - Xabier Arbulu <[email protected]>
+Mon Feb 3 08:58:55 UTC 2020 - Xabier Arbulu <[email protected]>
-- Add automatic cloud detection
-
--------------------------------------------------------------------
-Wed Dec 11 15:55:33 UTC 2019 - Xabier Arbulu <[email protected]>
-
-- Add option to set multiple sbd disks to the cluster
-
--------------------------------------------------------------------
-Wed Dec 11 12:13:43 UTC 2019 - Xabier Arbulu <[email protected]>
-
-- Move the cluster configure part to a new state to be executed
- even when joining executions.
-
--------------------------------------------------------------------
-Wed Dec 11 09:46:41 UTC 2019 - Xabier Arbulu <[email protected]>
-
-- Add option to update hacluster user password
+- Version bump 0.3.0
+ * Add --no-overwrite-sshkey option to the formula
+ * Add automatic cloud detection
+ * Add option to set multiple sbd disks to the cluster
+ * Move the cluster configure part to a new state to be executed
+ even when joining executions
+ * Add option to update hacluster user password
+ (bsc#1165156, jsc#SLE-4031, boo#1137989)
-------------------------------------------------------------------
Thu Nov 28 19:17:37 UTC 2019 - Simranpal Singh <[email protected]>
- Version bump 0.2.10
* Install 'socat' package on the Azure platform
-
+
-------------------------------------------------------------------
Wed Oct 30 16:14:32 UTC 2019 - Xabier Arbulu <[email protected]>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/habootstrap-formula-0.2.10/habootstrap-formula.spec
new/habootstrap-formula-0.3.0/habootstrap-formula.spec
--- old/habootstrap-formula-0.2.10/habootstrap-formula.spec 2019-12-19
13:11:02.245712922 +0100
+++ new/habootstrap-formula-0.3.0/habootstrap-formula.spec 2020-03-06
15:01:35.951485011 +0100
@@ -21,7 +21,7 @@
%define fdir %{_datadir}/salt-formulas
Name: habootstrap-formula
-Version: 0.2.10
+Version: 0.3.0
Group: System/Packages
Release: 0
Summary: HA cluster (crmsh) deployment salt formula
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/habootstrap-formula-0.2.10/pillar.example
new/habootstrap-formula-0.3.0/pillar.example
--- old/habootstrap-formula-0.2.10/pillar.example 2019-12-19
13:11:02.245712922 +0100
+++ new/habootstrap-formula-0.3.0/pillar.example 2020-03-06
15:01:35.951485011 +0100
@@ -51,17 +51,23 @@
# ntp: pool.ntp.org
# optional: enable ha_exporter by default disabled
- ha_exporter: true
-
+ # ha_exporter: true
+
# optional: update hacluster password
- hacluster_password: mypassword
+ # hacluster_password: mypassword
- # optional: Authorize ssh connection from nodes to willing to join
+ # optional: Manage ssh keys usage
+ # If this entry is not set, the formula expects that the sshkeys exist and
are authorized among the nodes
+ # Use cases:
+ # 1. ssh keys already exist and nodes are authorized to ssh each other.
Don't set this entry
+ # 2. ssh keys already exist but you want to overwrite them with random new
keys, set overwrite to true
+ # 3. ssh keys don't exist and you have the 1st node password. Use this
example
+ # 4. If ssh keys don't exist and you don't want to set the password here,
the cluster cannot be created!
# ssheys:
- # # Overwrite current keys
- # overwrite: true
- # # First node root password
- # password: admin
+ # # Overwrite current keys (new keys are created if no keys are found)
+ # overwrite: true # false by default
+ # # First node root password. This entry is used to configure the
authorized_keys file from the joining nodes
+ # password: admin # not set by default
# optional: Resource agents packages to install
# resource_agents:
