aboutsummaryrefslogtreecommitdiffstats
path: root/docker/services/keystone.yaml
diff options
context:
space:
mode:
authorMartin André <m.andre@redhat.com>2017-06-28 17:10:27 +0200
committerMartin André <m.andre@redhat.com>2017-06-30 08:34:42 +0200
commit425c9d4e47898221832f01287ad165833ceab3cd (patch)
tree8a46ff5c30225176afffead7075e3b07dea482d0 /docker/services/keystone.yaml
parenta396ac325af8950acb18227f1a6a487159776020 (diff)
Ensure boostrap_host_exec runs as root
This is necessary for accessing the bind mounted hieradata in the container in order to determine if the node is the primary node. With the new validation added to yaml-validate.py, we could spot potential issues in sahara-api and keystone bootstrap tasks. The keystone one is a false positive, as the image defaults to the root user in order to be able to run apache. Still, it is better to be consistent here and specify the root user nonetheless. Change-Id: Ib0ff9748d5406f507261e506c19b96750b10e846 Closes-Bug: #1697917
Diffstat (limited to 'docker/services/keystone.yaml')
-rw-r--r--docker/services/keystone.yaml2
1 files changed, 2 insertions, 0 deletions
diff --git a/docker/services/keystone.yaml b/docker/services/keystone.yaml
index 011ffaa..b6cfa21 100644
--- a/docker/services/keystone.yaml
+++ b/docker/services/keystone.yaml
@@ -113,6 +113,7 @@ outputs:
keystone_db_sync:
image: *keystone_image
net: host
+ user: root
privileged: false
detach: false
volumes: &keystone_volumes
@@ -152,6 +153,7 @@ outputs:
keystone_bootstrap:
start_order: 3
action: exec
+ user: root
command:
[ 'keystone', '/usr/bin/bootstrap_host_exec', 'keystone' ,'keystone-manage', 'bootstrap', '--bootstrap-password', {get_param: AdminPassword} ]
docker_puppet_tasks: