qa/rgw: allow 'ceph' user to read vault token

author Casey Bodley <cbodley@redhat.com>

Mon, 20 Apr 2020 14:50:00 +0000 (10:50 -0400)

committer Nathan Cutler <ncutler@suse.com>

Fri, 24 Apr 2020 10:59:43 +0000 (12:59 +0200)
author Casey Bodley <cbodley@redhat.com>
Mon, 20 Apr 2020 14:50:00 +0000 (10:50 -0400)
committer Nathan Cutler <ncutler@suse.com>
Fri, 24 Apr 2020 10:59:43 +0000 (12:59 +0200)
diff --git a/qa/tasks/rgw.py b/qa/tasks/rgw.py

index df900d2c4505b4cedde25bc115130dfad5dd0aaf..2d99d9962f1cf5dcc6b11a7715c06fdef9987137 100644 (file)
--- a/qa/tasks/rgw.py
+++ b/qa/tasks/rgw.py
@@ -132,10 +132,11 @@ def start_rgw(ctx, config, clients):
                  raise ConfigError('vault: no "root_token" specified')
              # create token on file
              ctx.cluster.only(client).run(args=['echo', '-n', ctx.vault.root_token, run.Raw('>'), token_path])
-            log.info("Restrict access to token file")
-            ctx.cluster.only(client).run(args=['chmod', '600', token_path])
              log.info("Token file content")
              ctx.cluster.only(client).run(args=['cat', token_path])
+            log.info("Restrict access to token file")
+            ctx.cluster.only(client).run(args=['chmod', '600', token_path])
+            ctx.cluster.only(client).run(args=['sudo', 'chown', 'ceph', token_path])
  
              rgw_cmd.extend([
                  '--rgw_crypt_vault_addr', "{}:{}".format(*ctx.vault.endpoints[vault_role]),
author	Casey Bodley <cbodley@redhat.com>
	Mon, 20 Apr 2020 14:50:00 +0000 (10:50 -0400)
committer	Nathan Cutler <ncutler@suse.com>
	Fri, 24 Apr 2020 10:59:43 +0000 (12:59 +0200)