qa/tasks/openssl_keys.py: sort cert configs before creating certs

we cannot rely on the order in which items are arranged in a dict, the
order varies from version to another. in Python2, it happens to work,
and we can always have the self-signed cert added first. but in Python3,
it does not. and an exception is thrown
```
teuthology.exceptions.ConfigError: ssl: ca root not found for
certificate rgw.client.0
```

in this change, before creating certs, the settings are reordered so
that the self-signed ones are created first.

Signed-off-by: Kefu Chai <kchai@redhat.com>
(cherry picked from commit f28a5fef3b8ddb97962f91cc78174fd6e1431fed)

diff --git a/qa/tasks/openssl_keys.py b/qa/tasks/openssl_keys.py
index 657aa7d55782507e45817a5addd5d9f080274641..3cc4ed8a5ec6fa6a711092dfa0709d6624a713da 100644 (file)
--- a/qa/tasks/openssl_keys.py
+++ b/qa/tasks/openssl_keys.py
@@ -64,8 +64,9 @@ class OpenSSLKeys(Task):
 
         # use testdir/ca as a working directory
         self.cadir = '/'.join((misc.get_testdir(self.ctx), 'ca'))
-
-        for name, config in self.config.items():
+        # make sure self-signed certs get added first, they don't have 'ca' field
+        configs = sorted(self.config.items(), key=lambda x: 'ca' in x[1])
+        for name, config in configs:
             # names must be unique to avoid clobbering each others files
             if name in self.ctx.ssl_certificates:
                 raise ConfigError('ssl: duplicate certificate name {}'.format(name))