mgr/cephadm: reconfig rgw daemon when certificate changes

Now updating the rgw_frontend_ssl_cert will cause us
to reocnfigure rgw daemons that are part of the service.
This will additionally cause us to redo the service level
config operations which for rgw includes storing the cert
in the config-key store where rgw will look for it

Signed-off-by: Adam King <adking@redhat.com>
(cherry picked from commit 74ca2e71888f9b49d803a2ee0e1658b5e9acf30a)

diff --git a/src/pybind/mgr/cephadm/services/cephadmservice.py b/src/pybind/mgr/cephadm/services/cephadmservice.py
index 765e7eb5b9453607e29a9e2013727b93e132945e..301b7ca2f414913a0c857e5828337c60075f5892 100644 (file)
--- a/src/pybind/mgr/cephadm/services/cephadmservice.py
+++ b/src/pybind/mgr/cephadm/services/cephadmservice.py
@@ -1267,6 +1267,16 @@ class RgwService(CephService):
     def config_dashboard(self, daemon_descrs: List[DaemonDescription]) -> None:
         self.mgr.trigger_connect_dashboard_rgw()
 
+    def generate_config(self, daemon_spec: CephadmDaemonDeploySpec) -> Tuple[Dict[str, Any], List[str]]:
+        config, deps = super().generate_config(daemon_spec)
+        rgw_spec = cast(RGWSpec, self.mgr.spec_store[daemon_spec.service_name].spec)
+        ssl_cert = getattr(rgw_spec, 'rgw_frontend_ssl_certificate', None)
+        if isinstance(ssl_cert, list):
+            ssl_cert = '\n'.join(ssl_cert)
+        if ssl_cert:
+            deps.append(str(utils.md5_hash(ssl_cert)))
+        return config, deps
+
 
 @register_cephadm_service
 class RbdMirrorService(CephService):