Merge pull request #38 from carbonin/always_configure_db_yml_and_key

Always configure database.yml and encryption key
ManageIQ · May 2, 2018 · 6bfb3f6 · 6bfb3f6
2 parents ebac201 + fdde0fe
commit 6bfb3f6
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 16 deletions.
diff --git a/bin/appliance_console b/bin/appliance_console
@@ -73,6 +73,24 @@ CLOUD_INIT_DISABLE_NETWORK_CONFIG = "network: {config: disabled}\n".freeze
 
 module ManageIQ
 module ApplianceConsole
+  def ensure_key_configured
+    key_config = ManageIQ::ApplianceConsole::KeyConfiguration.new
+    unless key_config.key_exist?
+      say "No encryption key found.\n"
+      say "For migrations, copy encryption key from a hardened appliance."
+      say "For worker and multi-region setups, copy key from another appliance.\n"
+      say "If this is your first appliance, just generate one now.\n\n"
+
+      if key_config.ask_question_loop
+        say("\nEncryption key now configured.\n\n")
+      else
+        say("\nEncryption key not configured.")
+        press_any_key
+        raise MiqSignalError
+      end
+    end
+  end
+
   eth0 = LinuxAdmin::NetworkInterface.new(NETWORK_INTERFACE)
   # Because it takes a few seconds, get the region once in the outside loop
   region = ManageIQ::ApplianceConsole::DatabaseConfiguration.region
@@ -457,21 +475,7 @@ Static Network Configuration
       when I18n.t("advanced_settings.db_config")
         say("#{selection}\n\n")
 
-        key_config = ManageIQ::ApplianceConsole::KeyConfiguration.new
-        unless key_config.key_exist?
-          say "No encryption key found.\n"
-          say "For migrations, copy encryption key from a hardened appliance."
-          say "For worker and multi-region setups, copy key from another appliance.\n"
-          say "If this is your first appliance, just generate one now.\n\n"
-
-          if key_config.ask_question_loop
-            say("\nEncryption key now configured.\n\n")
-          else
-            say("\nEncryption key not configured.")
-            press_any_key
-            raise MiqSignalError
-          end
-        end
+        ensure_key_configured
 
         options = {
           "Create Internal Database"           => "create_internal",
@@ -524,6 +528,7 @@ Static Network Configuration
         when "standby"
           db_replication = ManageIQ::ApplianceConsole::DatabaseReplicationStandby.new
           logger.info("Configuring Server as Standby")
+          ensure_key_configured
         end
 
         if db_replication.ask_questions && db_replication.activate

diff --git a/lib/manageiq/appliance_console/database_replication_standby.rb b/lib/manageiq/appliance_console/database_replication_standby.rb
@@ -63,6 +63,7 @@ def activate
       stop_repmgrd
       initialize_postgresql_disk if disk
       PostgresAdmin.prep_data_directory if disk || resync_data
+      save_database_yml
       generate_cluster_name &&
         create_config_file(standby_host) &&
         clone_standby_server &&
@@ -143,6 +144,10 @@ def node_number_valid?
 
     private
 
+    def save_database_yml
+      InternalDatabaseConfiguration.new(:password => database_password).save
+    end
+
     def record_for_node_number
       c = PG::Connection.new(primary_connection_hash)
       c.exec_params(<<-SQL, [node_number]).map_types!(PG::BasicTypeMapForResults.new(c)).first

diff --git a/lib/manageiq/appliance_console/internal_database_configuration.rb b/lib/manageiq/appliance_console/internal_database_configuration.rb
@@ -41,7 +41,7 @@ def activate
       end
       initialize_postgresql_disk if disk
       initialize_postgresql
-      return super if run_as_evm_server
+      run_as_evm_server ? (return super) : save
       true
     end
 

diff --git a/spec/database_replication_standby_spec.rb b/spec/database_replication_standby_spec.rb
@@ -111,6 +111,7 @@
     before do
       expect(subject).to receive(:stop_postgres)
       expect(subject).to receive(:stop_repmgrd)
+      expect(subject).to receive(:save_database_yml)
       expect(subject).to receive(:generate_cluster_name).and_return(true)
       expect(subject).to receive(:create_config_file).and_return(true)
       expect(subject).to receive(:clone_standby_server).and_return(true)
@@ -335,6 +336,16 @@
         expect(subject.node_number_valid?).to be_falsey
       end
     end
+
+    context "#save_database_yml (private)" do
+      it "passes the configured password" do
+        subject.database_password = "supersecret"
+        conf = double("InternalDatabaseConfiguration")
+        expect(ManageIQ::ApplianceConsole::InternalDatabaseConfiguration).to receive(:new).with(:password => "supersecret").and_return(conf)
+        expect(conf).to receive(:save)
+        subject.send(:save_database_yml)
+      end
+    end
   end
 
   def with_empty_data_directory