Update decomissioning script with necessary instruction
This also renames explicitely the script from swh-puppet-master-clean-certificate to swh-puppet-master-decomission.
This uninstalls the old script to install the new one.
Related to T3027
Test Plan
octocatalog-diff pergamon:
diff origin/production/pergamon.softwareheritage.org current/pergamon.softwareheritage.org
*******************************************
File[/etc/bind/keys/local-update] =>
parameters =>
content =>
@@ -2,4 +2,4 @@
key local-update {
algorithm hmac-sha256;
- secret "xxlzXIUXzgSRcMSVhRzQmceMkoi7xUENrAimAcgm8wkxFzgFqSgHs34wCqtvhKn/gymUT4F3CQslmQW2ueZpPw==";
+ secret "3HMpggs9nAa9lTPp7rpGkUG+MpsQ17/PeXmW8E/sK4gaYKJAoPg6H8KIrDTIVBEGd2D4w7nIYRqgmHQBi8JRFQ==";
};
*******************************************
File[/etc/bind/rndc.key] =>
parameters =>
content =>
@@ -2,4 +2,4 @@
key rndc-key {
algorithm hmac-md5;
- secret "YbLxiSqY4n7Z6iYx1EH04nMfmGtONuWa3xnD4lQkuN7df7atwU4xT88q4le3HrgRqYRZDW4w5WKo8BB4xVEFHg==";
+ secret "v9p5NHqDpJSyodHXY6Wn+kn4JKez23DrMPYePk5ZO4M/l55JkGKY2Lkh7xr03QGjRULNZJiQbWKZTusL55YHqA==";
};
*******************************************
File[/usr/local/sbin/swh-puppet-master-clean-certificate] =>
parameters =>
ensure =>
- file
+ absent
*******************************************
+ File[/usr/local/sbin/swh-puppet-master-decomission] =>
parameters =>
"ensure": "file"
"group": "root"
"mode": "0755"
"owner": "root"
"content": >>>
#!/usr/bin/env bash
# Use:
# $0 CERTNAME ...
# Example:
# $0 storage0.internal.staging.swh.network db0.internal.staging.swh.network
set -x
puppet node deactivate $@
puppet node clean $@
puppet cert clean $@
systemctl restart apache2
<<<
*******************************************
*** End octocatalog-diff on pergamon.softwareheritage.orgMigrated from D5007 (view on Phabricator)