From d09ee49afc19ad5e752755e14ac46b9af1524bdf Mon Sep 17 00:00:00 2001
From: Mark Goddard <mark@stackhpc.com>
Date: Tue, 5 Nov 2019 12:06:26 +0000
Subject: [PATCH] Fix keystone fernet rotation for source images

In source images, keystone-manage is installed to a virtualenv in
/var/lib/kolla/venv. This is not in the PATH for cron jobs, which always
use PATH=/usr/bin:/bin. This results in the following error:

/usr/bin/fernet-rotate.sh: line 3: keystone-manage: command not found

However this error is not typically visible, since cron logs to syslog
and we do not configure fluentd to collect these logs.

This change configures the PATH in the fernet-rotate.sh script for
source images.

Change-Id: Ib49ea586d36ae32d01b9610a48b13798db4a4cd5
Closes-Bug: #1850711
---
 ansible/roles/keystone/templates/crontab.j2 | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ansible/roles/keystone/templates/crontab.j2 b/ansible/roles/keystone/templates/crontab.j2
index af16e114fd..a2d2837432 100644
--- a/ansible/roles/keystone/templates/crontab.j2
+++ b/ansible/roles/keystone/templates/crontab.j2
@@ -1,3 +1,9 @@
+{# Cron uses a PATH of /usr/bin:/bin by default, which does not include the #}
+{# virtualenv in source images. #}
+{% if keystone_install_type == 'source' %}
+PATH=/var/lib/kolla/venv/bin:/usr/bin:/bin
+{% endif %}
+
 {% for cron_job in cron_jobs %}
 {{ cron_job['min'] }} {{ cron_job['hour'] }} * * {{ cron_job['day'] }} /usr/bin/fernet-rotate.sh
 {% endfor %}