From 83fc763c3f57bdae7891c1683541b80e645b88e7 Mon Sep 17 00:00:00 2001
From: Kirill Bespalov <kbespalov@mirantis.com>
Date: Tue, 14 Nov 2017 16:42:54 +0300
Subject: [PATCH] [tls] Make a cert SLS IDs globally unique

At the moment most of openstack formulas have
the same ids of certs at state files, e.g.:

 nova/server.sls   - rabbitmq_ca : file_managed
 glance/server.sls - rabbitmq_ca : file_managed

So, any attempt to use the:

   salt-call state.apply

fails with:

  Detected conflicting IDs, SLS IDs need to be
  globally unique.

Change-Id: I5d1da7bc0e06359db9cbb186f42fa2dee3deb20a
---
 glance/server.sls | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/glance/server.sls b/glance/server.sls
index a8de0e1..e7a6f1a 100644
--- a/glance/server.sls
+++ b/glance/server.sls
@@ -98,10 +98,10 @@ glance_glare_service:
   - watch:
     - file: /etc/glance/glance-glare.conf
     {%- if server.message_queue.get('ssl',{}).get('enabled',False) %}
-    - file: rabbitmq_ca
+    - file: rabbitmq_ca_glance_server
     {% endif %}
     {%- if server.database.get('ssl',{}).get('enabled',False)  %}
-    - file: mysql_ca
+    - file: mysql_ca_glance_server
     {% endif %}
 
 {%- endif %}
@@ -129,10 +129,10 @@ glance_services:
     - file: /etc/glance/glance-registry.conf
     - file: /etc/glance/glance-api-paste.ini
     {%- if server.message_queue.get('ssl',{}).get('enabled',False) %}
-    - file: rabbitmq_ca
+    - file: rabbitmq_ca_glance_server
     {% endif %}
     {%- if server.database.get('ssl',{}).get('enabled',False)  %}
-    - file: mysql_ca
+    - file: mysql_ca_glance_server
     {% endif %}
 
 glance_install_database:
@@ -271,7 +271,7 @@ rule_{{ name }}_absent:
 {%- endfor %}
 
 {%- if server.message_queue.get('ssl',{}).get('enabled', False) %}
-rabbitmq_ca:
+rabbitmq_ca_glance_server:
 {%- if server.message_queue.ssl.cacert is defined %}
   file.managed:
     - name: {{ server.message_queue.ssl.cacert_file }}
@@ -285,7 +285,7 @@ rabbitmq_ca:
 {% endif %}
 
 {%- if server.database.get('ssl',{}).get('enabled',False)  %}
-mysql_ca:
+mysql_ca_glance_server:
 {%- if server.database.ssl.cacert is defined %}
   file.managed:
     - name: {{ server.database.ssl.cacert_file }}