X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fauditd.yaml;h=3a676ddffa4938aed01542195d7da4f12d5ca261;hb=52205fd2ee5b35eecf9644b3c511b0990c283372;hp=639631e180e4ad4d6998bb3ffb3d53f90b785286;hpb=b2f43c03d32d291f67a939de70f81ccf30e549ec;p=apex-tripleo-heat-templates.git

diff --git a/puppet/services/auditd.yaml b/puppet/services/auditd.yaml
index 639631e1..3a676ddf 100644
--- a/puppet/services/auditd.yaml
+++ b/puppet/services/auditd.yaml
@@ -1,9 +1,13 @@
-heat_template_version: ocata
+heat_template_version: pike
 
 description: >
   AuditD configured with Puppet
 
 parameters:
+  ServiceData:
+    default: {}
+    description: Dictionary packing service data
+    type: json
   ServiceNetMap:
     default: {}
     description: Mapping of service_name -> network name. Typically set
@@ -13,6 +17,14 @@ parameters:
   DefaultPasswords:
     default: {}
     type: json
+  RoleName:
+    default: ''
+    description: Role name on which the service is applied
+    type: string
+  RoleParameters:
+    default: {}
+    description: Parameters specific to the role
+    type: json
   EndpointMap:
     default: {}
     description: Mapping of service endpoint -> protocol. Typically set
@@ -32,3 +44,19 @@ outputs:
         auditd::rules: {get_param: AuditdRules}
       step_config: |
         include ::tripleo::profile::base::auditd
+      upgrade_tasks:
+        - name: Check if auditd is deployed
+          command: systemctl is-enabled auditd
+          tags: common
+          ignore_errors: True
+          register: auditd_enabled
+        - name: "PreUpgrade step0,validation: Check if auditd is running"
+          shell: >
+            /usr/bin/systemctl show 'auditd' --property ActiveState |
+            grep '\bactive\b'
+          when: auditd_enabled.rc == 0
+          tags: step0,validation
+        - name: Stop auditd service
+          tags: step2
+          when: auditd_enabled.rc == 0
+          service: name=auditd state=stopped