Change flat network name for nosdn fdio scenario

[apex-tripleo-heat-templates.git] / puppet / services / auditd.yaml

heat_template_version: pike

description: >
  AuditD configured with Puppet

parameters:
  ServiceData:
    default: {}
    description: Dictionary packing service data
    type: json
  ServiceNetMap:
    default: {}
    description: Mapping of service_name -> network name. Typically set
                 via parameter_defaults in the resource registry.  This
                 mapping overrides those in ServiceNetMapDefaults.
    type: json
  DefaultPasswords:
    default: {}
    type: json
  RoleName:
    default: ''
    description: Role name on which the service is applied
    type: string
  RoleParameters:
    default: {}
    description: Parameters specific to the role
    type: json
  EndpointMap:
    default: {}
    description: Mapping of service endpoint -> protocol. Typically set
                 via parameter_defaults in the resource registry.
    type: json
  AuditdRules:
    description: Mapping of auditd rules
    type: json
    default: {}

outputs:
  role_data:
    description: Role data for the auditd service
    value:
      service_name: auditd
      config_settings:
        auditd::rules: {get_param: AuditdRules}
      step_config: |
        include ::tripleo::profile::base::auditd
      upgrade_tasks:
        - name: Check if auditd is deployed
          command: systemctl is-enabled auditd
          tags: common
          ignore_errors: True
          register: auditd_enabled
        - name: "PreUpgrade step0,validation: Check if auditd is running"
          shell: >
            /usr/bin/systemctl show 'auditd' --property ActiveState |
            grep '\bactive\b'
          when: auditd_enabled.rc == 0
          tags: step0,validation
        - name: Stop auditd service
          tags: step2
          when: auditd_enabled.rc == 0
          service: name=auditd state=stopped