From bad366e715b0c4862023b0a4a36f7d31ed139661 Mon Sep 17 00:00:00 2001
From: Pierre Riteau <pierre@stackhpc.com>
Date: Tue, 15 Oct 2024 12:53:05 +0200
Subject: [PATCH] Build Octavia from StackHPC fork

This fixes issues with creation and failover of TLS-terminated Octavia
load balancers following our bump of pyOpenSSL [1] because of the
removal of load_pkcs12 [2].

[1] https://github.com/stackhpc/requirements/pull/20
[2] https://bugs.launchpad.net/octavia/+bug/2042787
---
 etc/kayobe/kolla-image-tags.yml                              | 4 ++--
 etc/kayobe/kolla.yml                                         | 4 ++++
 .../fix-octavia-tls-terminated-pkcs12-4f7e32a6f5ca0143.yaml  | 5 +++++
 3 files changed, 11 insertions(+), 2 deletions(-)
 create mode 100644 releasenotes/notes/fix-octavia-tls-terminated-pkcs12-4f7e32a6f5ca0143.yaml

diff --git a/etc/kayobe/kolla-image-tags.yml b/etc/kayobe/kolla-image-tags.yml
index 2d7a5bd65..017319e3d 100644
--- a/etc/kayobe/kolla-image-tags.yml
+++ b/etc/kayobe/kolla-image-tags.yml
@@ -39,8 +39,8 @@ kolla_image_tags:
     rocky-9: 2023.1-rocky-9-20240926T151818
     ubuntu-jammy: 2023.1-ubuntu-jammy-20240926T151818
   octavia:
-    rocky-9: 2023.1-rocky-9-20240730T090421
-    ubuntu-jammy: 2023.1-ubuntu-jammy-20240730T090421
+    rocky-9: 2023.1-rocky-9-20241015T100903
+    ubuntu-jammy: 2023.1-ubuntu-jammy-20241015T100903
   opensearch:
     ubuntu-jammy: 2023.1-ubuntu-jammy-20240509T094444
   openvswitch:
diff --git a/etc/kayobe/kolla.yml b/etc/kayobe/kolla.yml
index b6cc34475..c7fcc0675 100644
--- a/etc/kayobe/kolla.yml
+++ b/etc/kayobe/kolla.yml
@@ -155,6 +155,10 @@ kolla_sources:
     type: git
     location: https://github.com/stackhpc/networking-mlnx
     reference: stackhpc/{{ openstack_release }}
+  octavia-base:
+    type: git
+    location: https://github.com/stackhpc/octavia.git
+    reference: stackhpc/{{ openstack_release }}
 
 ###############################################################################
 # Kolla image build configuration.
diff --git a/releasenotes/notes/fix-octavia-tls-terminated-pkcs12-4f7e32a6f5ca0143.yaml b/releasenotes/notes/fix-octavia-tls-terminated-pkcs12-4f7e32a6f5ca0143.yaml
new file mode 100644
index 000000000..ee5167ce9
--- /dev/null
+++ b/releasenotes/notes/fix-octavia-tls-terminated-pkcs12-4f7e32a6f5ca0143.yaml
@@ -0,0 +1,5 @@
+---
+fixes:
+  - |
+    Fixes creation and failover of Octavia TLS-terminated load balancers when
+    storing the certificate and key as a PKCS12 bundle in Barbican.