commit 032804e5a0ddf89f7726880d1b57dd492d7d5c07
Author: Radosław Piliszek <radoslaw.piliszek@gmail.com>
Date:   Sun Oct 4 11:26:41 2020 +0200

    Be strict about errors in start
    
    Make start.sh run with pipefail and nounset to avoid common errors
    in the start scripts and detect them early.
    
    Httpd code had to be patched to allow it to pass on Debuntu.
    
    Also fix the two missed applications of httpd to make sure all
    its path are covered.
    
    And also fix Horizon's ENABLE_ZAQAR - K-A does not use Zaqar.
    Yet another - Horizon's settings_bundle. :-)
    
    Finally, fix Neutron for Debuntu (KOLLA_LEGACY_IPTABLES).
    
    Change-Id: I39b8d78f6758df1f92b8b0d2c06ea99b038b843b
    Depends-On: https://review.opendev.org/711923

diff --git a/docker/base/httpd_setup.sh b/docker/base/httpd_setup.sh
index edb1d7d..fe62765 100644
--- a/docker/base/httpd_setup.sh
+++ b/docker/base/httpd_setup.sh
@@ -8,6 +8,9 @@ if [[ "$(whoami)" == 'root' ]]; then
     # NOTE(pbourke): httpd will not clean up after itself in some cases which
     # results in the container not being able to restart. (bug #1489676, 1557036)
     if [[ "${KOLLA_BASE_DISTRO}" =~ debian|ubuntu ]]; then
+        # NOTE(yoctozepto): APACHE_CONFDIR has to be set to pass the next step
+        # under the `set -o nounset` regime
+        APACHE_CONFDIR=
         # Loading Apache2 ENV variables
         . /etc/apache2/envvars
         install -d /var/run/apache2/
diff --git a/docker/base/start.sh b/docker/base/start.sh
index b7ecc22..79d7f7c 100644
--- a/docker/base/start.sh
+++ b/docker/base/start.sh
@@ -1,5 +1,8 @@
 #!/bin/bash
+
 set -o errexit
+set -o pipefail
+set -o nounset
 set -o xtrace
 
 # Processing /var/lib/kolla/config_files/config.json as root.  This is necessary
diff --git a/docker/cyborg/cyborg-api/extend_start.sh b/docker/cyborg/cyborg-api/extend_start.sh
index e29728a..63c62ef 100644
--- a/docker/cyborg/cyborg-api/extend_start.sh
+++ b/docker/cyborg/cyborg-api/extend_start.sh
@@ -7,11 +7,4 @@ if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
     exit 0
 fi
 
-if [[ "${KOLLA_BASE_DISTRO}" =~ debian|ubuntu ]]; then
-    # Loading Apache2 ENV variables
-    . /etc/apache2/envvars
-    install -d /var/run/apache2/
-    rm -rf /var/run/apache2/*
-else
-    rm -rf /var/run/httpd/* /run/httpd/* /tmp/httpd*
-fi
+. /usr/local/bin/kolla_httpd_setup
diff --git a/docker/freezer/freezer-api/extend_start.sh b/docker/freezer/freezer-api/extend_start.sh
index c6c0960..6070429 100755
--- a/docker/freezer/freezer-api/extend_start.sh
+++ b/docker/freezer/freezer-api/extend_start.sh
@@ -7,11 +7,4 @@ if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
     exit 0
 fi
 
-if [[ "${KOLLA_BASE_DISTRO}" =~ debian|ubuntu ]]; then
-    # Loading Apache2 ENV variables
-    . /etc/apache2/envvars
-    install -d /var/run/apache2/
-    rm -rf /var/run/apache2/*
-else
-    rm -rf /var/run/httpd/* /run/httpd/* /tmp/httpd*
-fi
+. /usr/local/bin/kolla_httpd_setup
diff --git a/docker/horizon/extend_start.sh b/docker/horizon/extend_start.sh
index 0154959..8709ad1 100644
--- a/docker/horizon/extend_start.sh
+++ b/docker/horizon/extend_start.sh
@@ -285,6 +285,11 @@ function config_watcher_dashboard {
 }
 
 function config_zaqar_dashboard {
+    # NOTE(yoctozepto): Kolla-Ansible does not control Zaqar and therefore
+    # does not set ENABLE_ZAQAR; the workaround below ensures it gets set to
+    # `no` in that case to fix this code under `set -o nounset`.
+    ENABLE_ZAQAR=${ENABLE_ZAQAR-no}
+
     for file in ${SITE_PACKAGES}/zaqar_ui/enabled/_*[^__].py; do
         config_dashboard "${ENABLE_ZAQAR}" \
             "${SITE_PACKAGES}/zaqar_ui/enabled/${file##*/}" \
@@ -304,10 +309,12 @@ function config_zun_dashboard {
 # changed.  Use a static modification date when generating the tarball
 # so that we only trigger on content changes.
 function settings_bundle {
+    # NOTE(yoctozepto): We ignore errors here (|| true) to make it work with
+    # `set -o pipefail` (files might be missing - no problem).
     tar -cf- --mtime=1970-01-01 \
         /etc/openstack-dashboard/local_settings \
         /etc/openstack-dashboard/custom_local_settings \
-        /etc/openstack-dashboard/local_settings.d 2> /dev/null
+        /etc/openstack-dashboard/local_settings.d 2> /dev/null || true
 }
 
 function settings_changed {
diff --git a/docker/neutron/neutron-base/extend_start.sh b/docker/neutron/neutron-base/extend_start.sh
index 82e0873..9e02422 100644
--- a/docker/neutron/neutron-base/extend_start.sh
+++ b/docker/neutron/neutron-base/extend_start.sh
@@ -9,6 +9,11 @@ fi
 
 # set legacy iptables to allow kernels not supporting iptables-nft
 if /usr/bin/update-alternatives --query iptables; then
+    # NOTE(yoctozepto): Kolla-Ansible does not always set KOLLA_LEGACY_IPTABLES;
+    # the workaround below ensures it gets set to `false` in such cases to fix
+    # this code under `set -o nounset`.
+    KOLLA_LEGACY_IPTABLES=${KOLLA_LEGACY_IPTABLES-false}
+
     if [[ $KOLLA_LEGACY_IPTABLES == "true" ]]; then
         sudo /usr/bin/update-alternatives --set iptables /usr/sbin/iptables-legacy
         sudo /usr/bin/update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy