Code Review / apex-tripleo-heat-templates.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 490e237) | patch
Enable heat/puppet to manage the fernet keys and make it configurable
authorJuan Antonio Osorio Robles <jaosorior@redhat.com>
Mon, 12 Jun 2017 12:24:32 +0000 (15:24 +0300)
committerJuan Antonio Osorio Robles <jaosorior@redhat.com>
Wed, 14 Jun 2017 07:04:06 +0000 (10:04 +0300)
commit350e1a81dd559581bcf643e5a87ad89d6a9c0e5d
tree7d28c6dc8848da3563f0f447bf25252583cdd829tree | snapshot
parent490e237f09d2c685903b173d3fd94efc450a9cb2commit | diff
Enable heat/puppet to manage the fernet keys and make it configurable

With the addition of the KeystoneFernetKeys parameter, it's now possible
to do fernet key rotations using mistral, by modifying the
KeystoneFernetKeys variable in mistral; subsequently a rotation could
happen when doing a stack update.

So this re-enables the managing of the key files by puppet. However,
this is left configurable, as folks might want to manage those files
out-of-band.

bp keystone-fernet-rotation
Change-Id: Ic82fb8b8a76481a6e588047acf33a036cf444d7d
puppet/services/keystone.yaml diff | blob | history
releasenotes/notes/Introduce-ManageKeystoneFernetKeys-parameter-2478cf5fc5e64256.yaml [new file with mode: 0644] blob