* Fixed a comment to avoid ambiguity with concepts in Heat
* Removed default values from necessary parameters in the TLS
environment
* Simplified setting of the cert/key into a file.
Change-Id: I351778150a6fbf7affe1a0fddb1abb9869324dfc
properties:
server: {get_resource: Controller}
- # Hook for site-specific passing of private keys/certificates
+ # Resource for site-specific passing of private keys/certificates
NodeTLSData:
depends_on: NodeTLSCAData
type: OS::TripleO::NodeTLSData
description: >
The filepath of the certificate as it will be stored in the controller.
type: string
- NodeIndex: # Here for compatibility with tls-cert-inject.yaml
+ NodeIndex: # Here for compatibility with puppet/controller.yaml
default: 0
type: number
- server: # Here for compatibility with tls-cert-inject.yaml
+ server: # Here for compatibility with puppet/controller.yaml
description: ID of the controller node to apply this config to
type: string
parameters:
# Can be overriden via parameter_defaults in the environment
SSLCertificate:
- default: ''
description: >
The content of the SSL certificate (without Key) in PEM format.
type: string
The content of an SSL intermediate CA certificate in PEM format.
type: string
SSLKey:
- default: ''
description: >
The content of the SSL Key in PEM format.
type: string
- name: key_modulus
config: |
#!/bin/sh
- cat << EOF | tee ${cert_path} > /dev/null
+ cat > ${cert_path} << EOF
${cert_chain_content}
EOF
chmod 0440 ${cert_path}