8bc8c7c028
This introduces a new document called `EncryptionPolicy` to configure this behavior. It currently only supports using symmetric encryption with `GPG`, but that should be available on all Ubuntu systems (which is what we currently support) and should also be fairly reliable. Change-Id: I06d4faa119b736773df0d8cbf0e7a23fd98edcdf Depends-On: https://review.openstack.org/#/c/602175/
34 lines
707 B
YAML
34 lines
707 B
YAML
---
|
|
schema: deckhand/DataSchema/v1
|
|
metadata:
|
|
schema: metadata/Control/v1
|
|
name: promenade/EncryptionPolicy/v1
|
|
labels:
|
|
application: promenade
|
|
data:
|
|
$schema: http://json-schema.org/schema#
|
|
|
|
definitions:
|
|
script_encryption:
|
|
oneof:
|
|
- { $ref: '#/definitions/encryption_method_gpg' }
|
|
|
|
encryption_method_gpg:
|
|
properties:
|
|
gpg:
|
|
type: object
|
|
additionalProperties: false
|
|
required:
|
|
- gpg
|
|
additionalProperties: false
|
|
|
|
properties:
|
|
scripts:
|
|
properties:
|
|
genesis:
|
|
$ref: '#/definitions/script_encryption'
|
|
join:
|
|
$ref: '#/definitions/script_encryption'
|
|
additionalProperties: false
|
|
...
|