charm-barbican/src/config.yaml
Myles Penner c8ec165fc0 Add charmcraft 3 support
Summary of changes:

- Update the charmcraft.yaml file to use base and platforms, only
  allowing noble support.
- Update config to default to caracal.
- Update osci.yaml to use the charmcraft 3.x/beta
- Drop non-noble tests
- Update constraints file from -2024.1.txt to -noble.txt
- Add charmbuild to .zuul.yaml
- Add rename.sh to build process

Change-Id: Ia22e04e6da00eb176558d43f09c967d37f2366f4
2024-09-05 20:42:52 +00:00

52 lines
1.6 KiB
YAML

options:
require-hsm-plugin:
default: False
type: boolean
description: |
If True then the barbcian-worker process won't be fully
functional until an HSM is associated with the charm. The charm will
remain in the blocked state until an HSM is available.
label-mkek:
default: primarymkek
type: string
description: |
This is the label for the primary MKEK (Master Key Encryption Key) stored
in the HSM that is used by Barbican to wrap other encryption keys that
are provided to projects.
Note the assocated action 'generate-mkek' is used to create an MKEK when
initialising a system.
mkek-key-length:
default: 32
type: int
description: The length for generating an MKEK
label-hmac:
default: primaryhmac
type: string
description: |
This is the label for the primary HMAC (keyed-hash message authentication
code) stored in the HSM that is used by Barbican to wrap other HMACs that
are provided to projects.
Note the assocated action 'generate-hmac' is used to create an HMAC when
initialising a system.
hmac-key-length:
default: 32
type: int
description: The length for generating an HMAC
max-allowed-secret-size:
default: 20000
type: int
description: |
Maximum allowed secret size in bytes.
max-allowed-request-size:
default: 25000
type: int
description: |
Maximum allowed http request size against the barbican-api.
openstack-origin:
default: caracal
use-internal-endpoints:
default: True
type: boolean