charm-barbican/src/config.yaml
Alex Kavanagh 21aa29f8a9 Keystone v2 and v3 manual and amulet/bundle testing
This provides both keystone v2 and v3 setup for testing barbican
manually.  It demonstrates how to set up a project/tenant in each v3 and
v2 and the how to store a secret.  Then only differences are in the
authentication with Keystone.  However, it does demonstrate both
working.

This change also contains the v2 and v3 keystone tests with barbican.
These are pesented as two gate-*-v2 and gate-*-v3 tests which activate
testing with keystone v2 and keystone v3.

Change-Id: Id0310da7a80ee8796eeda52b7af936ae51ed0dd9
2016-08-09 16:49:09 +00:00

84 lines
2.5 KiB
YAML

options:
openstack-origin:
default: distro
type: string
description: |
Repository from which to install. May be one of the following:
distro (default), ppa:somecustom/ppa, a deb url sources entry,
or a supported Cloud Archive release pocket.
Supported Cloud Archive sources include: cloud:precise-folsom,
cloud:precise-folsom/updates, cloud:precise-folsom/staging,
cloud:precise-folsom/proposed.
Note that updating this setting to a source that is known to
provide a later version of OpenStack will trigger a software
upgrade.
rabbit-user:
default: barbican
type: string
description: Username used to access rabbitmq queue
rabbit-vhost:
default: openstack
type: string
description: Rabbitmq vhost
database-user:
default: barbican
type: string
description: Username for Neutron database access (if enabled)
database:
default: barbican
type: string
description: Database name for Neutron (if enabled)
debug:
default: False
type: boolean
description: Enable debug logging
verbose:
default: False
type: boolean
description: Enable verbose logging
region:
default: RegionOne
type: string
description: OpenStack Region
keystone-api-version:
default: "2"
type: string
description: none, 2 or 3
require-hsm-plugin:
default: False
type: boolean
description: |
If True (the default) then the barbcian-worker process won't be fully
functional until an HSM is associated with the charm. The charm will
remain in the blocked state until an HSM is available.
label-mkek:
default: primarymkek
type: string
description: |
This is the label for the primary MKEK (Master Key Encryption Key) stored
in the HSM that is used by Barbican to wrap other encryption keys that
are provided to projects.
Note the assocated action 'generate-mkek' is used to create an MKEK when
initialising a system.
mkek-key-length:
default: 32
type: int
description: The length for generating an MKEK
label-hmac:
default: primaryhmac
type: string
description: |
This is the label for the primary HMAC (keyed-hash message authentication
code) stored in the HSM that is used by Barbican to wrap other HMACs that
are provided to projects.
Note the assocated action 'generate-hmac' is used to create an HMAC when
initialising a system.
hmac-key-length:
default: 32
type: int
description: The length for generating an HMAC