use secure password unless 'developer_mode' flag is set in environment

2012-05-18 11:07:40 +01:00
parent d2d1da36ca
commit 75b531e70e
2 changed files with 11 additions and 1 deletions
--- a/attributes/default.rb
+++ b/attributes/default.rb
@@ -1,6 +1,7 @@
 default["nova"]["db"]["name"] = "nova"
 default["nova"]["db"]["username"] = "nova"
-default["nova"]["db"]["password"] = "nova"
+# Replacing with OpenSSL::Password in recipes/nova-common.rb
+#default["nova"]["db"]["password"] = "nova"

 default["nova"]["service_tenant_name"] = "service"
 default["nova"]["service_user"] = "nova"
--- a/recipes/nova-common.rb
+++ b/recipes/nova-common.rb
@@ -17,6 +17,15 @@
 # limitations under the License.
 #

+::Chef::Recipe.send(:include, Opscode::OpenSSL::Password)
+
+# Allow for using a well known db password
+if node["developer_mode"]
+  node.set_unless["nova"]["db"]["password"] = "nova"
+else
+  node.set_unless["nova"]["db"]["password"] = secure_password
+end
+
 # Distribution specific settings go here
 if platform?(%w{fedora})
  # Fedora