From 79e57bd7999b6df72c2094275e763e71b266f204 Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Wed, 6 Sep 2017 10:59:38 +0200 Subject: [PATCH] use variable fernet-key data bag instead of hard coded vault name the attribute ['openstack']['secret']['secrets_data_bag'] is used. Change-Id: I286fbfe89395544d1f8d0139acca0d689e4737fa Closes-Bug: #1714523 --- recipes/_fernet_tokens.rb | 3 ++- spec/spec_helper.rb | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/recipes/_fernet_tokens.rb b/recipes/_fernet_tokens.rb index 91f0c3b..01488ac 100644 --- a/recipes/_fernet_tokens.rb +++ b/recipes/_fernet_tokens.rb @@ -33,7 +33,8 @@ directory key_repository do end node['openstack']['identity']['fernet']['keys'].each do |key_index| - key = secret('keystone', "fernet_key#{key_index}") + key = secret(node['openstack']['secret']['secrets_data_bag'], + "fernet_key#{key_index}") file File.join(key_repository, key_index.to_s) do content key owner node['openstack']['identity']['user'] diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 93f9885..cc3c380 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -65,10 +65,10 @@ shared_context 'identity_stubs' do .with('user', 'admin') .and_return('admin') allow_any_instance_of(Chef::Recipe).to receive(:secret) - .with('keystone', 'fernet_key0') + .with('secrets', 'fernet_key0') .and_return('thisisfernetkey0') allow_any_instance_of(Chef::Recipe).to receive(:secret) - .with('keystone', 'fernet_key1') + .with('secrets', 'fernet_key1') .and_return('thisisfernetkey1') allow_any_instance_of(Chef::Recipe).to receive(:rabbit_transport_url) .with('identity')