From 69d4a71dfe86e8111101dcd1bcf5a4138a7956a4 Mon Sep 17 00:00:00 2001
From: Lance Bragstad <lbragstad@gmail.com>
Date: Sat, 27 Aug 2016 01:01:37 +0000
Subject: [PATCH] Allow setup of credential encryption using fernet

With the addition of encrypted credential in keystone, we need to be able to
add setup steps in devstack to configure the credential repository with
encryption keys.

Depends-On: I97e7701bc5b8765d207cc721793643bcefa2d4e2
Depends-On: Id3e8922adc154cfec5f7a36613e22eb0b49eeffe
Change-Id: I433da9a257daa21ec3b5996b2bca571211f1fbba
---
 lib/keystone | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/keystone b/lib/keystone
index 6198e43b58..797ff50646 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -345,6 +345,8 @@ function configure_keystone {
 
     iniset $KEYSTONE_CONF fernet_tokens key_repository "$KEYSTONE_CONF_DIR/fernet-keys/"
 
+    iniset $KEYSTONE_CONF credential key_repository "$KEYSTONE_CONF_DIR/credential-keys/"
+
     # Configure the project created by the 'keystone-manage bootstrap' as the cloud-admin project.
     # The users from this project are globally admin as before, but it also
     # allows policy changes in order to clarify the adminess scope.
@@ -514,6 +516,9 @@ function init_keystone {
         rm -rf "$KEYSTONE_CONF_DIR/fernet-keys/"
         $KEYSTONE_BIN_DIR/keystone-manage --config-file $KEYSTONE_CONF fernet_setup
     fi
+    rm -rf "$KEYSTONE_CONF_DIR/credential-keys/"
+    $KEYSTONE_BIN_DIR/keystone-manage --config-file $KEYSTONE_CONF credential_setup
+
 }
 
 # install_keystoneauth() - Collect source and prepare