Set enable_fernet_setup to false
Upstream patch https://review.openstack.org/#/c/389322/ sets enable_fernet_setup to true by default, and currently in Fuel fernet keys are generated on master, in order to unblock upstream this commit explicitly sets enable_fernet_setup to false. Change-Id: I4e7cbbe893da77c4f83df7f661708b2ad6e8d25b Closes-Bug: #1635549
This commit is contained in:
parent
6d0326ce34
commit
dae83f0912
|
@ -56,6 +56,7 @@ class fuel::keystone (
|
|||
database_connection => "${db_engine}://${db_user}:${db_password}@${db_host}:${db_port}/${db_name}",
|
||||
token_expiration => $token_expiration,
|
||||
token_provider => 'keystone.token.providers.uuid.Provider',
|
||||
enable_fernet_setup => false,
|
||||
default_domain => $keystone_domain,
|
||||
service_name => 'httpd',
|
||||
use_syslog => true,
|
||||
|
|
|
@ -322,6 +322,8 @@ class openstack_tasks::keystone::keystone {
|
|||
memcache_servers => $memcache_servers,
|
||||
token_driver => $token_driver,
|
||||
token_provider => $token_provider,
|
||||
# Fernet keys are generated on master
|
||||
enable_fernet_setup => false,
|
||||
notification_driver => $ceilometer_hash['notification_driver'],
|
||||
token_caching => $token_caching,
|
||||
cache_backend => $cache_backend,
|
||||
|
|
|
@ -174,6 +174,11 @@ describe manifest do
|
|||
should contain_class('keystone').with('revoke_by_id' => false)
|
||||
end
|
||||
|
||||
it 'should declare keystone class with enable_fernet_setup set to false' do
|
||||
# Fernet keys are generated on master
|
||||
should contain_class('keystone').with('enable_fernet_setup' => false)
|
||||
end
|
||||
|
||||
it 'should configure keystone with paramters' do
|
||||
should contain_keystone_config('token/caching').with(:value => 'false')
|
||||
should contain_keystone_config('cache/enabled').with(:value => 'true')
|
||||
|
|
|
@ -31,6 +31,10 @@ describe manifest do
|
|||
is_expected.to contain_class('fuel::keystone').with parameters
|
||||
end
|
||||
|
||||
it 'should declare keystone class with enable_fernet_setup set to false' do
|
||||
should contain_class('keystone').with('enable_fernet_setup' => false)
|
||||
end
|
||||
|
||||
it {
|
||||
should contain_service('httpd').with(
|
||||
:ensure => 'running',
|
||||
|
|
Loading…
Reference in New Issue