Set enable_fernet_setup to false

Upstream patch https://review.openstack.org/#/c/389322/ sets enable_fernet_setup to true by default, and currently in Fuel fernet keys are generated on master, in order to unblock upstream this commit explicitly sets enable_fernet_setup to false. Change-Id: I4e7cbbe893da77c4f83df7f661708b2ad6e8d25b Closes-Bug: #1635549
2016-10-24 11:10:16 +03:00 · 2016-10-24 11:10:16 +03:00 · dae83f0912
parent 6d0326ce34
commit dae83f0912
4 changed files with 12 additions and 0 deletions
--- a/deployment/puppet/fuel/manifests/keystone.pp
+++ b/deployment/puppet/fuel/manifests/keystone.pp
@ -56,6 +56,7 @@ class fuel::keystone (
    database_connection => "${db_engine}://${db_user}:${db_password}@${db_host}:${db_port}/${db_name}",
    token_expiration    => $token_expiration,
    token_provider      => 'keystone.token.providers.uuid.Provider',
+    enable_fernet_setup => false,
    default_domain      => $keystone_domain,
    service_name        => 'httpd',
    use_syslog          => true,
--- a/deployment/puppet/openstack_tasks/manifests/keystone/keystone.pp
+++ b/deployment/puppet/openstack_tasks/manifests/keystone/keystone.pp
@ -322,6 +322,8 @@ class openstack_tasks::keystone::keystone {
      memcache_servers                   => $memcache_servers,
      token_driver                       => $token_driver,
      token_provider                     => $token_provider,
+      # Fernet keys are generated on master
+      enable_fernet_setup                => false,
      notification_driver                => $ceilometer_hash['notification_driver'],
      token_caching                      => $token_caching,
      cache_backend                      => $cache_backend,
--- a/tests/noop/spec/hosts/keystone/keystone_spec.rb
+++ b/tests/noop/spec/hosts/keystone/keystone_spec.rb
@ -174,6 +174,11 @@ describe manifest do
      should contain_class('keystone').with('revoke_by_id' => false)
    end

+    it 'should declare keystone class with enable_fernet_setup set to false' do
+      # Fernet keys are generated on master
+      should contain_class('keystone').with('enable_fernet_setup' => false)
+    end
+
    it 'should configure keystone with paramters' do
      should contain_keystone_config('token/caching').with(:value => 'false')
      should contain_keystone_config('cache/enabled').with(:value => 'true')
--- a/tests/noop/spec/hosts/master/keystone_spec.rb
+++ b/tests/noop/spec/hosts/master/keystone_spec.rb
@ -31,6 +31,10 @@ describe manifest do
      is_expected.to contain_class('fuel::keystone').with parameters
    end

+    it 'should declare keystone class with enable_fernet_setup set to false' do
+      should contain_class('keystone').with('enable_fernet_setup' => false)
+    end
+
    it {
      should contain_service('httpd').with(
        :ensure => 'running',