openstack/openstack-helm
Code Issues Proposed changes
baf5356a4f
openstack-helm/keystone/templates/bin
History
Gage Hugo 3d6f3088a3 Add credential delete hook to keystone chart 
This change creates a pre-delete hook to clean out all entries
in the credential table of the keystone database when the
keystone service is deleted. Note that these are not
the typical username/password.[0]

This fixes the issue of leftover credential blobs being saved
in the database that are unable to be decrypted since the
original encryption keys are removed upon deletion of the
keystone service

[0] https://specs.openstack.org/openstack/keystone-specs/specs/keystone/newton/credential-encryption.html

Change-Id: I8adf0878af2f3b880e9194a6cb8d97b58d6895a5
2019-04-17 20:10:48 +00:00
..
_bootstrap.sh.tpl Revert "Update OSH Author copyrights to OSF" 2018-08-28 17:25:13 +00:00
_cred-clean.py.tpl Add credential delete hook to keystone chart 2019-04-17 20:10:48 +00:00
_db-sync.sh.tpl Revert "Update OSH Author copyrights to OSF" 2018-08-28 17:25:13 +00:00
_domain-manage-init.sh.tpl Revert "Update OSH Author copyrights to OSF" 2018-08-28 17:25:13 +00:00
_domain-manage.py.tpl Add validation to domain logic 2018-04-11 01:20:39 +00:00
_domain-manage.sh.tpl Revert "Update OSH Author copyrights to OSF" 2018-08-28 17:25:13 +00:00
_endpoint-update.py.tpl Fix py3 issue on fernet-manage and update-endpoint 2019-03-14 21:24:47 +00:00
_fernet-manage.py.tpl Fix py3 issue on fernet-manage and update-endpoint 2019-03-14 21:24:47 +00:00
_keystone-api.sh.tpl Allow more generic overrides for keystone 2019-04-12 04:16:48 +00:00