openstack
/
puppet-heat
Code Issues Proposed changes

Mark heat's keystone password as secret 

Change-Id: I7d4e0fe452566435eb67d3d9ed6b3849021ba690
This commit is contained in:
Matt Fischer 2015-02-23 15:26:21 -07:00
parent a0e1f3ab69
commit 02df1c7974
4 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
manifests/init.pp
View File

@ -370,7 +370,7 @@ class heat(
'keystone_authtoken/auth_protocol' : value => $keystone_protocol;
'keystone_authtoken/admin_tenant_name' : value => $keystone_tenant;
'keystone_authtoken/admin_user' : value => $keystone_user;
'keystone_authtoken/admin_password' : value => $keystone_password;
'keystone_authtoken/admin_password' : value => $keystone_password, secret => true;
}
# Log configuration

2
manifests/keystone/domain.pp
View File

@ -67,7 +67,7 @@ class heat::keystone::domain (
heat_config {
'DEFAULT/stack_domain_admin': value => $domain_admin;
'DEFAULT/stack_domain_admin_password': value => $domain_password;
'DEFAULT/stack_domain_admin_password': value => $domain_password, secret => true;
}
}

6
spec/classes/heat_init_spec.rb
View File

@ -18,6 +18,7 @@ describe 'heat' do
:auth_uri => 'http://127.0.0.1:5000/v2.0',
:keystone_ec2_uri => 'http://127.0.0.1:5000/v2.0/ec2tokens',
:flavor => 'keystone',
:keystone_password => 'secretpassword',
}
end
@ -161,6 +162,11 @@ describe 'heat' do
it { should contain_heat_config('paste_deploy/flavor').with_value('keystone') }
it 'keeps keystone secrets secret' do
should contain_heat_config('keystone_authtoken/admin_password').with_secret(true)
end
end
shared_examples_for 'rabbit without HA support (with backward compatibility)' do

1
spec/classes/heat_keystone_domain_spec.rb
View File

@ -17,6 +17,7 @@ describe 'heat::keystone::domain' do
it 'configure heat.conf' do
should contain_heat_config('DEFAULT/stack_domain_admin').with_value(params[:domain_admin])
should contain_heat_config('DEFAULT/stack_domain_admin_password').with_value(params[:domain_password])
should contain_heat_config('DEFAULT/stack_domain_admin_password').with_secret(true)
end
it 'should configure heat domain id' do