certificates: Passphrase parameters should be secret
Change-Id: I8eebb96b04c0b3b2fd330fcc4569d3cd05ec4604
(cherry picked from commit 3bcc79f125
)
This commit is contained in:
parent
2c59039e8e
commit
79d4df6248
|
@ -131,8 +131,8 @@ class octavia::certificates (
|
|||
'certificates/endpoint_type' : value => $endpoint_type;
|
||||
'certificates/ca_certificate' : value => $ca_certificate;
|
||||
'certificates/ca_private_key' : value => $ca_private_key;
|
||||
'certificates/server_certs_key_passphrase' : value => $server_certs_key_passphrase;
|
||||
'certificates/ca_private_key_passphrase' : value => $ca_private_key_passphrase;
|
||||
'certificates/server_certs_key_passphrase' : value => $server_certs_key_passphrase, secret => true;
|
||||
'certificates/ca_private_key_passphrase' : value => $ca_private_key_passphrase, secret => true;
|
||||
'certificates/signing_digest' : value => $signing_digest;
|
||||
'certificates/cert_validity_time' : value => $cert_validity_time;
|
||||
'controller_worker/client_ca' : value => $client_ca_real;
|
||||
|
|
|
@ -14,7 +14,8 @@ describe 'octavia::certificates' do
|
|||
is_expected.to contain_octavia_config('certificates/endpoint_type').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_octavia_config('certificates/ca_certificate').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_octavia_config('certificates/ca_private_key').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_octavia_config('certificates/ca_private_key_passphrase').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_octavia_config('certificates/server_certs_key_passphrase').with_value('insecure-key-do-not-use-this-key').with_secret(true)
|
||||
is_expected.to contain_octavia_config('certificates/ca_private_key_passphrase').with_value('<SERVICE DEFAULT>').with_secret(true)
|
||||
is_expected.to contain_octavia_config('certificates/signing_digest').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_octavia_config('certificates/cert_validity_time').with_value('<SERVICE DEFAULT>')
|
||||
end
|
||||
|
@ -55,8 +56,8 @@ describe 'octavia::certificates' do
|
|||
is_expected.to contain_octavia_config('certificates/endpoint_type').with_value('internalURL')
|
||||
is_expected.to contain_octavia_config('certificates/ca_certificate').with_value('/etc/octavia/ca.pem')
|
||||
is_expected.to contain_octavia_config('certificates/ca_private_key').with_value('/etc/octavia/key.pem')
|
||||
is_expected.to contain_octavia_config('certificates/server_certs_key_passphrase').with_value('insecure-key-do-not-use-this-key')
|
||||
is_expected.to contain_octavia_config('certificates/ca_private_key_passphrase').with_value('secure123')
|
||||
is_expected.to contain_octavia_config('certificates/server_certs_key_passphrase').with_value('insecure-key-do-not-use-this-key').with_secret(true)
|
||||
is_expected.to contain_octavia_config('certificates/ca_private_key_passphrase').with_value('secure123').with_secret(true)
|
||||
is_expected.to contain_octavia_config('certificates/signing_digest').with_value('sha256')
|
||||
is_expected.to contain_octavia_config('certificates/cert_validity_time').with_value(2592000)
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue