Merge "Ensure that OctaviaServerCertsKeyPassphrase is 32-byte long" into stable/queens
This commit is contained in:
commit
341b3cbb48
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
fixes:
|
||||
- The passphrase for config option 'server_certs_key_passphrase', is used as
|
||||
a Fernet key in Octavia and thus must be 32 bytes long. TripleO will now
|
||||
auto-generate 32 bytes long passphrase for OctaviaServerCertsKeyPassphrase.
|
|
@ -73,6 +73,7 @@ class TestPasswords(base.TestCase):
|
|||
|
||||
self.assertNotEqual(value['KeystoneCredential0'],
|
||||
value['KeystoneCredential1'])
|
||||
self.assertEqual(len(value['OctaviaServerCertsKeyPassphrase']), 32)
|
||||
|
||||
def test_create_ssh_keypair(self):
|
||||
|
||||
|
|
|
@ -90,6 +90,9 @@ def generate_passwords(mistralclient=None, stack_env=None):
|
|||
elif name.startswith("HeatAuthEncryptionKey"):
|
||||
passwords[name] = passutils.generate_password(
|
||||
size=32)
|
||||
elif name.startswith("OctaviaServerCertsKeyPassphrase"):
|
||||
passwords[name] = passutils.generate_password(
|
||||
size=32)
|
||||
else:
|
||||
passwords[name] = passutils.generate_password(
|
||||
size=_MIN_PASSWORD_SIZE)
|
||||
|
|
Loading…
Reference in New Issue