Merge "Added ability to generate kek for barbican simple crypto backend"

This commit is contained in:
Zuul 2017-12-08 23:07:10 +00:00 committed by Gerrit Code Review
commit 478c8531f5
5 changed files with 10 additions and 0 deletions

View File

@ -0,0 +1,4 @@
---
features:
- Add generation of the key encryption key for the Barbican simple
crypto backend.

View File

@ -64,6 +64,7 @@ PASSWORD_PARAMETER_NAMES = (
'AdminToken',
'AodhPassword',
'BarbicanPassword',
'BarbicanSimpleCryptoKek',
'CeilometerMeteringSecret',
'CeilometerPassword',
'CephAdminKey',

View File

@ -26,6 +26,7 @@ from tripleo_common.utils import passwords as password_utils
_EXISTING_PASSWORDS = {
'MistralPassword': 'VFJeqBKbatYhQm9jja67hufft',
'BarbicanPassword': 'MGGQBtgKT7FnywvkcdMwE9nhx',
'BarbicanSimpleCryptoKek': 'dGhpcnR5X3R3b19ieXRlX2tleWJsYWhibGFoYmxhaGg=',
'AdminPassword': 'jFmY8FTpvtF2e4d4ReXvmUP8k',
'CeilometerMeteringSecret': 'CbHTGK4md4Cc8P8ZyzTns6wry',
'ZaqarPassword': 'bbFgCTFbAH8vf9n3xvZCP8aMR',

View File

@ -45,6 +45,7 @@ class TestPasswords(base.TestCase):
uuidutils.generate_uuid(dashed=False),
uuidutils.generate_uuid(dashed=False),
uuidutils.generate_uuid(dashed=False),
uuidutils.generate_uuid(dashed=False),
uuidutils.generate_uuid(dashed=False)]
snmpd_password = uuidutils.generate_uuid(dashed=False)
@ -65,6 +66,7 @@ class TestPasswords(base.TestCase):
self.assertIn(value['KeystoneCredential1'], keys)
self.assertIn(value['KeystoneFernetKey0'], keys)
self.assertIn(value['KeystoneFernetKey1'], keys)
self.assertIn(value['BarbicanSimpleCryptoKek'], keys)
self.assertNotEqual(value['KeystoneFernetKey0'],
value['KeystoneFernetKey1'])

View File

@ -73,6 +73,8 @@ def generate_passwords(mistralclient=None, stack_env=None):
passwords[name] = create_fernet_keys_repo_structure_and_keys()
elif name == 'MigrationSshKey':
passwords[name] = create_ssh_keypair()
elif name == 'BarbicanSimpleCryptoKek':
passwords[name] = create_keystone_credential()
else:
passwords[name] = passutils.generate_password(
size=_MIN_PASSWORD_SIZE)