diff --git a/docker/services/ceph-ansible/ceph-base.yaml b/docker/services/ceph-ansible/ceph-base.yaml index c586657509..35184daa38 100644 --- a/docker/services/ceph-ansible/ceph-base.yaml +++ b/docker/services/ceph-ansible/ceph-base.yaml @@ -119,6 +119,8 @@ parameters: description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" CephClientUserName: default: openstack type: string @@ -130,6 +132,8 @@ parameters: with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" CephPoolDefaultSize: description: default minimum replication for RBD copies type: number @@ -157,6 +161,8 @@ parameters: description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" CephIPv6: default: False type: boolean diff --git a/docker/services/ceph-ansible/ceph-mon.yaml b/docker/services/ceph-ansible/ceph-mon.yaml index 789be62614..53e38b465f 100644 --- a/docker/services/ceph-ansible/ceph-mon.yaml +++ b/docker/services/ceph-ansible/ceph-mon.yaml @@ -34,11 +34,15 @@ parameters: description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" CephAdminKey: default: '' description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" CephValidationRetries: type: number default: 40 diff --git a/docker/services/nova-libvirt.yaml b/docker/services/nova-libvirt.yaml index e3f77a8e5f..4b5b255afe 100644 --- a/docker/services/nova-libvirt.yaml +++ b/docker/services/nova-libvirt.yaml @@ -70,6 +70,8 @@ parameters: description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" CephClusterFSID: type: string description: The Ceph cluster FSID. Must be a UUID. diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml index efba54d956..1108ba2320 100644 --- a/puppet/services/ceph-base.yaml +++ b/puppet/services/ceph-base.yaml @@ -10,10 +10,14 @@ parameters: description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" CephClientKey: description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" CephClientUserName: default: openstack type: string @@ -80,6 +84,8 @@ parameters: description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" # DEPRECATED options for compatibility with overcloud.yaml # This should be removed and manipulation of the ControllerServices list # used instead, but we need client support for that first diff --git a/puppet/services/ceph-external.yaml b/puppet/services/ceph-external.yaml index c910c74157..0454db211d 100644 --- a/puppet/services/ceph-external.yaml +++ b/puppet/services/ceph-external.yaml @@ -8,6 +8,8 @@ parameters: description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" CephClientUserName: default: openstack type: string @@ -79,6 +81,8 @@ parameters: description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" outputs: role_data: diff --git a/puppet/services/ceph-mon.yaml b/puppet/services/ceph-mon.yaml index b588815e50..a6a3bc4aa9 100644 --- a/puppet/services/ceph-mon.yaml +++ b/puppet/services/ceph-mon.yaml @@ -37,6 +37,8 @@ parameters: description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" CinderRbdPoolName: default: volumes type: string diff --git a/puppet/services/ceph-rgw.yaml b/puppet/services/ceph-rgw.yaml index 0f0b386814..f26b60c6a2 100644 --- a/puppet/services/ceph-rgw.yaml +++ b/puppet/services/ceph-rgw.yaml @@ -39,6 +39,8 @@ parameters: with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" SwiftPassword: description: The password for the swift service account type: string diff --git a/puppet/services/manila-backend-cephfs.yaml b/puppet/services/manila-backend-cephfs.yaml index b64ef2163c..2999ad4a56 100644 --- a/puppet/services/manila-backend-cephfs.yaml +++ b/puppet/services/manila-backend-cephfs.yaml @@ -76,6 +76,8 @@ parameters: description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" outputs: role_data: diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml index 0c7a40d112..1d585a0577 100644 --- a/puppet/services/nova-compute.yaml +++ b/puppet/services/nova-compute.yaml @@ -52,6 +52,8 @@ parameters: description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" CephClusterFSID: type: string description: The Ceph cluster FSID. Must be a UUID. diff --git a/puppet/services/nova-libvirt.yaml b/puppet/services/nova-libvirt.yaml index dc34bc5370..dc10166a66 100644 --- a/puppet/services/nova-libvirt.yaml +++ b/puppet/services/nova-libvirt.yaml @@ -46,6 +46,8 @@ parameters: description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true + constraints: + - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$" CephClusterFSID: type: string description: The Ceph cluster FSID. Must be a UUID.