openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Check Ceph*Key value format and halt on error 

The CephX keys secret is expected to have a specific format, this
adds a constraint in the templates to ensure it has the correct
format.

Change-Id: Ic12c3c287a921d696de1395bc887691c48146359
Closes-Bug: 1864185
(cherry picked from commit 0940dfd95e)
(cherry picked from commit 33ce60d6ac)
(cherry picked from commit 98652da2ab)
This commit is contained in:
Giulio Fidente 2020-02-21 11:33:17 +01:00
parent 4f639c693c
commit 909d57ccc1
6 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docker/services/ceph-ansible/ceph-base.yaml
View File

@ -120,6 +120,8 @@ parameters:
description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephClientUserName:
default: openstack
type: string
@ -131,6 +133,8 @@ parameters:
with ceph-authtool --gen-print-key.
type: string
hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephPoolDefaultSize:
description: default minimum replication for RBD copies
type: number
@ -158,6 +162,8 @@ parameters:
description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephIPv6:
default: False
type: boolean

4
docker/services/ceph-ansible/ceph-mon.yaml
View File

@ -34,11 +34,15 @@ parameters:
description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephAdminKey:
default: ''
description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephValidationRetries:
type: number
default: 40

2
docker/services/nova-libvirt.yaml
View File

@ -70,6 +70,8 @@ parameters:
description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephClusterFSID:
type: string
description: The Ceph cluster FSID. Must be a UUID.

2
puppet/services/manila-backend-cephfs.yaml
View File

@ -76,6 +76,8 @@ parameters:
description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
outputs:
role_data:

2
puppet/services/nova-compute.yaml
View File

@ -52,6 +52,8 @@ parameters:
description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephClusterFSID:
type: string
description: The Ceph cluster FSID. Must be a UUID.

2
puppet/services/nova-libvirt.yaml
View File

@ -46,6 +46,8 @@ parameters:
description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephClusterFSID:
type: string
description: The Ceph cluster FSID. Must be a UUID.