openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Check Ceph*Key value format and halt on error 

The CephX keys secret is expected to have a specific format, this
adds a constraint in the templates to ensure it has the correct
format.

Change-Id: Ic12c3c287a921d696de1395bc887691c48146359
Closes-Bug: 1864185
(cherry picked from commit 0940dfd95e)
(cherry picked from commit 33ce60d6ac)
This commit is contained in:
Giulio Fidente 2020-02-21 11:33:17 +01:00
parent f62778178d
commit 98652da2ab
5 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
deployment/ceph-ansible/ceph-base.yaml
View File

@ -126,6 +126,8 @@ parameters:
description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
type: string type: string
hidden: true hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephClientUserName: CephClientUserName:
default: openstack default: openstack
type: string type: string
@ -137,6 +139,8 @@ parameters:
with ceph-authtool --gen-print-key. with ceph-authtool --gen-print-key.
type: string type: string
hidden: true hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephPoolDefaultSize: CephPoolDefaultSize:
description: default minimum replication for RBD copies description: default minimum replication for RBD copies
type: number type: number
@ -165,6 +169,8 @@ parameters:
description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
type: string type: string
hidden: true hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephIPv6: CephIPv6:
default: False default: False
type: boolean type: boolean

4
deployment/ceph-ansible/ceph-mon.yaml
View File

@ -34,11 +34,15 @@ parameters:
description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key. description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key.
type: string type: string
hidden: true hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephAdminKey: CephAdminKey:
default: '' default: ''
description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
type: string type: string
hidden: true hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephValidationRetries: CephValidationRetries:
type: number type: number
default: 40 default: 40

2
deployment/manila/manila-backend-cephfs.yaml
View File

@ -76,6 +76,8 @@ parameters:
description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
type: string type: string
hidden: true hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
outputs: outputs:
role_data: role_data:

2
deployment/nova/nova-compute-container-puppet.yaml
View File

@ -81,6 +81,8 @@ parameters:
description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
type: string type: string
hidden: true hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephClusterFSID: CephClusterFSID:
type: string type: string
description: The Ceph cluster FSID. Must be a UUID. description: The Ceph cluster FSID. Must be a UUID.

2
deployment/nova/nova-libvirt-container-puppet.yaml
View File

@ -65,6 +65,8 @@ parameters:
description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
type: string type: string
hidden: true hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephClusterFSID: CephClusterFSID:
type: string type: string
description: The Ceph cluster FSID. Must be a UUID. description: The Ceph cluster FSID. Must be a UUID.