From a6e81dbfaf8f86ac316f41e92cb9ff3095570808 Mon Sep 17 00:00:00 2001
From: Nir Magnezi <nmagnezi@redhat.com>
Date: Thu, 4 Jul 2019 13:46:36 +0300
Subject: [PATCH] CI should auto-generate server_certs_key_passphrase

Bug 1833942 showed that in a case that the generated value
server_certs_key_passphrase is invalid, Octavia will fail to operate.

In CI, we currently provide a pre-defined passphrase that might cover
for potential breakages in the future. This patch removes the
pre-defined passphrase so it will get generated on each run.

Note that, TripleO will now[1] either auto-generate a valid passphrase
or validate a pre-defined one.

Related-Bug: #1833942

[1] https://review.opendev.org/#/q/topic:OctaviaServerCertsKeyPassphrase-32chars

Depends-On: https://review.opendev.org/#/c/669824/
Depends-On: https://review.opendev.org/#/c/669829/
Depends-On: https://review.opendev.org/#/c/669848/

Change-Id: Ie596b04614c2ca9d961694f4012c1553a092aa3e
(cherry picked from commit 1f3088c4aa2612a772e023f14fafc72c61c6cb07)
(cherry picked from commit 680f341f19060ffa42b6c832018874656a4f339a)
(cherry picked from commit 31b9d601759a71670a8213bfd0550d9d059e34aa)
---
 ci/environments/scenario010-multinode-containers.yaml | 1 -
 ci/environments/scenario010-standalone.yaml           | 1 -
 2 files changed, 2 deletions(-)

diff --git a/ci/environments/scenario010-multinode-containers.yaml b/ci/environments/scenario010-multinode-containers.yaml
index 18f2860a41..7f628263c2 100644
--- a/ci/environments/scenario010-multinode-containers.yaml
+++ b/ci/environments/scenario010-multinode-containers.yaml
@@ -68,7 +68,6 @@ parameter_defaults:
   NeutronEnableForceMetadata: true
   OctaviaManageNovaFlavor: true
   # For now, we hardcode it but soon it'll be generated in tripleo-common
-  OctaviaServerCertsKeyPassphrase: 'insecure-key-do-not-use-this-key'
   OctaviaCaKeyPassphrase: 'upstreamci'
   OctaviaGenerateCerts: true
 
diff --git a/ci/environments/scenario010-standalone.yaml b/ci/environments/scenario010-standalone.yaml
index 42d48c7a7f..8738a7eb06 100644
--- a/ci/environments/scenario010-standalone.yaml
+++ b/ci/environments/scenario010-standalone.yaml
@@ -32,7 +32,6 @@ resource_registry:
 
 parameter_defaults:
   OctaviaAmphoraSshKeyFile: /home/zuul/.ssh/id_rsa.pub
-  OctaviaServerCertsKeyPassphrase: 'insecure-key-do-not-use-this-key'
   NodeDataLookup:
     AB4114B1-9C9D-409A-BEFB-D88C151BF2C3: {"foo": "bar"}
     8CF1A7EA-7B4B-4433-AC83-17675514B1B8: {"foo2": "bar2"}