Merge "Use distinct params for ca cert in nova-vnc-proxy and nova-libvirt"

deployment/nova/nova-vnc-proxy-container-puppet.yaml

@@ -50,7 +50,7 @@ parameters:
     description: If set to true and if EnableInternalTLS is enabled, it will
                  enable TLS transaport for libvirt VNC and configure the
                  relevant keys for libvirt.
-  InternalTLSVncCAFile:
+  InternalTLSVncProxyCAFile:
     default: '/etc/pki/CA/certs/vnc.crt'
     type: string
     description: Specifies the CA cert to use for VNC TLS.
@@ -61,7 +61,7 @@ parameters:
                  This file will be symlinked to the default CA path,
                  which is /etc/pki/libvirt-vnc/ca-cert.pem.
                  This parameter should be used if the default (which comes from
-                 the InternalTLSVncCAFile parameter) is not desired. The current
+                 the InternalTLSVncProxyCAFile parameter) is not desired. The current
                  default reflects TripleO's default CA, which is FreeIPA.
                  It will only be used if internal TLS is enabled.
   StackUpdateType:
@@ -162,7 +162,7 @@ outputs:
                 tripleo::certmonger::ca::libvirt_vnc::origin_ca_pem:
                   if:
                     - libvirt_vnc_specific_ca_unset
-                    - get_param: InternalTLSVncCAFile
+                    - get_param: InternalTLSVncProxyCAFile
                     - get_param: LibvirtVncCACert
                 tripleo::certmonger::libvirt_vnc_dirs::certificate_dir: '/etc/pki/libvirt-vnc'
                 libvirt_vnc_certificates_specs:
@@ -170,7 +170,7 @@ outputs:
                     cacertfile:
                       if:
                         - libvirt_vnc_specific_ca_unset
-                        - get_param: InternalTLSVncCAFile
+                        - get_param: InternalTLSVncProxyCAFile
                         - null
                     service_certificate: '/etc/pki/libvirt-vnc/client-cert.pem'
                     service_key: '/etc/pki/libvirt-vnc/client-key.pem'
@@ -262,7 +262,7 @@ outputs:
                             CACERT:
                               if:
                                 - libvirt_vnc_specific_ca_unset
-                                - get_param: InternalTLSVncCAFile
+                                - get_param: InternalTLSVncProxyCAFile
                                 - get_param: LibvirtVncCACert
                       - /etc/pki/libvirt-vnc/client-cert.pem:/etc/pki/libvirt-vnc/client-cert.pem:ro
                       - /etc/pki/libvirt-vnc/client-key.pem:/etc/pki/libvirt-vnc/client-key.pem:ro

tools/yaml-validate.py

@@ -116,6 +116,7 @@ PARAMETER_DEFINITION_EXCLUSIONS = {
     'KeystoneAdminErrorLoggingSource': ['default'],
     'KeystoneMainAcccessLoggingSource': ['default'],
     'KeystoneMainErrorLoggingSource': ['default'],
+    'LibvirtVncCACert': ['description'],
     'NeutronApiLoggingSource': ['default'],
     'NeutronDhcpAgentLoggingSource': ['default'],
     'NeutronL3AgentLoggingSource': ['default'],