From eb52c794d9d3073d900958d0499e81be25979d52 Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Date: Thu, 17 Jan 2019 14:40:49 +0200
Subject: [PATCH] Add HorizonSecureCookies to environments/ssl/enable-tls.yaml

It was missing and breaking folks trying to use it.

Change-Id: I06c3a8499ce72973f850df60961226a168ba49e4
Closes-Bug: #1812211
---
 environments/ssl/enable-tls.yaml | 4 ++++
 sample-env-generator/ssl.yaml    | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/environments/ssl/enable-tls.yaml b/environments/ssl/enable-tls.yaml
index df1294cc49..7b8535e244 100644
--- a/environments/ssl/enable-tls.yaml
+++ b/environments/ssl/enable-tls.yaml
@@ -10,6 +10,10 @@
 #   For these values to take effect, one of the tls-endpoints-*.yaml
 #   environments must also be used.
 parameter_defaults:
+  # Set CSRF_COOKIE_SECURE / SESSION_COOKIE_SECURE in Horizon
+  # Type: boolean
+  HorizonSecureCookies: True
+
   # The content of the SSL certificate (without Key) in PEM format.
   # Type: string
   SSLCertificate: |
diff --git a/sample-env-generator/ssl.yaml b/sample-env-generator/ssl.yaml
index 35d923d9db..1adb50b723 100644
--- a/sample-env-generator/ssl.yaml
+++ b/sample-env-generator/ssl.yaml
@@ -9,6 +9,9 @@ environments:
     files:
       puppet/services/haproxy-public-tls-inject.yaml:
         parameters: all
+      puppet/services/horizon.yaml:
+        parameters:
+          - HorizonSecureCookies
     static:
       # This should probably be private, but for testing static params I'm
       # setting it as such for now.
@@ -20,6 +23,7 @@ environments:
       SSLKey: |-
         |
             The contents of the private key go here
+      HorizonSecureCookies: True
   -
     name: ssl/enable-internal-tls
     title: Enable SSL on OpenStack Internal Endpoints