Browse Source

Store sensitive configs in secret

Change-Id: If03e4560fbedf3d31226eee9ee1e527f90196929
Depends-On: Ie6a9833cdf73b076e24204d47e5898dfb24de43e
changes/57/441757/2
Andrey Pavlov 2 years ago
parent
commit
ece5b265d7
1 changed files with 10 additions and 7 deletions
  1. 10
    7
      service/files/defaults.yaml

+ 10
- 7
service/files/defaults.yaml View File

@@ -9,18 +9,11 @@ configs:
9 9
     admin_port:
10 10
       cont: 35357
11 11
 
12
-    db:
13
-      password: password
14
-      name: keystone
15
-      username: keystone
16
-
17 12
     wsgi:
18 13
       processes: 6
19 14
       threads: 1
20 15
 
21 16
     fernet_secret_name: keystone-fernet-keys
22
-    # 100% random default
23
-    credential_key: "2jjLrgOLvI-wj7g-8058SSCw0-ZnL4Ghg5cLuBirxL8="
24 17
 
25 18
     notifications:
26 19
       enable: false
@@ -29,6 +22,16 @@ configs:
29 22
 
30 23
     encrypt_tokens_in_memcached:
31 24
       enabled: true
25
+
26
+secret_configs:
27
+  keystone:
28
+    db:
29
+      password: password
30
+      name: keystone
31
+      username: keystone
32
+
33
+    credential_key: "2jjLrgOLvI-wj7g-8058SSCw0-ZnL4Ghg5cLuBirxL8="
34
+    encrypt_tokens_in_memcached:
32 35
       secret_key: password
33 36
 
34 37
   openstack:

Loading…
Cancel
Save