summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-01-25 23:50:48 +0000
committerGerrit Code Review <review@openstack.org>2017-01-25 23:50:48 +0000
commitca8fc7ea699084d0c48128e09c5461764616647d (patch)
tree97bf26522edc59de71cf56e8d96a89c4d5b9307b
parente0276eada87f0d1c1c055c257dd5ba47f51bf728 (diff)
parent0e18ac5fdec4b9eeaef7f6aa83c466e86415e4e2 (diff)
Merge "Manage password_validator regex"
-rw-r--r--capabilities-map.yaml12
-rw-r--r--environments/horizon_password_validation.yaml5
-rw-r--r--puppet/services/horizon.yaml10
3 files changed, 27 insertions, 0 deletions
diff --git a/capabilities-map.yaml b/capabilities-map.yaml
index cd846316..aae89307 100644
--- a/capabilities-map.yaml
+++ b/capabilities-map.yaml
@@ -537,3 +537,15 @@ topics:
description:
requires:
- overcloud-resource-registry-puppet.yaml
+
+ - title: Security Options
+ description: Security Hardening Options
+ environment_groups:
+ - title: Horizon Password Validation
+ description: Enable Horizon Password validation
+ environments:
+ - file: environments/horizon_password_validation.yaml
+ title: Horizon Password Validation
+ description:
+ requires:
+ - overcloud-resource-registry-puppet.yaml
diff --git a/environments/horizon_password_validation.yaml b/environments/horizon_password_validation.yaml
new file mode 100644
index 00000000..1a0f92cc
--- /dev/null
+++ b/environments/horizon_password_validation.yaml
@@ -0,0 +1,5 @@
+# Use this enviroment to pass in validation regex for horizons password
+# validation checks
+parameter_defaults:
+ HorizonPasswordValidator: '.*'
+ HorizonPasswordValidatorHelp: 'Your password does not meet the requirements.'
diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml
index cf35d202..2111021b 100644
--- a/puppet/services/horizon.yaml
+++ b/puppet/services/horizon.yaml
@@ -27,6 +27,14 @@ parameters:
description: A list of IP/Hostname for the server Horizon is running on.
Used for header checks.
type: comma_delimited_list
+ HorizonPasswordValidator:
+ description: Regex for password validation
+ type: string
+ default: ''
+ HorizonPasswordValidatorHelp:
+ description: Help text for password validation
+ type: string
+ default: ''
HorizonSecret:
description: Secret key for Django
type: string
@@ -71,6 +79,8 @@ outputs:
options: ['FollowSymLinks','MultiViews']
horizon::bind_address: {get_param: [ServiceNetMap, HorizonNetwork]}
horizon::keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
+ horizon::password_validator: {get_param: [HorizonPasswordValidator]}
+ horizon::password_validator_help: {get_param: [HorizonPasswordValidatorHelp]}
horizon::secret_key:
yaql:
expression: $.data.passwords.where($ != '').first()