diff options
| author |   Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2015-11-25 13:23:54 +0200 |
|---|---|---|
| committer | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2015-11-26 08:58:52 +0200 |
| commit | ab231006a9c295f3afc669979896e8e589a0bccf (patch) | |
| tree | 044af7c6d99907660c7943f29b1c14751c47b41f | |
| parent | 80d929c75f979d99d4e608aae790f38786b4e055 (diff) | |
Minor fixes to TLS related resources
* Fixed a comment to avoid ambiguity with concepts in Heat
* Removed default values from necessary parameters in the TLS
environment
* Simplified setting of the cert/key into a file.
Change-Id: I351778150a6fbf7affe1a0fddb1abb9869324dfc
| -rw-r--r-- | puppet/controller.yaml | 2 | ||||
| -rw-r--r-- | puppet/extraconfig/tls/no-tls.yaml | 4 | ||||
| -rw-r--r-- | puppet/extraconfig/tls/tls-cert-inject.yaml | 4 |
3 files changed, 4 insertions, 6 deletions
diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 9792e7dc..d937e526 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -716,7 +716,7 @@ resources: properties: server: {get_resource: Controller} - # Hook for site-specific passing of private keys/certificates + # Resource for site-specific passing of private keys/certificates NodeTLSData: depends_on: NodeTLSCAData type: OS::TripleO::NodeTLSData diff --git a/puppet/extraconfig/tls/no-tls.yaml b/puppet/extraconfig/tls/no-tls.yaml index 2da209cb..a2b5c569 100644 --- a/puppet/extraconfig/tls/no-tls.yaml +++ b/puppet/extraconfig/tls/no-tls.yaml @@ -13,10 +13,10 @@ parameters: description: > The filepath of the certificate as it will be stored in the controller. type: string - NodeIndex: # Here for compatibility with tls-cert-inject.yaml + NodeIndex: # Here for compatibility with puppet/controller.yaml default: 0 type: number - server: # Here for compatibility with tls-cert-inject.yaml + server: # Here for compatibility with puppet/controller.yaml description: ID of the controller node to apply this config to type: string diff --git a/puppet/extraconfig/tls/tls-cert-inject.yaml b/puppet/extraconfig/tls/tls-cert-inject.yaml index 739a51ad..ce524ba9 100644 --- a/puppet/extraconfig/tls/tls-cert-inject.yaml +++ b/puppet/extraconfig/tls/tls-cert-inject.yaml @@ -7,7 +7,6 @@ description: > parameters: # Can be overriden via parameter_defaults in the environment SSLCertificate: - default: '' description: > The content of the SSL certificate (without Key) in PEM format. type: string @@ -17,7 +16,6 @@ parameters: The content of an SSL intermediate CA certificate in PEM format. type: string SSLKey: - default: '' description: > The content of the SSL Key in PEM format. type: string @@ -53,7 +51,7 @@ resources: - name: key_modulus config: | #!/bin/sh - cat << EOF | tee ${cert_path} > /dev/null + cat > ${cert_path} << EOF ${cert_chain_content} EOF chmod 0440 ${cert_path} |