summaryrefslogtreecommitdiffstats
path: root/deprecated
diff options
context:
space:
mode:
authorSteven Hardy <shardy@redhat.com>2015-02-20 12:04:47 -0500
committerSteven Hardy <shardy@redhat.com>2015-03-13 06:08:56 -0400
commitb05137d61ae3a0ab2abcf0e259446183d3f5ddd8 (patch)
treebe8066061b32cbdd94f6b9f18f94676f021e775a /deprecated
parent8772095c427c0c90747077271c70d84b16741359 (diff)
Make heat auth_encryption_key random
Currently we have a hard-coded default for auth_encryption_key, which isn't ideal as it's used as a salt for the DB encryption. Instead, reference an OS::Heat::RandomString resource so we create a random key for each deployment. Change-Id: Ic76b89db17603c114d98d28c01f75cc287fb2e90
Diffstat (limited to 'deprecated')
-rw-r--r--deprecated/overcloud-source.yaml5
1 files changed, 4 insertions, 1 deletions
diff --git a/deprecated/overcloud-source.yaml b/deprecated/overcloud-source.yaml
index 91b6b7fd..82fe6755 100644
--- a/deprecated/overcloud-source.yaml
+++ b/deprecated/overcloud-source.yaml
@@ -475,6 +475,8 @@ resources:
SubKey: resources.NovaCompute0PassthroughSpecific
parameters:
passthrough_config_specific: {get_param: NovaComputeExtraConfig}
+ HeatAuthEncryptionKey:
+ type: OS::Heat::RandomString
controllerConfig:
type: OS::Heat::StructuredConfig
properties:
@@ -561,7 +563,8 @@ resources:
get_param: HeatPassword
admin_tenant_name: service
admin_user: heat
- auth_encryption_key: unset___________
+ auth_encryption_key:
+ get_resource: HeatAuthEncryptionKey
db:
Fn::Join:
- ''