Make heat auth_encryption_key random

Currently we have a hard-coded default for auth_encryption_key, which isn't ideal as it's used as a salt for the DB encryption. Instead, reference an OS::Heat::RandomString resource so we create a random key for each deployment. Change-Id: Ic76b89db17603c114d98d28c01f75cc287fb2e90
author: Steven Hardy <shardy@redhat.com> 2015-02-20 12:04:47 -0500
committer: Steven Hardy <shardy@redhat.com> 2015-03-13 06:08:56 -0400
commit: b05137d61ae3a0ab2abcf0e259446183d3f5ddd8 (patch)
tree: be8066061b32cbdd94f6b9f18f94676f021e775a /overcloud-without-mergepy.yaml
parent: 8772095c427c0c90747077271c70d84b16741359 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml
index c311a479..10a8a7fa 100644
--- a/overcloud-without-mergepy.yaml
+++ b/overcloud-without-mergepy.yaml
@@ -496,6 +496,9 @@ parameters:
 
 resources:
 
+  HeatAuthEncryptionKey:
+    type: OS::Heat::RandomString
+
   Controller:
     type: OS::Heat::ResourceGroup
     properties:
@@ -522,6 +525,7 @@ resources:
           GlanceLogFile: {get_param: GlanceLogFile}
           HeatPassword: {get_param: HeatPassword}
           HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword}
+          HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey}
           Image: {get_param: controllerImage}
           ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
           KeyName: {get_param: KeyName}
author	Steven Hardy <shardy@redhat.com>	2015-02-20 12:04:47 -0500
committer	Steven Hardy <shardy@redhat.com>	2015-03-13 06:08:56 -0400
commit	b05137d61ae3a0ab2abcf0e259446183d3f5ddd8 (patch)
tree	be8066061b32cbdd94f6b9f18f94676f021e775a /overcloud-without-mergepy.yaml
parent	8772095c427c0c90747077271c70d84b16741359 (diff)