aboutsummaryrefslogtreecommitdiffstats
path: root/puppet
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2015-12-03 18:27:04 +0000
committerGerrit Code Review <review@openstack.org>2015-12-03 18:27:04 +0000
commitfef30717744c2bbf99080b61de3015521ef6c035 (patch)
tree01bf1e28bc39eb5ccdda74ccbb0e7d1cb437daf2 /puppet
parent3bf96c7462b0c3cd6a8d6bc8d134c9d698f6dd6e (diff)
parentab231006a9c295f3afc669979896e8e589a0bccf (diff)
Merge "Minor fixes to TLS related resources"
Diffstat (limited to 'puppet')
-rw-r--r--puppet/controller.yaml2
-rw-r--r--puppet/extraconfig/tls/no-tls.yaml4
-rw-r--r--puppet/extraconfig/tls/tls-cert-inject.yaml4
3 files changed, 4 insertions, 6 deletions
diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index 244c91ef..2c1c18a3 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -742,7 +742,7 @@ resources:
properties:
server: {get_resource: Controller}
- # Hook for site-specific passing of private keys/certificates
+ # Resource for site-specific passing of private keys/certificates
NodeTLSData:
depends_on: NodeTLSCAData
type: OS::TripleO::NodeTLSData
diff --git a/puppet/extraconfig/tls/no-tls.yaml b/puppet/extraconfig/tls/no-tls.yaml
index 2da209cb..a2b5c569 100644
--- a/puppet/extraconfig/tls/no-tls.yaml
+++ b/puppet/extraconfig/tls/no-tls.yaml
@@ -13,10 +13,10 @@ parameters:
description: >
The filepath of the certificate as it will be stored in the controller.
type: string
- NodeIndex: # Here for compatibility with tls-cert-inject.yaml
+ NodeIndex: # Here for compatibility with puppet/controller.yaml
default: 0
type: number
- server: # Here for compatibility with tls-cert-inject.yaml
+ server: # Here for compatibility with puppet/controller.yaml
description: ID of the controller node to apply this config to
type: string
diff --git a/puppet/extraconfig/tls/tls-cert-inject.yaml b/puppet/extraconfig/tls/tls-cert-inject.yaml
index 739a51ad..ce524ba9 100644
--- a/puppet/extraconfig/tls/tls-cert-inject.yaml
+++ b/puppet/extraconfig/tls/tls-cert-inject.yaml
@@ -7,7 +7,6 @@ description: >
parameters:
# Can be overriden via parameter_defaults in the environment
SSLCertificate:
- default: ''
description: >
The content of the SSL certificate (without Key) in PEM format.
type: string
@@ -17,7 +16,6 @@ parameters:
The content of an SSL intermediate CA certificate in PEM format.
type: string
SSLKey:
- default: ''
description: >
The content of the SSL Key in PEM format.
type: string
@@ -53,7 +51,7 @@ resources:
- name: key_modulus
config: |
#!/bin/sh
- cat << EOF | tee ${cert_path} > /dev/null
+ cat > ${cert_path} << EOF
${cert_chain_content}
EOF
chmod 0440 ${cert_path}