diff options
author | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2017-06-12 15:17:28 +0300 |
---|---|---|
committer | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2017-06-14 10:03:54 +0300 |
commit | 490e237f09d2c685903b173d3fd94efc450a9cb2 (patch) | |
tree | bbe79fb4666eff4ff5f170a409cef190416b2959 /releasenotes/notes | |
parent | 4c78689966132b9a0b224e8e1ab5b789c72c0978 (diff) |
Use KeystoneFernetKeys instead of individual parameters
This uses the newly introduced dict with the keys and paths instead of
the individual keys. Having the advantage that rotation will be
possible on stack update, as we no longer have a limit on how many keys
we can pass (as we did with the individual parameters).
bp keystone-fernet-rotation
Change-Id: I7d224595b731d9f3390fce5a9d002282b2b4b8f2
Depends-On: I63ae158fa8cb33ac857dcf9434e9fbef07ecb68d
Diffstat (limited to 'releasenotes/notes')
-rw-r--r-- | releasenotes/notes/Use-KeystoneFernetKeys-parameter-bd635a106bb8e00f.yaml | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/releasenotes/notes/Use-KeystoneFernetKeys-parameter-bd635a106bb8e00f.yaml b/releasenotes/notes/Use-KeystoneFernetKeys-parameter-bd635a106bb8e00f.yaml new file mode 100644 index 00000000..1e2673f1 --- /dev/null +++ b/releasenotes/notes/Use-KeystoneFernetKeys-parameter-bd635a106bb8e00f.yaml @@ -0,0 +1,10 @@ +--- +features: + - The KeystoneFernetKeys parameter was introduced, which is able to take any + amount of keys as long as it's in the right format. It's generated by the + same mechanism as the rest of the passwords; so it's value is also + available via mistral's "password" environment variable. This will also + allow for rotations to be made via mistral and via stack updates. +deprecations: + - The individual keystone fernet key parameters (KeystoneFernetKey0 and + KeystoneFernetKey1) were deprecated in favor of KeystoneFernetKeys. |