From fa4ed015b083dfe416aaf2cd666ca666284608ce Mon Sep 17 00:00:00 2001 From: Juan Antonio Osorio Robles Date: Mon, 12 Oct 2015 13:59:22 +0300 Subject: Set shared secrets, keys and passwords as hidden Change-Id: Ieb27729c6b33ffc849d07200ec0d42508214956e Closes-Bug: #1399793 --- os-apply-config/ceph-storage.yaml | 2 ++ os-apply-config/cinder-storage.yaml | 1 + os-apply-config/compute.yaml | 1 + os-apply-config/controller.yaml | 4 ++++ overcloud-without-mergepy.yaml | 4 ++++ puppet/cinder-storage.yaml | 1 + puppet/compute.yaml | 1 + puppet/controller.yaml | 4 ++++ puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml | 2 ++ 9 files changed, 20 insertions(+) diff --git a/os-apply-config/ceph-storage.yaml b/os-apply-config/ceph-storage.yaml index 0dbcd3e7..fc321d88 100644 --- a/os-apply-config/ceph-storage.yaml +++ b/os-apply-config/ceph-storage.yaml @@ -20,10 +20,12 @@ parameters: default: '' description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key. type: string + hidden: true CephAdminKey: default: '' description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. type: string + hidden: true CephMonitors: default: '' description: The list of ip/names to use as Ceph monitors diff --git a/os-apply-config/cinder-storage.yaml b/os-apply-config/cinder-storage.yaml index 7a686970..7f1164c4 100644 --- a/os-apply-config/cinder-storage.yaml +++ b/os-apply-config/cinder-storage.yaml @@ -87,6 +87,7 @@ parameters: RabbitPassword: default: 'guest' type: string + hidden: true RabbitUserName: default: 'guest' type: string diff --git a/os-apply-config/compute.yaml b/os-apply-config/compute.yaml index 88d4cb2b..0a74cda9 100644 --- a/os-apply-config/compute.yaml +++ b/os-apply-config/compute.yaml @@ -181,6 +181,7 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true NeutronCorePlugin: default: "ml2" description: | diff --git a/os-apply-config/controller.yaml b/os-apply-config/controller.yaml index 18dcc8eb..d9a9d338 100644 --- a/os-apply-config/controller.yaml +++ b/os-apply-config/controller.yaml @@ -215,9 +215,11 @@ parameters: HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string + hidden: true HorizonSecret: description: Secret key for Django type: string + hidden: true Image: type: string default: overcloud-control @@ -317,6 +319,7 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true NeutronCorePlugin: default: 'ml2' description: | @@ -434,6 +437,7 @@ parameters: PcsdPassword: type: string description: The password for the 'pcsd' user. + hidden: true PublicVirtualInterface: default: 'br-ex' description: > diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml index 654c2427..76197661 100644 --- a/overcloud-without-mergepy.yaml +++ b/overcloud-without-mergepy.yaml @@ -38,10 +38,12 @@ parameters: default: '' description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key. type: string + hidden: true CephAdminKey: default: '' description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. type: string + hidden: true CinderEnableNfsBackend: default: false description: Whether to enable or not the NFS backend for Cinder @@ -50,6 +52,7 @@ parameters: default: '' description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring. type: string + hidden: true CephExternalMonHost: default: '' type: string @@ -158,6 +161,7 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true NeutronTunnelTypes: default: 'vxlan' description: | diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 972523ae..6a869219 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -59,6 +59,7 @@ parameters: RabbitPassword: default: 'guest' type: string + hidden: true RabbitUserName: default: 'guest' type: string diff --git a/puppet/compute.yaml b/puppet/compute.yaml index bdee93dd..810a8b9b 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -149,6 +149,7 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true NeutronCorePlugin: default: 'ml2' description: | diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 8ea7053e..5013cf32 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -187,6 +187,7 @@ parameters: HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string + hidden: true HorizonAllowedHosts: default: '*' description: A list of IP/Hostname allowed to connect to horizon @@ -194,6 +195,7 @@ parameters: HorizonSecret: description: Secret key for Django type: string + hidden: true Image: type: string default: overcloud-control @@ -301,6 +303,7 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true NeutronCorePlugin: default: 'ml2' description: | @@ -414,6 +417,7 @@ parameters: PcsdPassword: type: string description: The password for the 'pcsd' user. + hidden: true PublicVirtualInterface: default: 'br-ex' description: > diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml index 18295a2f..7ec2190f 100644 --- a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml +++ b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml @@ -18,6 +18,7 @@ parameters: type: string CinderNetappPassword: type: string + hidden: true CinderNetappServerHostname: type: string CinderNetappServerPort: @@ -65,6 +66,7 @@ parameters: CinderNetappSaPassword: type: string default: '' + hidden: true CinderNetappStoragePools: type: string default: '' -- cgit 1.2.3-korg