From 57f14d99c14846e6187f3e3d611ea7c2e76174e8 Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Date: Mon, 12 Sep 2016 11:42:02 +0300
Subject: Add option to specify Certmonger CA

This will be used for internal (or even public) TLS, for when
certmonger is generating the certificates. This same setting is used
for the undercloud with the generate_service_certificate option.

Change-Id: Ic54fe512b9ed5c71417a66491b7954e653f660b6
---
 puppet/all-nodes-config.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'puppet/all-nodes-config.yaml')

diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml
index c764d4ef..89f2705e 100644
--- a/puppet/all-nodes-config.yaml
+++ b/puppet/all-nodes-config.yaml
@@ -56,6 +56,12 @@ parameters:
       Heat action on performed top-level stack.
     constraints:
     - allowed_values: ['CREATE', 'UPDATE']
+  # NOTE(jaosorior): This is being set as IPA as it's the first
+  # CA we'll actually be testing out. But we can change this if
+  # people request it.
+  CertmongerCA:
+    type: string
+    default: 'IPA'
 
 resources:
 
@@ -210,6 +216,8 @@ resources:
                     cloud_name_storage: {get_param: cloud_name_storage}
                     cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
                     cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
+                    # TLS parameters
+                    certmonger_ca: {get_param: CertmongerCA}
 
 outputs:
   config_id:
-- 
cgit 1.2.3-korg