heat_template_version: pike description: > Requests certificates using certmonger through Puppet parameters: ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json EnableInternalTLS: type: boolean default: false DefaultCRLURL: default: 'http://ipa-ca/ipa/crl/MasterCRL.bin' description: URI where to get the CRL to be configured in the nodes. type: string conditions: internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} outputs: role_data: description: Role data for the certmonger-user service value: service_name: certmonger_user config_settings: tripleo::certmonger::ca::crl::crl_source: if: - internal_tls_enabled - {get_param: DefaultCRLURL} - null step_config: | include ::tripleo::profile::base::certmonger_user