From fd81b5e30811b4a1b2f56fef881edc1d8e137065 Mon Sep 17 00:00:00 2001
From: Andrey Pavlov <apavlov@mirantis.com>
Date: Mon, 20 Feb 2017 14:27:35 +0000
Subject: [PATCH] Moving tls flag from percona to db group

Change-Id: I14498d05bebaa632354b588a7b5ec35c6e94b375
Depends-On: I2ff95f7a1cbb14cb1cd9e35677f95c30a4523340
---
 service/files/backup.sh.j2     | 2 +-
 service/files/keystone.conf.j2 | 2 +-
 service/keystone.yaml          | 6 +++---
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/service/files/backup.sh.j2 b/service/files/backup.sh.j2
index e425325..0d8e930 100644
--- a/service/files/backup.sh.j2
+++ b/service/files/backup.sh.j2
@@ -1,6 +1,6 @@
 #!/bin/bash -ex
 set -o pipefail
 BACKUP_FILE="/var/ccp/backup/keystone/backup-$(date "+%Y%m%d%H%M%S").sql"
-mysqldump {% if percona.tls.enabled %} --ssl-mode REQUIRED {% endif %} -h {{ address(service.database) }} \
+mysqldump {% if db.tls.enabled %} --ssl-mode REQUIRED {% endif %} -h {{ address(service.database) }} \
     -u {{ keystone.db.username }} -p{{ keystone.db.password }} \
     --single-transaction {{ keystone.db.name }} > "${BACKUP_FILE}"
diff --git a/service/files/keystone.conf.j2 b/service/files/keystone.conf.j2
index d64aaf6..763fdf1 100644
--- a/service/files/keystone.conf.j2
+++ b/service/files/keystone.conf.j2
@@ -8,7 +8,7 @@ notification_format = {{ keystone.notifications.format }}
 {% endif %}
 
 [database]
-connection = mysql+pymysql://{{ keystone.db.username }}:{{ keystone.db.password }}@{{ address(service.database) }}/{{ keystone.db.name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
+connection = mysql+pymysql://{{ keystone.db.username }}:{{ keystone.db.password }}@{{ address(service.database) }}/{{ keystone.db.name }}{% if db.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
 max_retries = -1
 max_overflow = 60
 
diff --git a/service/keystone.yaml b/service/keystone.yaml
index 8cd251f..5c9a669 100644
--- a/service/keystone.yaml
+++ b/service/keystone.yaml
@@ -41,11 +41,11 @@ service:
           command:
             mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ keystone.db.name }};
             create user '{{ keystone.db.username }}'@'%' identified by '{{ keystone.db.password }}'
-            {% if percona.tls.enabled %} require ssl {% endif %};
+            {% if db.tls.enabled %} require ssl {% endif %};
             grant all privileges on {{ keystone.db.name }}.* to '{{ keystone.db.username }}'@'%' identified by '{{ keystone.db.password }}'
-            {% if percona.tls.enabled %} require ssl {% endif %};
+            {% if db.tls.enabled %} require ssl {% endif %};
             grant super on *.* to '{{ keystone.db.username }}'@'%' identified by '{{ keystone.db.password }}'
-            {% if percona.tls.enabled %} require ssl {% endif %};"
+            {% if db.tls.enabled %} require ssl {% endif %};"
         - name: keystone-db-sync
           files:
             - keystone-conf