summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrey Pavlov <apavlov@mirantis.com>2017-03-06 05:40:42 +0000
committerAndrey Pavlov <apavlov@mirantis.com>2017-03-09 10:14:04 +0000
commitece5b265d718f25dce9cd413aa1db2360cec34cb (patch)
tree1154f78caec3c2334452ffa616eac78aa7581e33
parent4a6ffd6204d7d0e59239b17dfe37d99f27479227 (diff)
Store sensitive configs in secret
Notes
Notes (review): Verified+1: Mirantis CCP CI <mirantis-fuel-ccp-ci@mirantis.com> Code-Review+2: Sergey Reshetnyak <sreshetniak@mirantis.com> Code-Review+2: Yuriy Taraday <yorik.sar@gmail.com> Workflow+1: Yuriy Taraday <yorik.sar@gmail.com> Verified+2: Jenkins Submitted-by: Jenkins Submitted-at: Fri, 10 Mar 2017 09:55:57 +0000 Reviewed-on: https://review.openstack.org/441757 Project: openstack/fuel-ccp-keystone Branch: refs/heads/master
-rw-r--r--service/files/defaults.yaml17
1 files changed, 10 insertions, 7 deletions
diff --git a/service/files/defaults.yaml b/service/files/defaults.yaml
index 550b8ee..2e05c18 100644
--- a/service/files/defaults.yaml
+++ b/service/files/defaults.yaml
@@ -9,18 +9,11 @@ configs:
9 admin_port: 9 admin_port:
10 cont: 35357 10 cont: 35357
11 11
12 db:
13 password: password
14 name: keystone
15 username: keystone
16
17 wsgi: 12 wsgi:
18 processes: 6 13 processes: 6
19 threads: 1 14 threads: 1
20 15
21 fernet_secret_name: keystone-fernet-keys 16 fernet_secret_name: keystone-fernet-keys
22 # 100% random default
23 credential_key: "2jjLrgOLvI-wj7g-8058SSCw0-ZnL4Ghg5cLuBirxL8="
24 17
25 notifications: 18 notifications:
26 enable: false 19 enable: false
@@ -29,6 +22,16 @@ configs:
29 22
30 encrypt_tokens_in_memcached: 23 encrypt_tokens_in_memcached:
31 enabled: true 24 enabled: true
25
26secret_configs:
27 keystone:
28 db:
29 password: password
30 name: keystone
31 username: keystone
32
33 credential_key: "2jjLrgOLvI-wj7g-8058SSCw0-ZnL4Ghg5cLuBirxL8="
34 encrypt_tokens_in_memcached:
32 secret_key: password 35 secret_key: password
33 36
34 openstack: 37 openstack: