Merge "Add HorizonSecureCookies to environments/ssl/enable-tls.yaml"

2019-01-18 10:26:59 +00:00 · 2019-01-18 10:26:59 +00:00 · 349083a058
parent a263ac7609 eb52c794d9
commit 349083a058
2 changed files with 8 additions and 0 deletions
--- a/environments/ssl/enable-tls.yaml
+++ b/environments/ssl/enable-tls.yaml
@ -10,6 +10,10 @@
 #   For these values to take effect, one of the tls-endpoints-*.yaml
 #   environments must also be used.
 parameter_defaults:
+  # Set CSRF_COOKIE_SECURE / SESSION_COOKIE_SECURE in Horizon
+  # Type: boolean
+  HorizonSecureCookies: True
+
  # The content of the SSL certificate (without Key) in PEM format.
  # Type: string
  SSLCertificate: |
--- a/sample-env-generator/ssl.yaml
+++ b/sample-env-generator/ssl.yaml
@ -9,6 +9,9 @@ environments:
    files:
      puppet/services/haproxy-public-tls-inject.yaml:
        parameters: all
+      puppet/services/horizon.yaml:
+        parameters:
+          - HorizonSecureCookies
    static:
      # This should probably be private, but for testing static params I'm
      # setting it as such for now.
@ -20,6 +23,7 @@ environments:
      SSLKey: |-
        |
            The contents of the private key go here
+      HorizonSecureCookies: True
  -
    name: ssl/enable-internal-tls
    title: Enable SSL on OpenStack Internal Endpoints