simple_crypto: kek should be secret
... because the parameter takes encryption key. Change-Id: I2d20cffb14295d560135ab1f1907da8b7ca3fc94
This commit is contained in:
parent
7558739921
commit
7912e8d09a
|
@ -5,7 +5,7 @@
|
|||
# === Parameters
|
||||
#
|
||||
# [*simple_crypto_plugin_kek*]
|
||||
# (optional) base64 encoded 32-byte value
|
||||
# (optional) Key encryption key to be used by Simple Crypto Pluging.
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*global_default*]
|
||||
|
@ -26,6 +26,6 @@ class barbican::plugins::simple_crypto (
|
|||
}
|
||||
|
||||
barbican_config {
|
||||
'simple_crypto_plugin/kek': value => $simple_crypto_plugin_kek;
|
||||
'simple_crypto_plugin/kek': value => $simple_crypto_plugin_kek, secret => true;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -25,14 +25,15 @@ describe 'barbican::plugins::simple_crypto' do
|
|||
describe 'with parameter passed into pk11 plugin' do
|
||||
let :params do
|
||||
{
|
||||
:simple_crypto_plugin_kek => 'XXXXXXXXXXXXX',
|
||||
:global_default => true,
|
||||
:simple_crypto_plugin_kek => 'XXXXXXXXXXXXX',
|
||||
:global_default => true,
|
||||
}
|
||||
end
|
||||
|
||||
it 'is_expected.to set simple_crypto parameters' do
|
||||
is_expected.to contain_barbican_config('simple_crypto_plugin/kek') \
|
||||
.with_value(params[:simple_crypto_plugin_kek])
|
||||
.with_value(params[:simple_crypto_plugin_kek]) \
|
||||
.with_secret(true)
|
||||
is_expected.to contain_barbican_config(
|
||||
'secretstore:simple_crypto/secret_store_plugin') \
|
||||
.with_value('store_crypto')
|
||||
|
@ -52,7 +53,8 @@ describe 'barbican::plugins::simple_crypto' do
|
|||
|
||||
it 'is_expected.to set default simple_crypto parameters' do
|
||||
is_expected.to contain_barbican_config('simple_crypto_plugin/kek') \
|
||||
.with_value('<SERVICE DEFAULT>')
|
||||
.with_value('<SERVICE DEFAULT>') \
|
||||
.with_secret(true)
|
||||
is_expected.to contain_barbican_config(
|
||||
'secretstore:simple_crypto/secret_store_plugin') \
|
||||
.with_value('store_crypto')
|
||||
|
|
Loading…
Reference in New Issue