commit 07428d498501c58fa8dc618fc6f4dd84643891db
Author: Yan Xing'an <email address hidden>
Date: Wed Jun 7 03:03:02 2017 -0700
Support to use barbican to encode vim password
1. Add new option 'use_barbican' in config file [vim_keys] section,
default value is False for Pike.
2. Use fernet to encrypt vim password, and save the fernet key into
barbican as a secret.
3. Add new fields 'key_type', 'secret_uuid' into VimAuth.auth_cred
json string. secret_uuid is masked in vim-show or vim-list response.
4. Set the vim's default 'shared' value to False,
vim can only be used by who created it.
5. Add a devref to show how to test.
6. Add a release note.
Reviewed: https:/ /review. openstack. org/465080 /git.openstack. org/cgit/ openstack/ tacker/ commit/ ?id=07428d49850 1c58fa8dc618fc6 f4dd84643891db
Committed: https:/
Submitter: Jenkins
Branch: master
commit 07428d498501c58 fa8dc618fc6f4dd 84643891db
Author: Yan Xing'an <email address hidden>
Date: Wed Jun 7 03:03:02 2017 -0700
Support to use barbican to encode vim password
1. Add new option 'use_barbican' in config file [vim_keys] section,
default value is False for Pike.
2. Use fernet to encrypt vim password, and save the fernet key into
barbican as a secret.
3. Add new fields 'key_type', 'secret_uuid' into VimAuth.auth_cred
json string. secret_uuid is masked in vim-show or vim-list response.
4. Set the vim's default 'shared' value to False,
vim can only be used by who created it.
5. Add a devref to show how to test.
6. Add a release note.
Implements: blueprint encryption- with-barbican
Partial-bug: #1667652
Change-Id: I5c779041df5a08 a361b9aaefac7d2 41369732551