tacker

  1. Bug #1667652
  2. Comment #8

Comment 8 for bug 1667652

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tacker (master)

Reviewed: https://review.openstack.org/465080
Committed: https://git.openstack.org/cgit/openstack/tacker/commit/?id=07428d498501c58fa8dc618fc6f4dd84643891db
Submitter: Jenkins
Branch: master

commit 07428d498501c58fa8dc618fc6f4dd84643891db
Author: Yan Xing'an <email address hidden>
Date: Wed Jun 7 03:03:02 2017 -0700

    Support to use barbican to encode vim password

    1. Add new option 'use_barbican' in config file [vim_keys] section,
       default value is False for Pike.
    2. Use fernet to encrypt vim password, and save the fernet key into
       barbican as a secret.
    3. Add new fields 'key_type', 'secret_uuid' into VimAuth.auth_cred
       json string. secret_uuid is masked in vim-show or vim-list response.
    4. Set the vim's default 'shared' value to False,
       vim can only be used by who created it.
    5. Add a devref to show how to test.
    6. Add a release note.

    Implements: blueprint encryption-with-barbican
    Partial-bug: #1667652

    Change-Id: I5c779041df5a08a361b9aaefac7d241369732551