Updated security compliance section in README
* It need because `password_regex` was updeted.
Related-PROD: PROD-29484
Change-Id: I975bca12854e30098fbbba52897be28e8e427ef1
diff --git a/tests/integration/ocata/single/config_spec.rb b/tests/integration/ocata/single/config_spec.rb
index acead69..5dc35cd 100644
--- a/tests/integration/ocata/single/config_spec.rb
+++ b/tests/integration/ocata/single/config_spec.rb
@@ -120,14 +120,14 @@
keystone_security_compliance = {
'disable_user_account_days_inactive' => '90',
- 'lockout_failure_attempts' => '5',
+ 'lockout_failure_attempts' => '60',
'lockout_duration' => '600',
- 'password_expires_days' => '90',
- 'unique_last_password_count' => '10',
+ 'password_expires_days' => '730',
+ 'unique_last_password_count' => '5',
'minimum_password_age' => '0',
- 'password_regex' => '^(?=.*\d)(?=.*[a-zA-Z]).{7,}$$',
- 'password_regex_description' => 'Your password must contains at least 1 letter, 1 digit, and have a minimum length of 7 characters',
- 'change_password_upon_first_use' => 'True',
+ 'password_regex' => '^[a-zA-Z0-9]{32,}$$',
+ 'password_regex_description' => 'Your password could contains capital letters, lowercase letters, digits and have a minimum length of 32 characters',
+ 'change_password_upon_first_use' => 'False',
}
keystone_federation = {
diff --git a/tests/integration/pike/single/config_spec.rb b/tests/integration/pike/single/config_spec.rb
index 7f7bd01..156f002 100644
--- a/tests/integration/pike/single/config_spec.rb
+++ b/tests/integration/pike/single/config_spec.rb
@@ -120,14 +120,14 @@
keystone_security_compliance = {
'disable_user_account_days_inactive' => '90',
- 'lockout_failure_attempts' => '5',
+ 'lockout_failure_attempts' => '60',
'lockout_duration' => '600',
- 'password_expires_days' => '90',
- 'unique_last_password_count' => '10',
+ 'password_expires_days' => '730',
+ 'unique_last_password_count' => '5',
'minimum_password_age' => '0',
- 'password_regex' => '^(?=.*\d)(?=.*[a-zA-Z]).{7,}$$',
- 'password_regex_description' => 'Your password must contains at least 1 letter, 1 digit, and have a minimum length of 7 characters',
- 'change_password_upon_first_use' => 'True',
+ 'password_regex' => '^[a-zA-Z0-9]{32,}$$',
+ 'password_regex_description' => 'Your password could contains capital letters, lowercase letters, digits and have a minimum length of 32 characters',
+ 'change_password_upon_first_use' => 'False',
}
keystone_federation = {
diff --git a/tests/integration/queens/single/config_spec.rb b/tests/integration/queens/single/config_spec.rb
index cda5269..f82b08e 100644
--- a/tests/integration/queens/single/config_spec.rb
+++ b/tests/integration/queens/single/config_spec.rb
@@ -172,14 +172,14 @@
keystone_security_compliance = {
'disable_user_account_days_inactive' => '90',
- 'lockout_failure_attempts' => '5',
+ 'lockout_failure_attempts' => '60',
'lockout_duration' => '600',
- 'password_expires_days' => '90',
- 'unique_last_password_count' => '10',
+ 'password_expires_days' => '730',
+ 'unique_last_password_count' => '5',
'minimum_password_age' => '0',
- 'password_regex' => '^(?=.*\d)(?=.*[a-zA-Z]).{7,}$$',
- 'password_regex_description' => 'Your password must contains at least 1 letter, 1 digit, and have a minimum length of 7 characters',
- 'change_password_upon_first_use' => 'True',
+ 'password_regex' => '^[a-zA-Z0-9]{32,}$$',
+ 'password_regex_description' => 'Your password could contains capital letters, lowercase letters, digits and have a minimum length of 32 characters',
+ 'change_password_upon_first_use' => 'False',
}
keystone_federation = {
diff --git a/tests/integration/rocky/single/config_spec.rb b/tests/integration/rocky/single/config_spec.rb
index e07be3e..e05e89f 100644
--- a/tests/integration/rocky/single/config_spec.rb
+++ b/tests/integration/rocky/single/config_spec.rb
@@ -144,14 +144,14 @@
keystone_security_compliance = {
'disable_user_account_days_inactive' => '90',
- 'lockout_failure_attempts' => '5',
+ 'lockout_failure_attempts' => '60',
'lockout_duration' => '600',
- 'password_expires_days' => '90',
- 'unique_last_password_count' => '10',
+ 'password_expires_days' => '730',
+ 'unique_last_password_count' => '5',
'minimum_password_age' => '0',
- 'password_regex' => '^(?=.*\d)(?=.*[a-zA-Z]).{7,}$$',
- 'password_regex_description' => 'Your password must contains at least 1 letter, 1 digit, and have a minimum length of 7 characters',
- 'change_password_upon_first_use' => 'True',
+ 'password_regex' => '^[a-zA-Z0-9]{32,}$$',
+ 'password_regex_description' => 'Your password could contains capital letters, lowercase letters, digits and have a minimum length of 32 characters',
+ 'change_password_upon_first_use' => 'False',
}
keystone_federation = {
diff --git a/tests/pillar/cluster.sls b/tests/pillar/cluster.sls
index 24b17f4..11e0e7d 100644
--- a/tests/pillar/cluster.sls
+++ b/tests/pillar/cluster.sls
@@ -30,14 +30,15 @@
notification_format: cadf
security_compliance:
disable_user_account_days_inactive: 90
- lockout_failure_attempts: 5
+ lockout_failure_attempts: 60
lockout_duration: 600
- password_expires_days: 90
- unique_last_password_count: 10
+ password_expires_days: 730
+ unique_last_password_count: 5
minimum_password_age: 0
- password_regex: '^(?=.*\d)(?=.*[a-zA-Z]).{7,}$$'
- password_regex_description: 'Your password must contains at least 1 letter, 1 digit, and have a minimum length of 7 characters'
- change_password_upon_first_use: True
+ password_regex: '^[a-zA-Z0-9]{32,}$$'
+ password_regex_description: |
+ Your password could contains capital letters, lowercase letters, digits and have a minimum length of 32 characters
+ change_password_upon_first_use: False
logging:
log_appender: false
log_handlers:
diff --git a/tests/pillar/single.sls b/tests/pillar/single.sls
index f870998..697e40e 100644
--- a/tests/pillar/single.sls
+++ b/tests/pillar/single.sls
@@ -75,14 +75,15 @@
notification_format: cadf
security_compliance:
disable_user_account_days_inactive: 90
- lockout_failure_attempts: 5
+ lockout_failure_attempts: 60
lockout_duration: 600
- password_expires_days: 90
- unique_last_password_count: 10
+ password_expires_days: 730
+ unique_last_password_count: 5
minimum_password_age: 0
- password_regex: '^(?=.*\d)(?=.*[a-zA-Z]).{7,}$$'
- password_regex_description: 'Your password must contains at least 1 letter, 1 digit, and have a minimum length of 7 characters'
- change_password_upon_first_use: True
+ password_regex: '^[a-zA-Z0-9]{32,}$$'
+ password_regex_description: |
+ Your password could contains capital letters, lowercase letters, digits and have a minimum length of 32 characters
+ change_password_upon_first_use: False
logging:
debug: true
log_file: 'logfile.log'