Fix certificates creation for image sign
Change-Id: I60984a2badac898b4d375dd22981e4b303f8f5db
Related-PROD: PROD-25719
diff --git a/barbican/client/v1/init.yml b/barbican/client/v1/init.yml
index c582343..352520d 100644
--- a/barbican/client/v1/init.yml
+++ b/barbican/client/v1/init.yml
@@ -1,5 +1,6 @@
-barbican:
- client:
- resources:
- v1:
- enabled: true
\ No newline at end of file
+parameters:
+ barbican:
+ client:
+ resources:
+ v1:
+ enabled: true
\ No newline at end of file
diff --git a/barbican/client/v1/signed_images/octavia.yml b/barbican/client/v1/signed_images/octavia.yml
index c348674..ae708cf 100644
--- a/barbican/client/v1/signed_images/octavia.yml
+++ b/barbican/client/v1/signed_images/octavia.yml
@@ -1,3 +1,6 @@
+classes:
+- system.barbican.client.v1.octavia
+
parameters:
_param:
octavia_image_cert_key: '/etc/octavia/certs/image.key'
diff --git a/salt/minion/cert/octavia/image_sign.yml b/salt/minion/cert/octavia/image_sign.yml
index 2e67a02..ad7cfd0 100644
--- a/salt/minion/cert/octavia/image_sign.yml
+++ b/salt/minion/cert/octavia/image_sign.yml
@@ -1,17 +1,15 @@
-classes:
-- system.salt.minion.cert.octavia
parameters:
_param:
+ salt_minion_ca_authority: salt_master_ca
octavia_image_cert_key: /etc/octavia/certs/image.key
octavia_image_cert_file: /etc/octavia/certs/image.crt
salt:
minion:
cert:
octavia:
- host: ${_param:octavia_ca_host}
- authority: octavia_ca
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
common_name: octavia
signing_policy: cert_server
- key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
key_file: ${_param:octavia_image_cert_key}
cert_file: ${_param:octavia_image_cert_file}
\ No newline at end of file