Add configurations for octavia image sign Related-PROD: PROD-24494 Change-Id: I7d22c5c4570ec6b3cfb5a2346f5efb83d5804222

commit: b8ffadecf5fcc40d3eac89237567c0f4ab84937b [log] [tgz]
author: Ann Taraday <akamyshnikova@mirantis.com> Mon Nov 19 17:01:04 2018 +0400
committer: Anna Taraday <akamyshnikova@mirantis.com> Wed Dec 05 12:31:58 2018 +0000
tree: a2b482738fc209b10fa23a89c2af890c957461ce
parent: ce4124bc7d543448e153342f22a54a31b0e293ea [diff] [blame]
diff --git a/salt/minion/cert/octavia/image_sign.yml b/salt/minion/cert/octavia/image_sign.yml
new file mode 100644
index 0000000..2e67a02
--- /dev/null
+++ b/salt/minion/cert/octavia/image_sign.yml

@@ -0,0 +1,17 @@
+classes:
+- system.salt.minion.cert.octavia
+parameters:
+  _param:
+    octavia_image_cert_key: /etc/octavia/certs/image.key
+    octavia_image_cert_file: /etc/octavia/certs/image.crt
+  salt:
+    minion:
+      cert:
+        octavia:
+          host: ${_param:octavia_ca_host}
+          authority: octavia_ca
+          common_name: octavia
+          signing_policy: cert_server
+          key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+          key_file:  ${_param:octavia_image_cert_key}
+          cert_file: ${_param:octavia_image_cert_file}
\ No newline at end of file
commit	b8ffadecf5fcc40d3eac89237567c0f4ab84937b	[log] [tgz]
author	Ann Taraday <akamyshnikova@mirantis.com>	Mon Nov 19 17:01:04 2018 +0400
committer	Anna Taraday <akamyshnikova@mirantis.com>	Wed Dec 05 12:31:58 2018 +0000
tree	a2b482738fc209b10fa23a89c2af890c957461ce
parent	ce4124bc7d543448e153342f22a54a31b0e293ea [diff] [blame]