From b1c40b3dbbc7cfbf9ed0f6f657a68b4ea6a53136 Mon Sep 17 00:00:00 2001
From: "Jose A. Rivera" <jarrpa@redhat.com>
Date: Fri, 16 Jun 2017 18:02:18 -0500
Subject: GlusterFS: Generate better secret keys

Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
---
 .../tasks/glusterfs_common.yml                          | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml')

diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
index 92accc170..4406ef28b 100644
--- a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
+++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
@@ -123,6 +123,23 @@
   when:
   - glusterfs_heketi_topology_load
 
+- name: Generate heketi admin key
+  set_fact:
+    glusterfs_heketi_admin_key: "{{ 32 | oo_generate_secret }}"
+  when:
+  - glusterfs_heketi_is_native
+  - glusterfs_heketi_admin_key is undefined
+
+- name: Generate heketi user key
+  set_fact:
+    glusterfs_heketi_user_key: "{{ 32 | oo_generate_secret }}"
+  until: "glusterfs_heketi_user_key != glusterfs_heketi_admin_key"
+  delay: 1
+  retries: 10
+  when:
+  - glusterfs_heketi_is_native
+  - glusterfs_heketi_user_key is undefined
+
 - include: heketi_deploy_part1.yml
   when:
   - glusterfs_heketi_is_native
-- 
cgit v1.2.1