Currently the Auth encryption key for heat-api
and heat-api-cfn deployed via charm-heat-k8s
charm instances are different and so causes
issues when heat-engine from heat-api-cfn handles
request for heat-api. The heat-engines of both
heat-api and heat-api-cfn are used for handling
both heat-api and heat-api-cfn stacks as the AMQP
topic is same and not configurable.
Add a new interface heat-shared-config to share
the auth encryption key between heat-api and
heat-api-cfn.
heat-api update the relation data with auth
encryption key once the key is generated or
any new relations are connected via heat-shared-config.
Save the auth encryption key as juju secret
instead of plain text and grant access to
peer and units connected via heat-shared-interface.
Reviewed: https:/ /review. opendev. org/c/openstack /charm- heat-k8s/ +/897663 /opendev. org/openstack/ charm-heat- k8s/commit/ 0459106b3c1ac57 3286898f8aefc02 80f0bf4358
Committed: https:/
Submitter: "Zuul (22348)"
Branch: main
commit 0459106b3c1ac57 3286898f8aefc02 80f0bf4358
Author: Hemanth Nakkina <email address hidden>
Date: Mon Oct 9 16:37:03 2023 +0530
Share auth encryption key over relation
Currently the Auth encryption key for heat-api
and heat-api-cfn deployed via charm-heat-k8s
charm instances are different and so causes
issues when heat-engine from heat-api-cfn handles
request for heat-api. The heat-engines of both
heat-api and heat-api-cfn are used for handling
both heat-api and heat-api-cfn stacks as the AMQP
topic is same and not configurable.
Add a new interface heat-shared-config to share interface.
the auth encryption key between heat-api and
heat-api-cfn.
heat-api update the relation data with auth
encryption key once the key is generated or
any new relations are connected via heat-shared-config.
Save the auth encryption key as juju secret
instead of plain text and grant access to
peer and units connected via heat-shared-
Closes-Bug: #2036890 7585141e15b20b0 1172b14ecc4
Change-Id: I2ec7f03b5c64d8