Add token secret to intermediate registry

An upcoming change will add JWT authentication to the registry; prepare for that by establishing a server-side secret for use in signing the tokens. Change-Id: Ibaa15dd0c4b0d797f01a1886186fdc021dc990fa
3 years ago · dee6a8b330
parent 3674059437
commit dee6a8b330
2 changed files with 2 additions and 0 deletions
--- a/playbooks/roles/registry/templates/registry.yaml.j2
+++ b/playbooks/roles/registry/templates/registry.yaml.j2
@ -3,6 +3,7 @@ registry:
  port: 5000
  tls-cert: /certs/domain.crt
  tls-key: /certs/domain.key
+  secret: {{ registry_token_secret }}
  users:
    - name: {{ registry_user }}
      pass: {{ registry_password }}
--- a/playbooks/zuul/templates/group_vars/registry.yaml.j2
+++ b/playbooks/zuul/templates/group_vars/registry.yaml.j2
@ -5,6 +5,7 @@ registry_swift_tenant: 123456
 registry_swift_region: DFW
 registry_swift_container: intermediate_registry
 registry_swift_secretkey: testsecretkey
+registry_token_secret: test_secret
 registry_password: testpassword
 registry_tls_cert: |
  -----BEGIN CERTIFICATE-----