From dee6a8b330cedfabce565ff36e4edddae0ac66a9 Mon Sep 17 00:00:00 2001
From: "James E. Blair" <jeblair@redhat.com>
Date: Tue, 8 Oct 2019 14:16:43 -0700
Subject: [PATCH] Add token secret to intermediate registry

An upcoming change will add JWT authentication to the registry;
prepare for that by establishing a server-side secret for use
in signing the tokens.

Change-Id: Ibaa15dd0c4b0d797f01a1886186fdc021dc990fa
---
 playbooks/roles/registry/templates/registry.yaml.j2  | 1 +
 playbooks/zuul/templates/group_vars/registry.yaml.j2 | 1 +
 2 files changed, 2 insertions(+)

diff --git a/playbooks/roles/registry/templates/registry.yaml.j2 b/playbooks/roles/registry/templates/registry.yaml.j2
index 28a19a7acd..edfd506f7a 100644
--- a/playbooks/roles/registry/templates/registry.yaml.j2
+++ b/playbooks/roles/registry/templates/registry.yaml.j2
@@ -3,6 +3,7 @@ registry:
   port: 5000
   tls-cert: /certs/domain.crt
   tls-key: /certs/domain.key
+  secret: {{ registry_token_secret }}
   users:
     - name: {{ registry_user }}
       pass: {{ registry_password }}
diff --git a/playbooks/zuul/templates/group_vars/registry.yaml.j2 b/playbooks/zuul/templates/group_vars/registry.yaml.j2
index 82cae3ccba..22d496a782 100644
--- a/playbooks/zuul/templates/group_vars/registry.yaml.j2
+++ b/playbooks/zuul/templates/group_vars/registry.yaml.j2
@@ -5,6 +5,7 @@ registry_swift_tenant: 123456
 registry_swift_region: DFW
 registry_swift_container: intermediate_registry
 registry_swift_secretkey: testsecretkey
+registry_token_secret: test_secret
 registry_password: testpassword
 registry_tls_cert: |
   -----BEGIN CERTIFICATE-----