From ab231006a9c295f3afc669979896e8e589a0bccf Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Date: Wed, 25 Nov 2015 13:23:54 +0200
Subject: [PATCH] Minor fixes to TLS related resources

* Fixed a comment to avoid ambiguity with concepts in Heat
* Removed default values from necessary parameters in the TLS
  environment
* Simplified setting of the cert/key into a file.

Change-Id: I351778150a6fbf7affe1a0fddb1abb9869324dfc
---
 puppet/controller.yaml                      | 2 +-
 puppet/extraconfig/tls/no-tls.yaml          | 4 ++--
 puppet/extraconfig/tls/tls-cert-inject.yaml | 4 +---
 3 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index 9792e7dc1d..d937e5262e 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -716,7 +716,7 @@ resources:
     properties:
       server: {get_resource: Controller}
 
-  # Hook for site-specific passing of private keys/certificates
+  # Resource for site-specific passing of private keys/certificates
   NodeTLSData:
     depends_on: NodeTLSCAData
     type: OS::TripleO::NodeTLSData
diff --git a/puppet/extraconfig/tls/no-tls.yaml b/puppet/extraconfig/tls/no-tls.yaml
index 2da209cb11..a2b5c569bc 100644
--- a/puppet/extraconfig/tls/no-tls.yaml
+++ b/puppet/extraconfig/tls/no-tls.yaml
@@ -13,10 +13,10 @@ parameters:
     description: >
         The filepath of the certificate as it will be stored in the controller.
     type: string
-  NodeIndex: # Here for compatibility with tls-cert-inject.yaml
+  NodeIndex: # Here for compatibility with puppet/controller.yaml
     default: 0
     type: number
-  server:    # Here for compatibility with tls-cert-inject.yaml
+  server:    # Here for compatibility with puppet/controller.yaml
     description: ID of the controller node to apply this config to
     type: string
 
diff --git a/puppet/extraconfig/tls/tls-cert-inject.yaml b/puppet/extraconfig/tls/tls-cert-inject.yaml
index 739a51adbe..ce524ba93c 100644
--- a/puppet/extraconfig/tls/tls-cert-inject.yaml
+++ b/puppet/extraconfig/tls/tls-cert-inject.yaml
@@ -7,7 +7,6 @@ description: >
 parameters:
   # Can be overriden via parameter_defaults in the environment
   SSLCertificate:
-    default: ''
     description: >
       The content of the SSL certificate (without Key) in PEM format.
     type: string
@@ -17,7 +16,6 @@ parameters:
       The content of an SSL intermediate CA certificate in PEM format.
     type: string
   SSLKey:
-    default: ''
     description: >
       The content of the SSL Key in PEM format.
     type: string
@@ -53,7 +51,7 @@ resources:
         - name: key_modulus
       config: |
         #!/bin/sh
-        cat << EOF | tee ${cert_path} > /dev/null
+        cat > ${cert_path} << EOF
         ${cert_chain_content}
         EOF
         chmod 0440 ${cert_path}