ceph-disk: Use stdin for 'config-key put' command

The 'osd new' command is not available in jewel so backport support for stdin '-i -' and use it for the 'config-key put' command in order to not log the dmcrypt key. Fixes: http://tracker.ceph.com/issues/21059 Signed-off-by: Brad Hubbard <bhubbard@redhat.com>
ceph · Aug 22, 2017 · 1415ecb · 1415ecb
1 parent 28cfb01
commit 1415ecb
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/src/ceph-disk/ceph_disk/main.py b/src/ceph-disk/ceph_disk/main.py
@@ -2362,17 +2362,18 @@ def create_key(self):
         cluster = self.args.cluster
         bootstrap = self.args.prepare_key_template.format(cluster=cluster,
                                                           statedir=STATEDIR)
-        command_check_call(
+        command_with_stdin(
             [
                 'ceph',
                 '--cluster', cluster,
                 '--name', 'client.bootstrap-osd',
                 '--keyring', bootstrap,
+                '-i', '-',
                 'config-key',
                 'put',
                 'dm-crypt/osd/' + self.args.osd_uuid + '/luks',
-                base64_key,
             ],
+            base64_key
         )
         keyring, stderr, ret = command(
             [