From eab74cac07511c0cff4ae351d59189b4e435a447 Mon Sep 17 00:00:00 2001
From: chris meyers <chris.meyers.fsu@gmail.com>
Date: Wed, 25 Mar 2020 07:39:29 -0400
Subject: [PATCH] autogenerate websocket secret

---
 installer/roles/kubernetes/tasks/main.yml                | 6 ++++++
 installer/roles/kubernetes/templates/credentials.py.j2   | 2 ++
 installer/roles/local_docker/tasks/main.yml              | 6 ++++++
 installer/roles/local_docker/templates/credentials.py.j2 | 2 ++
 4 files changed, 16 insertions(+)

diff --git a/installer/roles/kubernetes/tasks/main.yml b/installer/roles/kubernetes/tasks/main.yml
index dc18eefe1c..f65098c589 100644
--- a/installer/roles/kubernetes/tasks/main.yml
+++ b/installer/roles/kubernetes/tasks/main.yml
@@ -1,4 +1,10 @@
 ---
+- name: Generate broadcast websocket secret
+  set_fact:
+    broadcast_websocket_secret: "{{ lookup('password', '/dev/null', length=128) }}"
+  run_once: true
+  no_log: true
+
 - fail:
     msg: "Only set one of kubernetes_context or openshift_host"
   when: openshift_host is defined and kubernetes_context is defined
diff --git a/installer/roles/kubernetes/templates/credentials.py.j2 b/installer/roles/kubernetes/templates/credentials.py.j2
index 84357e5414..74995988d8 100644
--- a/installer/roles/kubernetes/templates/credentials.py.j2
+++ b/installer/roles/kubernetes/templates/credentials.py.j2
@@ -12,3 +12,5 @@ DATABASES = {
         },
     }
 }
+
+BROADCAST_WEBSOCKET_SECRET = "{{ broadcast_websocket_secret | b64encode }}"
diff --git a/installer/roles/local_docker/tasks/main.yml b/installer/roles/local_docker/tasks/main.yml
index 446f110f83..53dca32331 100644
--- a/installer/roles/local_docker/tasks/main.yml
+++ b/installer/roles/local_docker/tasks/main.yml
@@ -1,4 +1,10 @@
 ---
+- name: Generate broadcast websocket secret
+  set_fact:
+    broadcast_websocket_secret: "{{ lookup('password', '/dev/null', length=128) }}"
+  run_once: true
+  no_log: true
+
 - name: Check for existing Postgres data
   stat:
     path: "{{ postgres_data_dir }}/pgdata/PG_VERSION"
diff --git a/installer/roles/local_docker/templates/credentials.py.j2 b/installer/roles/local_docker/templates/credentials.py.j2
index d712636167..308ce1ff5e 100644
--- a/installer/roles/local_docker/templates/credentials.py.j2
+++ b/installer/roles/local_docker/templates/credentials.py.j2
@@ -19,3 +19,5 @@ CACHES = {
         'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
     },
 }
+
+BROADCAST_WEBSOCKET_SECRET = "{{ broadcast_websocket_secret | b64encode }}"