From 22085e38f56f7b10408f63c6eb9c0b3fdd57bf04 Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Wed, 1 Jul 2020 13:33:59 -0400
Subject: [PATCH] Change bound to 'tpm2'.

This is a bit more logical and flexible for the future.
---
 confluent_osdeploy/el8/profiles/default/scripts/pre.sh   | 2 +-
 confluent_osdeploy/rhvh4/profiles/default/scripts/pre.sh | 2 +-
 confluent_server/confluent/config/attributes.py          | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/confluent_osdeploy/el8/profiles/default/scripts/pre.sh b/confluent_osdeploy/el8/profiles/default/scripts/pre.sh
index 2b042b7f..c4489a1f 100644
--- a/confluent_osdeploy/el8/profiles/default/scripts/pre.sh
+++ b/confluent_osdeploy/el8/profiles/default/scripts/pre.sh
@@ -42,7 +42,7 @@ if [ -f "/run/install/cmdline.d/01-autocons.conf" ]; then
 fi
 cryptboot=$(grep ^encryptboot: /etc/confluent/confluent.deploycfg | awk '{print $2}')
 LUKSPARTY=''
-if [ "$cryptboot" == "bound" ]; then
+if [ "$cryptboot" == "tpm2" ]; then
 	LUKSPARTY="--encrypted --passphrase=$(cat /etc/confluent/confluent.apikey)"
 	echo $cryptboot >> /tmp/cryptboot
 fi
diff --git a/confluent_osdeploy/rhvh4/profiles/default/scripts/pre.sh b/confluent_osdeploy/rhvh4/profiles/default/scripts/pre.sh
index 63bc3289..125e1eb2 100644
--- a/confluent_osdeploy/rhvh4/profiles/default/scripts/pre.sh
+++ b/confluent_osdeploy/rhvh4/profiles/default/scripts/pre.sh
@@ -43,7 +43,7 @@ if [ -f "/run/install/cmdline.d/01-autocons.conf" ]; then
 fi
 cryptboot=$(grep ^encryptboot: /etc/confluent/confluent.deploycfg | awk '{print $2}')
 LUKSPARTY=''
-if [ "$cryptboot" == "bound" ]; then
+if [ "$cryptboot" == "tpm2" ]; then
 	LUKSPARTY="--encrypted --passphrase=$(cat /etc/confluent/confluent.apikey)"
 	echo $cryptboot >> /tmp/cryptboot
 fi
diff --git a/confluent_server/confluent/config/attributes.py b/confluent_server/confluent/config/attributes.py
index 8041b0fe..85913a94 100644
--- a/confluent_server/confluent/config/attributes.py
+++ b/confluent_server/confluent/config/attributes.py
@@ -111,11 +111,11 @@ node = {
         'description': ('Specify a strategy for encrypting the volume. Support '
                         'This setting is currently only enabled for '
                         'RedHat 8 and CentOS 8 profiles. If blank or unset, '
-                        'no encryption is done. If set to "bound" then the OS '
+                        'no encryption is done. If set to "tpm2" then the OS '
                         'will freely decrypt so long as the same '
                         'Trusted Platform Module is available to decrypt the '
                         'volume'),
-        'validvalues': ('bound', 'none', ''),
+        'validvalues': ('tpm2', 'none', ''),
     },
     'deployment.apiarmed': {
         'description': ('Indicates whether the node authentication token interface '