Add complexity and reuse rules to discovery

Discovery can now relax two more common policies that have users
wanting to disable them.

confluent_server/confluent/config/attributes.py

@@ -158,9 +158,10 @@ node = {
     },
     'discovery.passwordrules': {
         'description':  'Any specified rules shall be configured on the BMC '
-                        'upon discovery.  "expiration=no,loginfailures=no" '
-                        'would disable password expiration and login failures '
-                        'triggering a lockout.'
+                        'upon discovery.  "expiration=no,loginfailures=no,complexity=no,reuse=no" '
+                        'would disable password expiration, login failures '
+                        'triggering a lockout, password complexity requirements,'
+                        'and any restrictions around reusing an old password.'
     },
     'discovery.policy': {
         'description':  'Policy to use for auto-configuration of discovered '

confluent_server/confluent/discovery/handlers/xcc.py

@@ -1,4 +1,4 @@
-# Copyright 2017 Lenovo
+# Copyright 2017-2019 Lenovo
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -71,6 +71,10 @@ class NodeHandler(immhandler.NodeHandler):
                 if value.lower() in ('no', 'none', 'disable', 'disabled'):
                     value = '0'
                 ruleset['USER_GlobalMaxLoginFailures'] = value
+            if name.lower() == 'complexity':
+                ruleset['USER_GlobalPassComplexRequired'] = value
+            if name.lower() == 'reuse':
+                ruleset['USER_GlobalMinPassReuseCycle'] = value
         ic.register_key_handler(self.validate_cert)
         ic.oem_init()
         ic._oem.immhandler.wc.grab_json_response('/api/dataset', ruleset)