summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--manifests/keystone/authtoken.pp8
-rw-r--r--releasenotes/notes/service_token_roles_required-801e592ee2ea8bb9.yaml5
-rw-r--r--spec/classes/designate_keystone_authtoken_spec.rb3
3 files changed, 16 insertions, 0 deletions
diff --git a/manifests/keystone/authtoken.pp b/manifests/keystone/authtoken.pp
index bb357fd..4145309 100644
--- a/manifests/keystone/authtoken.pp
+++ b/manifests/keystone/authtoken.pp
@@ -166,6 +166,12 @@
166# (in seconds). Set to -1 to disable caching completely. Integer value 166# (in seconds). Set to -1 to disable caching completely. Integer value
167# Defaults to $::os_service_default. 167# Defaults to $::os_service_default.
168# 168#
169# [*service_token_roles_required*]
170# (optional) backwards compatibility to ensure that the service tokens are
171# compared against a list of possible roles for validity
172# true/false
173# Defaults to $::os_service_default.
174#
169# DEPRECATED PARAMETERS 175# DEPRECATED PARAMETERS
170# 176#
171# [*check_revocations_for_cached*] 177# [*check_revocations_for_cached*]
@@ -218,6 +224,7 @@ class designate::keystone::authtoken(
218 $manage_memcache_package = false, 224 $manage_memcache_package = false,
219 $region_name = $::os_service_default, 225 $region_name = $::os_service_default,
220 $token_cache_time = $::os_service_default, 226 $token_cache_time = $::os_service_default,
227 $service_token_roles_required = $::os_service_default,
221 # DEPRECATED PARAMETERS 228 # DEPRECATED PARAMETERS
222 $check_revocations_for_cached = undef, 229 $check_revocations_for_cached = undef,
223 $hash_algorithms = undef, 230 $hash_algorithms = undef,
@@ -270,5 +277,6 @@ class designate::keystone::authtoken(
270 manage_memcache_package => $manage_memcache_package, 277 manage_memcache_package => $manage_memcache_package,
271 region_name => $region_name, 278 region_name => $region_name,
272 token_cache_time => $token_cache_time, 279 token_cache_time => $token_cache_time,
280 service_token_roles_required => $service_token_roles_required,
273 } 281 }
274} 282}
diff --git a/releasenotes/notes/service_token_roles_required-801e592ee2ea8bb9.yaml b/releasenotes/notes/service_token_roles_required-801e592ee2ea8bb9.yaml
new file mode 100644
index 0000000..60a4521
--- /dev/null
+++ b/releasenotes/notes/service_token_roles_required-801e592ee2ea8bb9.yaml
@@ -0,0 +1,5 @@
1---
2features:
3 - Service_token_roles_required missing in the server config file which
4 allows backwards compatibility to ensure that the service tokens are
5 compared against a list of possible roles for validity.
diff --git a/spec/classes/designate_keystone_authtoken_spec.rb b/spec/classes/designate_keystone_authtoken_spec.rb
index dd4ea3a..94c564e 100644
--- a/spec/classes/designate_keystone_authtoken_spec.rb
+++ b/spec/classes/designate_keystone_authtoken_spec.rb
@@ -42,6 +42,7 @@ describe 'designate::keystone::authtoken' do
42 is_expected.to contain_designate_config('keystone_authtoken/memcached_servers').with_value('<SERVICE DEFAULT>') 42 is_expected.to contain_designate_config('keystone_authtoken/memcached_servers').with_value('<SERVICE DEFAULT>')
43 is_expected.to contain_designate_config('keystone_authtoken/region_name').with_value('<SERVICE DEFAULT>') 43 is_expected.to contain_designate_config('keystone_authtoken/region_name').with_value('<SERVICE DEFAULT>')
44 is_expected.to contain_designate_config('keystone_authtoken/token_cache_time').with_value('<SERVICE DEFAULT>') 44 is_expected.to contain_designate_config('keystone_authtoken/token_cache_time').with_value('<SERVICE DEFAULT>')
45 is_expected.to contain_designate_config('keystone_authtoken/service_token_roles_required').with_value('<SERVICE DEFAULT>')
45 end 46 end
46 end 47 end
47 48
@@ -80,6 +81,7 @@ describe 'designate::keystone::authtoken' do
80 :manage_memcache_package => true, 81 :manage_memcache_package => true,
81 :region_name => 'region2', 82 :region_name => 'region2',
82 :token_cache_time => '301', 83 :token_cache_time => '301',
84 :service_token_roles_required => false,
83 }) 85 })
84 end 86 end
85 87
@@ -115,6 +117,7 @@ describe 'designate::keystone::authtoken' do
115 is_expected.to contain_designate_config('keystone_authtoken/memcached_servers').with_value('memcached01:11211,memcached02:11211') 117 is_expected.to contain_designate_config('keystone_authtoken/memcached_servers').with_value('memcached01:11211,memcached02:11211')
116 is_expected.to contain_designate_config('keystone_authtoken/region_name').with_value(params[:region_name]) 118 is_expected.to contain_designate_config('keystone_authtoken/region_name').with_value(params[:region_name])
117 is_expected.to contain_designate_config('keystone_authtoken/token_cache_time').with_value(params[:token_cache_time]) 119 is_expected.to contain_designate_config('keystone_authtoken/token_cache_time').with_value(params[:token_cache_time])
120 is_expected.to contain_designate_config('keystone_authtoken/service_token_roles_required').with_value(params[:service_token_roles_required])
118 end 121 end
119 122
120 it 'installs python memcache package' do 123 it 'installs python memcache package' do