summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZhongShengping <chdzsp@163.com>2019-02-15 10:03:04 +0800
committerZhongShengping <chdzsp@163.com>2019-02-15 10:03:04 +0800
commit532ab0ec883094dcd532e4da9f04bbd8f0047ee0 (patch)
tree9851cdd841a5bc5427fa2c3cf02a59120c980091
parent1fd2d6d9e50b780af61c69e3e913154c0f40b223 (diff)
Service_token_roles_required missing in the server config file
Service_token_roles_required missing in the server config file which allows backwards compatibility to ensure that the service tokens are compared against a list of possible roles for validity. Change-Id: Ia22d5b59adea42c4f3d0792bf83b92fa0e11b0c5 Closes-Bug: 1778198
Notes
Notes (review): Code-Review+2: Tobias Urdin <tobias.urdin@binero.se> Code-Review+2: Emilien Macchi <emilien@redhat.com> Workflow+1: Emilien Macchi <emilien@redhat.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Mon, 18 Feb 2019 19:27:52 +0000 Reviewed-on: https://review.openstack.org/637107 Project: openstack/puppet-heat Branch: refs/heads/master
-rw-r--r--manifests/keystone/authtoken.pp8
-rw-r--r--releasenotes/notes/service_token_roles_required-ae86f905a716e6f4.yaml5
-rw-r--r--spec/classes/heat_keystone_authtoken_spec.rb3
3 files changed, 16 insertions, 0 deletions
diff --git a/manifests/keystone/authtoken.pp b/manifests/keystone/authtoken.pp
index 552f8e8..00023e1 100644
--- a/manifests/keystone/authtoken.pp
+++ b/manifests/keystone/authtoken.pp
@@ -161,6 +161,12 @@
161# (in seconds). Set to -1 to disable caching completely. Integer value 161# (in seconds). Set to -1 to disable caching completely. Integer value
162# Defaults to $::os_service_default. 162# Defaults to $::os_service_default.
163# 163#
164# [*service_token_roles_required*]
165# (optional) backwards compatibility to ensure that the service tokens are
166# compared against a list of possible roles for validity
167# true/false
168# Defaults to $::os_service_default.
169#
164# DEPRECATED PARAMETERS 170# DEPRECATED PARAMETERS
165# 171#
166# [*check_revocations_for_cached*] 172# [*check_revocations_for_cached*]
@@ -213,6 +219,7 @@ class heat::keystone::authtoken(
213 $manage_memcache_package = false, 219 $manage_memcache_package = false,
214 $region_name = $::os_service_default, 220 $region_name = $::os_service_default,
215 $token_cache_time = $::os_service_default, 221 $token_cache_time = $::os_service_default,
222 $service_token_roles_required = $::os_service_default,
216 # DEPRECATED PARAMETERS 223 # DEPRECATED PARAMETERS
217 $check_revocations_for_cached = undef, 224 $check_revocations_for_cached = undef,
218 $hash_algorithms = undef, 225 $hash_algorithms = undef,
@@ -265,5 +272,6 @@ class heat::keystone::authtoken(
265 manage_memcache_package => $manage_memcache_package, 272 manage_memcache_package => $manage_memcache_package,
266 region_name => $region_name, 273 region_name => $region_name,
267 token_cache_time => $token_cache_time, 274 token_cache_time => $token_cache_time,
275 service_token_roles_required => $service_token_roles_required,
268 } 276 }
269} 277}
diff --git a/releasenotes/notes/service_token_roles_required-ae86f905a716e6f4.yaml b/releasenotes/notes/service_token_roles_required-ae86f905a716e6f4.yaml
new file mode 100644
index 0000000..60a4521
--- /dev/null
+++ b/releasenotes/notes/service_token_roles_required-ae86f905a716e6f4.yaml
@@ -0,0 +1,5 @@
1---
2features:
3 - Service_token_roles_required missing in the server config file which
4 allows backwards compatibility to ensure that the service tokens are
5 compared against a list of possible roles for validity.
diff --git a/spec/classes/heat_keystone_authtoken_spec.rb b/spec/classes/heat_keystone_authtoken_spec.rb
index e7548c1..eeb077e 100644
--- a/spec/classes/heat_keystone_authtoken_spec.rb
+++ b/spec/classes/heat_keystone_authtoken_spec.rb
@@ -42,6 +42,7 @@ describe 'heat::keystone::authtoken' do
42 is_expected.to contain_heat_config('keystone_authtoken/memcached_servers').with_value('<SERVICE DEFAULT>') 42 is_expected.to contain_heat_config('keystone_authtoken/memcached_servers').with_value('<SERVICE DEFAULT>')
43 is_expected.to contain_heat_config('keystone_authtoken/region_name').with_value('<SERVICE DEFAULT>') 43 is_expected.to contain_heat_config('keystone_authtoken/region_name').with_value('<SERVICE DEFAULT>')
44 is_expected.to contain_heat_config('keystone_authtoken/token_cache_time').with_value('<SERVICE DEFAULT>') 44 is_expected.to contain_heat_config('keystone_authtoken/token_cache_time').with_value('<SERVICE DEFAULT>')
45 is_expected.to contain_heat_config('keystone_authtoken/service_token_roles_required').with_value('<SERVICE DEFAULT>')
45 end 46 end
46 end 47 end
47 48
@@ -80,6 +81,7 @@ describe 'heat::keystone::authtoken' do
80 :manage_memcache_package => true, 81 :manage_memcache_package => true,
81 :region_name => 'region2', 82 :region_name => 'region2',
82 :token_cache_time => '301', 83 :token_cache_time => '301',
84 :service_token_roles_required => false,
83 }) 85 })
84 end 86 end
85 87
@@ -115,6 +117,7 @@ describe 'heat::keystone::authtoken' do
115 is_expected.to contain_heat_config('keystone_authtoken/memcached_servers').with_value('memcached01:11211,memcached02:11211') 117 is_expected.to contain_heat_config('keystone_authtoken/memcached_servers').with_value('memcached01:11211,memcached02:11211')
116 is_expected.to contain_heat_config('keystone_authtoken/region_name').with_value(params[:region_name]) 118 is_expected.to contain_heat_config('keystone_authtoken/region_name').with_value(params[:region_name])
117 is_expected.to contain_heat_config('keystone_authtoken/token_cache_time').with_value(params[:token_cache_time]) 119 is_expected.to contain_heat_config('keystone_authtoken/token_cache_time').with_value(params[:token_cache_time])
120 is_expected.to contain_heat_config('keystone_authtoken/service_token_roles_required').with_value(params[:service_token_roles_required])
118 end 121 end
119 122
120 it 'installs python memcache package' do 123 it 'installs python memcache package' do