Make sure that nova_flavor resource is idempotent when the "properties"
property is set. Also fix the typo causing undefined method error.
Closes-Bug: #2059949
Change-Id: I17a9d92c44b8dfe329b22b309d7a0408df707d1a
This is partial revert of 0ed626e146 .
After discussing several problems caused by scope separation, we
decided to suspend implementing the scope enforcement and focus on
project personas like reader role. As the result of that decision,
the system admin persona will be removed, thus we should use
the project admin persona instead. The previous policy rules to allow
system scope access have been reverted by [1].
This does not revert the original patch to keep the unit tests which
were hugely refactored by that change.
[1] 066e1e69d1394839a9f0bde4ca8c3a0db2d52396
Change-Id: I85847850602ab3526d2fdb1a56bb927183198825
This change enforces usage of system scope credentials to manage
flavors, aggregates, and services, following the new policy rules for
SRBAC support in nova.
The logic to look up credential for the nova service user from
[keystone_authtoken] is left to keep backward compatibility but is
deprecated and will be removed.
Depends-on: https://review.opendev.org/806474
Depends-on: https://review.opendev.org/828025
Depends-on: https://review.opendev.org/828874
Change-Id: I71779f0f1459d64914589a94a440336386266306
The nova_flavor resource has been providing the project property which
accepts both project name and id. However this implementation results
in broken idempotency with project name used.
This change introduces a separate project_name property, so that users
can use project name with proper idempotency.
Closes-Bug: #1790795
Change-Id: Idee4af6931b8cf4a21d88f4cd38fe83468ec8efa
When a resource is created, the :ensure parameter should be set to
'present' so that exists returns true. In addition, the whole hash
should be cleared when a resource is deleted, otherwise subsequent
access might look up stale values. This change ensures property_hash is
updated in create/destroy accordingly.
This change also fixes the incorrect handling of "project" property
in nova_flavor which is causing unexpected update.
Finally, the ignored unit tests are fixed, to test the above fixes.
Change-Id: I611e3d0428674e7438fe15b276667f7b379d136e
Currently the project field shows a list of projects like;
project=['ec085e18-22bb-403b-8ba5-0f9c6d67dffa']
The commit 86764de9cd added the logic to
handle this format but it missed surrounding quote(') which should be
also removed.
Change-Id: If65221db5a9e60e797b834a305d385d3fea4db16
The latest openstackclient doesn't show none but empty array([]) when
no access_project_ids is set for an flavor.
This change ensure that array format is properly handled to avoid
error during updating nova flavor using the nova_flavor resource.
Closes-Bug: #1924222
Change-Id: I976f70f1f4015536201c6c3acac3f1e4dbca4ccb
Add a new 'project' parameter to nova_flavor.
This way we can manage to create flavors for specific tenants /
projects.
Change-Id: Ib2fcc4d73557c199d1b1e7d744f64a335d5b17f4
Signed-off-by: Arnaud Morin <arnaud.morin@corp.ovh.com>
Both providers were previously using Credentialsv2_0, which do not
work in a Keystone v3 environment (and that's what we should be
using today).
Change-Id: Ib1509b8b5422a8749d7f7689b77dc4abab50dbf7
Nova is not including flavors by default anymore so there needs to be
a way to create flavors with puppet. This change adds a nova_flavor
provider for adding and removing flavors. Additionally the provider can
be used to manage properties on flavors. Since flavor information cannot
be updated after creation time, only the properties can be managed after
creation via the nova_flavor provider.
Change-Id: Ic370ac65990d0b3a360340632ada4016231c8a93
Related-Bug: #1564928
Co-Authored-By: Alex Schultz <aschultz@mirantis.com>
Takashi Kajinami