Merge "Add region parameters for keystone authentication"
This commit is contained in:
commit
158de6f59b
|
@ -49,6 +49,10 @@
|
|||
# (Optional) id of domain for $username
|
||||
# Defaults to 'default'
|
||||
#
|
||||
# [*region_name*]
|
||||
# (Optional) The region in which the identity server can be found.
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*include_service_catalog*]
|
||||
# (Optional) Indicate whether to set the X-Service-Catalog header. If False,
|
||||
# middleware will not ask for service catalog on token validation and will
|
||||
|
@ -113,6 +117,7 @@ class swift::proxy::authtoken(
|
|||
$project_name = 'services',
|
||||
$username = 'swift',
|
||||
$password = 'password',
|
||||
$region_name = $::os_service_default,
|
||||
$include_service_catalog = false,
|
||||
$service_token_roles = $::os_service_default,
|
||||
$service_token_roles_required = $::os_service_default,
|
||||
|
@ -177,6 +182,7 @@ class swift::proxy::authtoken(
|
|||
'filter:authtoken/project_name': value => $project_name_real;
|
||||
'filter:authtoken/username': value => $username_real;
|
||||
'filter:authtoken/password': value => $password_real;
|
||||
'filter:authtoken/region_name': value => $region_name;
|
||||
'filter:authtoken/delay_auth_decision': value => $delay_auth_decision;
|
||||
'filter:authtoken/cache': value => $cache;
|
||||
'filter:authtoken/include_service_catalog': value => $include_service_catalog;
|
||||
|
|
|
@ -75,6 +75,10 @@
|
|||
# (Optional) The password for the user
|
||||
# Defaults to 'password'
|
||||
#
|
||||
# [*region_name*]
|
||||
# (Optional) The region in which the identity server can be found.
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*notification_ssl_ca_file*]
|
||||
# (optional) SSL certification authority file (valid only if SSL enabled).
|
||||
# (string value)
|
||||
|
@ -129,6 +133,7 @@ class swift::proxy::ceilometer(
|
|||
$project_name = 'services',
|
||||
$username = 'swift',
|
||||
$password = 'password',
|
||||
$region_name = $::os_service_default,
|
||||
$notification_ssl_ca_file = $::os_service_default,
|
||||
$notification_ssl_cert_file = $::os_service_default,
|
||||
$notification_ssl_key_file = $::os_service_default,
|
||||
|
@ -173,6 +178,7 @@ class swift::proxy::ceilometer(
|
|||
'filter:ceilometer/project_name': value => $project_name;
|
||||
'filter:ceilometer/username': value => $username;
|
||||
'filter:ceilometer/password': value => $password;
|
||||
'filter:ceilometer/region_name': value => $region_name;
|
||||
}
|
||||
|
||||
if $default_transport_url =~ /^rabbit.*/ {
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
Add swift::proxy::authtoken::region_name and
|
||||
swift::proxy::ceilometer::region_name to specify keystone region
|
||||
where we expect identity resources like swift user are created.
|
|
@ -29,6 +29,7 @@ describe 'swift::proxy::authtoken' do
|
|||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/project_name').with_value('services') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/username').with_value('swift') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/password').with_value('password') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/region_name').with_value('<SERVICE DEFAULT>') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/delay_auth_decision').with_value('1') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/cache').with_value('swift.cache') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/include_service_catalog').with_value('false') }
|
||||
|
@ -42,6 +43,7 @@ describe 'swift::proxy::authtoken' do
|
|||
:admin_tenant_name => 'admin',
|
||||
:admin_user => 'swiftuser',
|
||||
:admin_password => 'swiftpassword',
|
||||
:region_name => 'region2',
|
||||
:cache => 'foo',
|
||||
:delay_auth_decision => '0',
|
||||
:signing_dir => '/home/swift/keystone-signing',
|
||||
|
@ -61,6 +63,7 @@ describe 'swift::proxy::authtoken' do
|
|||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/project_name').with_value('admin') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/username').with_value('swiftuser') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/password').with_value('swiftpassword') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/region_name').with_value('region2') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/delay_auth_decision').with_value('0') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/cache').with_value('foo') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/include_service_catalog').with_value('false') }
|
||||
|
|
|
@ -32,14 +32,15 @@ describe 'swift::proxy::ceilometer' do
|
|||
:control_exchange => 'swift',
|
||||
:nonblocking_notify => true,
|
||||
:ignore_projects => ['services'],
|
||||
:auth_uri => 'http://127.0.0.1:5000',
|
||||
:auth_url => 'http://127.0.0.1:5000',
|
||||
:auth_type => 'password',
|
||||
:project_domain_name => 'Default',
|
||||
:user_domain_name => 'Default',
|
||||
:project_name => 'services',
|
||||
:username => 'swift',
|
||||
:password => 'password',
|
||||
:auth_uri => 'http://127.0.0.1:5000',
|
||||
:auth_url => 'http://127.0.0.1:5000',
|
||||
:auth_type => 'password',
|
||||
:project_domain_name => 'Default',
|
||||
:user_domain_name => 'Default',
|
||||
:project_name => 'services',
|
||||
:username => 'swift',
|
||||
:password => 'password',
|
||||
:region_name => 'region2'
|
||||
}
|
||||
end
|
||||
|
||||
|
@ -52,14 +53,15 @@ describe 'swift::proxy::ceilometer' do
|
|||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/control_exchange').with_value('swift') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/nonblocking_notify').with_value('true') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/ignore_projects').with_value(['services']) }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/auth_uri').with_value('http://127.0.0.1:5000') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/auth_url').with_value('http://127.0.0.1:5000') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/auth_uri').with_value('http://127.0.0.1:5000') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/auth_url').with_value('http://127.0.0.1:5000') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/auth_type').with_value('password') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/project_domain_name').with_value('Default') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/user_domain_name').with_value('Default') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/project_name').with_value('services') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/username').with_value('swift') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/password').with_value('password') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:ceilometer/region_name').with_value('region2') }
|
||||
end
|
||||
|
||||
context 'with default transport url' do
|
||||
|
|
Loading…
Reference in New Issue