openstack
/
puppet-swift
Code Issues Proposed changes

Add support for the service_type parameter in authtoken middleware 

Change-Id: Ida59686cf01e4b31db0f99bed9137bc63cf59628
This commit is contained in:
Takashi Kajinami 2020-10-19 18:46:20 +09:00
parent 009afc806c
commit fb9a9d668f
3 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
manifests/proxy/authtoken.pp
View File

@ -71,6 +71,11 @@
# true/false
# Defaults to $::os_service_default.
#
# [*service_type*]
# (Optional) The name or type of the service as it appears in the service
# catalog. This is used to validate tokens that have restricted access rules.
# Defaults to $::os_service_default.
#
# [*interface*]
# (Optional) Interface to use for the Identity API endpoint. Valid values are
# "public", "internal" or "admin".
@ -109,6 +114,7 @@ class swift::proxy::authtoken(
$include_service_catalog = false,
$service_token_roles = $::os_service_default,
$service_token_roles_required = $::os_service_default,
$service_type = $::os_service_default,
$interface = $::os_service_default,
# DEPRECATED PARAMETERS
$signing_dir = undef,
@ -153,6 +159,7 @@ Please set password parameter')
'filter:authtoken/include_service_catalog': value => $include_service_catalog;
'filter:authtoken/service_token_roles': value => $service_token_roles;
'filter:authtoken/service_token_roles_required': value => $service_token_roles_required;
'filter:authtoken/service_type': value => $service_type;
'filter:authtoken/interface': value => $interface,
}

5
releasenotes/notes/keystone-authtoken-service_type-135867e7fa30d712.yaml Normal file
View File

@ -0,0 +1,5 @@
---
features:
- |
The new ``swift::proxy::authtoken::service_type`` parameter has been
added to configure the service_type parameter in authtoken middleware.

3
spec/classes/swift_proxy_authtoken_spec.rb
View File

@ -19,6 +19,7 @@ describe 'swift::proxy::authtoken' do
it { is_expected.to contain_swift_proxy_config('filter:authtoken/include_service_catalog').with_value('false') }
it { is_expected.to contain_swift_proxy_config('filter:authtoken/service_token_roles').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_swift_proxy_config('filter:authtoken/service_token_roles_required').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_swift_proxy_config('filter:authtoken/service_type').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_swift_proxy_config('filter:authtoken/interface').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_swift_proxy_config('filter:authtoken/auth_plugin').with_ensure('absent') }
end
@ -34,6 +35,7 @@ describe 'swift::proxy::authtoken' do
:delay_auth_decision => '0',
:service_token_roles => ['service'],
:service_token_roles_required => true,
:service_type => 'identity',
:interface => 'internal',
}
end
@ -54,6 +56,7 @@ describe 'swift::proxy::authtoken' do
it { is_expected.to contain_swift_proxy_config('filter:authtoken/include_service_catalog').with_value('false') }
it { is_expected.to contain_swift_proxy_config('filter:authtoken/service_token_roles').with_value(['service']) }
it { is_expected.to contain_swift_proxy_config('filter:authtoken/service_token_roles_required').with_value(true) }
it { is_expected.to contain_swift_proxy_config('filter:authtoken/service_type').with_value('identity') }
it { is_expected.to contain_swift_proxy_config('filter:authtoken/interface').with_value('internal') }
it { is_expected.to contain_swift_proxy_config('filter:authtoken/auth_plugin').with_ensure('absent') }
end