summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-06-19 15:27:00 +0000
committerGerrit Code Review <review@openstack.org>2017-06-19 15:27:00 +0000
commit11a97ec7430118bbf4a11c87eceb3adec40ea4ac (patch)
treec6334a938c1764969fe2abc8f36ae69d2b6b8e28
parent77eec6867a064e8764745375940cf085be958c2f (diff)
parent204a5820995dd694fcd58d61fc6cf34a8955da92 (diff)
Merge "Add nested sample environments for inject-trust-anchor"
-rw-r--r--environments/inject-trust-anchor-hiera.yaml4
-rw-r--r--environments/inject-trust-anchor.yaml4
-rw-r--r--environments/ssl/inject-trust-anchor-hiera.yaml22
-rw-r--r--environments/ssl/inject-trust-anchor.yaml20
-rw-r--r--sample-env-generator/README.rst11
-rw-r--r--sample-env-generator/ssl.yaml33
-rwxr-xr-xtripleo_heat_templates/environment_generator.py1
-rw-r--r--tripleo_heat_templates/tests/test_environment_generator.py65
8 files changed, 159 insertions, 1 deletions
diff --git a/environments/inject-trust-anchor-hiera.yaml b/environments/inject-trust-anchor-hiera.yaml
index b4908c1..95d2de9 100644
--- a/environments/inject-trust-anchor-hiera.yaml
+++ b/environments/inject-trust-anchor-hiera.yaml
@@ -1,3 +1,7 @@
1# **************************************************************************************
2# DEPRECATED: Use tripleo-heat-templates/environments/ssl/inject-trust-anchor-hiera.yaml
3# instead.
4# **************************************************************************************
1parameter_defaults: 5parameter_defaults:
2 CAMap: 6 CAMap:
3 first-ca-name: 7 first-ca-name:
diff --git a/environments/inject-trust-anchor.yaml b/environments/inject-trust-anchor.yaml
index 3ecb0d2..1b0f706 100644
--- a/environments/inject-trust-anchor.yaml
+++ b/environments/inject-trust-anchor.yaml
@@ -1,3 +1,7 @@
1# ********************************************************************************
2# DEPRECATED: Use tripleo-heat-templates/environments/ssl/inject-trust-anchor.yaml
3# instead.
4# ********************************************************************************
1parameter_defaults: 5parameter_defaults:
2 SSLRootCertificate: | 6 SSLRootCertificate: |
3 The contents of your root CA certificate go here 7 The contents of your root CA certificate go here
diff --git a/environments/ssl/inject-trust-anchor-hiera.yaml b/environments/ssl/inject-trust-anchor-hiera.yaml
new file mode 100644
index 0000000..db3f267
--- /dev/null
+++ b/environments/ssl/inject-trust-anchor-hiera.yaml
@@ -0,0 +1,22 @@
1# *******************************************************************
2# This file was created automatically by the sample environment
3# generator. Developers should use `tox -e genconfig` to update it.
4# Users are recommended to make changes to a copy of the file instead
5# of the original, if any customizations are needed.
6# *******************************************************************
7# title: Inject SSL Trust Anchor on Overcloud Nodes
8# description: |
9# When using an SSL certificate signed by a CA that is not in the default
10# list of CAs, this environment allows adding a custom CA certificate to
11# the overcloud nodes.
12parameter_defaults:
13 # Map containing the CA certs and information needed for deploying them.
14 # Type: json
15 CAMap:
16 first-ca-name:
17 content: |
18 The content of the CA cert goes here
19 second-ca-name:
20 content: |
21 The content of the CA cert goes here
22
diff --git a/environments/ssl/inject-trust-anchor.yaml b/environments/ssl/inject-trust-anchor.yaml
new file mode 100644
index 0000000..521a419
--- /dev/null
+++ b/environments/ssl/inject-trust-anchor.yaml
@@ -0,0 +1,20 @@
1# *******************************************************************
2# This file was created automatically by the sample environment
3# generator. Developers should use `tox -e genconfig` to update it.
4# Users are recommended to make changes to a copy of the file instead
5# of the original, if any customizations are needed.
6# *******************************************************************
7# title: Inject SSL Trust Anchor on Overcloud Nodes
8# description: |
9# When using an SSL certificate signed by a CA that is not in the default
10# list of CAs, this environment allows adding a custom CA certificate to
11# the overcloud nodes.
12parameter_defaults:
13 # The content of a CA's SSL certificate file in PEM format. This is evaluated on the client side.
14 # Mandatory. This parameter must be set by the user.
15 # Type: string
16 SSLRootCertificate: |
17 The contents of your certificate go here
18
19resource_registry:
20 OS::TripleO::NodeTLSCAData: ../../puppet/extraconfig/tls/ca-inject.yaml
diff --git a/sample-env-generator/README.rst b/sample-env-generator/README.rst
index 55f3bac..32e94f9 100644
--- a/sample-env-generator/README.rst
+++ b/sample-env-generator/README.rst
@@ -23,6 +23,11 @@ appropriate file in the ``sample-env-generator/`` directory. The existing
23entries in the files can be used as examples, and a more detailed 23entries in the files can be used as examples, and a more detailed
24explanation of the different available keys is below: 24explanation of the different available keys is below:
25 25
26Top-level:
27- **environments**: This is the top-level key in the file. All other keys
28 below should appear in a list of dictionaries that define environments.
29
30Environment-specific:
26- **name**: the output file will be this name + .yaml, in the 31- **name**: the output file will be this name + .yaml, in the
27 ``environments`` directory. 32 ``environments`` directory.
28- **title**: a human-readable title for the environment. 33- **title**: a human-readable title for the environment.
@@ -52,6 +57,12 @@ explanation of the different available keys is below:
52- **resource_registry**: Many environments also need to pass 57- **resource_registry**: Many environments also need to pass
53 resource_registry entries when they are used. This can be used 58 resource_registry entries when they are used. This can be used
54 to specify that in the configuration file. 59 to specify that in the configuration file.
60- **children**: For environments that share a lot of common values but may
61 need minor variations for different use cases, sample environment entries
62 can be nested. ``children`` takes a list of environments with the same
63 structure as the top-level ``environments`` key. The main difference is
64 that all keys are optional, and any that are omitted will be inherited from
65 the parent environment definition.
55 66
56Some behavioral notes: 67Some behavioral notes:
57 68
diff --git a/sample-env-generator/ssl.yaml b/sample-env-generator/ssl.yaml
index 2f379f3..6963e84 100644
--- a/sample-env-generator/ssl.yaml
+++ b/sample-env-generator/ssl.yaml
@@ -22,6 +22,39 @@ environments:
22 The contents of the private key go here 22 The contents of the private key go here
23 resource_registry: 23 resource_registry:
24 OS::TripleO::NodeTLSData: ../../puppet/extraconfig/tls/tls-cert-inject.yaml 24 OS::TripleO::NodeTLSData: ../../puppet/extraconfig/tls/tls-cert-inject.yaml
25 - name: ssl/inject-trust-anchor
26 title: Inject SSL Trust Anchor on Overcloud Nodes
27 description: |
28 When using an SSL certificate signed by a CA that is not in the default
29 list of CAs, this environment allows adding a custom CA certificate to
30 the overcloud nodes.
31 files:
32 puppet/extraconfig/tls/ca-inject.yaml:
33 parameters:
34 - SSLRootCertificate
35 sample_values:
36 SSLRootCertificate: |-
37 |
38 The contents of your certificate go here
39 resource_registry:
40 OS::TripleO::NodeTLSCAData: ../../puppet/extraconfig/tls/ca-inject.yaml
41 children:
42 - name: ssl/inject-trust-anchor-hiera
43 files:
44 puppet/services/ca-certs.yaml:
45 parameters:
46 - CAMap
47 # Need to clear this so we don't inherit the parent registry
48 resource_registry: {}
49 sample_values:
50 CAMap: |-2
51
52 first-ca-name:
53 content: |
54 The content of the CA cert goes here
55 second-ca-name:
56 content: |
57 The content of the CA cert goes here
25 - 58 -
26 name: ssl/tls-endpoints-public-ip 59 name: ssl/tls-endpoints-public-ip
27 title: Deploy Public SSL Endpoints as IP Addresses 60 title: Deploy Public SSL Endpoints as IP Addresses
diff --git a/tripleo_heat_templates/environment_generator.py b/tripleo_heat_templates/environment_generator.py
index b3e327f..876dd85 100755
--- a/tripleo_heat_templates/environment_generator.py
+++ b/tripleo_heat_templates/environment_generator.py
@@ -68,6 +68,7 @@ def _generate_environment(input_env, parent_env=None):
68 if parent_env is None: 68 if parent_env is None:
69 parent_env = {} 69 parent_env = {}
70 env = dict(parent_env) 70 env = dict(parent_env)
71 env.pop('children', None)
71 env.update(input_env) 72 env.update(input_env)
72 parameter_defaults = {} 73 parameter_defaults = {}
73 param_names = [] 74 param_names = []
diff --git a/tripleo_heat_templates/tests/test_environment_generator.py b/tripleo_heat_templates/tests/test_environment_generator.py
index f4c4cdb..94d13c7 100644
--- a/tripleo_heat_templates/tests/test_environment_generator.py
+++ b/tripleo_heat_templates/tests/test_environment_generator.py
@@ -89,6 +89,7 @@ class GeneratorTestCase(base.BaseTestCase):
89 ('basic', 89 ('basic',
90 {'template': basic_template, 90 {'template': basic_template,
91 'exception': None, 91 'exception': None,
92 'nested_output': '',
92 'input_file': '''environments: 93 'input_file': '''environments:
93 - 94 -
94 name: basic 95 name: basic
@@ -115,6 +116,7 @@ parameter_defaults:
115 ('basic-one-param', 116 ('basic-one-param',
116 {'template': basic_template, 117 {'template': basic_template,
117 'exception': None, 118 'exception': None,
119 'nested_output': '',
118 'input_file': '''environments: 120 'input_file': '''environments:
119 - 121 -
120 name: basic 122 name: basic
@@ -138,6 +140,7 @@ parameter_defaults:
138 ('basic-static-param', 140 ('basic-static-param',
139 {'template': basic_template, 141 {'template': basic_template,
140 'exception': None, 142 'exception': None,
143 'nested_output': '',
141 'input_file': '''environments: 144 'input_file': '''environments:
142 - 145 -
143 name: basic 146 name: basic
@@ -173,6 +176,7 @@ parameter_defaults:
173 ('basic-static-param-sample', 176 ('basic-static-param-sample',
174 {'template': basic_template, 177 {'template': basic_template,
175 'exception': None, 178 'exception': None,
179 'nested_output': '',
176 'input_file': '''environments: 180 'input_file': '''environments:
177 - 181 -
178 name: basic 182 name: basic
@@ -211,6 +215,7 @@ parameter_defaults:
211 ('basic-private', 215 ('basic-private',
212 {'template': basic_private_template, 216 {'template': basic_private_template,
213 'exception': None, 217 'exception': None,
218 'nested_output': '',
214 'input_file': '''environments: 219 'input_file': '''environments:
215 - 220 -
216 name: basic 221 name: basic
@@ -233,6 +238,7 @@ parameter_defaults:
233 ('mandatory', 238 ('mandatory',
234 {'template': mandatory_template, 239 {'template': mandatory_template,
235 'exception': None, 240 'exception': None,
241 'nested_output': '',
236 'input_file': '''environments: 242 'input_file': '''environments:
237 - 243 -
238 name: basic 244 name: basic
@@ -256,6 +262,7 @@ parameter_defaults:
256 ('basic-sample', 262 ('basic-sample',
257 {'template': basic_template, 263 {'template': basic_template,
258 'exception': None, 264 'exception': None,
265 'nested_output': '',
259 'input_file': '''environments: 266 'input_file': '''environments:
260 - 267 -
261 name: basic 268 name: basic
@@ -284,6 +291,7 @@ parameter_defaults:
284 ('basic-resource-registry', 291 ('basic-resource-registry',
285 {'template': basic_template, 292 {'template': basic_template,
286 'exception': None, 293 'exception': None,
294 'nested_output': '',
287 'input_file': '''environments: 295 'input_file': '''environments:
288 - 296 -
289 name: basic 297 name: basic
@@ -314,6 +322,7 @@ resource_registry:
314 ('basic-hidden', 322 ('basic-hidden',
315 {'template': basic_template, 323 {'template': basic_template,
316 'exception': None, 324 'exception': None,
325 'nested_output': '',
317 'input_file': '''environments: 326 'input_file': '''environments:
318 - 327 -
319 name: basic 328 name: basic
@@ -349,6 +358,7 @@ parameter_defaults:
349 ('missing-param', 358 ('missing-param',
350 {'template': basic_template, 359 {'template': basic_template,
351 'exception': RuntimeError, 360 'exception': RuntimeError,
361 'nested_output': '',
352 'input_file': '''environments: 362 'input_file': '''environments:
353 - 363 -
354 name: basic 364 name: basic
@@ -364,6 +374,7 @@ parameter_defaults:
364 ('percent-index', 374 ('percent-index',
365 {'template': index_template, 375 {'template': index_template,
366 'exception': None, 376 'exception': None,
377 'nested_output': '',
367 'input_file': '''environments: 378 'input_file': '''environments:
368 - 379 -
369 name: basic 380 name: basic
@@ -383,9 +394,49 @@ parameter_defaults:
383 394
384''', 395''',
385 }), 396 }),
397 ('nested',
398 {'template': multiline_template,
399 'exception': None,
400 'input_file': '''environments:
401 -
402 name: basic
403 title: Basic Environment
404 description: Basic description
405 files:
406 foo.yaml:
407 parameters: all
408 children:
409 - name: nested
410 title: Nested Environment
411 description: Nested description
412 sample_values:
413 FooParam: bar
414''',
415 'expected_output': '''# title: Basic Environment
416# description: |
417# Basic description
418parameter_defaults:
419 # Parameter with
420 # multi-line description
421 # Type: string
422 FooParam: ''
423
424''',
425 'nested_output': '''# title: Nested Environment
426# description: |
427# Nested description
428parameter_defaults:
429 # Parameter with
430 # multi-line description
431 # Type: string
432 FooParam: bar
433
434''',
435 }),
386 ('multi-line-desc', 436 ('multi-line-desc',
387 {'template': multiline_template, 437 {'template': multiline_template,
388 'exception': None, 438 'exception': None,
439 'nested_output': '',
389 'input_file': '''environments: 440 'input_file': '''environments:
390 - 441 -
391 name: basic 442 name: basic
@@ -420,7 +471,14 @@ parameter_defaults:
420 fake_output = open(fake_output_path, 'w') 471 fake_output = open(fake_output_path, 'w')
421 with mock.patch('tripleo_heat_templates.environment_generator.open', 472 with mock.patch('tripleo_heat_templates.environment_generator.open',
422 create=True) as mock_open: 473 create=True) as mock_open:
423 mock_open.side_effect = [fake_input, fake_template, fake_output] 474 mock_se = [fake_input, fake_template, fake_output]
475 if self.nested_output:
476 _, fake_nested_output_path = tempfile.mkstemp()
477 fake_nested_output = open(fake_nested_output_path, 'w')
478 fake_template2 = io.StringIO(six.text_type(self.template))
479 mock_se = [fake_input, fake_template, fake_output,
480 fake_template2, fake_nested_output]
481 mock_open.side_effect = mock_se
424 if not self.exception: 482 if not self.exception:
425 environment_generator.generate_environments('ignored.yaml') 483 environment_generator.generate_environments('ignored.yaml')
426 else: 484 else:
@@ -431,5 +489,10 @@ parameter_defaults:
431 expected = environment_generator._FILE_HEADER + self.expected_output 489 expected = environment_generator._FILE_HEADER + self.expected_output
432 with open(fake_output_path) as f: 490 with open(fake_output_path) as f:
433 self.assertEqual(expected, f.read()) 491 self.assertEqual(expected, f.read())
492 if self.nested_output:
493 with open(fake_nested_output_path) as f:
494 expected = (environment_generator._FILE_HEADER +
495 self.nested_output)
496 self.assertEqual(expected, f.read())
434 497
435GeneratorTestCase.generate_scenarios() 498GeneratorTestCase.generate_scenarios()