Allow more flexible definition of fetcher_keystone parameters
This change allows using different credentials for authtoken middleware and keystone fetcher. This is useful when credentials for different scopes are needed for these two modules. Change-Id: I5e103786b6c179e68bc54fa2b4b26bbdd2127e55
This commit is contained in:
parent
39c9ad822b
commit
4e6806f54f
|
@ -0,0 +1,78 @@
|
||||||
|
# == Class: cloudkitty::fetcher::keystone
|
||||||
|
#
|
||||||
|
# Configure the fetcher_keystone parameters
|
||||||
|
#
|
||||||
|
# === Parameters
|
||||||
|
#
|
||||||
|
# [*auth_section*]
|
||||||
|
# Config Section from which to load plugin specific options (string value)
|
||||||
|
# Defaults to 'keystone_authtoken'. The default will be changed in
|
||||||
|
# a future release.
|
||||||
|
#
|
||||||
|
# [*auth_url*]
|
||||||
|
# (Optional) The URL to use for authentication.
|
||||||
|
# Defaults to $::os_service_default.
|
||||||
|
#
|
||||||
|
# [*username*]
|
||||||
|
# (Optional) The name of the service user
|
||||||
|
# Defaults to $::os_service_default.
|
||||||
|
#
|
||||||
|
# [*password*]
|
||||||
|
# (Optional) Password to create for the service user
|
||||||
|
# Defaults to $::os_service_default.
|
||||||
|
#
|
||||||
|
# [*project_name*]
|
||||||
|
# (Optional) Service project name
|
||||||
|
# Defaults to $::os_service_default.
|
||||||
|
#
|
||||||
|
# [*user_domain_name*]
|
||||||
|
# (Optional) Name of domain for $username
|
||||||
|
# Defaults to $::os_service_default.
|
||||||
|
#
|
||||||
|
# [*project_domain_name*]
|
||||||
|
# (Optional) Name of domain for $project_name
|
||||||
|
# Defaults to $::os_service_default.
|
||||||
|
#
|
||||||
|
# [*auth_type*]
|
||||||
|
# (Optional) An authentication type to use with an OpenStack Identity server.
|
||||||
|
# Defaults to $::os_service_default.
|
||||||
|
#
|
||||||
|
# [*keystone_version*]
|
||||||
|
# (Optional) Keystone version to use.
|
||||||
|
# Defaults to $::os_service_defaul.
|
||||||
|
#
|
||||||
|
class cloudkitty::fetcher::keystone (
|
||||||
|
$auth_section = undef,
|
||||||
|
$auth_url = $::os_service_default,
|
||||||
|
$username = $::os_service_default,
|
||||||
|
$password = $::os_service_default,
|
||||||
|
$project_name = $::os_service_default,
|
||||||
|
$user_domain_name = $::os_service_default,
|
||||||
|
$project_domain_name = $::os_service_default,
|
||||||
|
$auth_type = $::os_service_default,
|
||||||
|
$keystone_version = $::os_service_default,
|
||||||
|
) {
|
||||||
|
|
||||||
|
include cloudkitty::deps
|
||||||
|
|
||||||
|
if defined('$::cloudkitty::auth_section') and $::cloudkitty::auth_section {
|
||||||
|
$auth_section_real = $::cloudkitty::auth_section
|
||||||
|
} else {
|
||||||
|
if $auth_section == undef {
|
||||||
|
warning('Default of the auth_section parameter will be changed in a future release')
|
||||||
|
}
|
||||||
|
$auth_section_real = pick($auth_section, 'keystone_authtoken')
|
||||||
|
}
|
||||||
|
$keystone_version_real = pick($::cloudkitty::keystone_version, $keystone_version)
|
||||||
|
|
||||||
|
cloudkitty_config {
|
||||||
|
'fetcher_keystone/auth_section': value => $auth_section_real;
|
||||||
|
'fetcher_keystone/username': value => $username;
|
||||||
|
'fetcher_keystone/password': value => $password, secret => true;
|
||||||
|
'fetcher_keystone/project_name': value => $project_name;
|
||||||
|
'fetcher_keystone/user_domain_name': value => $user_domain_name;
|
||||||
|
'fetcher_keystone/project_domain_name': value => $project_domain_name;
|
||||||
|
'fetcher_keystone/auth_url': value => $auth_url;
|
||||||
|
'fetcher_keystone/keystone_version': value => $keystone_version_real;
|
||||||
|
}
|
||||||
|
}
|
|
@ -220,14 +220,6 @@
|
||||||
# (Optional) Driver used to fetch tenant list.
|
# (Optional) Driver used to fetch tenant list.
|
||||||
# Defaults to $::os_service_default.
|
# Defaults to $::os_service_default.
|
||||||
#
|
#
|
||||||
# [*auth_section*]
|
|
||||||
# (Optional) Config Section from which to load plugin specific options
|
|
||||||
# Defaults to 'keystone_authtoken'
|
|
||||||
#
|
|
||||||
# [*keystone_version*]
|
|
||||||
# (Optional) Keystone version to use.
|
|
||||||
# Defaults to '3'
|
|
||||||
#
|
|
||||||
# [*metrics_config*]
|
# [*metrics_config*]
|
||||||
# (Optional) A hash of the metrics.yaml configuration.
|
# (Optional) A hash of the metrics.yaml configuration.
|
||||||
# Defaults to undef
|
# Defaults to undef
|
||||||
|
@ -243,6 +235,14 @@
|
||||||
# (Optional) Accept clients using either SSL or plain TCP
|
# (Optional) Accept clients using either SSL or plain TCP
|
||||||
# Defaults to undef.
|
# Defaults to undef.
|
||||||
#
|
#
|
||||||
|
# [*auth_section*]
|
||||||
|
# (Optional) Config Section from which to load plugin specific options
|
||||||
|
# Defaults to undef
|
||||||
|
#
|
||||||
|
# [*keystone_version*]
|
||||||
|
# (Optional) Keystone version to use.
|
||||||
|
# Defaults to undef
|
||||||
|
#
|
||||||
class cloudkitty(
|
class cloudkitty(
|
||||||
$package_ensure = 'present',
|
$package_ensure = 'present',
|
||||||
$rabbit_use_ssl = $::os_service_default,
|
$rabbit_use_ssl = $::os_service_default,
|
||||||
|
@ -291,12 +291,12 @@ class cloudkitty(
|
||||||
$storage_backend = $::os_service_default,
|
$storage_backend = $::os_service_default,
|
||||||
$storage_version = $::os_service_default,
|
$storage_version = $::os_service_default,
|
||||||
$fetcher_backend = $::os_service_default,
|
$fetcher_backend = $::os_service_default,
|
||||||
$auth_section = 'keystone_authtoken',
|
|
||||||
$keystone_version = '3',
|
|
||||||
Optional[Hash] $metrics_config = undef,
|
Optional[Hash] $metrics_config = undef,
|
||||||
# DEPRECATED PARAMETERS
|
# DEPRECATED PARAMETERS
|
||||||
$tenant_fetcher_backend = undef,
|
$tenant_fetcher_backend = undef,
|
||||||
$amqp_allow_insecure_clients = undef,
|
$amqp_allow_insecure_clients = undef,
|
||||||
|
$auth_section = undef,
|
||||||
|
$keystone_version = undef,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
if $tenant_fetcher_backend != undef {
|
if $tenant_fetcher_backend != undef {
|
||||||
|
@ -308,6 +308,14 @@ class cloudkitty(
|
||||||
will be removed in a future release.')
|
will be removed in a future release.')
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if $auth_section != undef {
|
||||||
|
warning('The cloudkitty::auth_section parameter is deprecated. Use the cloudkitty::fetcher_keystone class')
|
||||||
|
}
|
||||||
|
if $keystone_version != undef {
|
||||||
|
warning('The cloudkitty::keystone_version parameter is deprecated. Use the cloudkitty::fetcher_keystone class')
|
||||||
|
}
|
||||||
|
include cloudkitty::fetcher::keystone
|
||||||
|
|
||||||
include cloudkitty::params
|
include cloudkitty::params
|
||||||
include cloudkitty::db
|
include cloudkitty::db
|
||||||
include cloudkitty::deps
|
include cloudkitty::deps
|
||||||
|
@ -392,11 +400,6 @@ will be removed in a future release.')
|
||||||
'fetcher/backend': value => $fetcher_backend;
|
'fetcher/backend': value => $fetcher_backend;
|
||||||
}
|
}
|
||||||
|
|
||||||
cloudkitty_config {
|
|
||||||
'fetcher_keystone/auth_section': value => $auth_section;
|
|
||||||
'fetcher_keystone/keystone_version': value => $keystone_version;
|
|
||||||
}
|
|
||||||
|
|
||||||
if $metrics_config {
|
if $metrics_config {
|
||||||
file {'metrics.yml':
|
file {'metrics.yml':
|
||||||
ensure => present,
|
ensure => present,
|
||||||
|
|
|
@ -0,0 +1,18 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
The new ``cloudkitty::fetcher::keystone`` class has been aded.
|
||||||
|
|
||||||
|
upgrade:
|
||||||
|
- |
|
||||||
|
Default of the ``cloudkitty::fetcher::keystone`` parameter will be updated
|
||||||
|
in a future release. Please explicitly set the parameter or use new
|
||||||
|
parameters to define keystone credentials.
|
||||||
|
|
||||||
|
deprecations:
|
||||||
|
- |
|
||||||
|
The following two parameters of the ``cloudkitty`` class have been
|
||||||
|
deprecated and will be removed in a future release.
|
||||||
|
|
||||||
|
- ``auth_section``
|
||||||
|
- ``keystone_version``
|
|
@ -0,0 +1,63 @@
|
||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe 'cloudkitty::fetcher::keystone' do
|
||||||
|
|
||||||
|
shared_examples_for 'cloudkitty::fetcher::keystone' do
|
||||||
|
context 'with defaults' do
|
||||||
|
let :params do
|
||||||
|
{}
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'configures the fetcher_keystone parameters' do
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/auth_section').with_value('keystone_authtoken')
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/username').with_value('<SERVICE DEFAULT>')
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/password').with_value('<SERVICE DEFAULT>').with_secret(true)
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/project_name').with_value('<SERVICE DEFAULT>')
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/user_domain_name').with_value('<SERVICE DEFAULT>')
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/project_domain_name').with_value('<SERVICE DEFAULT>')
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/auth_url').with_value('<SERVICE DEFAULT>')
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/keystone_version').with_value('<SERVICE DEFAULT>')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with parameters set' do
|
||||||
|
let :params do
|
||||||
|
{
|
||||||
|
:auth_section => '<SERVICE DEFAULT>',
|
||||||
|
:username => 'cloudkitty',
|
||||||
|
:password => 'cloudkitty_password',
|
||||||
|
:project_name => 'service',
|
||||||
|
:user_domain_name => 'Default',
|
||||||
|
:project_domain_name => 'Default',
|
||||||
|
:auth_url => 'http://127.0.0.1:5000',
|
||||||
|
:keystone_version => 3,
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'configures the fetcher_keystone parameters' do
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/auth_section').with_value('<SERVICE DEFAULT>')
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/username').with_value('cloudkitty')
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/password').with_value('cloudkitty_password').with_secret(true)
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/project_name').with_value('service')
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/user_domain_name').with_value('Default')
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/project_domain_name').with_value('Default')
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/auth_url').with_value('http://127.0.0.1:5000')
|
||||||
|
is_expected.to contain_cloudkitty_config('fetcher_keystone/keystone_version').with_value(3)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
on_supported_os({
|
||||||
|
:supported_os => OSDefaults.get_supported_os
|
||||||
|
}).each do |os,facts|
|
||||||
|
context "on #{os}" do
|
||||||
|
let (:facts) do
|
||||||
|
facts.merge!(OSDefaults.get_facts())
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with default parameters' do
|
||||||
|
it_behaves_like 'cloudkitty::fetcher::keystone'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in New Issue