policy.json: Allow one to manage them from the puppet module
This commit allow a deployer to manage the policies via this module It relies on augeas to change only the policy needed. The init takes a hash of policies and apply them. Change-Id: If41f08571577bb799a373202dc58c2577bbe7f74
This commit is contained in:
parent
0e6d7eacec
commit
92d5df6f65
|
@ -22,10 +22,13 @@ class heat::api (
|
|||
|
||||
include heat
|
||||
include heat::params
|
||||
include heat::policy
|
||||
|
||||
Heat_config<||> ~> Service['heat-api']
|
||||
Class['heat::policy'] -> Service['heat-api']
|
||||
|
||||
Package['heat-api'] -> Heat_config<||>
|
||||
Package['heat-api'] -> Class['heat::policy']
|
||||
Package['heat-api'] -> Service['heat-api']
|
||||
|
||||
if $use_ssl {
|
||||
|
|
|
@ -22,10 +22,13 @@ class heat::api_cfn (
|
|||
|
||||
include heat
|
||||
include heat::params
|
||||
include heat::policy
|
||||
|
||||
Heat_config<||> ~> Service['heat-api-cfn']
|
||||
Class['heat::policy'] -> Service['heat-api-cfn']
|
||||
|
||||
Package['heat-api-cfn'] -> Heat_config<||>
|
||||
Package['heat-api-cfn'] -> Class['heat::policy']
|
||||
Package['heat-api-cfn'] -> Service['heat-api-cfn']
|
||||
|
||||
if $use_ssl {
|
||||
|
|
|
@ -22,10 +22,13 @@ class heat::api_cloudwatch (
|
|||
|
||||
include heat
|
||||
include heat::params
|
||||
include heat::policy
|
||||
|
||||
Heat_config<||> ~> Service['heat-api-cloudwatch']
|
||||
Class['heat::policy'] -> Service['heat-api-cloudwatch']
|
||||
|
||||
Package['heat-api-cloudwatch'] -> Heat_config<||>
|
||||
Package['heat-api-cloudwatch'] -> Class['heat::policy']
|
||||
Package['heat-api-cloudwatch'] -> Service['heat-api-cloudwatch']
|
||||
|
||||
if $use_ssl {
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
# == Class: heat::policy
|
||||
#
|
||||
# Configure the heat policies
|
||||
#
|
||||
# === Parameters
|
||||
#
|
||||
# [*policies*]
|
||||
# (optional) Set of policies to configure for heat
|
||||
# Example : { 'heat-context_is_admin' => {'context_is_admin' => 'true'}, 'heat-default' => {'default' => 'rule:admin_or_owner'} }
|
||||
# Defaults to empty hash.
|
||||
#
|
||||
# [*policy_path*]
|
||||
# (optional) Path to the heat policy.json file
|
||||
# Defaults to /etc/heat/policy.json
|
||||
#
|
||||
class heat::policy (
|
||||
$policies = {},
|
||||
$policy_path = '/etc/heat/policy.json',
|
||||
) {
|
||||
|
||||
Openstacklib::Policy::Base {
|
||||
file_path => $policy_path,
|
||||
}
|
||||
class { 'openstacklib::policy' :
|
||||
policies => $policies,
|
||||
}
|
||||
|
||||
}
|
|
@ -16,6 +16,7 @@ describe 'heat::api_cfn' do
|
|||
|
||||
it { should contain_class('heat') }
|
||||
it { should contain_class('heat::params') }
|
||||
it { should contain_class('heat::policy') }
|
||||
|
||||
it { should contain_heat_config('heat_api_cfn/bind_host').with_value( params[:bind_host] ) }
|
||||
it { should contain_heat_config('heat_api_cfn/bind_port').with_value( params[:bind_port] ) }
|
||||
|
|
|
@ -16,6 +16,7 @@ describe 'heat::api_cloudwatch' do
|
|||
|
||||
it { should contain_class('heat') }
|
||||
it { should contain_class('heat::params') }
|
||||
it { should contain_class('heat::policy') }
|
||||
|
||||
it { should contain_heat_config('heat_api_cloudwatch/bind_host').with_value( params[:bind_host] ) }
|
||||
it { should contain_heat_config('heat_api_cloudwatch/bind_port').with_value( params[:bind_port] ) }
|
||||
|
|
|
@ -16,6 +16,7 @@ describe 'heat::api' do
|
|||
|
||||
it { should contain_class('heat') }
|
||||
it { should contain_class('heat::params') }
|
||||
it { should contain_class('heat::policy') }
|
||||
|
||||
it { should contain_heat_config('heat_api/bind_host').with_value( params[:bind_host] ) }
|
||||
it { should contain_heat_config('heat_api/bind_port').with_value( params[:bind_port] ) }
|
||||
|
|
|
@ -0,0 +1,40 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe 'heat::policy' do
|
||||
|
||||
shared_examples_for 'heat policies' do
|
||||
let :params do
|
||||
{
|
||||
:policy_path => '/etc/heat/policy.json',
|
||||
:policies => {
|
||||
'context_is_admin' => {
|
||||
'key' => 'context_is_admin',
|
||||
'value' => 'foo:bar'
|
||||
}
|
||||
}
|
||||
}
|
||||
end
|
||||
|
||||
it 'set up the policies' do
|
||||
should contain_class('openstacklib::policy').with({
|
||||
:policies => params[:policies]
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
context 'on Debian platforms' do
|
||||
let :facts do
|
||||
{ :osfamily => 'Debian' }
|
||||
end
|
||||
|
||||
it_configures 'heat policies'
|
||||
end
|
||||
|
||||
context 'on RedHat platforms' do
|
||||
let :facts do
|
||||
{ :osfamily => 'RedHat' }
|
||||
end
|
||||
|
||||
it_configures 'heat policies'
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue