Use a 'params' hash for authtoken parameters
Currently adding a new authtoken parameter requires changes in nearly 30 different puppet projects. For options without defaults, defining these individually in each puppet-* project doesn't appear to add any value since validation is already happening in the keystone::resource::authtoken class. This change adds a params parameter which is a hash of options to pass through to the authtoken resource. The individual params are still used as defaults, but any keys set in the params hash override them. I propose deprecating these individual parameters in a future commit. Depends-On: https://review.opendev.org/#/c/743858/ Change-Id: I695834ac03a52d8569e50db600676a89e165491d
This commit is contained in:
parent
c1d92c4c74
commit
5c38281e1b
|
@ -352,19 +352,22 @@ as a standalone service, or httpd for being run by a httpd server")
|
|||
}
|
||||
|
||||
if $validate {
|
||||
#Shrinking the variables names in favor of not
|
||||
#having more than 140 chars per line
|
||||
#Admin user real
|
||||
$aur = $::nova::keystone::authtoken::username
|
||||
#Admin password real
|
||||
$apr = $::nova::keystone::authtoken::password
|
||||
#Admin tenant name real
|
||||
$atnr = $::nova::keystone::authtoken::project_name
|
||||
#Keystone Auth URI
|
||||
$kau = $::nova::keystone::authtoken::www_authenticate_uri
|
||||
$authtoken_values = {
|
||||
'username' => $::nova::keystone::authtoken::username,
|
||||
'password' => $::nova::keystone::authtoken::password,
|
||||
'project_name' => $::nova::keystone::authtoken::project_name,
|
||||
'www_authenticate_uri' => $::nova::keystone::authtoken::www_authenticate_uri,
|
||||
}
|
||||
$authtoken = merge($authtoken_values, $::nova::keystone::authtoken::params)
|
||||
$defaults = {
|
||||
'nova-api' => {
|
||||
'command' => "nova --os-auth-url ${kau} --os-project-name ${atnr} --os-username ${aur} --os-password ${apr} flavor-list",
|
||||
'command' => @("CMD"/L)
|
||||
nova --os-auth-url ${authtoken['www_authenticate_uri']} \
|
||||
--os-project-name ${authtoken['project_name']} \
|
||||
--os-username ${authtoken['username']} \
|
||||
--os-password ${authtoken['password']} \
|
||||
flavor-list
|
||||
|- CMD
|
||||
}
|
||||
}
|
||||
$validation_options_hash = merge ($defaults, $validation_options)
|
||||
|
|
|
@ -182,6 +182,10 @@
|
|||
# "public", "internal" or "admin".
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*params*]
|
||||
# (Optional) Hash of additional parameters to pass through to the keystone
|
||||
# authtoken class. Values set here override the individual parameters above.
|
||||
#
|
||||
class nova::keystone::authtoken(
|
||||
$username = 'nova',
|
||||
$password = $::os_service_default,
|
||||
|
@ -218,6 +222,7 @@ class nova::keystone::authtoken(
|
|||
$service_token_roles = $::os_service_default,
|
||||
$service_token_roles_required = $::os_service_default,
|
||||
$interface = $::os_service_default,
|
||||
$params = {},
|
||||
) {
|
||||
|
||||
include nova::deps
|
||||
|
@ -226,7 +231,10 @@ class nova::keystone::authtoken(
|
|||
fail('Please set password for nova service user')
|
||||
}
|
||||
|
||||
keystone::resource::authtoken { 'nova_config':
|
||||
keystone::resource::authtoken {
|
||||
'nova_config':
|
||||
* => $params;
|
||||
default:
|
||||
username => $username,
|
||||
password => $password,
|
||||
project_name => $project_name,
|
||||
|
@ -261,6 +269,6 @@ class nova::keystone::authtoken(
|
|||
token_cache_time => $token_cache_time,
|
||||
service_token_roles => $service_token_roles,
|
||||
service_token_roles_required => $service_token_roles_required,
|
||||
interface => $interface,
|
||||
interface => $interface;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -6,6 +6,7 @@ describe 'nova::api' do
|
|||
"include nova
|
||||
class { 'nova::keystone::authtoken':
|
||||
password => 'passw0rd',
|
||||
params => { 'username' => 'novae' },
|
||||
}"
|
||||
end
|
||||
|
||||
|
@ -143,7 +144,7 @@ describe 'nova::api' do
|
|||
})
|
||||
end
|
||||
it { is_expected.to contain_openstacklib__service_validation('nova-api').with(
|
||||
:command => 'nova --os-auth-url http://127.0.0.1:5000/ --os-project-name services --os-username nova --os-password passw0rd flavor-list',
|
||||
:command => 'nova --os-auth-url http://127.0.0.1:5000/ --os-project-name services --os-username novae --os-password passw0rd flavor-list',
|
||||
:subscribe => 'Service[nova-api]',
|
||||
)}
|
||||
|
||||
|
|
|
@ -86,6 +86,7 @@ describe 'nova::keystone::authtoken' do
|
|||
:service_token_roles => ['service'],
|
||||
:service_token_roles_required => true,
|
||||
:interface => 'internal',
|
||||
:params => { 'service_type' => "compute" },
|
||||
})
|
||||
end
|
||||
|
||||
|
@ -124,12 +125,26 @@ describe 'nova::keystone::authtoken' do
|
|||
is_expected.to contain_nova_config('keystone_authtoken/service_token_roles').with_value(params[:service_token_roles])
|
||||
is_expected.to contain_nova_config('keystone_authtoken/service_token_roles_required').with_value(params[:service_token_roles_required])
|
||||
is_expected.to contain_nova_config('keystone_authtoken/interface').with_value(params[:interface])
|
||||
is_expected.to contain_nova_config('keystone_authtoken/service_type').with_value(params[:params]['service_type'])
|
||||
end
|
||||
|
||||
it 'installs python memcache package' do
|
||||
is_expected.to contain_package('python-memcache')
|
||||
end
|
||||
end
|
||||
|
||||
context 'when overriding parameters via params hash' do
|
||||
before do
|
||||
params.merge!({
|
||||
:username => 'myuser',
|
||||
:params => { 'username' => "myotheruser" },
|
||||
})
|
||||
end
|
||||
|
||||
it 'configure keystone_authtoken' do
|
||||
is_expected.to contain_nova_config('keystone_authtoken/username').with_value(params[:params]['username'])
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
|
|
Loading…
Reference in New Issue