Add reseller_admin_role config to proxy::keystone
The reseller admin role has the ability to create and delete accounts. Set the default as undef, so that new config is not added until a user wants to add it. Also clean up leftover concat items from proxy spec tests. Change-Id: I5936fe30b1cb7197bf37748f204a054b1e49e430
This commit is contained in:
parent
49a4be7277
commit
3fb02701f3
|
@ -10,9 +10,15 @@
|
|||
# Swift operator roles must be defined in swift::keystone::auth because
|
||||
# keystone API access is usually not available on Swift proxy nodes.
|
||||
#
|
||||
# [*reseller_prefix*]
|
||||
# (Optional) The prefix used for reseller URL.
|
||||
# Defaults to 'AUTH_'
|
||||
# [*reseller_prefix*]
|
||||
# (Optional) The prefix used for reseller URL.
|
||||
# Defaults to 'AUTH_'
|
||||
#
|
||||
# [*reseller_admin_role*]
|
||||
# The reseller admin role has the ability to create and delete accounts.
|
||||
# This role defines who has the ability to manage other swift accounts.
|
||||
# (Optional)
|
||||
# Defaults to Undef.
|
||||
#
|
||||
# DEPRECATED PARAMETERS
|
||||
# [*is_admin*]
|
||||
|
@ -26,6 +32,7 @@
|
|||
class swift::proxy::keystone(
|
||||
$operator_roles = ['admin', 'SwiftOperator'],
|
||||
$reseller_prefix = 'AUTH_',
|
||||
$reseller_admin_role = undef,
|
||||
# DEPRECATED PARAMETERS
|
||||
$is_admin = undef
|
||||
) {
|
||||
|
@ -37,8 +44,9 @@ class swift::proxy::keystone(
|
|||
}
|
||||
|
||||
swift_proxy_config {
|
||||
'filter:keystone/use': value => 'egg:swift#keystoneauth';
|
||||
'filter:keystone/operator_roles': value => join(any2array($operator_roles), ', ');
|
||||
'filter:keystone/reseller_prefix': value => $reseller_prefix;
|
||||
'filter:keystone/use': value => 'egg:swift#keystoneauth';
|
||||
'filter:keystone/operator_roles': value => join(any2array($operator_roles), ', ');
|
||||
'filter:keystone/reseller_prefix': value => $reseller_prefix;
|
||||
'filter:keystone/reseller_admin_role': value => $reseller_admin_role;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -6,10 +6,6 @@ describe 'swift::proxy::authtoken' do
|
|||
{}
|
||||
end
|
||||
|
||||
let :pre_condition do
|
||||
'concat { "/etc/swift/proxy-server.conf": }'
|
||||
end
|
||||
|
||||
describe 'when using the default signing directory' do
|
||||
let :file_defaults do
|
||||
{
|
||||
|
|
|
@ -6,10 +6,6 @@ describe 'swift::proxy::catch_errors' do
|
|||
{}
|
||||
end
|
||||
|
||||
let :pre_condition do
|
||||
'concat { "/etc/swift/proxy-server.conf": }'
|
||||
end
|
||||
|
||||
it { is_expected.to contain_swift_proxy_config('filter:catch_errors/use').with_value('egg:swift#catch_errors') }
|
||||
|
||||
end
|
||||
|
|
|
@ -7,8 +7,7 @@ describe 'swift::proxy::ceilometer' do
|
|||
end
|
||||
|
||||
let :pre_condition do
|
||||
'concat { "/etc/swift/proxy-server.conf": }
|
||||
class { "swift":
|
||||
'class { "swift":
|
||||
swift_hash_path_suffix => "dummy"
|
||||
}'
|
||||
end
|
||||
|
|
|
@ -6,10 +6,6 @@ describe 'swift::proxy::keystone' do
|
|||
{}
|
||||
end
|
||||
|
||||
let :pre_condition do
|
||||
'concat { "/etc/swift/proxy-server.conf": }'
|
||||
end
|
||||
|
||||
it { is_expected.to contain_swift_proxy_config('filter:keystone/use').with_value('egg:swift#keystoneauth') }
|
||||
|
||||
describe 'with defaults' do
|
||||
|
@ -23,12 +19,14 @@ describe 'swift::proxy::keystone' do
|
|||
|
||||
let :params do
|
||||
{
|
||||
:operator_roles => 'foo',
|
||||
:reseller_prefix => 'SWIFT_'
|
||||
:operator_roles => 'foo',
|
||||
:reseller_prefix => 'SWIFT_',
|
||||
:reseller_admin_role => 'ResellerAdmin'
|
||||
}
|
||||
|
||||
it { is_expected.to contain_swift_proxy_config('filter:keystone/operator_roles').with_value('foo') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:keystone/reseller_prefix').with_value('SWIFT_') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:keystone/reseller_admin_role').with_value('ResellerAdmin') }
|
||||
|
||||
end
|
||||
|
||||
|
|
|
@ -284,7 +284,6 @@ describe 'swift::proxy' do
|
|||
OSDefaults.get_facts({
|
||||
:operatingsystem => 'Ubuntu',
|
||||
:osfamily => 'Debian',
|
||||
:concat_basedir => '/var/lib/puppet/concat',
|
||||
})
|
||||
end
|
||||
|
||||
|
@ -314,7 +313,6 @@ describe 'swift::proxy' do
|
|||
OSDefaults.get_facts({
|
||||
:osfamily => 'RedHat',
|
||||
:operatingsystem => 'RedHat',
|
||||
:concat_basedir => '/var/lib/puppet/concat',
|
||||
})
|
||||
end
|
||||
|
||||
|
|
|
@ -9,14 +9,6 @@ describe 'swift::proxy::swift3' do
|
|||
})
|
||||
end
|
||||
|
||||
let :pre_condition do
|
||||
'concat { "/etc/swift/proxy-server.conf": }'
|
||||
end
|
||||
|
||||
let :fragment_file do
|
||||
"/var/lib/puppet/concat/_etc_swift_proxy-server.conf/fragments/27_swift_swift3"
|
||||
end
|
||||
|
||||
it { is_expected.to contain_swift_proxy_config('filter:swift3/use').with_value('egg:swift3#swift3') }
|
||||
|
||||
end
|
||||
|
|
|
@ -15,10 +15,6 @@ describe 'swift::proxy::tempauth' do
|
|||
|
||||
let :params do default_params end
|
||||
|
||||
let :pre_condition do
|
||||
'concat { "/etc/swift/proxy-server.conf": }'
|
||||
end
|
||||
|
||||
it { is_expected.to contain_swift_proxy_config('filter:tempauth/use').with_value('egg:swift#tempauth') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:tempauth/user_admin_admin').with_value('admin .admin .reseller_admin') }
|
||||
|
||||
|
|
|
@ -6,10 +6,6 @@ describe 'swift::proxy::tempurl' do
|
|||
{}
|
||||
end
|
||||
|
||||
let :pre_condition do
|
||||
'concat { "/etc/swift/proxy-server.conf": }'
|
||||
end
|
||||
|
||||
it { is_expected.to contain_swift_proxy_config('filter:tempurl/use').with_value('egg:swift#tempurl') }
|
||||
|
||||
['methods',
|
||||
|
|
Loading…
Reference in New Issue