Merge "Remove deprecated watcher::api::watcher_clients_*"
This commit is contained in:
commit
cdaf69080f
118
manifests/api.pp
118
manifests/api.pp
|
@ -85,90 +85,22 @@
|
|||
# Require validate set at True.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*watcher_client_auth_uri*]
|
||||
# (Optional) Public Identity API endpoint.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*watcher_client_default_domain_name*]
|
||||
# (Optional)domain name to use with v3 API and v2 parameters. It will
|
||||
# be used for both the user and project domain in v3 and ignored in v2
|
||||
# authentication.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*watcher_client_password*]
|
||||
# (optional) User's password
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*watcher_client_username*]
|
||||
# (optional) The name of the auth user
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*watcher_client_auth_url*]
|
||||
# Specifies the admin Identity URI for Watcher to use.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*watcher_client_project_name*]
|
||||
# (Optional) Service project name.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*watcher_client_certfile*]
|
||||
# (Optional) PEM encoded client certificate cert file.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*watcher_client_cafile*]
|
||||
# (Optional)PEM encoded Certificate Authority to use when verifying HTTPs
|
||||
# connections.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*watcher_client_project_domain_name*]
|
||||
# (Optional) Domain name containing project.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*watcher_client_user_domain_name*]
|
||||
# (Optional) User Domain name.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*watcher_client_insecure*]
|
||||
# (Optional) Verify HTTPS connections.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*watcher_client_keyfile*]
|
||||
# (Optional) PEM encoded client certificate key file.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*watcher_client_auth_type*]
|
||||
# (Optional) Authentication type to load.
|
||||
# Defaults to undef
|
||||
#
|
||||
class watcher::api (
|
||||
$package_ensure = 'present',
|
||||
$enabled = true,
|
||||
$manage_service = true,
|
||||
$port = $::os_service_default,
|
||||
$max_limit = $::os_service_default,
|
||||
$bind_host = $::os_service_default,
|
||||
$workers = $::os_workers,
|
||||
$enable_ssl_api = $::os_service_default,
|
||||
$service_name = $::watcher::params::api_service_name,
|
||||
$create_db_schema = false,
|
||||
$upgrade_db = false,
|
||||
$auth_strategy = 'keystone',
|
||||
$package_ensure = 'present',
|
||||
$enabled = true,
|
||||
$manage_service = true,
|
||||
$port = $::os_service_default,
|
||||
$max_limit = $::os_service_default,
|
||||
$bind_host = $::os_service_default,
|
||||
$workers = $::os_workers,
|
||||
$enable_ssl_api = $::os_service_default,
|
||||
$service_name = $::watcher::params::api_service_name,
|
||||
$create_db_schema = false,
|
||||
$upgrade_db = false,
|
||||
$auth_strategy = 'keystone',
|
||||
# DEPRECATED PARAMETERS
|
||||
$validate = undef,
|
||||
$validation_options = undef,
|
||||
$watcher_client_auth_uri = undef,
|
||||
$watcher_client_default_domain_name = undef,
|
||||
$watcher_client_password = undef,
|
||||
$watcher_client_username = undef,
|
||||
$watcher_client_auth_url = undef,
|
||||
$watcher_client_project_name = undef,
|
||||
$watcher_client_certfile = undef,
|
||||
$watcher_client_cafile = undef,
|
||||
$watcher_client_project_domain_name = undef,
|
||||
$watcher_client_user_domain_name = undef,
|
||||
$watcher_client_insecure = undef,
|
||||
$watcher_client_keyfile = undef,
|
||||
$watcher_client_auth_type = undef,
|
||||
$validate = undef,
|
||||
$validation_options = undef,
|
||||
) inherits watcher::params {
|
||||
|
||||
include watcher::policy
|
||||
|
@ -243,26 +175,4 @@ as a standalone service, or httpd for being run by a httpd server")
|
|||
'api/workers': value => $workers;
|
||||
'api/enable_ssl_api': value => $enable_ssl_api;
|
||||
}
|
||||
|
||||
if $watcher_client_auth_uri != undef {
|
||||
warning('The watcher_client_auth_uri is deprecated and has no effect.')
|
||||
}
|
||||
watcher_config {
|
||||
'watcher_clients_auth/auth_uri': ensure => absent;
|
||||
}
|
||||
|
||||
if $watcher_client_default_domain_name != undef {
|
||||
warning('The watcher_client_default_domain_name parameter is deprecated and has no effect.')
|
||||
}
|
||||
|
||||
[ 'password', 'auth_url', 'username', 'project_name', 'project_domain_name',
|
||||
'user_domain_anme', 'auth_type', 'insecure', 'keyfile', 'certfile',
|
||||
'cafile' ].each |String $client_opt|{
|
||||
if getvar("watcher_client_${client_opt}") != undef {
|
||||
warning("The watcher_client_${client_opt} parameter is deprecated. \
|
||||
Use the watcher_clients_auth class instead.")
|
||||
}
|
||||
include watcher::watcher_clients_auth
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -53,7 +53,7 @@
|
|||
# Defaults to $::os_service_default
|
||||
#
|
||||
class watcher::watcher_clients_auth (
|
||||
$password = false,
|
||||
$password,
|
||||
$auth_url = 'http://localhost:5000/',
|
||||
$username = 'watcher',
|
||||
$project_name = 'services',
|
||||
|
@ -69,40 +69,26 @@ class watcher::watcher_clients_auth (
|
|||
|
||||
include watcher::deps
|
||||
|
||||
$password_real = pick($::watcher::api::watcher_client_password, $password)
|
||||
if ! $password_real {
|
||||
fail('password is required')
|
||||
}
|
||||
|
||||
if is_service_default($system_scope) {
|
||||
$project_name_real = pick($::watcher::api::watcher_client_project_name, $project_name)
|
||||
$project_domain_name_real = pick($::watcher::api::watcher_client_project_domain_name, $project_domain_name)
|
||||
$project_name_real = $project_name
|
||||
$project_domain_name_real = $project_domain_name
|
||||
} else {
|
||||
$project_name_real = $::os_service_default
|
||||
$project_domain_name_real = $::os_service_default
|
||||
}
|
||||
|
||||
$auth_url_real = pick($::watcher::api::watcher_client_auth_url, $auth_url)
|
||||
$username_real = pick($::watcher::api::watcher_client_username, $username)
|
||||
$user_domain_name_real = pick($::watcher::api::watcher_client_user_domain_name, $user_domain_name)
|
||||
$auth_type_real = pick($::watcher::api::watcher_client_auth_type, $auth_type)
|
||||
$insecure_real = pick($::watcher::api::watcher_client_insecure, $insecure)
|
||||
$certfile_real = pick($::watcher::api::watcher_client_certfile, $certfile)
|
||||
$cafile_real = pick($::watcher::api::watcher_client_cafile, $cafile)
|
||||
$keyfile_real = pick($::watcher::api::watcher_client_keyfile, $keyfile)
|
||||
|
||||
watcher_config {
|
||||
'watcher_clients_auth/password': value => $password_real, secret => true;
|
||||
'watcher_clients_auth/username': value => $username_real;
|
||||
'watcher_clients_auth/auth_url': value => $auth_url_real;
|
||||
'watcher_clients_auth/password': value => $password, secret => true;
|
||||
'watcher_clients_auth/username': value => $username;
|
||||
'watcher_clients_auth/auth_url': value => $auth_url;
|
||||
'watcher_clients_auth/project_name': value => $project_name_real;
|
||||
'watcher_clients_auth/project_domain_name': value => $project_domain_name_real;
|
||||
'watcher_clients_auth/user_domain_name': value => $user_domain_name_real;
|
||||
'watcher_clients_auth/user_domain_name': value => $user_domain_name;
|
||||
'watcher_clients_auth/system_scope': value => $system_scope;
|
||||
'watcher_clients_auth/insecure': value => $insecure_real;
|
||||
'watcher_clients_auth/auth_type': value => $auth_type_real;
|
||||
'watcher_clients_auth/cafile': value => $cafile_real;
|
||||
'watcher_clients_auth/certfile': value => $certfile_real;
|
||||
'watcher_clients_auth/keyfile': value => $keyfile_real;
|
||||
'watcher_clients_auth/insecure': value => $insecure;
|
||||
'watcher_clients_auth/auth_type': value => $auth_type;
|
||||
'watcher_clients_auth/cafile': value => $cafile;
|
||||
'watcher_clients_auth/certfile': value => $certfile;
|
||||
'watcher_clients_auth/keyfile': value => $keyfile;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
upgrade:
|
||||
- |
|
||||
The deprecated ``watcher::api::watcher_clinet_*`` parameters have been
|
||||
removed.
|
|
@ -3,18 +3,21 @@ require 'spec_helper'
|
|||
describe 'watcher::api' do
|
||||
|
||||
let :params do
|
||||
{ :watcher_client_password => 'password',
|
||||
:enabled => true,
|
||||
:package_ensure => 'latest',
|
||||
{
|
||||
:enabled => true,
|
||||
:package_ensure => 'latest',
|
||||
}
|
||||
end
|
||||
|
||||
shared_examples 'watcher-api' do
|
||||
let :pre_condition do
|
||||
"include watcher::db
|
||||
class { 'watcher': }
|
||||
class { 'watcher::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
end
|
||||
|
||||
context 'without required parameter watcher_client_password' do
|
||||
before { params.delete(:watcher_client_password) }
|
||||
it { expect { is_expected.to raise_error(Puppet::Error) } }
|
||||
end
|
||||
shared_examples 'watcher-api' do
|
||||
|
||||
it { is_expected.to contain_class('watcher::params') }
|
||||
it { is_expected.to contain_class('watcher::deps') }
|
||||
|
@ -70,53 +73,6 @@ describe 'watcher::api' do
|
|||
end
|
||||
end
|
||||
|
||||
context 'watcher clients auth section with default parameters' do
|
||||
it 'configures watcher clients auth' do
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/username').with_value('watcher')
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/password').with_value( params[:watcher_client_password] )
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/auth_url').with_value('http://localhost:5000/')
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/project_name').with_value('services')
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/project_domain_name').with_value('Default')
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/user_domain_name').with_value('Default')
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/insecure').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/auth_type').with_value('password')
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/cafile').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/certfile').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/keyfile').with_value('<SERVICE DEFAULT>')
|
||||
end
|
||||
end
|
||||
|
||||
context 'watcher clients auth section with overridden parameters' do
|
||||
before do
|
||||
params.merge! ({
|
||||
:watcher_client_username => 'watcher_user',
|
||||
:watcher_client_password => 'PassWoRD',
|
||||
:watcher_client_auth_url => 'http://localhost:35358/',
|
||||
:watcher_client_project_name => 'ProjectZero',
|
||||
:watcher_client_project_domain_name => 'WatcherDomain',
|
||||
:watcher_client_user_domain_name => 'WatcherUserDomain',
|
||||
:watcher_client_insecure => 'true',
|
||||
:watcher_client_auth_type => 'password',
|
||||
:watcher_client_cafile => '/tmp/ca.crt',
|
||||
:watcher_client_certfile => '/tmp/watcher.com.crt',
|
||||
:watcher_client_keyfile => '/tmp/key.pm',
|
||||
})
|
||||
end
|
||||
it 'configures watcher clients auth' do
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/username').with_value( params[:watcher_client_username] )
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/password').with_value( params[:watcher_client_password] )
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/auth_url').with_value('http://localhost:35358/')
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/project_name').with_value( params[:watcher_client_project_name] )
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/project_domain_name').with_value( params[:watcher_client_project_domain_name] )
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/user_domain_name').with_value( params[:watcher_client_user_domain_name] )
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/insecure').with_value( params[:watcher_client_insecure] )
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/auth_type').with_value( params[:watcher_client_auth_type] )
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/cafile').with_value( params[:watcher_client_cafile] )
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/certfile').with_value( params[:watcher_client_certfile] )
|
||||
is_expected.to contain_watcher_config('watcher_clients_auth/keyfile').with_value( params[:watcher_client_keyfile] )
|
||||
end
|
||||
end
|
||||
|
||||
context 'when running watcher-api in wsgi' do
|
||||
before do
|
||||
params.merge!({ :service_name => 'httpd' })
|
||||
|
|
Loading…
Reference in New Issue