Use validate_legacy

This changes all the puppet 3 validate_* functions to use the validate_legacy function. The validate_legacy function has been available since about three years but require Puppet >= 4.4.0 and since there is Puppet 4.10.12 as latest we should assume people are running a fairly new Puppet 4 version. This is the first step to then remove all validate function calls and use proper types for parameter as described in spec [1]. [1] https://review.openstack.org/#/c/568929/ Depends-On: https://review.openstack.org/#/c/639215/ Change-Id: Idd720f18893bea0ec1d26859e0a6907a5daa8980
2019-02-23 12:32:35 +01:00 · 2019-02-23 12:32:35 +01:00 · 7fea7a2145
parent 5401829e21
commit 7fea7a2145
13 changed files with 34 additions and 28 deletions
--- a/manifests/config.pp
+++ b/manifests/config.pp
@ -33,7 +33,8 @@ class keystone::config (

  include ::keystone::deps

-  validate_hash($keystone_config)
+  validate_legacy(Hash, 'validate_hash', $keystone_config)
+
  create_resources('keystone_config', $keystone_config)

  if $keystone_paste_ini {
--- a/manifests/db.pp
+++ b/manifests/db.pp
@ -66,8 +66,8 @@ class keystone::db (
  $database_retry_interval_real = pick($::keystone::database_retry_interval, $database_retry_interval)
  $database_max_overflow_real = pick($::keystone::database_max_overflow, $database_max_overflow)

-  validate_re($database_connection_real,
-    '^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?')
+  validate_legacy(Oslo::Dbconn, 'validate_re', $database_connection_real,
+    ['^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?'])

  oslo::db { 'keystone_config':
    db_max_retries => $database_db_max_retries,
--- a/manifests/db/mysql.pp
+++ b/manifests/db/mysql.pp
@ -45,7 +45,7 @@ class keystone::db::mysql(

  include ::keystone::deps

-  validate_string($password)
+  validate_legacy(String, 'validate_string', $password)

  ::openstacklib::db::mysql { 'keystone':
    user          => $user,
--- a/manifests/federation/mellon.pp
+++ b/manifests/federation/mellon.pp
@ -97,7 +97,7 @@ Apache + Mellon SP setups, where a REMOTE_USER env variable is always set, even
    fail('Methods should contain saml2 as one of the auth methods.')
  }

-  validate_bool($enable_websso)
+  validate_legacy(Boolean, 'validate_bool', $enable_websso)

  keystone_config {
    'auth/methods': value  => join(any2array($methods),',');
--- a/manifests/federation/shibboleth.pp
+++ b/manifests/federation/shibboleth.pp
@ -86,7 +86,7 @@ Apache + Shibboleth SP setups, where a REMOTE_USER env variable is always set, e
    fail('Methods should contain saml2 as one of the auth methods.')
  }

-  validate_bool($suppress_warning)
+  validate_legacy(Boolean, 'validate_bool', $suppress_warning)

  keystone_config {
    'auth/methods': value  => join(any2array($methods),',');
--- a/manifests/init.pp
+++ b/manifests/init.pp
@ -712,7 +712,7 @@ class keystone(
  }

  if ! $catalog_driver {
-    validate_re($catalog_type, 'template|sql')
+    validate_legacy(Enum['template', 'sql'], 'validate_re', $catalog_type)
  }

  if ($admin_endpoint and 'v2.0' in $admin_endpoint) {
@ -963,7 +963,7 @@ running as a standalone service, or httpd for being run by a httpd server")

  # Fernet tokens support
  if $enable_fernet_setup {
-    validate_string($fernet_key_repository)
+    validate_legacy(String, 'validate_string', $fernet_key_repository)
    ensure_resource('file', $fernet_key_repository, {
      ensure    => 'directory',
      owner     => $keystone_user,
@ -973,7 +973,7 @@ running as a standalone service, or httpd for being run by a httpd server")
    })

  if $fernet_keys {
-      validate_hash($fernet_keys)
+      validate_legacy(Hash, 'validate_hash', $fernet_keys)
      create_resources('file', $fernet_keys, {
          'owner'     => $keystone_user,
          'group'     => $keystone_group,
@ -999,7 +999,7 @@ running as a standalone service, or httpd for being run by a httpd server")

  # Credential support
  if $enable_credential_setup {
-    validate_string($credential_key_repository)
+    validate_legacy(String, 'validate_string', $credential_key_repository)
    ensure_resource('file', $credential_key_repository, {
      ensure    => 'directory',
      owner     => $keystone_user,
@ -1009,7 +1009,7 @@ running as a standalone service, or httpd for being run by a httpd server")
    })

    if $credential_keys {
-      validate_hash($credential_keys)
+      validate_legacy(Hash, 'validate_hash', $credential_keys)
      create_resources('file', $credential_keys, {
          'owner'     => $keystone_user,
          'group'     => $keystone_group,
@ -1094,7 +1094,8 @@ running as a standalone service, or httpd for being run by a httpd server")
  }

  if $using_domain_config {
-    validate_absolute_path($domain_config_directory)
+    validate_legacy(Stdlib::Absolutepath, 'validate_absolute_path', $domain_config_directory)
+
    # Better than ensure resource.  We don't want to conflict with any
    # user definition even if they don't match exactly our parameters.
    # The error catching mechanism in the provider will remind them if
--- a/manifests/ldap_backend.pp
+++ b/manifests/ldap_backend.pp
@ -496,7 +496,8 @@ and \"${domain_dir_enabled}\" for identity/domain_config_dir"
  if(bool2num($domain_enabled) == 0) {
    fail($err_msg)
  }
-  validate_re($domain_dir_enabled, '^/.+', $err_msg)
+
+  validate_legacy(Pattern[/^\/.+/], 'validate_re', $domain_dir_enabled, [$err_msg])

  if (!defined(File[$domain_dir_enabled])) {
    ensure_resource('file', $domain_dir_enabled, {
--- a/manifests/policy.pp
+++ b/manifests/policy.pp
@ -31,7 +31,7 @@ class keystone::policy (
  include ::keystone::deps
  include ::keystone::params

-  validate_hash($policies)
+  validate_legacy(Hash, 'validate_hash', $policies)

  Openstacklib::Policy::Base {
    file_path  => $policy_path,
--- a/manifests/resource/authtoken.pp
+++ b/manifests/resource/authtoken.pp
@ -283,11 +283,11 @@ define keystone::resource::authtoken(
  }

  if !is_service_default($include_service_catalog) {
-    validate_bool($include_service_catalog)
+    validate_legacy(Boolean, 'validate_bool', $include_service_catalog)
  }

  if !is_service_default($memcache_use_advanced_pool) {
-    validate_bool($memcache_use_advanced_pool)
+    validate_legacy(Boolean, 'validate_bool', $memcache_use_advanced_pool)
  }

  if! ($memcache_security_strategy in [$::os_service_default,'MAC','ENCRYPT']) {
@ -299,7 +299,7 @@ define keystone::resource::authtoken(
  }

  if !is_service_default($delay_auth_decision) {
-    validate_bool($delay_auth_decision)
+    validate_legacy(Boolean, 'validate_bool', $delay_auth_decision)
  }

  if !is_service_default($memcached_servers) and !empty($memcached_servers){
--- a/manifests/resource/service_identity.pp
+++ b/manifests/resource/service_identity.pp
@ -133,7 +133,8 @@ define keystone::resource::service_identity(

  include ::keystone::deps

-  validate_re($ensure, ['^present$', '^absent$'], 'Valid values for ensure parameter are present or absent')
+  validate_legacy(Enum['present', 'absent'], 'validate_re', $ensure,
+    [['^present$', '^absent$'], 'Valid values for ensure parameter are present or absent'])

  if $service_name == undef {
    $service_name_real = $auth_name
--- a/spec/classes/keystone_init_spec.rb
+++ b/spec/classes/keystone_init_spec.rb
@ -354,7 +354,7 @@ describe 'keystone' do
          :catalog_type => 'invalid' }
      end

-      it_raises "a Puppet::Error", /validate_re\(\): "invalid" does not match "template|sql"/
+      it { should raise_error(Puppet::Error) }
    end

    describe 'when configuring catalog driver' do
@ -1070,10 +1070,8 @@ describe 'keystone' do
          'domain_config_directory' => 'this/is/not/an/absolute/path'
        })
      end
-      it 'should raise an error' do
-        expect { should contain_file('/etc/keystone/domains') }
-          .to raise_error(Puppet::Error, %r(this/is/not/an/absolute/path" is not))
-      end
+
+      it { should raise_error(Puppet::Error) }
    end
    describe 'when setting domain directory and not using domain config' do
      let :params do
--- a/spec/defines/keystone_ldap_backend_spec.rb
+++ b/spec/defines/keystone_ldap_backend_spec.rb
@ -252,7 +252,8 @@ describe 'keystone::ldap_backend' do
      file {'/etc/keystone/keystone.conf': ensure => present }
      EOM
      end
-      it_raises 'a Puppet::Error', /You should add/
+
+      it { should raise_error(Puppet::Error) }
    end

    context 'Missing identity/domain_config_dir' do
@ -262,7 +263,8 @@ describe 'keystone::ldap_backend' do
      file {'/etc/keystone/keystone.conf': ensure => present }
      EOM
      end
-      it_raises 'a Puppet::Error', /You should add/
+
+      it { should raise_error(Puppet::Error) }
    end

  end
--- a/spec/defines/keystone_resource_service_identity_spec.rb
+++ b/spec/defines/keystone_resource_service_identity_spec.rb
@ -97,7 +97,7 @@ describe 'keystone::resource::service_identity' do
        required_params.merge(:ensure => 'badvalue')
      end

-      it { is_expected.to raise_error Puppet::Error, /Valid values for ensure parameter are present or absent/ }
+      it { should raise_error(Puppet::Error) }
    end

    context 'when explicitly setting an region' do
@ -135,7 +135,8 @@ describe 'keystone::resource::service_identity' do
        required_params.delete(:service_type)
        required_params
      end
-      it_raises 'a Puppet::Error', /When configuring a service, you need to set the service_type parameter/
+
+      it { should raise_error(Puppet::Error) }
    end

    context 'when trying to create an endpoint without url' do
@ -143,7 +144,8 @@ describe 'keystone::resource::service_identity' do
        required_params.delete(:public_url)
        required_params
      end
-      it_raises 'a Puppet::Error', /When configuring an endpoint, you need to set the _url parameters/
+
+      it { should raise_error(Puppet::Error) }
    end

    context 'with user domain' do