Fix resource references for latest puppet

In keystone we had some references to Execs that may or may not have been
defined depending on the class parameters. The latest version of puppet
has changed how the catalog is compiled exposing these possibly
undefined references. This change updates to use resource collectors
where applicable.

Change-Id: Id5dcc42301b622e7f8331b0d61fdef8b7fea1992
Closes-Bug: #1702964
This commit is contained in:
Alex Schultz 2017-07-07 15:04:35 -06:00
parent 243c5f5f45
commit b479685940
5 changed files with 17 additions and 18 deletions

View File

@ -83,6 +83,6 @@ class keystone::cron::token_flush (
monthday => $monthday,
month => $month,
weekday => $weekday,
require => Package['keystone'],
require => Anchor['keystone::install::end'],
}
}

View File

@ -12,24 +12,17 @@
#
class keystone::disable_admin_token_auth {
require ::keystone::roles::admin
Keystone::Resource::Service_identity<||> -> Class['::keystone::disable_admin_token_auth']
Ini_subsetting {
require => Class['keystone::roles::admin'],
}
if $::keystone::manage_service and $::keystone::enabled {
Ini_subsetting {
notify => Exec['restart_keystone'],
}
}
ini_subsetting { 'public_api/admin_token_auth':
ensure => absent,
path => '/etc/keystone/keystone-paste.ini',
section => 'pipeline:public_api',
setting => 'pipeline',
subsetting => 'admin_token_auth',
tag => 'disable-admin-token-auth',
}
ini_subsetting { 'admin_api/admin_token_auth':
ensure => absent,
@ -37,6 +30,7 @@ class keystone::disable_admin_token_auth {
section => 'pipeline:admin_api',
setting => 'pipeline',
subsetting => 'admin_token_auth',
tag => 'disable-admin-token-auth',
}
ini_subsetting { 'api_v3/admin_token_auth':
ensure => absent,
@ -44,5 +38,9 @@ class keystone::disable_admin_token_auth {
section => 'pipeline:api_v3',
setting => 'pipeline',
subsetting => 'admin_token_auth',
tag => 'disable-admin-token-auth',
}
Ini_subsetting <| tag == 'disable-admin-token-auth' |> ~>
Exec<| name == 'restart_keystone' |>
}

View File

@ -1257,8 +1257,7 @@ running as a standalone service, or httpd for being run by a httpd server")
enabled => true,
is_default => true,
require => Service[$service_name],
notify => Exec['restart_keystone'],
}
} ~> Exec<| title == 'restart_keystone' |>
anchor { 'default_domain_created':
require => Keystone_domain[$default_domain],
}

View File

@ -29,7 +29,7 @@ describe 'keystone::cron::token_flush' do
:monthday => params[:monthday],
:month => params[:month],
:weekday => params[:weekday],
:require => 'Package[keystone]',
:require => 'Anchor[keystone::install::end]',
)
end
end
@ -52,7 +52,7 @@ describe 'keystone::cron::token_flush' do
:monthday => params[:monthday],
:month => params[:month],
:weekday => params[:weekday],
:require => 'Package[keystone]',
:require => 'Anchor[keystone::install::end]',
)
end
end
@ -75,7 +75,7 @@ describe 'keystone::cron::token_flush' do
:monthday => '*',
:month => '*',
:weekday => '*',
:require => 'Package[keystone]',
:require => 'Anchor[keystone::install::end]',
)
end
end
@ -98,7 +98,7 @@ describe 'keystone::cron::token_flush' do
:monthday => params[:monthday],
:month => params[:month],
:weekday => params[:weekday],
:require => 'Package[keystone]',
:require => 'Anchor[keystone::install::end]',
)
end
end

View File

@ -6,7 +6,9 @@ describe 'keystone::disable_admin_token_auth' do
end
let :pre_condition do
'class { "keystone": admin_token => "secret", }'
'class { "::keystone": admin_token => "secret", }
class { "::keystone::roles::admin": password => "secret" }
'
end
it { is_expected.to contain_ini_subsetting('public_api/admin_token_auth') }