168 lines
5.3 KiB
Ruby
168 lines
5.3 KiB
Ruby
# encoding: UTF-8
|
|
|
|
require_relative 'spec_helper'
|
|
|
|
describe 'openstack-compute::api-os-compute' do
|
|
describe 'ubuntu' do
|
|
let(:runner) { ChefSpec::SoloRunner.new(UBUNTU_OPTS) }
|
|
let(:node) { runner.node }
|
|
cached(:chef_run) { runner.converge(described_recipe) }
|
|
|
|
include_context 'compute_stubs'
|
|
include_examples 'expect_runs_nova_common_recipe'
|
|
include_examples 'expect_creates_nova_state_dir'
|
|
include_examples 'expect_creates_nova_lock_dir'
|
|
include_examples 'expect_creates_api_paste_template'
|
|
|
|
it do
|
|
expect(chef_run).to run_execute('nova-manage api_db sync')
|
|
.with(
|
|
timeout: 3600,
|
|
user: 'nova',
|
|
group: 'nova',
|
|
command: 'nova-manage api_db sync'
|
|
)
|
|
end
|
|
|
|
it do
|
|
expect(chef_run).to upgrade_package %w(python3-nova nova-api)
|
|
end
|
|
|
|
it do
|
|
expect(chef_run).to disable_service 'nova-api-os-compute'
|
|
expect(chef_run).to stop_service 'nova-api-os-compute'
|
|
end
|
|
it do
|
|
expect(chef_run).to install_apache2_install('openstack').with(listen: '127.0.0.1:8774')
|
|
end
|
|
|
|
it do
|
|
expect(chef_run).to enable_apache2_module('wsgi')
|
|
end
|
|
|
|
it do
|
|
expect(chef_run).to_not enable_apache2_module('ssl')
|
|
end
|
|
|
|
it do
|
|
expect(chef_run).to create_template('/etc/apache2/sites-available/nova-api.conf').with(
|
|
source: 'wsgi-template.conf.erb',
|
|
variables: {
|
|
ca_certs_path: '',
|
|
cert_file: '',
|
|
cert_required: false,
|
|
chain_file: '',
|
|
ciphers: '',
|
|
daemon_process: 'nova-api',
|
|
group: 'nova',
|
|
key_file: '',
|
|
log_dir: '/var/log/apache2',
|
|
protocol: '',
|
|
run_dir: '/var/lock/apache2',
|
|
server_entry: '/usr/bin/nova-api-wsgi',
|
|
server_host: '127.0.0.1',
|
|
server_port: '8774',
|
|
user: 'nova',
|
|
use_ssl: false,
|
|
}
|
|
)
|
|
end
|
|
[
|
|
/<VirtualHost 127.0.0.1:8774>$/,
|
|
/WSGIDaemonProcess nova-api processes=2 threads=10 user=nova group=nova display-name=%{GROUP}$/,
|
|
/WSGIProcessGroup nova-api$/,
|
|
%r{WSGIScriptAlias / /usr/bin/nova-api-wsgi$},
|
|
/WSGIApplicationGroup %{GLOBAL}$/,
|
|
%r{ErrorLog /var/log/apache2/nova-api_error.log$},
|
|
%r{CustomLog /var/log/apache2/nova-api_access.log combined$},
|
|
%r{WSGISocketPrefix /var/lock/apache2$},
|
|
].each do |line|
|
|
it do
|
|
expect(chef_run).to render_file('/etc/apache2/sites-available/nova-api.conf').with_content(line)
|
|
end
|
|
end
|
|
|
|
[
|
|
/SSLEngine On$/,
|
|
/SSLCertificateFile/,
|
|
/SSLCertificateKeyFile/,
|
|
/SSLCACertificatePath/,
|
|
/SSLCertificateChainFile/,
|
|
/SSLProtocol/,
|
|
/SSLCipherSuite/,
|
|
/SSLVerifyClient require/,
|
|
].each do |line|
|
|
it do
|
|
expect(chef_run).to_not render_file('/etc/apache2/sites-available/nova-api.conf').with_content(line)
|
|
end
|
|
end
|
|
|
|
context 'Enable SSL' do
|
|
cached(:chef_run) do
|
|
node.override['openstack']['compute']['api']['ssl']['enabled'] = true
|
|
node.override['openstack']['compute']['api']['ssl']['certfile'] = 'ssl.cert'
|
|
node.override['openstack']['compute']['api']['ssl']['keyfile'] = 'ssl.key'
|
|
node.override['openstack']['compute']['api']['ssl']['ca_certs_path'] = 'ca_certs_path'
|
|
node.override['openstack']['compute']['api']['ssl']['protocol'] = 'ssl_protocol_value'
|
|
runner.converge(described_recipe)
|
|
end
|
|
|
|
it do
|
|
expect(chef_run).to enable_apache2_module('ssl')
|
|
end
|
|
|
|
[
|
|
/SSLEngine On$/,
|
|
/SSLCertificateFile ssl.cert$/,
|
|
/SSLCertificateKeyFile ssl.key$/,
|
|
/SSLCACertificatePath ca_certs_path$/,
|
|
/SSLProtocol ssl_protocol_value$/,
|
|
].each do |line|
|
|
it do
|
|
expect(chef_run).to render_file('/etc/apache2/sites-available/nova-api.conf').with_content(line)
|
|
end
|
|
end
|
|
[
|
|
/SSLCipherSuite/,
|
|
/SSLCertificateChainFile/,
|
|
/SSLVerifyClient require/,
|
|
].each do |line|
|
|
it do
|
|
expect(chef_run).to_not render_file('/etc/apache2/sites-available/nova-api.conf').with_content(line)
|
|
end
|
|
end
|
|
context 'Enable chainfile, ciphers & cert_required' do
|
|
cached(:chef_run) do
|
|
node.override['openstack']['compute']['api']['ssl']['enabled'] = true
|
|
node.override['openstack']['compute']['api']['ssl']['ciphers'] = 'ssl_ciphers_value'
|
|
node.override['openstack']['compute']['api']['ssl']['chainfile'] = 'chainfile'
|
|
node.override['openstack']['compute']['api']['ssl']['cert_required'] = true
|
|
runner.converge(described_recipe)
|
|
end
|
|
[
|
|
/SSLCipherSuite ssl_ciphers_value$/,
|
|
/SSLCertificateChainFile chainfile$/,
|
|
/SSLVerifyClient require/,
|
|
].each do |line|
|
|
it do
|
|
expect(chef_run).to render_file('/etc/apache2/sites-available/nova-api.conf').with_content(line)
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
it do
|
|
expect(chef_run.template('/etc/apache2/sites-available/nova-api.conf')).to \
|
|
notify('service[apache2]').to(:restart)
|
|
end
|
|
|
|
it do
|
|
expect(chef_run).to enable_apache2_site('nova-api')
|
|
end
|
|
|
|
it do
|
|
expect(chef_run.apache2_site('nova-api')).to notify('service[apache2]').to(:restart).immediately
|
|
end
|
|
end
|
|
end
|