Allow API pipeline to be settable in keystone-paste.ini
Change server recipe and template to allow the pipeline of public_api, admin_api, api_v3 to be set. Change-Id: Iab81c5e20aca2e7af2ea27c1c4c8a01dc40240ac Closes-Bug: #1358142
This commit is contained in:
parent
b98171f71a
commit
e0934e9769
|
@ -12,6 +12,7 @@ This file is used to list changes made in each version of cookbook-openstack-ide
|
|||
* Bump Chef gem to 11.16
|
||||
* Add test to verify each endpoint can be configured seperatly
|
||||
* Update endpoint when endpoint for one service type exists
|
||||
* Add attributes for pipeline of API
|
||||
|
||||
## 10.0.0
|
||||
* Upgrading to Juno
|
||||
|
|
|
@ -272,6 +272,9 @@ Please refer to the Common cookbook for more attributes.
|
|||
* `openstack['identity']['catalog']['list_limit']` - Maximum number of entities that will be returned in a catalog collection
|
||||
* `openstack['identity']['identity']['list_limit']` - Maximum number of entities that will be returned in a identity collection
|
||||
* `openstack['identity']['policy']['list_limit']` - Maximum number of entities that will be returned in a policy collection
|
||||
* `openstack['identity']['pipeline']['public_api']` - Pipeline of identity public api
|
||||
* `openstack['identity']['pipeline']['admin_api']` - Pipeline of identity admin api
|
||||
* `openstack['identity']['pipeline']['api_v3']` - Pipeline of identity V3 api
|
||||
|
||||
Most `openstack['identity']['ldap']` attributes map directly to the corresponding config options in keystone.conf's `[ldap]` backend. They are primarily used when configuring `openstack['identity']['identity']['backend']` and/or `openstack["identity"]["assignment"]["backend"]` as `ldap` (both default to `sql`).
|
||||
|
||||
|
|
|
@ -46,6 +46,19 @@ default['openstack']['identity']['pastefile_url'] = nil
|
|||
# array of lines to add to templated version of keystone-paste.ini
|
||||
default['openstack']['identity']['misc_paste'] = []
|
||||
|
||||
# This specify the pipeline of the keystone public API,
|
||||
# all Identity public API requests will be processed by the order of the pipeline.
|
||||
# this value will be used in the templated version of keystone-paste.ini
|
||||
default['openstack']['identity']['pipeline']['public_api'] = 'sizelimit url_normalize build_auth_context token_auth admin_token_auth xml_body_v2 json_body ec2_extension user_crud_extension public_service'
|
||||
# This specify the pipeline of the keystone admin API,
|
||||
# all Identity admin API requests will be processed by the order of the pipeline.
|
||||
# this value will be used in the templated version of keystone-paste.ini
|
||||
default['openstack']['identity']['pipeline']['admin_api'] = 'sizelimit url_normalize build_auth_context token_auth admin_token_auth xml_body_v2 json_body ec2_extension s3_extension crud_extension admin_service'
|
||||
# This specify the pipeline of the keystone V3 API,
|
||||
# all Identity V3 API requests will be processed by the order of the pipeline.
|
||||
# this value will be used in the templated version of keystone-paste.ini
|
||||
default['openstack']['identity']['pipeline']['api_v3'] = 'sizelimit url_normalize build_auth_context token_auth admin_token_auth xml_body_v3 json_body ec2_extension_v3 s3_extension simple_cert_extension revoke_extension service_v3'
|
||||
|
||||
default['openstack']['identity']['region'] = node['openstack']['region']
|
||||
default['openstack']['identity']['token']['expiration'] = '86400'
|
||||
default['openstack']['identity']['token']['hash_algorithm'] = 'md5'
|
||||
|
|
|
@ -851,7 +851,19 @@ describe 'openstack-identity::server' do
|
|||
it 'has proper modes' do
|
||||
expect(sprintf('%o', template.mode)).to eq('644')
|
||||
end
|
||||
|
||||
it 'has default api pipeline value' do
|
||||
expect(chef_run).to render_file(path).with_content(/^pipeline = sizelimit url_normalize build_auth_context token_auth admin_token_auth xml_body_v2 json_body ec2_extension user_crud_extension public_service$/)
|
||||
expect(chef_run).to render_file(path).with_content(/^pipeline = sizelimit url_normalize build_auth_context token_auth admin_token_auth xml_body_v2 json_body ec2_extension s3_extension crud_extension admin_service$/)
|
||||
expect(chef_run).to render_file(path).with_content(/^pipeline = sizelimit url_normalize build_auth_context token_auth admin_token_auth xml_body_v3 json_body ec2_extension_v3 s3_extension simple_cert_extension revoke_extension service_v3$/)
|
||||
end
|
||||
it 'template api pipeline set correct' do
|
||||
node.set['openstack']['identity']['pipeline']['public_api'] = 'public_service'
|
||||
node.set['openstack']['identity']['pipeline']['admin_api'] = 'admin_service'
|
||||
node.set['openstack']['identity']['pipeline']['api_v3'] = 'service_v3'
|
||||
expect(chef_run).to render_file(path).with_content(/^pipeline = public_service$/)
|
||||
expect(chef_run).to render_file(path).with_content(/^pipeline = admin_service$/)
|
||||
expect(chef_run).to render_file(path).with_content(/^pipeline = service_v3$/)
|
||||
end
|
||||
it 'template misc_paste array correctly' do
|
||||
node.set['openstack']['identity']['misc_paste'] = ['MISC1=OPTION1', 'MISC2=OPTION2']
|
||||
expect(chef_run).to render_file(path).with_content(
|
||||
|
|
|
@ -81,13 +81,13 @@ paste.app_factory = keystone.service:v3_app_factory
|
|||
paste.app_factory = keystone.service:admin_app_factory
|
||||
|
||||
[pipeline:public_api]
|
||||
pipeline = sizelimit url_normalize build_auth_context token_auth admin_token_auth xml_body_v2 json_body ec2_extension user_crud_extension public_service
|
||||
pipeline = <%=node["openstack"]["identity"]["pipeline"]["public_api"] %>
|
||||
|
||||
[pipeline:admin_api]
|
||||
pipeline = sizelimit url_normalize build_auth_context token_auth admin_token_auth xml_body_v2 json_body ec2_extension s3_extension crud_extension admin_service
|
||||
pipeline = <%=node["openstack"]["identity"]["pipeline"]["admin_api"] %>
|
||||
|
||||
[pipeline:api_v3]
|
||||
pipeline = sizelimit url_normalize build_auth_context token_auth admin_token_auth xml_body_v3 json_body ec2_extension_v3 s3_extension simple_cert_extension revoke_extension service_v3
|
||||
pipeline = <%=node["openstack"]["identity"]["pipeline"]["api_v3"] %>
|
||||
|
||||
[app:public_version_service]
|
||||
paste.app_factory = keystone.service:public_version_app_factory
|
||||
|
|
Loading…
Reference in New Issue