Merge "Globally support system scope credentials"
This commit is contained in:
commit
04dbb2c213
|
@ -3,47 +3,50 @@
|
|||
#
|
||||
# == Parameters
|
||||
#
|
||||
# [*password*]
|
||||
# the keystone password for aodh services
|
||||
# Required.
|
||||
# [*password*]
|
||||
# (Required) the keystone password for aodh services
|
||||
#
|
||||
# [*auth_url*]
|
||||
# the keystone public endpoint
|
||||
# Optional. Defaults to 'http://localhost:5000/v3'
|
||||
# [*auth_url*]
|
||||
# (Optional) the keystone public endpoint
|
||||
# Defaults to 'http://localhost:5000/v3'
|
||||
#
|
||||
# [*region_name*]
|
||||
# the keystone region of this node
|
||||
# Optional. Defaults to 'RegionOne'
|
||||
# [*region_name*]
|
||||
# (Optional) the keystone region of this node
|
||||
# Defaults to 'RegionOne'
|
||||
#
|
||||
# [*username*]
|
||||
# the keystone user for aodh services
|
||||
# Optional. Defaults to 'aodh'
|
||||
# [*username*]
|
||||
# (Optional) the keystone user for aodh services
|
||||
# Defaults to 'aodh'
|
||||
#
|
||||
# [*project_name*]
|
||||
# the keystone tenant name for aodh services
|
||||
# Optional. Defaults to 'services'
|
||||
# [*project_name*]
|
||||
# (Optional) the keystone tenant name for aodh services
|
||||
# Defaults to 'services'
|
||||
#
|
||||
# [*project_domain_name*]
|
||||
# the keystone project domain name for aodh services
|
||||
# Optional. Defaults to 'Default'
|
||||
# [*project_domain_name*]
|
||||
# (Optional) the keystone project domain name for aodh services
|
||||
# Defaults to 'Default'
|
||||
#
|
||||
# [*user_domain_name*]
|
||||
# the keystone user domain name for aodh services
|
||||
# Optional. Defaults to 'Default'
|
||||
# [*user_domain_name*]
|
||||
# (Optional) the keystone user domain name for aodh services
|
||||
# Defaults to 'Default'
|
||||
#
|
||||
# [*auth_type*]
|
||||
# An authentication type to use with an OpenStack Identity server.
|
||||
# The value should contain auth plugin name.
|
||||
# Optional. Defaults to 'password'.
|
||||
# [*system_scope*]
|
||||
# (Optional) Scope for system operations.
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*cacert*]
|
||||
# Certificate chain for SSL validation.
|
||||
# Optional. Defaults to $::os_service_default
|
||||
# [*auth_type*]
|
||||
# (Optional) An authentication type to use with an OpenStack Identity server.
|
||||
# The value should contain auth plugin name.
|
||||
# Defaults to 'password'.
|
||||
#
|
||||
# [*interface*]
|
||||
# Type of endpoint in Identity service catalog to use for
|
||||
# communication with OpenStack services.
|
||||
# Optional. Defaults to $::os_service_default.
|
||||
# [*cacert*]
|
||||
# (Optional) Certificate chain for SSL validation.
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*interface*]
|
||||
# (Optional) Type of endpoint in Identity service catalog to use for
|
||||
# communication with OpenStack services.
|
||||
# Optional. Defaults to $::os_service_default.
|
||||
#
|
||||
class aodh::service_credentials (
|
||||
$password,
|
||||
|
@ -53,6 +56,7 @@ class aodh::service_credentials (
|
|||
$project_name = 'services',
|
||||
$project_domain_name = 'Default',
|
||||
$user_domain_name = 'Default',
|
||||
$system_scope = $::os_service_default,
|
||||
$auth_type = 'password',
|
||||
$cacert = $::os_service_default,
|
||||
$interface = $::os_service_default,
|
||||
|
@ -60,13 +64,22 @@ class aodh::service_credentials (
|
|||
|
||||
include aodh::deps
|
||||
|
||||
if is_service_default($system_scope) {
|
||||
$project_name_real = $project_name
|
||||
$project_domain_name_real = $project_domain_name
|
||||
} else {
|
||||
$project_name_real = $::os_service_default
|
||||
$project_domain_name_real = $::os_service_default
|
||||
}
|
||||
|
||||
aodh_config {
|
||||
'service_credentials/auth_url' : value => $auth_url;
|
||||
'service_credentials/region_name' : value => $region_name;
|
||||
'service_credentials/username' : value => $username;
|
||||
'service_credentials/password' : value => $password, secret => true;
|
||||
'service_credentials/project_name' : value => $project_name;
|
||||
'service_credentials/project_domain_name' : value => $project_domain_name;
|
||||
'service_credentials/project_name' : value => $project_name_real;
|
||||
'service_credentials/project_domain_name' : value => $project_domain_name_real;
|
||||
'service_credentials/system_scope' : value => $system_scope;
|
||||
'service_credentials/user_domain_name' : value => $user_domain_name;
|
||||
'service_credentials/cacert' : value => $cacert;
|
||||
'service_credentials/interface' : value => $interface;
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
The ``aodh::service_credentials::system_scope`` parameter has been added.
|
|
@ -3,11 +3,8 @@ require 'spec_helper'
|
|||
describe 'aodh::service_credentials' do
|
||||
|
||||
let :params do
|
||||
{ :auth_url => 'http://localhost:5000/v3',
|
||||
:region_name => 'RegionOne',
|
||||
:username => 'aodh',
|
||||
:password => 'password',
|
||||
:project_name => 'services',
|
||||
{
|
||||
:password => 'password',
|
||||
}
|
||||
end
|
||||
|
||||
|
@ -17,9 +14,8 @@ describe 'aodh::service_credentials' do
|
|||
is_expected.to contain_aodh_config('service_credentials/auth_url').with_value('http://localhost:5000/v3')
|
||||
is_expected.to contain_aodh_config('service_credentials/region_name').with_value('RegionOne')
|
||||
is_expected.to contain_aodh_config('service_credentials/project_domain_name').with_value('Default')
|
||||
is_expected.to_not contain_aodh_config('service_credentials/project_domain_id')
|
||||
is_expected.to contain_aodh_config('service_credentials/user_domain_name').with_value('Default')
|
||||
is_expected.to_not contain_aodh_config('service_credentials/user_domain_id')
|
||||
is_expected.to contain_aodh_config('service_credentials/system_scope').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_aodh_config('service_credentials/auth_type').with_value('password')
|
||||
is_expected.to contain_aodh_config('service_credentials/username').with_value('aodh')
|
||||
is_expected.to contain_aodh_config('service_credentials/password').with_value('password').with_secret(true)
|
||||
|
@ -38,6 +34,18 @@ describe 'aodh::service_credentials' do
|
|||
it { is_expected.to contain_aodh_config('service_credentials/interface').with_value(params[:interface]) }
|
||||
end
|
||||
|
||||
context 'when system_scope is set' do
|
||||
before do
|
||||
params.merge!(
|
||||
:system_scope => 'all'
|
||||
)
|
||||
end
|
||||
it 'configures system-scoped credential' do
|
||||
is_expected.to contain_aodh_config('service_credentials/project_domain_name').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_aodh_config('service_credentials/project_name').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_aodh_config('service_credentials/system_scope').with_value('all')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
|
|
Loading…
Reference in New Issue