Browse Source

Merge "Raise an error when san private key is missing"

Jenkins 4 years ago
parent
commit
388d95b8aa
4 changed files with 20 additions and 9 deletions
  1. 1
    0
      README.md
  2. 3
    0
      attributes/default.rb
  3. 10
    4
      recipes/volume.rb
  4. 6
    5
      spec/volume_spec.rb

+ 1
- 0
README.md View File

@@ -147,6 +147,7 @@ Cinder attributes
147 147
 * `openstack['block-storage']['san']['san_ip'] - IP address of SAN controller
148 148
 * `openstack['block-storage']['san']['san_login'] - Username for SAN controller
149 149
 * `openstack['block-storage']['san']['san_private_key'] - Filename of private key to use for SSH authentication
150
+* `openstack['block-storage']['san']['san_private_key_url'] - Source url of private key to use for SSH authentication
150 151
 * `openstack['block-storage']['storwize']['storwize_svc_volpool_name'] - Storage system storage pool for volumes
151 152
 * `openstack['block-storage']['storwize']['storwize_svc_vol_rsize'] - Storage system space-efficiency parameter for volumes
152 153
 * `openstack['block-storage']['storwize']['storwize_svc_vol_warning'] - Storage system threshold for volume capacity warnings

+ 3
- 0
attributes/default.rb View File

@@ -135,6 +135,8 @@ default['openstack']['block-storage']['service_role'] = 'admin'
135 135
 default['openstack']['block-storage']['san']['san_ip'] = '127.0.0.1'
136 136
 default['openstack']['block-storage']['san']['san_login'] = 'admin'
137 137
 default['openstack']['block-storage']['san']['san_private_key'] = '/v7000_rsa'
138
+# The location(URL) of the san_private_key. This value may also specify HTTP(http://), FTP("ftp://"), or local(file://), if the san private key is in the local, you should also specify this attribute using(file://)
139
+default['openstack']['block-storage']['san']['san_private_key_url'] = nil
138 140
 
139 141
 # NFS support
140 142
 default['openstack']['block-storage']['nfs']['nas_ip'] = '127.0.0.1'
@@ -166,6 +168,7 @@ default['openstack']['block-storage']['storwize']['san_ip'] = node['openstack'][
166 168
 default['openstack']['block-storage']['storwize']['san_login'] = node['openstack']['block-storage']['san']['san_login']
167 169
 # If the key is set to nil, the san_login and san_password will be used.
168 170
 default['openstack']['block-storage']['storwize']['san_private_key'] = node['openstack']['block-storage']['san']['san_private_key']
171
+default['openstack']['block-storage']['storwize']['san_private_key_url'] = node['openstack']['block-storage']['san']['san_private_key_url']
169 172
 default['openstack']['block-storage']['storwize']['storwize_svc_volpool_name'] = 'volpool'
170 173
 default['openstack']['block-storage']['storwize']['storwize_svc_vol_rsize'] = 2
171 174
 default['openstack']['block-storage']['storwize']['storwize_svc_vol_warning'] = 0

+ 10
- 4
recipes/volume.rb View File

@@ -106,10 +106,16 @@ when 'cinder.volume.drivers.netapp.nfs.NetAppDirect7modeNfsDriver'
106 106
   end
107 107
 
108 108
 when 'cinder.volume.drivers.ibm.storwize_svc.StorwizeSVCDriver'
109
-  file node['openstack']['block-storage']['san']['san_private_key'] do
110
-    mode '0400'
111
-    owner node['openstack']['block-storage']['user']
112
-    group node['openstack']['block-storage']['group']
109
+  san_private_key = node['openstack']['block-storage']['storwize']['san_private_key']
110
+  san_private_key_url = node['openstack']['block-storage']['storwize']['san_private_key_url']
111
+
112
+  if san_private_key && san_private_key_url
113
+    remote_file san_private_key do
114
+      source san_private_key_url
115
+      mode '0400'
116
+      owner node['openstack']['block-storage']['user']
117
+      group node['openstack']['block-storage']['group']
118
+    end
113 119
   end
114 120
 
115 121
   platform_options['cinder_svc_packages'].each do |pkg|

+ 6
- 5
spec/volume_spec.rb View File

@@ -165,12 +165,13 @@ describe 'openstack-block-storage::volume' do
165 165
         node.set['openstack']['block-storage']['volume']['driver'] = 'cinder.volume.drivers.ibm.storwize_svc.StorwizeSVCDriver'
166 166
       end
167 167
 
168
-      it 'configures storewize private key' do
169
-        san_key = chef_run.file chef_run.node['openstack']['block-storage']['san']['san_private_key']
170
-        expect(san_key.mode).to eq('0400')
171
-        expect(chef_run).to create_file('/v7000_rsa').with(
168
+      it 'download san private key if needed' do
169
+        node.set['openstack']['block-storage']['storwize']['san_private_key_url'] = 'http://server/key'
170
+        expect(chef_run).to create_remote_file('/v7000_rsa').with(
171
+          source: 'http://server/key',
172 172
           user: 'cinder',
173
-          group: 'cinder'
173
+          group: 'cinder',
174
+          mode: '0400'
174 175
         )
175 176
       end
176 177
 

Loading…
Cancel
Save