Allow to provide default password when invoke get_secret for develop mode

We need provide an option to specify a password when invoke the
get_secret instead of to return the value of index directly.
We can use the attribute node['openstack']['secret'][index] to save the
password.

Implements: blueprint vmware-password-databag
Change-Id: Ie9421b60f8a6b38a976941c1fe9c33c2962f091e

CHANGELOG.md

@@ -1,6 +1,9 @@
 # CHANGELOG for cookbook-openstack-common
 
 This file is used to list changes made in each version of cookbook-openstack-common.
+## 9.3.0
+* Provide an option to specify the password when dev mode equals true
+
 ## 9.2.2
 * Fixed openrc failure on role search
 

libraries/passwords.rb

@@ -38,8 +38,16 @@ module ::Openstack # rubocop:disable Documentation
   # nova_password = secret 'passwords', 'nova'
   #
   # That means nova_password will == 'nova'.
+  #
+  # You also can provide a default password value in developer mode,
+  # like following:
+  #
+  # node.set['openstack']['secret']['nova'] = 'nova_password'
+  # nova_password = secret 'passwords', 'nova'
+  #
+  # The nova_password will == 'nova_password'
   def secret(bag_name, index)
-    return index if node['openstack']['developer_mode']
+    return (node['openstack']['secret'][index] || index) if node['openstack']['developer_mode']
     key_path = node['openstack']['secret']['key_path']
     ::Chef::Log.info "Loading encrypted databag #{bag_name}.#{index} using key at #{key_path}"
     secret = ::Chef::EncryptedDataBagItem.load_secret key_path

metadata.rb

@@ -4,7 +4,7 @@ maintainer_email 'cookbooks@lists.tfoundry.com'
 license          'Apache 2.0'
 description      'Common OpenStack attributes, libraries and recipes.'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version          '9.2.2'
+version          '9.3.0'
 
 recipe           'openstack-common', 'Installs/Configures common recipes'
 recipe           'openstack-common::set_endpoints_by_interface', 'Set endpoints by interface'

spec/password_spec.rb

@@ -17,6 +17,12 @@ describe 'openstack-common::default' do
         expect(subject.secret('passwords', 'nova')).to eq('nova')
       end
 
+      it 'returns the specified password when developer_mode is true' do
+        node.set['openstack']['developer_mode'] = true
+        node.override['openstack']['secret']['nova'] = '12345'
+        expect(subject.secret('passwords', 'nova')).to eq('12345')
+      end
+
       it 'returns databag when developer_mode is false' do
         value = { 'nova' => 'this' }
         ::Chef::EncryptedDataBagItem.stub(:load_secret).with('/etc/chef/openstack_data_bag_secret').and_return('secret')
@@ -31,6 +37,12 @@ describe 'openstack-common::default' do
         expect(subject.get_secret('nova')).to eq('nova')
       end
 
+      it 'returns the specified password when developer_mode is true' do
+        node.set['openstack']['developer_mode'] = true
+        node.override['openstack']['secret']['nova'] = '67890'
+        expect(subject.get_secret('nova')).to eq('67890')
+      end
+
       it 'returns databag when developer_mode is false' do
         value = { 'nova' => 'this' }
         ::Chef::EncryptedDataBagItem.stub(:load_secret).with('/etc/chef/openstack_data_bag_secret').and_return('secret')