openstack/cookbook-openstack-identity
Code Issues Proposed changes

Move paste deploy configuration to keystone-paste.ini.

Browse Source 
Change-Id: I56156eef348d1a31b3dd7b765a9b5bb37e26b305
Closes-Bug: #1289133
This commit is contained in:
ericzhou
2014-03-07 13:46:32 +08:00
parent aabaabfa1f
commit 289266f171
5 changed files with 198 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@@ -283,12 +283,13 @@ Author:: John Dewey (<jdewey@att.com>)
Author:: Sean Gallagher (<sean.gallagher@att.com>)
Author:: Ionut Artarisi (<iartarisi@suse.cz>)
Author:: Chen Zhiwei (zhiwchen@cn.ibm.com)
Author:: Eric Zhou (zyouzhou@cn.ibm.com)
Copyright 2012, Rackspace US, Inc.
Copyright 2012-2013, Opscode, Inc.
Copyright 2012-2013, AT&T Services, Inc.
Copyright 2013, SUSE Linux GmbH
Copyright 2013, IBM, Corp.
Copyright 2013-2014, IBM, Corp.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

9
recipes/server.rb
View File

@@ -160,6 +160,15 @@ template '/etc/keystone/keystone.conf' do
notifies :restart, 'service[keystone]', :immediately
end
template '/etc/keystone/keystone-paste.ini' do
source 'keystone-paste.ini.erb'
owner node['openstack']['identity']['user']
group node['openstack']['identity']['group']
mode 00644
notifies :restart, 'service[keystone]', :immediately
end
template '/etc/keystone/default_catalog.templates' do
source 'default_catalog.templates.erb'
owner node['openstack']['identity']['user']

91
spec/server_spec.rb
View File

@@ -454,5 +454,96 @@ describe 'openstack-identity::server' do
)
end
end
describe 'keystone-paste.ini' do
let(:paste_file_path) { '/etc/keystone/keystone-paste.ini' }
let(:paste_file_template) { chef_run.template paste_file_path }
it 'has proper owner' do
expect(paste_file_template.owner).to eq('keystone')
expect(paste_file_template.group).to eq('keystone')
end
it 'has proper modes' do
expect(sprintf('%o', paste_file_template.mode)).to eq '644'
end
it 'contains sections' do
required_sections = %w{filter:debug filter:token_auth
filter:admin_token_auth filter:xml_body
filter:json_body filter:user_crud_extension
filter:crud_extension filter:ec2_extension
filter:oauth_extension filter:s3_extension
filter:endpoint_filter_extension filter:url_normalize
filter:sizelimit filter:stats_monitoring
filter:stats_reporting filter:access_log
app:public_service app:service_v3
app:admin_service pipeline:public_api
pipeline:admin_api pipeline:api_v3
app:public_version_service app:admin_version_service
pipeline:public_version_api pipeline:admin_version_api
composite:main composite:admin}
required_sections.each do |section|
expect(chef_run).to render_file(paste_file_path).with_content(
/#{Regexp.quote(section)}/)
end
end
it 'has the correct filter configuration' do
filter_factory_key = 'paste.filter_factory'
required_filter_factories = %w{keystone.common.wsgi:Debug.factory
keystone.middleware:TokenAuthMiddleware.factory
keystone.middleware:AdminTokenAuthMiddleware.factory
keystone.middleware:XmlBodyMiddleware.factory
keystone.middleware:JsonBodyMiddleware.factory
keystone.contrib.user_crud:CrudExtension.factory
keystone.contrib.admin_crud:CrudExtension.factory
keystone.contrib.ec2:Ec2Extension.factory
keystone.contrib.oauth1.routers:OAuth1Extension.factory
keystone.contrib.s3:S3Extension.factory
keystone.contrib.endpoint_filter.routers:EndpointFilterExtension.factory
keystone.middleware:NormalizingFilter.factory
keystone.middleware:RequestBodySizeLimiter.factory
keystone.contrib.stats:StatsMiddleware.factory
keystone.contrib.stats:StatsExtension.factory
keystone.contrib.access:AccessLogMiddleware.factory}
required_filter_factories.each do |filter_factory|
r = line_regexp("#{filter_factory_key} = #{filter_factory}")
expect(chef_run).to render_file(paste_file_path).with_content(r)
end
end
it 'has the correct app configuration' do
app_factory_key = 'paste.app_factory'
required_app_factories = %w{keystone.service:public_app_factory
keystone.service:v3_app_factory
keystone.service:admin_app_factory
keystone.service:public_version_app_factory
keystone.service:admin_version_app_factory}
required_app_factories.each do |app_factory|
r = line_regexp("#{app_factory_key} = #{app_factory}")
expect(chef_run).to render_file(paste_file_path).with_content(r)
end
end
it 'has the correct pipeline configuration for public_api' do
r = line_regexp('pipeline = access_log sizelimit url_normalize token_auth admin_token_auth xml_body json_body ec2_extension user_crud_extension public_service')
expect(chef_run).to render_file(paste_file_path).with_content(r)
end
it 'has the correct pipeline configuration for admin_api' do
r = line_regexp('pipeline = access_log sizelimit url_normalize token_auth admin_token_auth xml_body json_body ec2_extension s3_extension crud_extension admin_service')
expect(chef_run).to render_file(paste_file_path).with_content(r)
end
it 'has the correct pipeline configuration for admin_api' do
r = line_regexp('pipeline = access_log sizelimit url_normalize token_auth admin_token_auth xml_body json_body ec2_extension s3_extension crud_extension admin_service')
expect(chef_run).to render_file(paste_file_path).with_content(r)
end
it 'notifies keystone restart' do
expect(paste_file_template).to notify('service[keystone]').to(:restart)
end
end
end
end

93
templates/default/keystone-paste.ini.erb Normal file
View File

@@ -0,0 +1,93 @@
<%= node["openstack"]["identity"]["custom_template_banner"] %>
# keystone PasteDeploy configuration file.
[filter:debug]
paste.filter_factory = keystone.common.wsgi:Debug.factory
[filter:token_auth]
paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory
[filter:admin_token_auth]
paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory
[filter:xml_body]
paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory
[filter:json_body]
paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory
[filter:user_crud_extension]
paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory
[filter:crud_extension]
paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory
[filter:ec2_extension]
paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory
[filter:oauth_extension]
paste.filter_factory = keystone.contrib.oauth1.routers:OAuth1Extension.factory
[filter:s3_extension]
paste.filter_factory = keystone.contrib.s3:S3Extension.factory
[filter:endpoint_filter_extension]
paste.filter_factory = keystone.contrib.endpoint_filter.routers:EndpointFilterExtension.factory
[filter:url_normalize]
paste.filter_factory = keystone.middleware:NormalizingFilter.factory
[filter:sizelimit]
paste.filter_factory = keystone.middleware:RequestBodySizeLimiter.factory
[filter:stats_monitoring]
paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory
[filter:stats_reporting]
paste.filter_factory = keystone.contrib.stats:StatsExtension.factory
[filter:access_log]
paste.filter_factory = keystone.contrib.access:AccessLogMiddleware.factory
[app:public_service]
paste.app_factory = keystone.service:public_app_factory
[app:service_v3]
paste.app_factory = keystone.service:v3_app_factory
[app:admin_service]
paste.app_factory = keystone.service:admin_app_factory
[pipeline:public_api]
pipeline = access_log sizelimit url_normalize token_auth admin_token_auth xml_body json_body ec2_extension user_crud_extension public_service
[pipeline:admin_api]
pipeline = access_log sizelimit url_normalize token_auth admin_token_auth xml_body json_body ec2_extension s3_extension crud_extension admin_service
[pipeline:api_v3]
pipeline = access_log sizelimit url_normalize token_auth admin_token_auth xml_body json_body ec2_extension s3_extension service_v3
[app:public_version_service]
paste.app_factory = keystone.service:public_version_app_factory
[app:admin_version_service]
paste.app_factory = keystone.service:admin_version_app_factory
[pipeline:public_version_api]
pipeline = access_log sizelimit url_normalize xml_body public_version_service
[pipeline:admin_version_api]
pipeline = access_log sizelimit url_normalize xml_body admin_version_service
[composite:main]
use = egg:Paste#urlmap
/v2.0 = public_api
/v3 = api_v3
/ = public_version_api
[composite:admin]
use = egg:Paste#urlmap
/v2.0 = admin_api
/v3 = api_v3
/ = admin_version_api

86
templates/default/keystone.conf.erb
View File

@@ -201,86 +201,6 @@ methods = password,token
password = keystone.auth.plugins.password.Password
token = keystone.auth.plugins.token.Token
[filter:debug]
paste.filter_factory = keystone.common.wsgi:Debug.factory
[filter:token_auth]
paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory
[filter:admin_token_auth]
paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory
[filter:xml_body]
paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory
[filter:json_body]
paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory
[filter:user_crud_extension]
paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory
[filter:crud_extension]
paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory
[filter:ec2_extension]
paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory
[filter:s3_extension]
paste.filter_factory = keystone.contrib.s3:S3Extension.factory
[filter:url_normalize]
paste.filter_factory = keystone.middleware:NormalizingFilter.factory
[filter:sizelimit]
paste.filter_factory = keystone.middleware:RequestBodySizeLimiter.factory
[filter:stats_monitoring]
paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory
[filter:stats_reporting]
paste.filter_factory = keystone.contrib.stats:StatsExtension.factory
[filter:access_log]
paste.filter_factory = keystone.contrib.access:AccessLogMiddleware.factory
[app:public_service]
paste.app_factory = keystone.service:public_app_factory
[app:service_v3]
paste.app_factory = keystone.service:v3_app_factory
[app:admin_service]
paste.app_factory = keystone.service:admin_app_factory
[pipeline:public_api]
pipeline = access_log sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service
[pipeline:admin_api]
pipeline = access_log sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service
[pipeline:api_v3]
pipeline = access_log sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension service_v3
[app:public_version_service]
paste.app_factory = keystone.service:public_version_app_factory
[app:admin_version_service]
paste.app_factory = keystone.service:admin_version_app_factory
[pipeline:public_version_api]
pipeline = access_log sizelimit stats_monitoring url_normalize xml_body public_version_service
[pipeline:admin_version_api]
pipeline = access_log sizelimit stats_monitoring url_normalize xml_body admin_version_service
[composite:main]
use = egg:Paste#urlmap
/v2.0 = public_api
/v3 = api_v3
/ = public_version_api
[composite:admin]
use = egg:Paste#urlmap
/v2.0 = admin_api
/v3 = api_v3
/ = admin_version_api
[paste_deploy]
# Name of the paste configuration file that defines the available pipelines
config_file = keystone-paste.ini