Rubocop support for recipes/*.rb

Change-Id: Ic6b09f84fbecefbb33404d64f25eca4e38e17bed
Addresses: blueprint rubocop-for-identity
This commit is contained in:
galstrom21 2014-01-20 14:47:08 -06:00
parent 036e537165
commit 378ffc2cc1
4 changed files with 116 additions and 109 deletions

View File

@ -6,7 +6,6 @@ AllCops:
- providers/**
- resources/**
- spec/**
Excludes:
- recipes/**
# UTF-8 headers not generally in these files
@ -27,4 +26,5 @@ WordArray:
# The rescue exception statements in providers/**.rb need to be modified,
# to rescue specific exceptions.
RescueException:
Enabled: false
Exclude:
- providers/register.rb

View File

@ -1,3 +1,4 @@
# encoding: UTF-8
#
# Cookbook Name:: openstack-identity
# Recipe:: default

View File

@ -1,3 +1,4 @@
# encoding: UTF-8
#
# Cookbook Name:: openstack-identity
# Recipe:: setup
@ -18,31 +19,31 @@
# limitations under the License.
#
require "uri"
require 'uri'
class ::Chef::Recipe
class ::Chef::Recipe # rubocop:disable Documentation
include ::Openstack
end
identity_admin_endpoint = endpoint "identity-admin"
identity_endpoint = endpoint "identity-api"
identity_admin_endpoint = endpoint 'identity-admin'
identity_endpoint = endpoint 'identity-api'
admin_tenant_name = node["openstack"]["identity"]["admin_tenant_name"]
admin_user = node["openstack"]["identity"]["admin_user"]
admin_pass = get_password "user", node["openstack"]["identity"]["admin_user"]
admin_tenant_name = node['openstack']['identity']['admin_tenant_name']
admin_user = node['openstack']['identity']['admin_user']
admin_pass = get_password 'user', node['openstack']['identity']['admin_user']
auth_uri = ::URI.decode identity_admin_endpoint.to_s
bootstrap_token = secret "secrets", "openstack_identity_bootstrap_token"
bootstrap_token = secret 'secrets', 'openstack_identity_bootstrap_token'
# We need to bootstrap the keystone admin user so that calls
# to keystone_register will succeed, since those provider calls
# use the admin tenant/user/pass to get an admin token.
bash "bootstrap-keystone-admin" do
bash 'bootstrap-keystone-admin' do
# A shortcut bootstrap command was added to python-keystoneclient
# in early Grizzly timeframe... but we need to do all the commands
# here manually since the python-keystoneclient package included
# in CloudArchive (for now) doesn't have it...
insecure = node["openstack"]["auth"]["validate_certs"] ? "" : " --insecure"
insecure = node['openstack']['auth']['validate_certs'] ? '' : ' --insecure'
base_ks_cmd = "keystone#{insecure} --endpoint=#{auth_uri} --token=#{bootstrap_token}"
code <<-EOF
set -x
@ -75,10 +76,12 @@ exit 0
EOF
end
# FIXME(galstrom21): This needs to be refactored, to not use a
# MultilineBlockChain.
# Register all the tenants specified in the users hash
node["openstack"]["identity"]["users"].values.map do |user_info|
user_info["roles"].values.push(user_info["default_tenant"])
end.flatten.uniq.each do |tenant_name|
node['openstack']['identity']['users'].values.map do |user_info|
user_info['roles'].values.push(user_info['default_tenant'])
end.flatten.uniq.each do |tenant_name| # rubocop: disable MultilineBlockChain
openstack_identity_register "Register '#{tenant_name}' Tenant" do
auth_uri auth_uri
bootstrap_token bootstrap_token
@ -89,10 +92,12 @@ end.flatten.uniq.each do |tenant_name|
end
end
# FIXME(galstrom21): This needs to be refactored, to not use a
# MultilineBlockChain.
# Register all the roles from the users hash
node["openstack"]["identity"]["users"].values.map do |user_info|
user_info["roles"].keys
end.flatten.uniq.each do |role_name|
node['openstack']['identity']['users'].values.map do |user_info|
user_info['roles'].keys
end.flatten.uniq.each do |role_name| # rubocop: disable MultilineBlockChain
openstack_identity_register "Register '#{role_name.to_s}' Role" do
auth_uri auth_uri
bootstrap_token bootstrap_token
@ -102,20 +107,20 @@ end.flatten.uniq.each do |role_name|
end
end
node["openstack"]["identity"]["users"].each do |username, user_info|
pwd = get_password "user", username
node['openstack']['identity']['users'].each do |username, user_info|
pwd = get_password 'user', username
openstack_identity_register "Register '#{username}' User" do
auth_uri auth_uri
bootstrap_token bootstrap_token
user_name username
user_pass pwd
tenant_name user_info["default_tenant"]
tenant_name user_info['default_tenant']
user_enabled true # Not required as this is the default
action :create_user
end
user_info["roles"].each do |rolename, tenant_list|
user_info['roles'].each do |rolename, tenant_list|
tenant_list.each do |tenantname|
openstack_identity_register "Grant '#{rolename}' Role to '#{username}' User in '#{tenantname}' Tenant" do
auth_uri auth_uri
@ -130,42 +135,42 @@ node["openstack"]["identity"]["users"].each do |username, user_info|
end
end
openstack_identity_register "Register Identity Service" do
openstack_identity_register 'Register Identity Service' do
auth_uri auth_uri
bootstrap_token bootstrap_token
service_name "keystone"
service_type "identity"
service_description "Keystone Identity Service"
service_name 'keystone'
service_type 'identity'
service_description 'Keystone Identity Service'
action :create_service
end
node.set["openstack"]["identity"]["adminURL"] = identity_admin_endpoint.to_s
node.set["openstack"]["identity"]["internalURL"] = identity_endpoint.to_s
node.set["openstack"]["identity"]["publicURL"] = identity_endpoint.to_s
node.set['openstack']['identity']['adminURL'] = identity_admin_endpoint.to_s
node.set['openstack']['identity']['internalURL'] = identity_endpoint.to_s
node.set['openstack']['identity']['publicURL'] = identity_endpoint.to_s
Chef::Log.info "Keystone AdminURL: #{identity_admin_endpoint.to_s}"
Chef::Log.info "Keystone InternalURL: #{identity_endpoint.to_s}"
Chef::Log.info "Keystone PublicURL: #{identity_endpoint.to_s}"
openstack_identity_register "Register Identity Endpoint" do
openstack_identity_register 'Register Identity Endpoint' do
auth_uri auth_uri
bootstrap_token bootstrap_token
service_type "identity"
endpoint_region node["openstack"]["identity"]["region"]
endpoint_adminurl node["openstack"]["identity"]["adminURL"]
endpoint_internalurl node["openstack"]["identity"]["adminURL"]
endpoint_publicurl node["openstack"]["identity"]["publicURL"]
service_type 'identity'
endpoint_region node['openstack']['identity']['region']
endpoint_adminurl node['openstack']['identity']['adminURL']
endpoint_internalurl node['openstack']['identity']['adminURL']
endpoint_publicurl node['openstack']['identity']['publicURL']
action :create_endpoint
end
node["openstack"]["identity"]["users"].each do |username, user_info|
node['openstack']['identity']['users'].each do |username, user_info|
openstack_identity_register "Create EC2 credentials for '#{username}' user" do
auth_uri auth_uri
bootstrap_token bootstrap_token
user_name username
tenant_name user_info["default_tenant"]
tenant_name user_info['default_tenant']
action :create_ec2_credentials
end

View File

@ -1,3 +1,4 @@
# encoding: UTF-8
#
# Cookbook Name:: openstack-identity
# Recipe:: server
@ -6,30 +7,30 @@
# Copyright 2012-2013, Opscode, Inc.
# Copyright 2013 SUSE LINUX Products GmbH.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# Licensed under the Apache License, Version 2.0 (the 'License');
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# distributed under the License is distributed on an 'AS IS' BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require "uri"
require 'uri'
class ::Chef::Recipe
class ::Chef::Recipe # rubocop:disable Documentation
include ::Openstack
end
if node["openstack"]["identity"]["syslog"]["use"]
include_recipe "openstack-common::logging"
if node['openstack']['identity']['syslog']['use']
include_recipe 'openstack-common::logging'
end
platform_options = node["openstack"]["identity"]["platform"]
platform_options = node['openstack']['identity']['platform']
db_type = node['openstack']['db']['identity']['db_type']
unless db_type == 'sqlite'
@ -40,90 +41,90 @@ unless db_type == 'sqlite'
end
end
platform_options["memcache_python_packages"].each do |pkg|
platform_options['memcache_python_packages'].each do |pkg|
package pkg do
action :install
end
end
platform_options["keystone_packages"].each do |pkg|
platform_options['keystone_packages'].each do |pkg|
package pkg do
options platform_options["package_options"]
options platform_options['package_options']
action :upgrade
end
end
execute "Keystone: sleep" do
command "sleep 10s"
execute 'Keystone: sleep' do
command 'sleep 10s'
action :nothing
end
service "keystone" do
service_name platform_options["keystone_service"]
supports :status => true, :restart => true
service 'keystone' do
service_name platform_options['keystone_service']
supports status: true, restart: true
action [ :enable ]
action [:enable]
notifies :run, "execute[Keystone: sleep]", :immediately
notifies :run, 'execute[Keystone: sleep]', :immediately
end
directory "/etc/keystone" do
owner node["openstack"]["identity"]["user"]
group node["openstack"]["identity"]["group"]
directory '/etc/keystone' do
owner node['openstack']['identity']['user']
group node['openstack']['identity']['group']
mode 00700
end
directory node["openstack"]["identity"]["signing"]["basedir"] do
owner node["openstack"]["identity"]["user"]
group node["openstack"]["identity"]["group"]
directory node['openstack']['identity']['signing']['basedir'] do
owner node['openstack']['identity']['user']
group node['openstack']['identity']['group']
mode 00700
only_if { node["openstack"]["auth"]["strategy"] == "pki" }
only_if { node['openstack']['auth']['strategy'] == 'pki' }
end
file "/var/lib/keystone/keystone.db" do
file '/var/lib/keystone/keystone.db' do
action :delete
not_if { node["openstack"]["db"]["identity"]["db_type"] == "sqlite" }
not_if { node['openstack']['db']['identity']['db_type'] == 'sqlite' }
end
execute "keystone-manage pki_setup" do
user node["openstack"]["identity"]["user"]
execute 'keystone-manage pki_setup' do
user node['openstack']['identity']['user']
only_if { node["openstack"]["auth"]["strategy"] == "pki" }
not_if { ::FileTest.exists? node["openstack"]["identity"]["signing"]["keyfile"] }
only_if { node['openstack']['auth']['strategy'] == 'pki' }
not_if { ::FileTest.exists? node['openstack']['identity']['signing']['keyfile'] }
end
identity_admin_endpoint = endpoint "identity-admin"
identity_endpoint = endpoint "identity-api"
compute_endpoint = endpoint "compute-api"
ec2_endpoint = endpoint "compute-ec2-api"
image_endpoint = endpoint "image-api"
network_endpoint = endpoint "network-api"
volume_endpoint = endpoint "volume-api"
identity_admin_endpoint = endpoint 'identity-admin'
identity_endpoint = endpoint 'identity-api'
compute_endpoint = endpoint 'compute-api'
ec2_endpoint = endpoint 'compute-ec2-api'
image_endpoint = endpoint 'image-api'
network_endpoint = endpoint 'network-api'
volume_endpoint = endpoint 'volume-api'
db_user = node["openstack"]["identity"]["db"]["username"]
db_pass = get_password "db", "keystone"
sql_connection = db_uri("identity", db_user, db_pass)
db_user = node['openstack']['identity']['db']['username']
db_pass = get_password 'db', 'keystone'
sql_connection = db_uri('identity', db_user, db_pass)
bootstrap_token = secret "secrets", "openstack_identity_bootstrap_token"
bootstrap_token = secret 'secrets', 'openstack_identity_bootstrap_token'
ip_address = address_for node["openstack"]["identity"]["bind_interface"]
ip_address = address_for node['openstack']['identity']['bind_interface']
# If the search role is set, we search for memcache
# servers via a Chef search. If not, we look at the
# memcache.servers attribute.
memcache_servers = memcached_servers.join "," # from openstack-common lib
memcache_servers = memcached_servers.join ',' # from openstack-common lib
uris = {
'identity-admin' => identity_admin_endpoint.to_s.gsub('%25','%'),
'identity' => identity_endpoint.to_s.gsub('%25','%'),
'image' => image_endpoint.to_s.gsub('%25','%'),
'compute' => compute_endpoint.to_s.gsub('%25','%'),
'ec2' => ec2_endpoint.to_s.gsub('%25','%'),
'network' => network_endpoint.to_s.gsub('%25','%'),
'volume' => volume_endpoint.to_s.gsub('%25','%')
'identity-admin' => identity_admin_endpoint.to_s.gsub('%25', '%'),
'identity' => identity_endpoint.to_s.gsub('%25', '%'),
'image' => image_endpoint.to_s.gsub('%25', '%'),
'compute' => compute_endpoint.to_s.gsub('%25', '%'),
'ec2' => ec2_endpoint.to_s.gsub('%25', '%'),
'network' => network_endpoint.to_s.gsub('%25', '%'),
'volume' => volume_endpoint.to_s.gsub('%25', '%')
}
# These configuration endpoints must not have the path (v2.0, etc)
@ -134,39 +135,39 @@ public_endpoint = "#{ie.scheme}://#{ie.host}:#{ie.port}/"
ae = identity_admin_endpoint
admin_endpoint = "#{ae.scheme}://#{ae.host}:#{ae.port}/"
template "/etc/keystone/keystone.conf" do
source "keystone.conf.erb"
owner node["openstack"]["identity"]["user"]
group node["openstack"]["identity"]["group"]
template '/etc/keystone/keystone.conf' do
source 'keystone.conf.erb'
owner node['openstack']['identity']['user']
group node['openstack']['identity']['group']
mode 00644
variables(
:sql_connection => sql_connection,
:ip_address => ip_address,
"bootstrap_token" => bootstrap_token,
"memcache_servers" => memcache_servers,
"uris" => uris,
"public_endpoint" => public_endpoint,
"admin_endpoint" => admin_endpoint,
"ldap" => node["openstack"]["identity"]["ldap"]
sql_connection: sql_connection,
ip_address: ip_address,
bootstrap_token: bootstrap_token,
memcache_servers: memcache_servers,
uris: uris,
public_endpoint: public_endpoint,
admin_endpoint: admin_endpoint,
ldap: node['openstack']['identity']['ldap']
)
notifies :restart, "service[keystone]", :immediately
notifies :restart, 'service[keystone]', :immediately
end
template "/etc/keystone/default_catalog.templates" do
source "default_catalog.templates.erb"
owner node["openstack"]["identity"]["user"]
group node["openstack"]["identity"]["group"]
template '/etc/keystone/default_catalog.templates' do
source 'default_catalog.templates.erb'
owner node['openstack']['identity']['user']
group node['openstack']['identity']['group']
mode 00644
variables(
"uris" => uris
uris: uris
)
notifies :restart, "service[keystone]", :immediately
only_if { node["openstack"]["identity"]["catalog"]["backend"] == "templated" }
notifies :restart, 'service[keystone]', :immediately
only_if { node['openstack']['identity']['catalog']['backend'] == 'templated' }
end
# sync db after keystone.conf is generated
execute "keystone-manage db_sync" do
only_if { node["openstack"]["identity"]["db"]["migrate"] }
execute 'keystone-manage db_sync' do
only_if { node['openstack']['identity']['db']['migrate'] }
end