Rubocop support for spec/*.rb
Change-Id: Id86d34888632a23f58faa91a5c81b52bc2fc4981 Addresses: blueprint rubocop-for-identity
This commit is contained in:
galstrom21
parent
01663915f5
commit
7394546f73
@ -5,9 +5,9 @@ AllCops:
|
||||
- attributes/**
|
||||
- providers/**
|
||||
- resources/**
|
||||
- spec/**
|
||||
Excludes:
|
||||
- recipes/**
|
||||
- spec/**
|
||||
|
||||
# UTF-8 headers not generally in these files
|
||||
Encoding:
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
require_relative "spec_helper"
|
||||
require_relative 'spec_helper'
|
||||
|
||||
describe "openstack-identity::default" do
|
||||
describe 'openstack-identity::default' do
|
||||
end
|
||||
|
||||
@ -1,14 +1,14 @@
|
||||
require_relative "spec_helper"
|
||||
require_relative 'spec_helper'
|
||||
|
||||
describe Chef::Provider::Execute do
|
||||
before do
|
||||
@chef_run = ::ChefSpec::Runner.new ::OPENSUSE_OPTS
|
||||
@chef_run.converge "openstack-identity::default"
|
||||
@chef_run.converge 'openstack-identity::default'
|
||||
@node = @chef_run.node
|
||||
@node.set["openstack"] = {
|
||||
"identity" => {
|
||||
"catalog" => {
|
||||
"backend" => "sql"
|
||||
@node.set['openstack'] = {
|
||||
'identity' => {
|
||||
'catalog' => {
|
||||
'backend' => 'sql'
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -16,71 +16,87 @@ describe Chef::Provider::Execute do
|
||||
@events = Chef::EventDispatch::Dispatcher.new
|
||||
@run_context = Chef::RunContext.new(@node, @cookbook_collection, @events)
|
||||
|
||||
@tenant_resource = Chef::Resource::OpenstackIdentityRegister.new("tenant1", @run_context)
|
||||
@tenant_resource.tenant_name "tenant1"
|
||||
@tenant_resource.tenant_description "tenant1 Tenant"
|
||||
@tenant_resource = Chef::Resource::OpenstackIdentityRegister.new('tenant1', @run_context)
|
||||
@tenant_resource.tenant_name 'tenant1'
|
||||
@tenant_resource.tenant_description 'tenant1 Tenant'
|
||||
|
||||
@service_resource = Chef::Resource::OpenstackIdentityRegister.new("service1", @run_context)
|
||||
@service_resource.service_type "compute"
|
||||
@service_resource.service_name "service1"
|
||||
@service_resource.service_description "service1 Service"
|
||||
@service_resource = Chef::Resource::OpenstackIdentityRegister.new('service1', @run_context)
|
||||
@service_resource.service_type 'compute'
|
||||
@service_resource.service_name 'service1'
|
||||
@service_resource.service_description 'service1 Service'
|
||||
|
||||
@endpoint_resource = Chef::Resource::OpenstackIdentityRegister.new("endpoint1", @run_context)
|
||||
@endpoint_resource.endpoint_region "Region One"
|
||||
@endpoint_resource.service_type "compute"
|
||||
@endpoint_resource.endpoint_publicurl "http://public"
|
||||
@endpoint_resource.endpoint_internalurl "http://internal"
|
||||
@endpoint_resource.endpoint_adminurl "http://admin"
|
||||
@endpoint_resource = Chef::Resource::OpenstackIdentityRegister.new('endpoint1', @run_context)
|
||||
@endpoint_resource.endpoint_region 'Region One'
|
||||
@endpoint_resource.service_type 'compute'
|
||||
@endpoint_resource.endpoint_publicurl 'http://public'
|
||||
@endpoint_resource.endpoint_internalurl 'http://internal'
|
||||
@endpoint_resource.endpoint_adminurl 'http://admin'
|
||||
|
||||
@role_resource = Chef::Resource::OpenstackIdentityRegister.new("role1", @run_context)
|
||||
@role_resource.role_name "role1"
|
||||
@role_resource = Chef::Resource::OpenstackIdentityRegister.new('role1', @run_context)
|
||||
@role_resource.role_name 'role1'
|
||||
|
||||
@user_resource = Chef::Resource::OpenstackIdentityRegister.new("user1", @run_context)
|
||||
@user_resource.user_name "user1"
|
||||
@user_resource.tenant_name "tenant1"
|
||||
@user_resource.user_pass "password"
|
||||
@user_resource = Chef::Resource::OpenstackIdentityRegister.new('user1', @run_context)
|
||||
@user_resource.user_name 'user1'
|
||||
@user_resource.tenant_name 'tenant1'
|
||||
@user_resource.user_pass 'password'
|
||||
|
||||
@grant_resource = Chef::Resource::OpenstackIdentityRegister.new("grant1", @run_context)
|
||||
@grant_resource.user_name "user1"
|
||||
@grant_resource.tenant_name "tenant1"
|
||||
@grant_resource.role_name "role1"
|
||||
@grant_resource = Chef::Resource::OpenstackIdentityRegister.new('grant1', @run_context)
|
||||
@grant_resource.user_name 'user1'
|
||||
@grant_resource.tenant_name 'tenant1'
|
||||
@grant_resource.role_name 'role1'
|
||||
|
||||
@ec2_resource = Chef::Resource::OpenstackIdentityRegister.new("ec2", @run_context)
|
||||
@ec2_resource.user_name "user1"
|
||||
@ec2_resource.tenant_name "tenant1"
|
||||
@ec2_resource = Chef::Resource::OpenstackIdentityRegister.new('ec2', @run_context)
|
||||
@ec2_resource.user_name 'user1'
|
||||
@ec2_resource.tenant_name 'tenant1'
|
||||
end
|
||||
|
||||
it "should create a tenant" do
|
||||
it 'should create a tenant' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@tenant_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@tenant_resource, "tenant", "name", "tenant1")
|
||||
provider.stub(:identity_command).with(@tenant_resource, "tenant-create",
|
||||
{"name" => "tenant1", "description" => "tenant1 Tenant", "enabled" => true})
|
||||
provider.stub(:identity_uuid).with(@tenant_resource, 'tenant', 'name', 'tenant1')
|
||||
provider.stub(:identity_command).with(@tenant_resource,
|
||||
'tenant-create',
|
||||
'name' => 'tenant1',
|
||||
'description' => 'tenant1 Tenant',
|
||||
'enabled' => true)
|
||||
provider.run_action(:create_tenant)
|
||||
@tenant_resource.should be_updated
|
||||
end
|
||||
it "should not create a new tenant if already exists" do
|
||||
|
||||
it 'should not create a new tenant if already exists' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@tenant_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@tenant_resource, "tenant", "name", "tenant1").and_return("1234567890ABCDEFGH")
|
||||
provider.stub(:identity_uuid).with(@tenant_resource, 'tenant', 'name', 'tenant1').and_return('1234567890ABCDEFGH')
|
||||
provider.run_action(:create_tenant)
|
||||
@tenant_resource.should_not be_updated
|
||||
end
|
||||
it "should create a service" do
|
||||
|
||||
it 'should create a service' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@service_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@service_resource, "service", "type", "compute")
|
||||
provider.stub(:identity_command).with(@service_resource, "service-create",
|
||||
{"type" => "compute", "name" => "service1", "description" => "service1 Service"})
|
||||
provider.stub(:identity_uuid).with(@service_resource, 'service', 'type', 'compute')
|
||||
provider.stub(:identity_command).with(@service_resource,
|
||||
'service-create',
|
||||
'type' => 'compute',
|
||||
'name' => 'service1',
|
||||
'description' => 'service1 Service')
|
||||
provider.run_action(:create_service)
|
||||
@service_resource.should be_updated
|
||||
end
|
||||
it "should not create a service if already exists" do
|
||||
|
||||
it 'should not create a service if already exists' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@service_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@service_resource, "service", "type", "compute").and_return("1234567890ABCDEFGH")
|
||||
provider.stub(:identity_uuid).with(@service_resource, 'service', 'type', 'compute').and_return('1234567890ABCDEFGH')
|
||||
provider.run_action(:create_service)
|
||||
@service_resource.should_not be_updated
|
||||
end
|
||||
it "should not create a service if using a templated backend" do
|
||||
|
||||
it 'should not create a service if using a templated backend' do
|
||||
node = Chef::Node.new
|
||||
node.set["openstack"] = {"identity" => {"catalog" => { "backend" => "templated" }} }
|
||||
node.set['openstack'] = {
|
||||
'identity' => {
|
||||
'catalog' => {
|
||||
'backend' => 'templated'
|
||||
}
|
||||
}
|
||||
}
|
||||
cookbook_collection = Chef::CookbookCollection.new([])
|
||||
events = Chef::EventDispatch::Dispatcher.new
|
||||
run_context = Chef::RunContext.new(node, cookbook_collection, events)
|
||||
@ -88,26 +104,37 @@ describe Chef::Provider::Execute do
|
||||
provider.run_action(:create_service)
|
||||
@service_resource.should_not be_updated
|
||||
end
|
||||
it "should create an endpoint" do
|
||||
|
||||
it 'should create an endpoint' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@endpoint_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@endpoint_resource, "service", "type", "compute").and_return("1234567890ABCDEFGH")
|
||||
provider.stub(:identity_uuid).with(@endpoint_resource, "endpoint", "service_id", "1234567890ABCDEFGH")
|
||||
provider.stub(:identity_command).with(@endpoint_resource, "endpoint-create", {
|
||||
"region" => "Region One", "service_id" => "1234567890ABCDEFGH", "publicurl" => "http://public",
|
||||
"internalurl" => "http://internal", "adminurl" => "http://admin"})
|
||||
provider.stub(:identity_uuid).with(@endpoint_resource, 'service', 'type', 'compute').and_return('1234567890ABCDEFGH')
|
||||
provider.stub(:identity_uuid).with(@endpoint_resource, 'endpoint', 'service_id', '1234567890ABCDEFGH')
|
||||
provider.stub(:identity_command).with(@endpoint_resource,
|
||||
'endpoint-create',
|
||||
'region' => 'Region One',
|
||||
'service_id' => '1234567890ABCDEFGH',
|
||||
'publicurl' => 'http://public',
|
||||
'internalurl' => 'http://internal',
|
||||
'adminurl' => 'http://admin')
|
||||
provider.run_action(:create_endpoint)
|
||||
@endpoint_resource.should be_updated
|
||||
end
|
||||
it "should not create a endpoint if already exists" do
|
||||
|
||||
it 'should not create a endpoint if already exists' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@endpoint_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@endpoint_resource, "service", "type", "compute").and_return("1234567890ABCDEFGH")
|
||||
provider.stub(:identity_uuid).with(@endpoint_resource, "endpoint", "service_id", "1234567890ABCDEFGH").and_return("0987654321HGFEDCBA")
|
||||
provider.stub(:identity_uuid).with(@endpoint_resource, 'service', 'type', 'compute').and_return('1234567890ABCDEFGH')
|
||||
provider.stub(:identity_uuid).with(@endpoint_resource, 'endpoint', 'service_id', '1234567890ABCDEFGH').and_return('0987654321HGFEDCBA')
|
||||
provider.run_action(:create_endpoint)
|
||||
@endpoint_resource.should_not be_updated
|
||||
end
|
||||
it "should not create an endpoint if using a templated backend" do
|
||||
|
||||
it 'should not create an endpoint if using a templated backend' do
|
||||
node = Chef::Node.new
|
||||
node.set["openstack"] = {"identity" => {"catalog" => { "backend" => "templated" }} }
|
||||
node.set['openstack'] = {
|
||||
'identity' => {
|
||||
'catalog' => { 'backend' => 'templated' }
|
||||
}
|
||||
}
|
||||
cookbook_collection = Chef::CookbookCollection.new([])
|
||||
events = Chef::EventDispatch::Dispatcher.new
|
||||
run_context = Chef::RunContext.new(node, cookbook_collection, events)
|
||||
@ -115,101 +142,130 @@ describe Chef::Provider::Execute do
|
||||
provider.run_action(:create_endpoint)
|
||||
@endpoint_resource.should_not be_updated
|
||||
end
|
||||
it "should create a role" do
|
||||
|
||||
it 'should create a role' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@role_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@role_resource, "role", "name", "role1")
|
||||
provider.stub(:identity_command).with(@role_resource, "role-create", {"name" => "role1"})
|
||||
provider.stub(:identity_uuid).with(@role_resource, 'role', 'name', 'role1')
|
||||
provider.stub(:identity_command).with(@role_resource, 'role-create',
|
||||
'name' => 'role1')
|
||||
provider.run_action(:create_role)
|
||||
@role_resource.should be_updated
|
||||
end
|
||||
it "should not create a role if already exists" do
|
||||
|
||||
it 'should not create a role if already exists' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@role_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@role_resource, "role", "name", "role1").and_return("1234567890ABCDEFGH")
|
||||
provider.stub(:identity_uuid).with(@role_resource, 'role', 'name', 'role1').and_return('1234567890ABCDEFGH')
|
||||
provider.run_action(:create_role)
|
||||
@role_resource.should_not be_updated
|
||||
end
|
||||
it "should create a user" do
|
||||
|
||||
it 'should create a user' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@user_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@user_resource, "tenant", "name", "tenant1").and_return("1234567890ABCDEFGH")
|
||||
provider.stub(:identity_command).with(@user_resource, "user-list", {"tenant-id" => "1234567890ABCDEFGH"})
|
||||
provider.stub(:identity_command).with(@user_resource, "user-create",
|
||||
{"name" => "user1", "tenant-id" => "1234567890ABCDEFGH", "pass" => "password", "enabled" => true})
|
||||
provider.stub(:identity_uuid).with(@user_resource, 'tenant', 'name', 'tenant1').and_return('1234567890ABCDEFGH')
|
||||
provider.stub(:identity_command).with(@user_resource, 'user-list',
|
||||
'tenant-id' => '1234567890ABCDEFGH')
|
||||
provider.stub(:identity_command).with(@user_resource, 'user-create',
|
||||
'name' => 'user1',
|
||||
'tenant-id' => '1234567890ABCDEFGH',
|
||||
'pass' => 'password',
|
||||
'enabled' => true)
|
||||
provider.stub(:prettytable_to_array).and_return([])
|
||||
provider.run_action(:create_user)
|
||||
@user_resource.should be_updated
|
||||
end
|
||||
it "should not create a user if already exists" do
|
||||
|
||||
it 'should not create a user if already exists' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@user_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@user_resource, "tenant", "name", "tenant1").and_return("1234567890ABCDEFGH")
|
||||
provider.stub(:identity_command).with(@user_resource, "user-list", {"tenant-id" => "1234567890ABCDEFGH"})
|
||||
provider.stub(:prettytable_to_array).and_return([{"name" => "user1"}])
|
||||
provider.stub(:identity_uuid).with(@user_resource, "user", "name", "user1").and_return("HGFEDCBA0987654321")
|
||||
provider.stub(:identity_uuid).with(@user_resource, 'tenant', 'name', 'tenant1').and_return('1234567890ABCDEFGH')
|
||||
provider.stub(:identity_command).with(@user_resource, 'user-list',
|
||||
'tenant-id' => '1234567890ABCDEFGH')
|
||||
provider.stub(:prettytable_to_array).and_return([{ 'name' => 'user1' }])
|
||||
provider.stub(:identity_uuid).with(@user_resource, 'user', 'name',
|
||||
'user1').and_return('HGFEDCBA0987654321')
|
||||
provider.run_action(:create_user)
|
||||
@user_resource.should_not be_updated
|
||||
end
|
||||
it "should grant a role" do
|
||||
|
||||
it 'should grant a role' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@grant_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@grant_resource, "tenant", "name", "tenant1").and_return("1234567890ABCDEFGH")
|
||||
provider.stub(:identity_uuid).with(@grant_resource, "user", "name", "user1").and_return("HGFEDCBA0987654321")
|
||||
provider.stub(:identity_uuid).with(@grant_resource, "role", "name", "role1").and_return("ABC1234567890DEF")
|
||||
provider.stub(:identity_uuid).with(@grant_resource, "user-role", "name", "role1",
|
||||
{ "tenant-id" => "1234567890ABCDEFGH", "user-id" => "HGFEDCBA0987654321" }).and_return("ABCD1234567890EFGH")
|
||||
provider.stub(:identity_command).with(@grant_resource, "user-role-add",
|
||||
{"tenant-id" => "1234567890ABCDEFGH", "role-id" => "ABC1234567890DEF", "user-id" => "HGFEDCBA0987654321"})
|
||||
provider.stub(:identity_uuid).with(@grant_resource, 'tenant', 'name', 'tenant1').and_return('1234567890ABCDEFGH')
|
||||
provider.stub(:identity_uuid).with(@grant_resource, 'user', 'name', 'user1').and_return('HGFEDCBA0987654321')
|
||||
provider.stub(:identity_uuid).with(@grant_resource, 'role', 'name', 'role1').and_return('ABC1234567890DEF')
|
||||
provider.stub(:identity_uuid).with(@grant_resource, 'user-role', 'name',
|
||||
'role1',
|
||||
'tenant-id' => '1234567890ABCDEFGH',
|
||||
'user-id' => 'HGFEDCBA0987654321').and_return('ABCD1234567890EFGH')
|
||||
provider.stub(:identity_command).with(@grant_resource, 'user-role-add',
|
||||
'tenant-id' => '1234567890ABCDEFGH',
|
||||
'role-id' => 'ABC1234567890DEF',
|
||||
'user-id' => 'HGFEDCBA0987654321')
|
||||
provider.run_action(:grant_role)
|
||||
@grant_resource.should be_updated
|
||||
end
|
||||
it "should not grant a role if already granted" do
|
||||
|
||||
it 'should not grant a role if already granted' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@grant_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@grant_resource, "tenant", "name", "tenant1").and_return("1234567890ABCDEFGH")
|
||||
provider.stub(:identity_uuid).with(@grant_resource, "user", "name", "user1").and_return("HGFEDCBA0987654321")
|
||||
provider.stub(:identity_uuid).with(@grant_resource, "role", "name", "role1").and_return("ABC1234567890DEF")
|
||||
provider.stub(:identity_uuid).with(@grant_resource, "user-role", "name", "role1",
|
||||
{"tenant-id" => "1234567890ABCDEFGH", "user-id" => "HGFEDCBA0987654321" }).and_return("ABC1234567890DEF")
|
||||
provider.stub(:identity_command).with(@grant_resource, "user-role-add",
|
||||
{"tenant-id" => "1234567890ABCDEFGH", "role-id" => "ABC1234567890DEF", "user-id" => "HGFEDCBA0987654321"})
|
||||
provider.stub(:identity_uuid).with(@grant_resource, 'tenant', 'name', 'tenant1').and_return('1234567890ABCDEFGH')
|
||||
provider.stub(:identity_uuid).with(@grant_resource, 'user', 'name', 'user1').and_return('HGFEDCBA0987654321')
|
||||
provider.stub(:identity_uuid).with(@grant_resource, 'role', 'name', 'role1').and_return('ABC1234567890DEF')
|
||||
provider.stub(:identity_uuid).with(@grant_resource, 'user-role', 'name',
|
||||
'role1',
|
||||
'tenant-id' => '1234567890ABCDEFGH',
|
||||
'user-id' => 'HGFEDCBA0987654321').and_return('ABC1234567890DEF')
|
||||
provider.stub(:identity_command).with(@grant_resource, 'user-role-add',
|
||||
'tenant-id' => '1234567890ABCDEFGH',
|
||||
'role-id' => 'ABC1234567890DEF',
|
||||
'user-id' => 'HGFEDCBA0987654321')
|
||||
provider.run_action(:grant_role)
|
||||
@grant_resource.should_not be_updated
|
||||
end
|
||||
it "should grant ec2 creds" do
|
||||
|
||||
it 'should grant ec2 creds' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@ec2_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@ec2_resource, "tenant", "name", "tenant1").and_return("1234567890ABCDEFGH")
|
||||
provider.stub(:identity_uuid).with(@ec2_resource, "user", "name", "user1",
|
||||
{"tenant-id" => "1234567890ABCDEFGH"}).and_return("HGFEDCBA0987654321")
|
||||
provider.stub(:identity_uuid).with(@ec2_resource, "ec2-credentials", "tenant", "tenant1",
|
||||
{"user-id" => "HGFEDCBA0987654321"}, "access")
|
||||
provider.stub(:identity_command).with(@ec2_resource, "ec2-credentials-create",
|
||||
{"user-id" => "HGFEDCBA0987654321", "tenant-id" => "1234567890ABCDEFGH"})
|
||||
provider.stub(:prettytable_to_array).and_return([{"access" => "access", "secret" => "secret"}])
|
||||
provider.stub(:identity_uuid).with(@ec2_resource, 'tenant', 'name', 'tenant1').and_return('1234567890ABCDEFGH')
|
||||
provider.stub(:identity_uuid).with(@ec2_resource, 'user', 'name', 'user1',
|
||||
'tenant-id' => '1234567890ABCDEFGH').and_return('HGFEDCBA0987654321')
|
||||
provider.stub(:identity_uuid).with(@ec2_resource, 'ec2-credentials',
|
||||
'tenant', 'tenant1',
|
||||
{ 'user-id' => 'HGFEDCBA0987654321' },
|
||||
'access')
|
||||
provider.stub(:identity_command).with(@ec2_resource,
|
||||
'ec2-credentials-create',
|
||||
'user-id' => 'HGFEDCBA0987654321',
|
||||
'tenant-id' => '1234567890ABCDEFGH')
|
||||
provider.stub(:prettytable_to_array).and_return([{ 'access' => 'access', 'secret' => 'secret' }])
|
||||
provider.run_action(:create_ec2_credentials)
|
||||
@ec2_resource.should be_updated
|
||||
end
|
||||
it "should grant ec2 creds if they already exist" do
|
||||
|
||||
it 'should grant ec2 creds if they already exist' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(@ec2_resource, @run_context)
|
||||
provider.stub(:identity_uuid).with(@ec2_resource, "tenant", "name", "tenant1").and_return("1234567890ABCDEFGH")
|
||||
provider.stub(:identity_uuid).with(@ec2_resource, "user", "name", "user1",
|
||||
{"tenant-id" => "1234567890ABCDEFGH"}).and_return("HGFEDCBA0987654321")
|
||||
provider.stub(:identity_uuid).with(@ec2_resource, "ec2-credentials", "tenant", "tenant1",
|
||||
{"user-id" => "HGFEDCBA0987654321"}, "access").and_return("ABC1234567890DEF")
|
||||
provider.stub(:identity_uuid).with(@ec2_resource, 'tenant', 'name', 'tenant1').and_return('1234567890ABCDEFGH')
|
||||
provider.stub(:identity_uuid).with(@ec2_resource, 'user', 'name', 'user1',
|
||||
'tenant-id' => '1234567890ABCDEFGH').and_return('HGFEDCBA0987654321')
|
||||
provider.stub(:identity_uuid).with(@ec2_resource, 'ec2-credentials',
|
||||
'tenant', 'tenant1',
|
||||
{ 'user-id' => 'HGFEDCBA0987654321' },
|
||||
'access').and_return('ABC1234567890DEF')
|
||||
provider.run_action(:create_ec2_credentials)
|
||||
@ec2_resource.should_not be_updated
|
||||
end
|
||||
|
||||
describe "#identity_command" do
|
||||
it "should handle false values and long descriptions" do
|
||||
describe '#identity_command' do
|
||||
it 'should handle false values and long descriptions' do
|
||||
provider = Chef::Provider::OpenstackIdentityRegister.new(
|
||||
@user_resource, @run_context)
|
||||
|
||||
provider.stub(:shell_out).with(
|
||||
["keystone", "user-create", "--enabled", "false",
|
||||
"--description", "more than one word"],
|
||||
{:env => {"OS_SERVICE_ENDPOINT" => nil, "OS_SERVICE_TOKEN" => nil}}
|
||||
).and_return double("shell_out", :exitstatus => 0, :stdout => "good")
|
||||
['keystone', 'user-create', '--enabled', 'false',
|
||||
'--description', 'more than one word'],
|
||||
env: { 'OS_SERVICE_ENDPOINT' => nil, 'OS_SERVICE_TOKEN' => nil }
|
||||
).and_return double('shell_out', exitstatus: 0, stdout: 'good')
|
||||
|
||||
provider.send(
|
||||
:identity_command, @user_resource, "user-create",
|
||||
{"enabled" => false, "description" => "more than one word"}
|
||||
).should eq "good"
|
||||
:identity_command, @user_resource, 'user-create',
|
||||
'enabled' => false, 'description' => 'more than one word'
|
||||
).should eq 'good'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
@ -1,150 +1,149 @@
|
||||
require_relative "spec_helper"
|
||||
require_relative 'spec_helper'
|
||||
|
||||
describe "openstack-identity::registration" do
|
||||
describe 'openstack-identity::registration' do
|
||||
before { identity_stubs }
|
||||
|
||||
describe "ubuntu" do
|
||||
let(:chef_run) {
|
||||
describe 'ubuntu' do
|
||||
let(:chef_run) do
|
||||
runner = ::ChefSpec::Runner.new ::UBUNTU_OPTS
|
||||
runner.converge "openstack-identity::registration"
|
||||
}
|
||||
runner.converge 'openstack-identity::registration'
|
||||
end
|
||||
|
||||
let(:chef_run_test_users) {
|
||||
let(:chef_run_test_users) do
|
||||
runner = ::ChefSpec::Runner.new ::UBUNTU_OPTS
|
||||
runner.node.set["openstack"]["identity"]["users"] = {
|
||||
"user1" => {
|
||||
"default_tenant" => "default_tenant1",
|
||||
"password" => "secret1",
|
||||
"roles" => {
|
||||
"role1" => [ "role_tenant1" ],
|
||||
"role2" => [ "default_tenant1" ]
|
||||
runner.node.set['openstack']['identity']['users'] = {
|
||||
'user1' => {
|
||||
'default_tenant' => 'default_tenant1',
|
||||
'password' => 'secret1',
|
||||
'roles' => {
|
||||
'role1' => ['role_tenant1'],
|
||||
'role2' => ['default_tenant1']
|
||||
}
|
||||
},
|
||||
}
|
||||
runner.converge "openstack-identity::registration"
|
||||
}
|
||||
runner.converge 'openstack-identity::registration'
|
||||
end
|
||||
|
||||
describe "tenant registration" do
|
||||
context "default tenants" do
|
||||
["admin", "service"].each do |tenant_name|
|
||||
describe 'tenant registration' do
|
||||
context 'default tenants' do
|
||||
['admin', 'service'].each do |tenant_name|
|
||||
it "registers the #{tenant_name} tenant" do
|
||||
resource = chef_run.find_resource(
|
||||
"openstack-identity_register",
|
||||
'openstack-identity_register',
|
||||
"Register '#{tenant_name}' Tenant"
|
||||
).to_hash
|
||||
|
||||
expect(resource).to include(
|
||||
:auth_uri => "http://127.0.0.1:35357/v2.0",
|
||||
:bootstrap_token => "bootstrap-token",
|
||||
:tenant_name => tenant_name,
|
||||
:tenant_description => "#{tenant_name} Tenant",
|
||||
:action => [:create_tenant]
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
tenant_name: tenant_name,
|
||||
tenant_description: "#{tenant_name} Tenant",
|
||||
action: [:create_tenant]
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context "configured tenants from users attribute" do
|
||||
tenants = ["default_tenant1", "role_tenant1"]
|
||||
context 'configured tenants from users attribute' do
|
||||
tenants = ['default_tenant1', 'role_tenant1']
|
||||
|
||||
tenants.each do |tenant_name|
|
||||
it "registers the #{tenant_name} tenant" do
|
||||
resource = chef_run_test_users.find_resource(
|
||||
"openstack-identity_register",
|
||||
'openstack-identity_register',
|
||||
"Register '#{tenant_name}' Tenant"
|
||||
).to_hash
|
||||
|
||||
expect(resource).to include(
|
||||
:auth_uri => "http://127.0.0.1:35357/v2.0",
|
||||
:bootstrap_token => "bootstrap-token",
|
||||
:tenant_name => tenant_name,
|
||||
:tenant_description => "#{tenant_name} Tenant",
|
||||
:action => [:create_tenant]
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
tenant_name: tenant_name,
|
||||
tenant_description: "#{tenant_name} Tenant",
|
||||
action: [:create_tenant]
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe "role registration" do
|
||||
context "default roles" do
|
||||
["admin", "Member", "KeystoneAdmin", "KeystoneServiceAdmin"
|
||||
].each do |role_name|
|
||||
describe 'role registration' do
|
||||
context 'default roles' do
|
||||
%w{admin Member KeystoneAdmin KeystoneServiceAdmin}.each do |role_name|
|
||||
it "registers the #{role_name} role" do
|
||||
resource = chef_run.find_resource(
|
||||
"openstack-identity_register",
|
||||
'openstack-identity_register',
|
||||
"Register '#{role_name}' Role"
|
||||
).to_hash
|
||||
|
||||
expect(resource).to include(
|
||||
:auth_uri => "http://127.0.0.1:35357/v2.0",
|
||||
:bootstrap_token => "bootstrap-token",
|
||||
:role_name => role_name,
|
||||
:action => [:create_role]
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
role_name: role_name,
|
||||
action: [:create_role]
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context "configured roles derived from users attribute" do
|
||||
context 'configured roles derived from users attribute' do
|
||||
|
||||
roles = ["role1", "role2"]
|
||||
roles = ['role1', 'role2']
|
||||
|
||||
roles.each do |role_name|
|
||||
it "registers the #{role_name} role" do
|
||||
resource = chef_run_test_users.find_resource(
|
||||
"openstack-identity_register",
|
||||
'openstack-identity_register',
|
||||
"Register '#{role_name}' Role"
|
||||
).to_hash
|
||||
|
||||
expect(resource).to include(
|
||||
:auth_uri => "http://127.0.0.1:35357/v2.0",
|
||||
:bootstrap_token => "bootstrap-token",
|
||||
:role_name => role_name,
|
||||
:action => [:create_role]
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
role_name: role_name,
|
||||
action: [:create_role]
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe "user registration" do
|
||||
context "default users" do
|
||||
describe 'user registration' do
|
||||
context 'default users' do
|
||||
[
|
||||
["admin", "admin", ["admin", "KeystoneAdmin", "KeystoneServiceAdmin"]],
|
||||
["monitoring", "service", ["Member"]]
|
||||
['admin', 'admin', ['admin', 'KeystoneAdmin', 'KeystoneServiceAdmin']],
|
||||
['monitoring', 'service', ['Member']]
|
||||
].each do |user, tenant, roles|
|
||||
context "#{user} user" do
|
||||
it "registers the #{user} user" do
|
||||
user_resource = chef_run.find_resource(
|
||||
"openstack-identity_register",
|
||||
'openstack-identity_register',
|
||||
"Register '#{user}' User"
|
||||
).to_hash
|
||||
|
||||
expect(user_resource).to include(
|
||||
:auth_uri => "http://127.0.0.1:35357/v2.0",
|
||||
:bootstrap_token => "bootstrap-token",
|
||||
:user_name => user,
|
||||
:user_pass => "",
|
||||
:tenant_name => tenant,
|
||||
:action => [:create_user]
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
user_name: user,
|
||||
user_pass: '',
|
||||
tenant_name: tenant,
|
||||
action: [:create_user]
|
||||
)
|
||||
end
|
||||
|
||||
roles.each do |role|
|
||||
it "grants '#{role}' role to '#{user}' user in 'admin' tenant" do
|
||||
grant_resource = chef_run.find_resource(
|
||||
"openstack-identity_register",
|
||||
'openstack-identity_register',
|
||||
"Grant '#{role}' Role to '#{user}' User in 'admin' Tenant"
|
||||
).to_hash
|
||||
|
||||
expect(grant_resource).to include(
|
||||
:auth_uri => "http://127.0.0.1:35357/v2.0",
|
||||
:bootstrap_token => "bootstrap-token",
|
||||
:user_name => user,
|
||||
:role_name => role,
|
||||
:tenant_name => "admin",
|
||||
:action => [:grant_role]
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
user_name: user,
|
||||
role_name: role,
|
||||
tenant_name: 'admin',
|
||||
action: [:grant_role]
|
||||
)
|
||||
end
|
||||
end
|
||||
@ -152,36 +151,36 @@ describe "openstack-identity::registration" do
|
||||
end
|
||||
end
|
||||
|
||||
context "configured user" do
|
||||
it "registers the user1 user" do
|
||||
context 'configured user' do
|
||||
it 'registers the user1 user' do
|
||||
resource = chef_run_test_users.find_resource(
|
||||
"openstack-identity_register",
|
||||
'openstack-identity_register',
|
||||
"Register 'user1' User"
|
||||
).to_hash
|
||||
|
||||
expect(resource).to include(
|
||||
:auth_uri => "http://127.0.0.1:35357/v2.0",
|
||||
:bootstrap_token => "bootstrap-token",
|
||||
:user_name => "user1",
|
||||
:user_pass => "secret1",
|
||||
:tenant_name => "default_tenant1",
|
||||
:action => [:create_user]
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
user_name: 'user1',
|
||||
user_pass: 'secret1',
|
||||
tenant_name: 'default_tenant1',
|
||||
action: [:create_user]
|
||||
)
|
||||
end
|
||||
|
||||
it "grants 'role1' role to 'user1' user in 'role_tenant1' tenant" do
|
||||
grant_resource = chef_run_test_users.find_resource(
|
||||
"openstack-identity_register",
|
||||
'openstack-identity_register',
|
||||
"Grant 'role1' Role to 'user1' User in 'role_tenant1' Tenant"
|
||||
).to_hash
|
||||
|
||||
expect(grant_resource).to include(
|
||||
:action => [:grant_role],
|
||||
:auth_uri => "http://127.0.0.1:35357/v2.0",
|
||||
:bootstrap_token => "bootstrap-token",
|
||||
:user_name => "user1",
|
||||
:role_name => "role1",
|
||||
:tenant_name => "role_tenant1"
|
||||
action: [:grant_role],
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
user_name: 'user1',
|
||||
role_name: 'role1',
|
||||
tenant_name: 'role_tenant1'
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
@ -1,119 +1,119 @@
|
||||
require_relative "spec_helper"
|
||||
require_relative 'spec_helper'
|
||||
|
||||
describe "openstack-identity::server" do
|
||||
describe 'openstack-identity::server' do
|
||||
before { identity_stubs }
|
||||
describe "suse" do
|
||||
describe 'suse' do
|
||||
before do
|
||||
@chef_run = ::ChefSpec::Runner.new ::OPENSUSE_OPTS
|
||||
@chef_run.converge "openstack-identity::server"
|
||||
@chef_run.converge 'openstack-identity::server'
|
||||
end
|
||||
|
||||
it "converges when configured to use sqlite db backend" do
|
||||
it 'converges when configured to use sqlite db backend' do
|
||||
chef_run = ::ChefSpec::Runner.new ::OPENSUSE_OPTS
|
||||
node = chef_run.node
|
||||
node.set["openstack"]["db"]["identity"]["db_type"] = "sqlite"
|
||||
chef_run.converge "openstack-identity::server"
|
||||
node.set['openstack']['db']['identity']['db_type'] = 'sqlite'
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
end
|
||||
|
||||
it "installs mysql python packages" do
|
||||
expect(@chef_run).to install_package "python-mysql"
|
||||
it 'installs mysql python packages' do
|
||||
expect(@chef_run).to install_package 'python-mysql'
|
||||
end
|
||||
|
||||
it "installs postgresql python packages if explicitly told" do
|
||||
it 'installs postgresql python packages if explicitly told' do
|
||||
chef_run = ::ChefSpec::Runner.new ::OPENSUSE_OPTS do |n|
|
||||
n.set["openstack"]["db"]["identity"]["db_type"] = "postgresql"
|
||||
n.set['openstack']['db']['identity']['db_type'] = 'postgresql'
|
||||
end
|
||||
chef_run.converge "openstack-identity::server"
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
|
||||
expect(chef_run).to install_package "python-psycopg2"
|
||||
expect(chef_run).to install_package 'python-psycopg2'
|
||||
end
|
||||
|
||||
it "installs memcache python packages" do
|
||||
expect(@chef_run).to install_package "python-python-memcached"
|
||||
it 'installs memcache python packages' do
|
||||
expect(@chef_run).to install_package 'python-python-memcached'
|
||||
end
|
||||
|
||||
it "installs keystone packages" do
|
||||
expect(@chef_run).to upgrade_package "openstack-keystone"
|
||||
it 'installs keystone packages' do
|
||||
expect(@chef_run).to upgrade_package 'openstack-keystone'
|
||||
end
|
||||
|
||||
it "starts keystone on boot" do
|
||||
expect(@chef_run).to enable_service("openstack-keystone")
|
||||
it 'starts keystone on boot' do
|
||||
expect(@chef_run).to enable_service('openstack-keystone')
|
||||
end
|
||||
|
||||
describe "/etc/keystone" do
|
||||
describe '/etc/keystone' do
|
||||
before do
|
||||
@dir = @chef_run.directory "/etc/keystone"
|
||||
@dir = @chef_run.directory '/etc/keystone'
|
||||
end
|
||||
|
||||
it "has proper owner" do
|
||||
expect(@dir.owner).to eq("openstack-keystone")
|
||||
expect(@dir.group).to eq("openstack-keystone")
|
||||
it 'has proper owner' do
|
||||
expect(@dir.owner).to eq('openstack-keystone')
|
||||
expect(@dir.group).to eq('openstack-keystone')
|
||||
end
|
||||
end
|
||||
|
||||
describe "/etc/keystone/ssl" do
|
||||
describe '/etc/keystone/ssl' do
|
||||
before do
|
||||
chef_run = ::ChefSpec::Runner.new(::OPENSUSE_OPTS) do |n|
|
||||
n.set["openstack"]["auth"]["strategy"] = "pki"
|
||||
n.set['openstack']['auth']['strategy'] = 'pki'
|
||||
end
|
||||
chef_run.converge "openstack-identity::server"
|
||||
@dir = chef_run.directory "/etc/keystone/ssl"
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
@dir = chef_run.directory '/etc/keystone/ssl'
|
||||
end
|
||||
|
||||
it "has proper owner" do
|
||||
expect(@dir.owner).to eq("openstack-keystone")
|
||||
expect(@dir.group).to eq("openstack-keystone")
|
||||
it 'has proper owner' do
|
||||
expect(@dir.owner).to eq('openstack-keystone')
|
||||
expect(@dir.group).to eq('openstack-keystone')
|
||||
end
|
||||
end
|
||||
|
||||
it "deletes keystone.db" do
|
||||
expect(@chef_run).to delete_file "/var/lib/keystone/keystone.db"
|
||||
it 'deletes keystone.db' do
|
||||
expect(@chef_run).to delete_file '/var/lib/keystone/keystone.db'
|
||||
end
|
||||
|
||||
it "runs pki setup" do
|
||||
it 'runs pki setup' do
|
||||
chef_run = ::ChefSpec::Runner.new(::OPENSUSE_OPTS) do |n|
|
||||
n.set["openstack"]["auth"]["strategy"] = "pki"
|
||||
n.set['openstack']['auth']['strategy'] = 'pki'
|
||||
end
|
||||
chef_run.converge "openstack-identity::server"
|
||||
cmd = "keystone-manage pki_setup"
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
cmd = 'keystone-manage pki_setup'
|
||||
|
||||
expect(chef_run).to run_execute(cmd).with(
|
||||
:user => "openstack-keystone"
|
||||
user: 'openstack-keystone'
|
||||
)
|
||||
end
|
||||
|
||||
describe "keystone.conf" do
|
||||
describe 'keystone.conf' do
|
||||
before do
|
||||
@template = @chef_run.template "/etc/keystone/keystone.conf"
|
||||
@template = @chef_run.template '/etc/keystone/keystone.conf'
|
||||
end
|
||||
|
||||
it "has proper owner" do
|
||||
expect(@template.owner).to eq("openstack-keystone")
|
||||
expect(@template.group).to eq("openstack-keystone")
|
||||
it 'has proper owner' do
|
||||
expect(@template.owner).to eq('openstack-keystone')
|
||||
expect(@template.group).to eq('openstack-keystone')
|
||||
end
|
||||
|
||||
it "template contents" do
|
||||
pending "TODO: implement"
|
||||
it 'template contents' do
|
||||
pending 'TODO: implement'
|
||||
end
|
||||
end
|
||||
|
||||
describe "default_catalog.templates" do
|
||||
describe 'default_catalog.templates' do
|
||||
before do
|
||||
chef_run = ::ChefSpec::Runner.new(::OPENSUSE_OPTS) do |n|
|
||||
n.set["openstack"]["identity"]["catalog"]["backend"] = "templated"
|
||||
n.set['openstack']['identity']['catalog']['backend'] = 'templated'
|
||||
end
|
||||
chef_run.converge "openstack-identity::server"
|
||||
@template = chef_run.
|
||||
template "/etc/keystone/default_catalog.templates"
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
@template = chef_run.template(
|
||||
'/etc/keystone/default_catalog.templates')
|
||||
end
|
||||
|
||||
it "has proper owner" do
|
||||
expect(@template.owner).to eq("openstack-keystone")
|
||||
expect(@template.group).to eq("openstack-keystone")
|
||||
it 'has proper owner' do
|
||||
expect(@template.owner).to eq('openstack-keystone')
|
||||
expect(@template.group).to eq('openstack-keystone')
|
||||
end
|
||||
|
||||
it "template contents" do
|
||||
pending "TODO: implement"
|
||||
it 'template contents' do
|
||||
pending 'TODO: implement'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
@ -1,54 +1,54 @@
|
||||
require_relative "spec_helper"
|
||||
require_relative 'spec_helper'
|
||||
|
||||
describe "openstack-identity::server" do
|
||||
describe 'openstack-identity::server' do
|
||||
before { identity_stubs }
|
||||
describe "redhat" do
|
||||
describe 'redhat' do
|
||||
before do
|
||||
@chef_run = ::ChefSpec::Runner.new ::REDHAT_OPTS
|
||||
@chef_run.converge "openstack-identity::server"
|
||||
@chef_run.converge 'openstack-identity::server'
|
||||
end
|
||||
|
||||
it "converges when configured to use sqlite db backend" do
|
||||
it 'converges when configured to use sqlite db backend' do
|
||||
chef_run = ::ChefSpec::Runner.new ::REDHAT_OPTS
|
||||
node = chef_run.node
|
||||
node.set["openstack"]["db"]["identity"]["db_type"] = "sqlite"
|
||||
chef_run.converge "openstack-identity::server"
|
||||
node.set['openstack']['db']['identity']['db_type'] = 'sqlite'
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
end
|
||||
|
||||
it "installs mysql python packages" do
|
||||
expect(@chef_run).to install_package "MySQL-python"
|
||||
it 'installs mysql python packages' do
|
||||
expect(@chef_run).to install_package 'MySQL-python'
|
||||
end
|
||||
|
||||
it "installs db2 python packages if explicitly told" do
|
||||
it 'installs db2 python packages if explicitly told' do
|
||||
chef_run = ::ChefSpec::Runner.new ::REDHAT_OPTS do |n|
|
||||
n.set["openstack"]["db"]["identity"]["db_type"] = "db2"
|
||||
n.set['openstack']['db']['identity']['db_type'] = 'db2'
|
||||
end
|
||||
chef_run.converge "openstack-identity::server"
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
|
||||
["db2-odbc", "python-ibm-db", "python-ibm-db-sa"].each do |pkg|
|
||||
['db2-odbc', 'python-ibm-db', 'python-ibm-db-sa'].each do |pkg|
|
||||
expect(chef_run).to install_package pkg
|
||||
end
|
||||
end
|
||||
|
||||
it "installs postgresql python packages if explicitly told" do
|
||||
it 'installs postgresql python packages if explicitly told' do
|
||||
chef_run = ::ChefSpec::Runner.new ::REDHAT_OPTS do |n|
|
||||
n.set["openstack"]["db"]["identity"]["db_type"] = "postgresql"
|
||||
n.set['openstack']['db']['identity']['db_type'] = 'postgresql'
|
||||
end
|
||||
chef_run.converge "openstack-identity::server"
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
|
||||
expect(chef_run).to install_package "python-psycopg2"
|
||||
expect(chef_run).to install_package 'python-psycopg2'
|
||||
end
|
||||
|
||||
it "installs memcache python packages" do
|
||||
expect(@chef_run).to install_package "python-memcached"
|
||||
it 'installs memcache python packages' do
|
||||
expect(@chef_run).to install_package 'python-memcached'
|
||||
end
|
||||
|
||||
it "installs keystone packages" do
|
||||
expect(@chef_run).to upgrade_package "openstack-keystone"
|
||||
it 'installs keystone packages' do
|
||||
expect(@chef_run).to upgrade_package 'openstack-keystone'
|
||||
end
|
||||
|
||||
it "starts keystone on boot" do
|
||||
expect(@chef_run).to enable_service("openstack-keystone")
|
||||
it 'starts keystone on boot' do
|
||||
expect(@chef_run).to enable_service('openstack-keystone')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
@ -1,223 +1,223 @@
|
||||
require_relative "spec_helper"
|
||||
require_relative 'spec_helper'
|
||||
|
||||
describe "openstack-identity::server" do
|
||||
describe 'openstack-identity::server' do
|
||||
before { identity_stubs }
|
||||
describe "ubuntu" do
|
||||
describe 'ubuntu' do
|
||||
before do
|
||||
@chef_run = ::ChefSpec::Runner.new ::UBUNTU_OPTS do |n|
|
||||
n.set["openstack"]["identity"]["syslog"]["use"] = true
|
||||
n.set["openstack"]["endpoints"]["identity-api"] = {
|
||||
"host" => "127.0.1.1",
|
||||
"port" => "5000",
|
||||
"scheme" => "https"
|
||||
n.set['openstack']['identity']['syslog']['use'] = true
|
||||
n.set['openstack']['endpoints']['identity-api'] = {
|
||||
'host' => '127.0.1.1',
|
||||
'port' => '5000',
|
||||
'scheme' => 'https'
|
||||
}
|
||||
n.set["openstack"]["endpoints"]["identity-admin"] = {
|
||||
"host" => "127.0.1.1",
|
||||
"port" => "35357",
|
||||
"scheme" => "https"
|
||||
n.set['openstack']['endpoints']['identity-admin'] = {
|
||||
'host' =>'127.0.1.1',
|
||||
'port' => '35357',
|
||||
'scheme' => 'https'
|
||||
}
|
||||
end
|
||||
@chef_run.converge "openstack-identity::server"
|
||||
@chef_run.converge 'openstack-identity::server'
|
||||
end
|
||||
|
||||
it "runs logging recipe if node attributes say to" do
|
||||
expect(@chef_run).to include_recipe "openstack-common::logging"
|
||||
it 'runs logging recipe if node attributes say to' do
|
||||
expect(@chef_run).to include_recipe 'openstack-common::logging'
|
||||
end
|
||||
|
||||
it "doesn't run logging recipe" do
|
||||
it 'does not run logging recipe' do
|
||||
chef_run = ::ChefSpec::Runner.new ::UBUNTU_OPTS
|
||||
chef_run.converge "openstack-identity::server"
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
|
||||
expect(chef_run).not_to include_recipe "openstack-common::logging"
|
||||
expect(chef_run).not_to include_recipe 'openstack-common::logging'
|
||||
end
|
||||
|
||||
it "converges when configured to use sqlite db backend" do
|
||||
it 'converges when configured to use sqlite db backend' do
|
||||
chef_run = ::ChefSpec::Runner.new ::UBUNTU_OPTS
|
||||
node = chef_run.node
|
||||
node.set["openstack"]["db"]["identity"]["db_type"] = "sqlite"
|
||||
chef_run.converge "openstack-identity::server"
|
||||
node.set['openstack']['db']['identity']['db_type'] = 'sqlite'
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
end
|
||||
|
||||
it "installs mysql python packages" do
|
||||
expect(@chef_run).to install_package "python-mysqldb"
|
||||
it 'installs mysql python packages' do
|
||||
expect(@chef_run).to install_package 'python-mysqldb'
|
||||
end
|
||||
|
||||
it "installs postgresql python packages if explicitly told" do
|
||||
it 'installs postgresql python packages if explicitly told' do
|
||||
chef_run = ::ChefSpec::Runner.new ::UBUNTU_OPTS
|
||||
node = chef_run.node
|
||||
node.set["openstack"]["db"]["identity"]["db_type"] = "postgresql"
|
||||
chef_run.converge "openstack-identity::server"
|
||||
node.set['openstack']['db']['identity']['db_type'] = 'postgresql'
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
|
||||
expect(chef_run).to install_package "python-psycopg2"
|
||||
expect(chef_run).to install_package 'python-psycopg2'
|
||||
end
|
||||
|
||||
it "installs memcache python packages" do
|
||||
expect(@chef_run).to install_package "python-memcache"
|
||||
it 'installs memcache python packages' do
|
||||
expect(@chef_run).to install_package 'python-memcache'
|
||||
end
|
||||
|
||||
it "installs keystone packages" do
|
||||
expect(@chef_run).to upgrade_package "keystone"
|
||||
it 'installs keystone packages' do
|
||||
expect(@chef_run).to upgrade_package 'keystone'
|
||||
end
|
||||
|
||||
it "starts keystone on boot" do
|
||||
expect(@chef_run).to enable_service("keystone")
|
||||
it 'starts keystone on boot' do
|
||||
expect(@chef_run).to enable_service('keystone')
|
||||
end
|
||||
|
||||
it "sleep on keystone service enable" do
|
||||
expect(@chef_run.service("keystone")).to notify(
|
||||
"execute[Keystone: sleep]").to(:run)
|
||||
it 'sleep on keystone service enable' do
|
||||
expect(@chef_run.service('keystone')).to notify(
|
||||
'execute[Keystone: sleep]').to(:run)
|
||||
end
|
||||
|
||||
describe "/etc/keystone" do
|
||||
describe '/etc/keystone' do
|
||||
before do
|
||||
@dir = @chef_run.directory "/etc/keystone"
|
||||
@dir = @chef_run.directory '/etc/keystone'
|
||||
end
|
||||
|
||||
it "has proper owner" do
|
||||
expect(@dir.owner).to eq("keystone")
|
||||
expect(@dir.group).to eq("keystone")
|
||||
it 'has proper owner' do
|
||||
expect(@dir.owner).to eq('keystone')
|
||||
expect(@dir.group).to eq('keystone')
|
||||
end
|
||||
|
||||
it "has proper modes" do
|
||||
expect(sprintf("%o", @dir.mode)).to eq "700"
|
||||
it 'has proper modes' do
|
||||
expect(sprintf('%o', @dir.mode)).to eq '700'
|
||||
end
|
||||
end
|
||||
|
||||
describe "/etc/keystone/ssl" do
|
||||
before { @dir = "/etc/keystone/ssl" }
|
||||
describe '/etc/keystone/ssl' do
|
||||
before { @dir = '/etc/keystone/ssl' }
|
||||
|
||||
describe "without pki" do
|
||||
it "doesn't create" do
|
||||
describe 'without pki' do
|
||||
it 'does not create' do
|
||||
chef_run = ::ChefSpec::Runner.new(::UBUNTU_OPTS)
|
||||
chef_run.converge "openstack-identity::server"
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
|
||||
expect(chef_run).not_to create_directory @dir
|
||||
end
|
||||
end
|
||||
|
||||
describe "with pki" do
|
||||
describe 'with pki' do
|
||||
before do
|
||||
@chef_run = ::ChefSpec::Runner.new(::UBUNTU_OPTS) do |n|
|
||||
n.set["openstack"]["auth"]["strategy"] = "pki"
|
||||
n.set['openstack']['auth']['strategy'] = 'pki'
|
||||
end
|
||||
@chef_run.converge "openstack-identity::server"
|
||||
@chef_run.converge 'openstack-identity::server'
|
||||
@directory = @chef_run.directory @dir
|
||||
end
|
||||
|
||||
it "creates" do
|
||||
it 'creates' do
|
||||
expect(@chef_run).to create_directory @directory.name
|
||||
end
|
||||
|
||||
it "has proper owner" do
|
||||
expect(@directory.owner).to eq("keystone")
|
||||
expect(@directory.group).to eq("keystone")
|
||||
it 'has proper owner' do
|
||||
expect(@directory.owner).to eq('keystone')
|
||||
expect(@directory.group).to eq('keystone')
|
||||
end
|
||||
|
||||
it "has proper modes" do
|
||||
expect(sprintf("%o", @directory.mode)).to eq "700"
|
||||
it 'has proper modes' do
|
||||
expect(sprintf('%o', @directory.mode)).to eq '700'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
it "deletes keystone.db" do
|
||||
expect(@chef_run).to delete_file "/var/lib/keystone/keystone.db"
|
||||
it 'deletes keystone.db' do
|
||||
expect(@chef_run).to delete_file '/var/lib/keystone/keystone.db'
|
||||
end
|
||||
|
||||
it "does not delete keystone.db when configured to use sqlite" do
|
||||
it 'does not delete keystone.db when configured to use sqlite' do
|
||||
chef_run = ::ChefSpec::Runner.new(::UBUNTU_OPTS)
|
||||
node = chef_run.node
|
||||
node.set["openstack"]["db"]["identity"]["db_type"] = "sqlite"
|
||||
chef_run.converge "openstack-identity::server"
|
||||
expect(chef_run).not_to delete_file "/var/lib/keystone/keystone.db"
|
||||
node.set['openstack']['db']['identity']['db_type'] = 'sqlite'
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
expect(chef_run).not_to delete_file '/var/lib/keystone/keystone.db'
|
||||
end
|
||||
|
||||
describe "pki setup" do
|
||||
before { @cmd = "keystone-manage pki_setup" }
|
||||
describe 'pki setup' do
|
||||
before { @cmd = 'keystone-manage pki_setup' }
|
||||
|
||||
describe "without pki" do
|
||||
it "doesn't execute" do
|
||||
describe 'without pki' do
|
||||
it 'does not execute' do
|
||||
chef_run = ::ChefSpec::Runner.new ::UBUNTU_OPTS
|
||||
chef_run.converge "openstack-identity::server"
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
|
||||
expect(chef_run).to_not run_execute(@cmd).with(user: "keystone")
|
||||
expect(chef_run).to_not run_execute(@cmd).with(user: 'keystone')
|
||||
end
|
||||
end
|
||||
|
||||
describe "with pki" do
|
||||
describe 'with pki' do
|
||||
before do
|
||||
@chef_run = ::ChefSpec::Runner.new(::UBUNTU_OPTS) do |n|
|
||||
n.set["openstack"]["auth"]["strategy"] = "pki"
|
||||
n.set['openstack']['auth']['strategy'] = 'pki'
|
||||
end
|
||||
end
|
||||
|
||||
it "executes" do
|
||||
::FileTest.should_receive(:exists?).
|
||||
with("/etc/keystone/ssl/private/signing_key.pem").
|
||||
and_return(false)
|
||||
@chef_run.converge "openstack-identity::server"
|
||||
it 'executes' do
|
||||
::FileTest.should_receive(:exists?)
|
||||
.with('/etc/keystone/ssl/private/signing_key.pem')
|
||||
.and_return(false)
|
||||
@chef_run.converge 'openstack-identity::server'
|
||||
|
||||
expect(@chef_run).to run_execute(@cmd).with(
|
||||
:user => "keystone"
|
||||
user: 'keystone'
|
||||
)
|
||||
end
|
||||
|
||||
it "doesn't execute when dir exists" do
|
||||
::FileTest.should_receive(:exists?).
|
||||
with("/etc/keystone/ssl/private/signing_key.pem").
|
||||
and_return(true)
|
||||
@chef_run.converge "openstack-identity::server"
|
||||
it 'does not execute when dir exists' do
|
||||
::FileTest.should_receive(:exists?)
|
||||
.with('/etc/keystone/ssl/private/signing_key.pem')
|
||||
.and_return(true)
|
||||
@chef_run.converge 'openstack-identity::server'
|
||||
|
||||
expect(@chef_run).not_to run_execute(@cmd).with(
|
||||
:user => "keystone"
|
||||
user: 'keystone'
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe "keystone.conf" do
|
||||
describe 'keystone.conf' do
|
||||
before do
|
||||
@template = @chef_run.template "/etc/keystone/keystone.conf"
|
||||
@template = @chef_run.template '/etc/keystone/keystone.conf'
|
||||
end
|
||||
|
||||
it "has proper owner" do
|
||||
expect(@template.owner).to eq("keystone")
|
||||
expect(@template.group).to eq("keystone")
|
||||
it 'has proper owner' do
|
||||
expect(@template.owner).to eq('keystone')
|
||||
expect(@template.group).to eq('keystone')
|
||||
end
|
||||
|
||||
it "has proper modes" do
|
||||
expect(sprintf("%o", @template.mode)).to eq "644"
|
||||
it 'has proper modes' do
|
||||
expect(sprintf('%o', @template.mode)).to eq '644'
|
||||
end
|
||||
|
||||
it "has bind host" do
|
||||
match = "bind_host = 127.0.1.1"
|
||||
it 'has bind host' do
|
||||
match = 'bind_host = 127.0.1.1'
|
||||
expect(@chef_run).to render_file(@template.name).with_content(match)
|
||||
end
|
||||
|
||||
it "has proper public and admin endpoint" do
|
||||
pub_endpoint = "public_endpoint = https://127.0.1.1:5000/"
|
||||
adm_endpoint = "admin_endpoint = https://127.0.1.1:35357/"
|
||||
it 'has proper public and admin endpoint' do
|
||||
pub_endpoint = 'public_endpoint = https://127.0.1.1:5000/'
|
||||
adm_endpoint = 'admin_endpoint = https://127.0.1.1:35357/'
|
||||
expect(@chef_run).to render_file(@template.name).with_content(
|
||||
pub_endpoint)
|
||||
expect(@chef_run).to render_file(@template.name).with_content(
|
||||
adm_endpoint)
|
||||
end
|
||||
|
||||
it "has policy driver" do
|
||||
match = "driver = keystone.policy.backends.sql.Policy"
|
||||
it 'has policy driver' do
|
||||
match = 'driver = keystone.policy.backends.sql.Policy'
|
||||
expect(@chef_run).to render_file(@template.name).with_content(
|
||||
match)
|
||||
end
|
||||
it "notifies keystone restart" do
|
||||
expect(@template).to notify("service[keystone]").to(:restart)
|
||||
it 'notifies keystone restart' do
|
||||
expect(@template).to notify('service[keystone]').to(:restart)
|
||||
end
|
||||
|
||||
describe "optional LDAP attributes" do
|
||||
optional_attrs = ["group_tree_dn", "group_filter",
|
||||
"user_filter", "user_tree_dn", "user_enabled_emulation_dn",
|
||||
"group_attribute_ignore", "role_attribute_ignore",
|
||||
"role_tree_dn", "role_filter", "tenant_tree_dn",
|
||||
"tenant_enabled_emulation_dn", "tenant_filter",
|
||||
"tenant_attribute_ignore"]
|
||||
describe 'optional LDAP attributes' do
|
||||
optional_attrs = %w{group_tree_dn group_filter user_filter
|
||||
user_tree_dn user_enabled_emulation_dn
|
||||
group_attribute_ignore role_attribute_ignore
|
||||
role_tree_dn role_filter tenant_tree_dn
|
||||
tenant_enabled_emulation_dn tenant_filter
|
||||
tenant_attribute_ignore}
|
||||
|
||||
optional_attrs.each do |setting|
|
||||
it "does not have the optional #{setting} LDAP attribute" do
|
||||
@ -232,29 +232,29 @@ describe "openstack-identity::server" do
|
||||
end
|
||||
end
|
||||
|
||||
["url", "user", "suffix", "use_dumb_member",
|
||||
"allow_subtree_delete", "dumb_member", "page_size",
|
||||
"alias_dereferencing", "query_scope", "user_objectclass",
|
||||
"user_id_attribute", "user_name_attribute",
|
||||
"user_mail_attribute", "user_pass_attribute",
|
||||
"user_enabled_attribute", "user_domain_id_attribute",
|
||||
"user_attribute_ignore", "user_enabled_mask",
|
||||
"user_enabled_default", "user_allow_create",
|
||||
"user_allow_update", "user_allow_delete",
|
||||
"user_enabled_emulation", "tenant_objectclass",
|
||||
"tenant_id_attribute", "tenant_member_attribute",
|
||||
"tenant_name_attribute", "tenant_desc_attribute",
|
||||
"tenant_enabled_attribute", "tenant_domain_id_attribute",
|
||||
"tenant_allow_create", "tenant_allow_update",
|
||||
"tenant_allow_delete", "tenant_enabled_emulation",
|
||||
"role_objectclass", "role_id_attribute", "role_name_attribute",
|
||||
"role_member_attribute", "role_allow_create",
|
||||
"role_allow_update", "role_allow_delete", "group_objectclass",
|
||||
"group_id_attribute", "group_name_attribute",
|
||||
"group_member_attribute", "group_desc_attribute",
|
||||
"group_domain_id_attribute", "group_allow_create",
|
||||
"group_allow_update", "group_allow_delete",
|
||||
].each do |setting|
|
||||
%w{url user suffix use_dumb_member
|
||||
allow_subtree_delete dumb_member page_size
|
||||
alias_dereferencing query_scope user_objectclass
|
||||
user_id_attribute user_name_attribute
|
||||
user_mail_attribute user_pass_attribute
|
||||
user_enabled_attribute user_domain_id_attribute
|
||||
user_attribute_ignore user_enabled_mask
|
||||
user_enabled_default user_allow_create
|
||||
user_allow_update user_allow_delete
|
||||
user_enabled_emulation tenant_objectclass
|
||||
tenant_id_attribute tenant_member_attribute
|
||||
tenant_name_attribute tenant_desc_attribute
|
||||
tenant_enabled_attribute tenant_domain_id_attribute
|
||||
tenant_allow_create tenant_allow_update
|
||||
tenant_allow_delete tenant_enabled_emulation
|
||||
role_objectclass role_id_attribute role_name_attribute
|
||||
role_member_attribute role_allow_create
|
||||
role_allow_update role_allow_delete group_objectclass
|
||||
group_id_attribute group_name_attribute
|
||||
group_member_attribute group_desc_attribute
|
||||
group_domain_id_attribute group_allow_create
|
||||
group_allow_update group_allow_delete
|
||||
}.each do |setting|
|
||||
it "has a #{setting} LDAP attribute" do
|
||||
expect(@chef_run).to render_file(@template.name).with_content(
|
||||
/^#{Regexp.quote(setting)} = \w+/)
|
||||
@ -262,64 +262,64 @@ describe "openstack-identity::server" do
|
||||
end
|
||||
end
|
||||
|
||||
describe "default_catalog.templates" do
|
||||
before { @file = "/etc/keystone/default_catalog.templates" }
|
||||
describe 'default_catalog.templates' do
|
||||
before { @file = '/etc/keystone/default_catalog.templates' }
|
||||
|
||||
describe "without templated" do
|
||||
it "doesn't create" do
|
||||
describe 'without templated' do
|
||||
it 'does not create' do
|
||||
chef_run = ::ChefSpec::Runner.new(::UBUNTU_OPTS)
|
||||
chef_run.converge "openstack-identity::server"
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
|
||||
expect(chef_run).not_to render_file(@file)
|
||||
end
|
||||
end
|
||||
|
||||
describe "with templated" do
|
||||
describe 'with templated' do
|
||||
before do
|
||||
@chef_run = ::ChefSpec::Runner.new(::UBUNTU_OPTS) do |n|
|
||||
n.set["openstack"]["identity"]["catalog"]["backend"] = "templated"
|
||||
n.set['openstack']['identity']['catalog']['backend'] = 'templated'
|
||||
end
|
||||
@chef_run.converge "openstack-identity::server"
|
||||
@chef_run.converge 'openstack-identity::server'
|
||||
@template = @chef_run.template @file
|
||||
end
|
||||
|
||||
it "creates" do
|
||||
it 'creates' do
|
||||
expect(@chef_run).to render_file(@file)
|
||||
end
|
||||
|
||||
it "has proper owner" do
|
||||
expect(@template.owner).to eq("keystone")
|
||||
expect(@template.group).to eq("keystone")
|
||||
it 'has proper owner' do
|
||||
expect(@template.owner).to eq('keystone')
|
||||
expect(@template.group).to eq('keystone')
|
||||
end
|
||||
|
||||
it "has proper modes" do
|
||||
expect(sprintf("%o", @template.mode)).to eq "644"
|
||||
it 'has proper modes' do
|
||||
expect(sprintf('%o', @template.mode)).to eq '644'
|
||||
end
|
||||
|
||||
it "template contents" do
|
||||
pending "TODO: implement"
|
||||
it 'template contents' do
|
||||
pending 'TODO: implement'
|
||||
end
|
||||
|
||||
it "notifies keystone restart" do
|
||||
expect(@template).to notify("service[keystone]").to(:restart)
|
||||
it 'notifies keystone restart' do
|
||||
expect(@template).to notify('service[keystone]').to(:restart)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe "db_sync" do
|
||||
describe 'db_sync' do
|
||||
before do
|
||||
@cmd = "keystone-manage db_sync"
|
||||
@cmd = 'keystone-manage db_sync'
|
||||
end
|
||||
|
||||
it "runs migrations" do
|
||||
it 'runs migrations' do
|
||||
expect(@chef_run).to run_execute(@cmd)
|
||||
end
|
||||
|
||||
it "doesn't run migrations" do
|
||||
it 'does not run migrations' do
|
||||
chef_run = ::ChefSpec::Runner.new(::UBUNTU_OPTS) do |n|
|
||||
n.set["openstack"]["identity"]["db"]["migrate"] = false
|
||||
n.set['openstack']['identity']['db']['migrate'] = false
|
||||
end
|
||||
chef_run.converge "openstack-identity::server"
|
||||
chef_run.converge 'openstack-identity::server'
|
||||
|
||||
expect(chef_run).not_to run_execute(@cmd)
|
||||
end
|
||||
|
||||
@ -1,33 +1,34 @@
|
||||
require "chefspec"
|
||||
require "chefspec/berkshelf"
|
||||
require 'chefspec'
|
||||
require 'chefspec/berkshelf'
|
||||
|
||||
::LOG_LEVEL = :fatal
|
||||
::OPENSUSE_OPTS = {
|
||||
:platform => "opensuse",
|
||||
:version => "12.3",
|
||||
:log_level => ::LOG_LEVEL
|
||||
platform: 'opensuse',
|
||||
version: '12.3',
|
||||
log_level: ::LOG_LEVEL
|
||||
}
|
||||
::REDHAT_OPTS = {
|
||||
:platform => "redhat",
|
||||
:version => "6.3",
|
||||
:log_level => ::LOG_LEVEL
|
||||
platform: 'redhat',
|
||||
version: '6.3',
|
||||
log_level: ::LOG_LEVEL
|
||||
}
|
||||
::UBUNTU_OPTS = {
|
||||
:platform => "ubuntu",
|
||||
:version => "12.04",
|
||||
:log_level => ::LOG_LEVEL
|
||||
platform: 'ubuntu',
|
||||
version: '12.04',
|
||||
log_level: ::LOG_LEVEL
|
||||
}
|
||||
|
||||
def identity_stubs
|
||||
::Chef::Recipe.any_instance.stub(:address_for).
|
||||
with("lo").
|
||||
and_return "127.0.1.1"
|
||||
# TODO(galstrom21): Factor this into proper RSpec shared_contexts
|
||||
def identity_stubs # rubocop: disable MethodLength
|
||||
::Chef::Recipe.any_instance.stub(:address_for)
|
||||
.with('lo')
|
||||
.and_return '127.0.1.1'
|
||||
::Chef::Recipe.any_instance.stub(:memcached_servers).and_return []
|
||||
::Chef::Recipe.any_instance.stub(:get_password).and_return String.new
|
||||
::Chef::Recipe.any_instance.stub(:get_password).
|
||||
with("user", "user1").
|
||||
and_return "secret1"
|
||||
::Chef::Recipe.any_instance.stub(:secret).
|
||||
with("secrets", "openstack_identity_bootstrap_token").
|
||||
and_return "bootstrap-token"
|
||||
::Chef::Recipe.any_instance.stub(:get_password).and_return ''
|
||||
::Chef::Recipe.any_instance.stub(:get_password)
|
||||
.with('user', 'user1')
|
||||
.and_return 'secret1'
|
||||
::Chef::Recipe.any_instance.stub(:secret)
|
||||
.with('secrets', 'openstack_identity_bootstrap_token')
|
||||
.and_return 'bootstrap-token'
|
||||
end
|
||||
|
||||
Loading…
Reference in New Issue
Block a user