Add attributes for role and domain info
Change-Id: I439a5f77325833e3e4e23778d453af4542fe64ef Closes-bug: #1369654
This commit is contained in:
parent
6e534d6070
commit
20c63bb66b
|
@ -8,6 +8,7 @@ This file is used to list changes made in each version of cookbook-openstack-orc
|
|||
* Upgrading berkshelf from 2.0.18 to 3.1.5
|
||||
* Update mode for heat.conf from 644 to 640
|
||||
* Add cafile, memcached_servers, memcache_security_strategy, memcache_secret_key, insecure and hash_algorithms so that they are configurable.
|
||||
* Add attributes for stack role and domain users
|
||||
|
||||
## 9.2.0
|
||||
* python_packages database client attributes have been migrated to
|
||||
|
|
|
@ -60,6 +60,16 @@ default['openstack']['orchestration']['api']['auth']['cafile'] = nil
|
|||
# Whether to allow the client to perform insecure SSL (https) requests
|
||||
default['openstack']['orchestration']['api']['auth']['insecure'] = false
|
||||
|
||||
# Keystone role for heat template-defined users. (string value)
|
||||
default['openstack']['orchestration']['heat_stack_user_role'] = 'heat_stack_user'
|
||||
|
||||
# Keystone domain name which contains heat template-defined users. (string value)
|
||||
default['openstack']['orchestration']['stack_user_domain_name'] = nil
|
||||
|
||||
# Keystone username, a user with roles sufficient to manage
|
||||
# users and projects in the stack_user_domain. (string value)
|
||||
default['openstack']['orchestration']['stack_domain_admin'] = nil
|
||||
|
||||
# If set, heat API service will bind to the address on this interface,
|
||||
# otherwise it will bind to the API endpoint's host.
|
||||
default['openstack']['orchestration']['api']['bind_interface'] = nil
|
||||
|
|
|
@ -64,6 +64,11 @@ heat_api_cloudwatch_endpoint = endpoint 'orchestration-api-cloudwatch'
|
|||
|
||||
service_pass = get_password 'service', 'openstack-orchestration'
|
||||
|
||||
stack_domain_admin_password = nil
|
||||
if node['openstack']['orchestration']['stack_domain_admin']
|
||||
stack_domain_admin_password = get_password 'user', node['openstack']['orchestration']['stack_domain_admin']
|
||||
end
|
||||
|
||||
auth_uri = auth_uri_transform identity_endpoint.to_s, node['openstack']['orchestration']['api']['auth']['version']
|
||||
|
||||
mq_service_type = node['openstack']['mq']['orchestration']['service_type']
|
||||
|
@ -103,6 +108,7 @@ template '/etc/heat/heat.conf' do
|
|||
owner node['openstack']['orchestration']['user']
|
||||
mode 00640
|
||||
variables(
|
||||
stack_domain_admin_password: stack_domain_admin_password,
|
||||
mq_service_type: mq_service_type,
|
||||
mq_password: mq_password,
|
||||
rabbit_hosts: rabbit_hosts,
|
||||
|
|
|
@ -43,6 +43,9 @@ shared_context 'orchestration_stubs' do
|
|||
allow_any_instance_of(Chef::Recipe).to receive(:get_password)
|
||||
.with('user', 'admin-user')
|
||||
.and_return 'admin-pass'
|
||||
allow_any_instance_of(Chef::Recipe).to receive(:get_password)
|
||||
.with('user', 'heat_stack_admin')
|
||||
.and_return 'heat_stack_domain_admin_password'
|
||||
allow_any_instance_of(Chef::Recipe).to receive(:get_password)
|
||||
.with('service', 'openstack-orchestration')
|
||||
.and_return 'heat-pass'
|
||||
|
@ -229,6 +232,32 @@ shared_examples 'expects to create heat conf' do
|
|||
end
|
||||
end
|
||||
|
||||
describe 'domain values' do
|
||||
it 'has corrrect default domain values' do
|
||||
[
|
||||
/^stack_user_domain_name=/,
|
||||
/^stack_domain_admin=/,
|
||||
/^stack_domain_admin_password=/
|
||||
].each do |line|
|
||||
expect(chef_run).not_to render_file(file.name).with_content(line)
|
||||
end
|
||||
end
|
||||
|
||||
it 'has domain override values' do
|
||||
node.set['openstack']['orchestration']['heat_stack_user_role'] = 'heat_stack_user_test'
|
||||
node.set['openstack']['orchestration']['stack_user_domain_name'] = 'heat'
|
||||
node.set['openstack']['orchestration']['stack_domain_admin'] = 'heat_stack_admin'
|
||||
[
|
||||
/^heat_stack_user_role=heat_stack_user_test$/,
|
||||
/^stack_user_domain_name=heat$/,
|
||||
/^stack_domain_admin=heat_stack_admin$/,
|
||||
/^stack_domain_admin_password=heat_stack_domain_admin_password$/
|
||||
].each do |line|
|
||||
expect(chef_run).to render_file(file.name).with_content(line)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'has qpid values' do
|
||||
it 'has default qpid_* values' do
|
||||
node.set['openstack']['mq']['orchestration']['service_type'] = 'qpid'
|
||||
|
|
|
@ -104,9 +104,14 @@ heat_watch_server_url=http://<%= @heat_api_cloudwatch_endpoint.host %>:<%= @heat
|
|||
# value)
|
||||
region_name_for_services=<%= node['openstack']['orchestration']['region'] %>
|
||||
|
||||
|
||||
# Keystone role for heat template-defined users. (string
|
||||
# value)
|
||||
#heat_stack_user_role=heat_stack_user
|
||||
<% if node['openstack']['orchestration']['heat_stack_user_role'] -%>
|
||||
heat_stack_user_role=<%= node['openstack']['orchestration']['heat_stack_user_role'] %>
|
||||
<% else -%>
|
||||
#heat_stack_user_role=<None>
|
||||
<% end -%>
|
||||
|
||||
# Keystone domain ID which contains heat template-defined
|
||||
# users. If this option is set, stack_user_domain_name option
|
||||
|
@ -117,15 +122,27 @@ region_name_for_services=<%= node['openstack']['orchestration']['region'] %>
|
|||
# Keystone domain name which contains heat template-defined
|
||||
# users. If `stack_user_domain_id` option is set, this option
|
||||
# is ignored. (string value)
|
||||
<% if node['openstack']['orchestration']['stack_user_domain_name'] -%>
|
||||
stack_user_domain_name=<%= node['openstack']['orchestration']['stack_user_domain_name'] %>
|
||||
<% else -%>
|
||||
#stack_user_domain_name=<None>
|
||||
<% end -%>
|
||||
|
||||
# Keystone username, a user with roles sufficient to manage
|
||||
# users and projects in the stack_user_domain. (string value)
|
||||
<% if node['openstack']['orchestration']['stack_domain_admin'] -%>
|
||||
stack_domain_admin=<%= node['openstack']['orchestration']['stack_domain_admin'] %>
|
||||
<% else -%>
|
||||
#stack_domain_admin=<None>
|
||||
<% end -%>
|
||||
|
||||
# Keystone password for stack_domain_admin user. (string
|
||||
# value)
|
||||
<% if @stack_domain_admin_password -%>
|
||||
stack_domain_admin_password=<%= @stack_domain_admin_password %>
|
||||
<% else -%>
|
||||
#stack_domain_admin_password=<None>
|
||||
<% end -%>
|
||||
|
||||
# Maximum raw byte size of any template. (integer value)
|
||||
#max_template_size=524288
|
||||
|
|
Loading…
Reference in New Issue