Fix duplicate declaration
User configures Username(root) and Home directory(/root) in
Operating System Access, and will throw the error that
Credentials_file[/root/openrc] is already declared in deployment.
Change-Id: I6f437550edd78af372e5f52b55663beab86edfee
Closes-Bug: #1636472
(cherry picked from commit 12769a9127
)
This commit is contained in:
parent
0af9d63ff2
commit
d4393bb8da
@ -208,40 +208,55 @@ class openstack_tasks::keystone::keystone {
|
||||
}
|
||||
}
|
||||
|
||||
osnailyfacter::credentials_file { '/root/openrc':
|
||||
admin_user => $admin_user,
|
||||
admin_password => $admin_password,
|
||||
admin_tenant => $admin_tenant,
|
||||
region_name => $region,
|
||||
auth_url => $auth_url,
|
||||
murano_repo_url => $murano_repo_url,
|
||||
murano_glare_plugin => $murano_glare_plugin,
|
||||
group { 'operator_group' :
|
||||
name => $operator_user_name,
|
||||
ensure => present,
|
||||
}
|
||||
|
||||
osnailyfacter::credentials_file { "${operator_user_homedir}/openrc":
|
||||
admin_user => $admin_user,
|
||||
admin_password => $admin_password,
|
||||
admin_tenant => $admin_tenant,
|
||||
region_name => $region,
|
||||
auth_url => $auth_url,
|
||||
murano_repo_url => $murano_repo_url,
|
||||
murano_glare_plugin => $murano_glare_plugin,
|
||||
owner => $operator_user_name,
|
||||
group => $operator_user_name,
|
||||
user { 'operator_user':
|
||||
name => $operator_user_name,
|
||||
gid => $operator_user_name,
|
||||
ensure => present,
|
||||
managehome => true,
|
||||
home => $operator_user_homedir,
|
||||
}
|
||||
|
||||
osnailyfacter::credentials_file { "${service_user_homedir}/openrc":
|
||||
admin_user => $admin_user,
|
||||
admin_password => $admin_password,
|
||||
admin_tenant => $admin_tenant,
|
||||
region_name => $region,
|
||||
auth_url => $auth_url,
|
||||
murano_repo_url => $murano_repo_url,
|
||||
murano_glare_plugin => $murano_glare_plugin,
|
||||
owner => $service_user_name,
|
||||
group => $service_user_name,
|
||||
group { 'service_group' :
|
||||
name => $service_user_name,
|
||||
ensure => present,
|
||||
}
|
||||
|
||||
user { 'service_user':
|
||||
name => $service_user_name,
|
||||
gid => $service_user_name,
|
||||
ensure => present,
|
||||
managehome => true,
|
||||
home => $service_user_homedir,
|
||||
}
|
||||
|
||||
$users = {
|
||||
"${operator_user_name}" => 'operator_user',
|
||||
"${service_user_name}" => 'service_user',
|
||||
}
|
||||
|
||||
$cred_users = {
|
||||
'/root/openrc' => 'root',
|
||||
"${operator_user_homedir}/openrc" => $operator_user_name,
|
||||
"${service_user_homedir}/openrc" => $service_user_name,
|
||||
}
|
||||
|
||||
$cred_params = {
|
||||
'admin_user' => $admin_user,
|
||||
'admin_password' => $admin_password,
|
||||
'admin_tenant' => $admin_tenant,
|
||||
'region_name' => $region,
|
||||
'auth_url' => $auth_url,
|
||||
'murano_repo_url' => $murano_repo_url,
|
||||
'murano_glare_plugin' => $murano_glare_plugin
|
||||
}
|
||||
|
||||
create_resources('osnailyfacter::credentials_file', get_cred_files_hash($cred_users, $cred_params, $users))
|
||||
|
||||
# Get paste.ini source
|
||||
include ::keystone::params
|
||||
$keystone_paste_ini = $::keystone::params::paste_config ? {
|
||||
|
@ -0,0 +1,23 @@
|
||||
module Puppet::Parser::Functions
|
||||
newfunction(:get_cred_files_hash, :type => :rvalue, :arity => 3,
|
||||
:doc => <<-EOS
|
||||
Build hash for credentials files creation
|
||||
EOS
|
||||
) do |args|
|
||||
raise(Puppet::ParseError, 'Wrong cred_users. Should be a Hash.') unless args[0].is_a?(Hash)
|
||||
raise(Puppet::ParseError, 'Wrong common_cred_params. Should be a Hash.') unless args[1].is_a?(Hash)
|
||||
raise(Puppet::ParseError, 'Wrong users. Should be a Hash.') unless args[2].is_a?(Hash)
|
||||
|
||||
cred_users, common_cred_params, users = args
|
||||
|
||||
cred_users.inject({}) do |result, el|
|
||||
home_dir, owner = el.first, el.last
|
||||
if users.has_key?(owner)
|
||||
result[home_dir] = common_cred_params.dup.update({'owner' => owner, 'group' => owner, 'require' => "User[#{users[owner]}]"})
|
||||
else
|
||||
result[home_dir] = common_cred_params.dup.update({'owner' => owner, 'group' => owner})
|
||||
end
|
||||
result
|
||||
end
|
||||
end
|
||||
end
|
@ -0,0 +1,96 @@
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'get_cred_files_hash' do
|
||||
|
||||
let (:common_cred_params) do
|
||||
{
|
||||
'admin_user' => 'admin_user',
|
||||
'admin_password' => 'admin_password',
|
||||
'admin_tenant' => 'admin_tenant',
|
||||
'region_name' => 'region',
|
||||
'auth_url' => 'auth_url',
|
||||
'murano_repo_url' => 'murano_repo_url',
|
||||
'murano_glare_plugin' => 'murano_glare_plugin'
|
||||
}
|
||||
end
|
||||
|
||||
it 'should exist' do
|
||||
is_expected.not_to be_nil
|
||||
end
|
||||
|
||||
context 'handle wrong values' do
|
||||
it 'should throw an error on invalid arguments number' do
|
||||
is_expected.to run.with_params(1, 2, 3, 4).and_raise_error(ArgumentError)
|
||||
end
|
||||
|
||||
it 'should raise an error if first invalid argument type is specified' do
|
||||
is_expected.to run.with_params('foo', {}, {}).and_raise_error(Puppet::ParseError)
|
||||
end
|
||||
|
||||
it 'should raise an error if second invalid argument type is specified' do
|
||||
is_expected.to run.with_params({}, 'foo', {}).and_raise_error(Puppet::ParseError)
|
||||
end
|
||||
it 'should raise an error if third invalid argument type is specified' do
|
||||
is_expected.to run.with_params({}, {}, 'foo').and_raise_error(Puppet::ParseError)
|
||||
end
|
||||
end
|
||||
|
||||
context 'different home directories names' do
|
||||
let (:cred_users) do
|
||||
{
|
||||
'/root/openrc' => 'root',
|
||||
'/home/fuel/openrc' => 'fuel',
|
||||
'/home/fueladmin/openrc' => 'fueladmin'
|
||||
}
|
||||
end
|
||||
|
||||
let (:users) do
|
||||
{
|
||||
'fuel' => 'service_user',
|
||||
'fueladmin' => 'operator_user',
|
||||
}
|
||||
end
|
||||
|
||||
let (:result) do
|
||||
{
|
||||
'/root/openrc' => common_cred_params.dup.update({"owner" => 'root',
|
||||
"group" => 'root'}),
|
||||
'/home/fuel/openrc' => common_cred_params.dup.update({"owner" => 'fuel',
|
||||
"group" => 'fuel',
|
||||
"require" => 'User[service_user]'}),
|
||||
'/home/fueladmin/openrc' => common_cred_params.dup.update({"owner" => 'fueladmin',
|
||||
"group" => 'fueladmin',
|
||||
"require" => 'User[operator_user]'})
|
||||
}
|
||||
end
|
||||
|
||||
it 'should work with different home directories names' do
|
||||
is_expected.to run.with_params(cred_users, common_cred_params, users).and_return(result)
|
||||
end
|
||||
end
|
||||
|
||||
context 'same home directories names' do
|
||||
let (:cred_users) do
|
||||
{
|
||||
'/root/openrc' => 'root',
|
||||
'/root/openrc' => 'root'
|
||||
}
|
||||
end
|
||||
|
||||
let (:users) do
|
||||
{}
|
||||
end
|
||||
|
||||
let (:result) do
|
||||
{
|
||||
'/root/openrc' => common_cred_params.dup.update({"owner" => 'root',
|
||||
"group" => 'root'})
|
||||
}
|
||||
end
|
||||
|
||||
it 'should work with same home directories names' do
|
||||
is_expected.to run.with_params(cred_users, common_cred_params, users).and_return(result)
|
||||
end
|
||||
end
|
||||
|
||||
end
|
Loading…
Reference in New Issue
Block a user