Remove old authtoken options
Since we are in ocata lets remove all old parameters in api to configure the keystone_authtoken section Change-Id: I6d023c3092e735d5cc021169c43c847df446b2aa
This commit is contained in:
Iury Gregory Melo Ferreira
parent
9470f7521a
commit
d497345544
|
|
@ -44,48 +44,6 @@
|
|||
# HTTPProxyToWSGI middleware.
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# = DEPRECATED PARAMETERS
|
||||
#
|
||||
# [*keystone_identity_uri*]
|
||||
# (optional) DEPRECATED. Use aodh::keystone::authtoken::auth_url instead.
|
||||
# Defaults to: undef
|
||||
#
|
||||
# [*keystone_user*]
|
||||
# (optional) DEPRECATED. Use aodh::keystone::authtoken::username instead.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*keystone_tenant*]
|
||||
# (optional) DEPRECATED. Use aodh::keystone::authtoken::project_name instead.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*keystone_project_domain_name*]
|
||||
# (optional) DEPRECATED. Use aodh::keystone::authtoken::project_domain_name instead.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*keystone_user_domain_name*]
|
||||
# (optional) DEPRECATED. Use aodh::keystone::authtoken::user_domain_name instead.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*keystone_auth_type*]
|
||||
# (optional) DEPRECATED. Use aodh::keystone::authtoken::auth_type instead.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*keystone_password*]
|
||||
# (optional) DEPRECATED. Use aodh::keystone::authtoken::password instead.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*keystone_auth_uri*]
|
||||
# (optional) DEPRECATED. Use aodh::keystone::authtoken::auth_uri instead.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*keystone_auth_url*]
|
||||
# (optional) DEPRECATED. Use aodh::keystone::authtoken::auth_url instead.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*memcached_servers*]
|
||||
# (optinal) DEPRECATED. Use aodh::keystone::authtoken::memcached_servers.
|
||||
# Defaults to undef
|
||||
#
|
||||
class aodh::api (
|
||||
$manage_service = true,
|
||||
$enabled = true,
|
||||
|
|
@ -96,54 +54,8 @@ class aodh::api (
|
|||
$sync_db = false,
|
||||
$auth_strategy = 'keystone',
|
||||
$enable_proxy_headers_parsing = $::os_service_default,
|
||||
# DEPRECATED PARAMETERS
|
||||
$keystone_identity_uri = undef,
|
||||
$keystone_user = undef,
|
||||
$keystone_tenant = undef,
|
||||
$keystone_password = undef,
|
||||
$keystone_auth_uri = undef,
|
||||
$keystone_auth_url = undef,
|
||||
$keystone_project_domain_name = undef,
|
||||
$keystone_user_domain_name = undef,
|
||||
$keystone_auth_type = undef,
|
||||
$memcached_servers = undef,
|
||||
) inherits aodh::params {
|
||||
|
||||
if $keystone_identity_uri {
|
||||
warning('aodh::api::keystone_identity_uri is deprecated, user aodh::keystone::authtoken::auth_url instead.')
|
||||
}
|
||||
|
||||
if $keystone_user {
|
||||
warning('aodh::api::keystone_user is deprecated, use aodh::keystone::authtoken::username instead')
|
||||
}
|
||||
|
||||
if $keystone_tenant {
|
||||
warning('aodh::api::keystone_tenant is deprecated, use aodh::keystone::authtoken::project_name instead')
|
||||
}
|
||||
|
||||
if $keystone_password {
|
||||
warning('aodh::api::keystone_password is deprecated, use aodh::keystone::authtoken::password instead')
|
||||
}
|
||||
|
||||
if $keystone_auth_uri {
|
||||
warning('aodh::api::keystone_auth_uri is deprecated, use aodh::keystone::authtoken::auth_uri instead')
|
||||
}
|
||||
|
||||
if $keystone_project_domain_name {
|
||||
warning('aodh::api::keystone_project_domain_name is deprecated, use aodh::keystone::authtoken::project_domain_name instead')
|
||||
}
|
||||
|
||||
if $keystone_user_domain_name {
|
||||
warning('aodh::api::keystone_user_domain_name is deprecated, use aodh::keystone::authtoken::user_domain_name instead')
|
||||
}
|
||||
|
||||
if $keystone_auth_type {
|
||||
warning('aodh::api::keystone_auth_type is deprecated, use aodh::keystone::authtoken::auth_type instead')
|
||||
}
|
||||
|
||||
if $memcached_servers {
|
||||
warning('aodh::api::memcached_servers is deprecated, use aodh::keystone::authtoken::memcached_servers instead.')
|
||||
}
|
||||
|
||||
include ::aodh::params
|
||||
include ::aodh::policy
|
||||
|
|
|
|||
|
|
@ -223,34 +223,21 @@ class aodh::keystone::authtoken(
|
|||
$token_cache_time = $::os_service_default,
|
||||
) {
|
||||
|
||||
if is_service_default($password) and ! $::aodh::api::keystone_password {
|
||||
if is_service_default($password) {
|
||||
fail('Please set password for Aodh service user')
|
||||
}
|
||||
|
||||
$username_real = pick($::aodh::api::keystone_user, $username)
|
||||
$password_real = pick($::aodh::api::keystone_password, $password)
|
||||
$project_name_real = pick($::aodh::api::keystone_tenant, $project_name)
|
||||
$auth_uri_real = pick($::aodh::api::keystone_auth_uri, $auth_uri)
|
||||
$auth_url_real = pick($::aodh::api::keystone_identity_uri,
|
||||
$::aodh::api::keystone_auth_url, $auth_url)
|
||||
$memcached_servers_real = pick($::aodh::api::memcached_servers, $memcached_servers)
|
||||
$user_domain_name_real = pick($::aodh::api::keystone_user_domain_name,
|
||||
$user_domain_name)
|
||||
$project_domain_name_real = pick($::aodh::api::keystone_project_domain_name, $project_domain_name)
|
||||
$auth_type_real = pick($::aodh::api::keystone_auth_type, $auth_type)
|
||||
|
||||
|
||||
keystone::resource::authtoken { 'aodh_config':
|
||||
username => $username_real,
|
||||
password => $password_real,
|
||||
project_name => $project_name_real,
|
||||
auth_url => $auth_url_real,
|
||||
auth_uri => $auth_uri_real,
|
||||
username => $username,
|
||||
password => $password,
|
||||
project_name => $project_name,
|
||||
auth_url => $auth_url,
|
||||
auth_uri => $auth_uri,
|
||||
auth_version => $auth_version,
|
||||
auth_type => $auth_type_real,
|
||||
auth_type => $auth_type,
|
||||
auth_section => $auth_section,
|
||||
user_domain_name => $user_domain_name_real,
|
||||
project_domain_name => $project_domain_name_real,
|
||||
user_domain_name => $user_domain_name,
|
||||
project_domain_name => $project_domain_name,
|
||||
insecure => $insecure,
|
||||
cache => $cache,
|
||||
cafile => $cafile,
|
||||
|
|
@ -271,7 +258,7 @@ $user_domain_name)
|
|||
memcache_security_strategy => $memcache_security_strategy,
|
||||
memcache_use_advanced_pool => $memcache_use_advanced_pool,
|
||||
memcache_pool_unused_timeout => $memcache_pool_unused_timeout,
|
||||
memcached_servers => $memcached_servers_real,
|
||||
memcached_servers => $memcached_servers,
|
||||
region_name => $region_name,
|
||||
revocation_cache_time => $revocation_cache_time,
|
||||
signing_dir => $signing_dir,
|
||||
|
|
|
|||
|
|
@ -0,0 +1,12 @@
|
|||
---
|
||||
other:
|
||||
- removed deprecated aodh::api::keystone_tenant
|
||||
- removed deprecated aodh::api::keystone_user
|
||||
- removed deprecated aodh::api::keystone_password
|
||||
- removed deprecated aodh::api::keystone_project_domain_name
|
||||
- removed deprecated aodh::api::keystone_user_domain_name
|
||||
- removed deprecated aodh::api::keystone_auth_type
|
||||
- removed deprecated aodh::api::keystone_auth_uri
|
||||
- removed deprecated aodh::api::keystone_identity_uri
|
||||
- removed deprecated aodh::api::keystone_auth_url
|
||||
- removed deprecated aodh::api::memcached_servers
|
||||
|
|
@ -4,13 +4,15 @@ describe 'aodh::api' do
|
|||
|
||||
let :pre_condition do
|
||||
"class { 'aodh': }
|
||||
include ::aodh::db"
|
||||
include ::aodh::db
|
||||
class { '::aodh::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
end
|
||||
|
||||
let :params do
|
||||
{ :enabled => true,
|
||||
:manage_service => true,
|
||||
:keystone_password => 'aodh-passw0rd',
|
||||
:package_ensure => 'latest',
|
||||
:port => '8042',
|
||||
:host => '0.0.0.0',
|
||||
|
|
@ -72,43 +74,6 @@ describe 'aodh::api' do
|
|||
it { is_expected.to contain_aodh_config('oslo_middleware/enable_proxy_headers_parsing').with_value(true) }
|
||||
end
|
||||
|
||||
context 'with deprecated parameters' do
|
||||
before do
|
||||
params.merge!({
|
||||
:keystone_user => 'dummy',
|
||||
:keystone_password => 'mypassword',
|
||||
:keystone_tenant => 'tenant',
|
||||
:keystone_auth_uri => 'https://10.0.0.1:5000/deprecated',
|
||||
:keystone_identity_uri => 'https://10.0.0.1:35357/deprecated',
|
||||
:keystone_auth_url => 'https://10.0.0.1:35357/deprecated',
|
||||
:memcached_servers => ['memcached01:11211','memcached02:11211'],
|
||||
:keystone_project_domain_name => 'domainX',
|
||||
:keystone_user_domain_name => 'domainX',
|
||||
:keystone_auth_type => 'auth',
|
||||
})
|
||||
end
|
||||
it 'configures keystone_authtoken middleware' do
|
||||
is_expected.to contain_aodh_config(
|
||||
'keystone_authtoken/auth_uri').with_value('https://10.0.0.1:5000/deprecated')
|
||||
is_expected.to contain_aodh_config(
|
||||
'keystone_authtoken/username').with_value(params[:keystone_user])
|
||||
is_expected.to contain_aodh_config(
|
||||
'keystone_authtoken/password').with_value(params[:keystone_password]).with_secret(true)
|
||||
is_expected.to contain_aodh_config(
|
||||
'keystone_authtoken/auth_url').with_value(params[:keystone_identity_uri])
|
||||
is_expected.to contain_aodh_config(
|
||||
'keystone_authtoken/project_name').with_value(params[:keystone_tenant])
|
||||
is_expected.to contain_aodh_config(
|
||||
'keystone_authtoken/user_domain_name').with_value(params[:keystone_user_domain_name])
|
||||
is_expected.to contain_aodh_config(
|
||||
'keystone_authtoken/project_domain_name').with_value(params[:keystone_project_domain_name])
|
||||
is_expected.to contain_aodh_config(
|
||||
'keystone_authtoken/auth_type').with_value(params[:keystone_auth_type])
|
||||
is_expected.to contain_aodh_config(
|
||||
'keystone_authtoken/memcached_servers').with_value('memcached01:11211,memcached02:11211')
|
||||
end
|
||||
end
|
||||
|
||||
context 'with disabled service managing' do
|
||||
before do
|
||||
params.merge!({
|
||||
|
|
@ -136,7 +101,10 @@ describe 'aodh::api' do
|
|||
let :pre_condition do
|
||||
"include ::apache
|
||||
include ::aodh::db
|
||||
class { 'aodh': }"
|
||||
class { 'aodh': }
|
||||
class { '::aodh::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
end
|
||||
|
||||
it 'configures aodh-api service with Apache' do
|
||||
|
|
@ -157,37 +125,14 @@ describe 'aodh::api' do
|
|||
let :pre_condition do
|
||||
"include ::apache
|
||||
include ::aodh::db
|
||||
class { 'aodh': }"
|
||||
class { 'aodh': }
|
||||
class { '::aodh::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
end
|
||||
|
||||
it_raises 'a Puppet::Error', /Invalid service_name/
|
||||
end
|
||||
|
||||
context "with deprecated keystone options" do
|
||||
before do
|
||||
params.merge!({
|
||||
:keystone_user => 'user',
|
||||
:keystone_password => 'userpassword',
|
||||
:keystone_tenant => 'tenant',
|
||||
:keystone_project_domain_name => 'domainx',
|
||||
:keystone_user_domain_name => 'domainx',
|
||||
:keystone_auth_type => 'password',
|
||||
:keystone_auth_uri => 'https://foo.bar:5000',
|
||||
:keystone_auth_url => 'https://foo.bar:35357/deprecated',
|
||||
:keystone_identity_uri => 'https://foo.bar:35357/deprecated',
|
||||
})
|
||||
end
|
||||
it 'configures auth_uri but deprecates old auth settings' do
|
||||
is_expected.to contain_aodh_config('keystone_authtoken/auth_uri').with_value("https://foo.bar:5000");
|
||||
is_expected.to contain_aodh_config('keystone_authtoken/auth_url').with_value("https://foo.bar:35357/deprecated");
|
||||
is_expected.to contain_aodh_config('keystone_authtoken/username').with_value('user')
|
||||
is_expected.to contain_aodh_config('keystone_authtoken/password').with_value('userpassword')
|
||||
is_expected.to contain_aodh_config('keystone_authtoken/project_name').with_value('tenant')
|
||||
is_expected.to contain_aodh_config('keystone_authtoken/user_domain_name').with_value('domainx')
|
||||
is_expected.to contain_aodh_config('keystone_authtoken/project_domain_name').with_value('domainx')
|
||||
is_expected.to contain_aodh_config('keystone_authtoken/auth_type').with_value('password')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
|
|
|
|||
Loading…
Reference in New Issue