Remove old authtoken options

Since we are in ocata lets remove all
old parameters in api to configure
the keystone_authtoken section

Change-Id: I6d023c3092e735d5cc021169c43c847df446b2aa
This commit is contained in:
Iury Gregory Melo Ferreira 2016-09-27 23:13:12 -03:00
parent 9470f7521a
commit d497345544
4 changed files with 34 additions and 178 deletions

View File

@ -44,48 +44,6 @@
# HTTPProxyToWSGI middleware. # HTTPProxyToWSGI middleware.
# Defaults to $::os_service_default. # Defaults to $::os_service_default.
# #
# = DEPRECATED PARAMETERS
#
# [*keystone_identity_uri*]
# (optional) DEPRECATED. Use aodh::keystone::authtoken::auth_url instead.
# Defaults to: undef
#
# [*keystone_user*]
# (optional) DEPRECATED. Use aodh::keystone::authtoken::username instead.
# Defaults to undef
#
# [*keystone_tenant*]
# (optional) DEPRECATED. Use aodh::keystone::authtoken::project_name instead.
# Defaults to undef
#
# [*keystone_project_domain_name*]
# (optional) DEPRECATED. Use aodh::keystone::authtoken::project_domain_name instead.
# Defaults to undef
#
# [*keystone_user_domain_name*]
# (optional) DEPRECATED. Use aodh::keystone::authtoken::user_domain_name instead.
# Defaults to undef
#
# [*keystone_auth_type*]
# (optional) DEPRECATED. Use aodh::keystone::authtoken::auth_type instead.
# Defaults to undef
#
# [*keystone_password*]
# (optional) DEPRECATED. Use aodh::keystone::authtoken::password instead.
# Defaults to undef
#
# [*keystone_auth_uri*]
# (optional) DEPRECATED. Use aodh::keystone::authtoken::auth_uri instead.
# Defaults to undef
#
# [*keystone_auth_url*]
# (optional) DEPRECATED. Use aodh::keystone::authtoken::auth_url instead.
# Defaults to undef
#
# [*memcached_servers*]
# (optinal) DEPRECATED. Use aodh::keystone::authtoken::memcached_servers.
# Defaults to undef
#
class aodh::api ( class aodh::api (
$manage_service = true, $manage_service = true,
$enabled = true, $enabled = true,
@ -96,54 +54,8 @@ class aodh::api (
$sync_db = false, $sync_db = false,
$auth_strategy = 'keystone', $auth_strategy = 'keystone',
$enable_proxy_headers_parsing = $::os_service_default, $enable_proxy_headers_parsing = $::os_service_default,
# DEPRECATED PARAMETERS
$keystone_identity_uri = undef,
$keystone_user = undef,
$keystone_tenant = undef,
$keystone_password = undef,
$keystone_auth_uri = undef,
$keystone_auth_url = undef,
$keystone_project_domain_name = undef,
$keystone_user_domain_name = undef,
$keystone_auth_type = undef,
$memcached_servers = undef,
) inherits aodh::params { ) inherits aodh::params {
if $keystone_identity_uri {
warning('aodh::api::keystone_identity_uri is deprecated, user aodh::keystone::authtoken::auth_url instead.')
}
if $keystone_user {
warning('aodh::api::keystone_user is deprecated, use aodh::keystone::authtoken::username instead')
}
if $keystone_tenant {
warning('aodh::api::keystone_tenant is deprecated, use aodh::keystone::authtoken::project_name instead')
}
if $keystone_password {
warning('aodh::api::keystone_password is deprecated, use aodh::keystone::authtoken::password instead')
}
if $keystone_auth_uri {
warning('aodh::api::keystone_auth_uri is deprecated, use aodh::keystone::authtoken::auth_uri instead')
}
if $keystone_project_domain_name {
warning('aodh::api::keystone_project_domain_name is deprecated, use aodh::keystone::authtoken::project_domain_name instead')
}
if $keystone_user_domain_name {
warning('aodh::api::keystone_user_domain_name is deprecated, use aodh::keystone::authtoken::user_domain_name instead')
}
if $keystone_auth_type {
warning('aodh::api::keystone_auth_type is deprecated, use aodh::keystone::authtoken::auth_type instead')
}
if $memcached_servers {
warning('aodh::api::memcached_servers is deprecated, use aodh::keystone::authtoken::memcached_servers instead.')
}
include ::aodh::params include ::aodh::params
include ::aodh::policy include ::aodh::policy

View File

@ -223,34 +223,21 @@ class aodh::keystone::authtoken(
$token_cache_time = $::os_service_default, $token_cache_time = $::os_service_default,
) { ) {
if is_service_default($password) and ! $::aodh::api::keystone_password { if is_service_default($password) {
fail('Please set password for Aodh service user') fail('Please set password for Aodh service user')
} }
$username_real = pick($::aodh::api::keystone_user, $username)
$password_real = pick($::aodh::api::keystone_password, $password)
$project_name_real = pick($::aodh::api::keystone_tenant, $project_name)
$auth_uri_real = pick($::aodh::api::keystone_auth_uri, $auth_uri)
$auth_url_real = pick($::aodh::api::keystone_identity_uri,
$::aodh::api::keystone_auth_url, $auth_url)
$memcached_servers_real = pick($::aodh::api::memcached_servers, $memcached_servers)
$user_domain_name_real = pick($::aodh::api::keystone_user_domain_name,
$user_domain_name)
$project_domain_name_real = pick($::aodh::api::keystone_project_domain_name, $project_domain_name)
$auth_type_real = pick($::aodh::api::keystone_auth_type, $auth_type)
keystone::resource::authtoken { 'aodh_config': keystone::resource::authtoken { 'aodh_config':
username => $username_real, username => $username,
password => $password_real, password => $password,
project_name => $project_name_real, project_name => $project_name,
auth_url => $auth_url_real, auth_url => $auth_url,
auth_uri => $auth_uri_real, auth_uri => $auth_uri,
auth_version => $auth_version, auth_version => $auth_version,
auth_type => $auth_type_real, auth_type => $auth_type,
auth_section => $auth_section, auth_section => $auth_section,
user_domain_name => $user_domain_name_real, user_domain_name => $user_domain_name,
project_domain_name => $project_domain_name_real, project_domain_name => $project_domain_name,
insecure => $insecure, insecure => $insecure,
cache => $cache, cache => $cache,
cafile => $cafile, cafile => $cafile,
@ -271,7 +258,7 @@ $user_domain_name)
memcache_security_strategy => $memcache_security_strategy, memcache_security_strategy => $memcache_security_strategy,
memcache_use_advanced_pool => $memcache_use_advanced_pool, memcache_use_advanced_pool => $memcache_use_advanced_pool,
memcache_pool_unused_timeout => $memcache_pool_unused_timeout, memcache_pool_unused_timeout => $memcache_pool_unused_timeout,
memcached_servers => $memcached_servers_real, memcached_servers => $memcached_servers,
region_name => $region_name, region_name => $region_name,
revocation_cache_time => $revocation_cache_time, revocation_cache_time => $revocation_cache_time,
signing_dir => $signing_dir, signing_dir => $signing_dir,

View File

@ -0,0 +1,12 @@
---
other:
- removed deprecated aodh::api::keystone_tenant
- removed deprecated aodh::api::keystone_user
- removed deprecated aodh::api::keystone_password
- removed deprecated aodh::api::keystone_project_domain_name
- removed deprecated aodh::api::keystone_user_domain_name
- removed deprecated aodh::api::keystone_auth_type
- removed deprecated aodh::api::keystone_auth_uri
- removed deprecated aodh::api::keystone_identity_uri
- removed deprecated aodh::api::keystone_auth_url
- removed deprecated aodh::api::memcached_servers

View File

@ -4,13 +4,15 @@ describe 'aodh::api' do
let :pre_condition do let :pre_condition do
"class { 'aodh': } "class { 'aodh': }
include ::aodh::db" include ::aodh::db
class { '::aodh::keystone::authtoken':
password => 'a_big_secret',
}"
end end
let :params do let :params do
{ :enabled => true, { :enabled => true,
:manage_service => true, :manage_service => true,
:keystone_password => 'aodh-passw0rd',
:package_ensure => 'latest', :package_ensure => 'latest',
:port => '8042', :port => '8042',
:host => '0.0.0.0', :host => '0.0.0.0',
@ -72,43 +74,6 @@ describe 'aodh::api' do
it { is_expected.to contain_aodh_config('oslo_middleware/enable_proxy_headers_parsing').with_value(true) } it { is_expected.to contain_aodh_config('oslo_middleware/enable_proxy_headers_parsing').with_value(true) }
end end
context 'with deprecated parameters' do
before do
params.merge!({
:keystone_user => 'dummy',
:keystone_password => 'mypassword',
:keystone_tenant => 'tenant',
:keystone_auth_uri => 'https://10.0.0.1:5000/deprecated',
:keystone_identity_uri => 'https://10.0.0.1:35357/deprecated',
:keystone_auth_url => 'https://10.0.0.1:35357/deprecated',
:memcached_servers => ['memcached01:11211','memcached02:11211'],
:keystone_project_domain_name => 'domainX',
:keystone_user_domain_name => 'domainX',
:keystone_auth_type => 'auth',
})
end
it 'configures keystone_authtoken middleware' do
is_expected.to contain_aodh_config(
'keystone_authtoken/auth_uri').with_value('https://10.0.0.1:5000/deprecated')
is_expected.to contain_aodh_config(
'keystone_authtoken/username').with_value(params[:keystone_user])
is_expected.to contain_aodh_config(
'keystone_authtoken/password').with_value(params[:keystone_password]).with_secret(true)
is_expected.to contain_aodh_config(
'keystone_authtoken/auth_url').with_value(params[:keystone_identity_uri])
is_expected.to contain_aodh_config(
'keystone_authtoken/project_name').with_value(params[:keystone_tenant])
is_expected.to contain_aodh_config(
'keystone_authtoken/user_domain_name').with_value(params[:keystone_user_domain_name])
is_expected.to contain_aodh_config(
'keystone_authtoken/project_domain_name').with_value(params[:keystone_project_domain_name])
is_expected.to contain_aodh_config(
'keystone_authtoken/auth_type').with_value(params[:keystone_auth_type])
is_expected.to contain_aodh_config(
'keystone_authtoken/memcached_servers').with_value('memcached01:11211,memcached02:11211')
end
end
context 'with disabled service managing' do context 'with disabled service managing' do
before do before do
params.merge!({ params.merge!({
@ -136,7 +101,10 @@ describe 'aodh::api' do
let :pre_condition do let :pre_condition do
"include ::apache "include ::apache
include ::aodh::db include ::aodh::db
class { 'aodh': }" class { 'aodh': }
class { '::aodh::keystone::authtoken':
password => 'a_big_secret',
}"
end end
it 'configures aodh-api service with Apache' do it 'configures aodh-api service with Apache' do
@ -157,37 +125,14 @@ describe 'aodh::api' do
let :pre_condition do let :pre_condition do
"include ::apache "include ::apache
include ::aodh::db include ::aodh::db
class { 'aodh': }" class { 'aodh': }
class { '::aodh::keystone::authtoken':
password => 'a_big_secret',
}"
end end
it_raises 'a Puppet::Error', /Invalid service_name/ it_raises 'a Puppet::Error', /Invalid service_name/
end end
context "with deprecated keystone options" do
before do
params.merge!({
:keystone_user => 'user',
:keystone_password => 'userpassword',
:keystone_tenant => 'tenant',
:keystone_project_domain_name => 'domainx',
:keystone_user_domain_name => 'domainx',
:keystone_auth_type => 'password',
:keystone_auth_uri => 'https://foo.bar:5000',
:keystone_auth_url => 'https://foo.bar:35357/deprecated',
:keystone_identity_uri => 'https://foo.bar:35357/deprecated',
})
end
it 'configures auth_uri but deprecates old auth settings' do
is_expected.to contain_aodh_config('keystone_authtoken/auth_uri').with_value("https://foo.bar:5000");
is_expected.to contain_aodh_config('keystone_authtoken/auth_url').with_value("https://foo.bar:35357/deprecated");
is_expected.to contain_aodh_config('keystone_authtoken/username').with_value('user')
is_expected.to contain_aodh_config('keystone_authtoken/password').with_value('userpassword')
is_expected.to contain_aodh_config('keystone_authtoken/project_name').with_value('tenant')
is_expected.to contain_aodh_config('keystone_authtoken/user_domain_name').with_value('domainx')
is_expected.to contain_aodh_config('keystone_authtoken/project_domain_name').with_value('domainx')
is_expected.to contain_aodh_config('keystone_authtoken/auth_type').with_value('password')
end
end
end end
on_supported_os({ on_supported_os({