openstack/puppet-barbican
Code Issues Proposed changes

Switch to openstacklib to configure apache httpd

Browse Source 
1) The patch aims to switch to openstacklib to configure apache httpd.
2) Update releated to spec test.

Change-Id: I018791006da307ec908bc8f2530e95c718d26fdf
This commit is contained in:
ZhongShengping 2016-11-20 02:09:53 +08:00
parent 22dca9e8a3
commit 76daad4fed
2 changed files with 80 additions and 179 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

165
manifests/wsgi/apache.pp
View File

@ -69,32 +69,6 @@
# (optional) The number of threads for the vhost.
# Defaults to $::os_workers
#
# [*wsgi_script_ensure*]
# (optional) File ensure parameter for wsgi scripts.
# Defaults to 'file'.
#
# [*wsgi_script_source*]
# (optional) Wsgi script source.
# Defaults to undef.
#
# [*wsgi_application_group*]
# (optional) The application group of the WSGI script.
# Defaults to '%{GLOBAL}'
#
# [*wsgi_pass_authorization*]
# (optional) Whether HTTP authorisation headers are passed through to a WSGI
# script when the equivalent HTTP request headers are present.
# Defaults to 'On'
#
# [*access_log_format*]
# The log format for the virtualhost.
# Optional. Defaults to false.
#
# [*vhost_custom_fragment*]
# (optional) Passes a string of custom configuration
# directives to be placed at the end of the vhost configuration.
# Defaults to undef.
#
# == Dependencies
#
# requires Class['apache'] & Class['barbican']
@ -114,28 +88,21 @@
# Copyright 2015 Red Hat Inc. <licensing@redhat.com>
#
class barbican::wsgi::apache (
$servername = $::fqdn,
$public_port = 9311,
$bind_host = undef,
$public_path = '/',
$ssl = true,
$workers = 1,
$ssl_cert = undef,
$ssl_key = undef,
$ssl_chain = undef,
$ssl_ca = undef,
$ssl_crl_path = undef,
$ssl_crl = undef,
$ssl_certs_dir = undef,
$threads = $::os_workers,
$priority = '10',
$wsgi_script_ensure = 'file',
$wsgi_script_source = undef,
$wsgi_application_group = '%{GLOBAL}',
$wsgi_pass_authorization = 'On',
$access_log_format = false,
$vhost_custom_fragment = undef,
$servername = $::fqdn,
$public_port = 9311,
$bind_host = undef,
$public_path = '/',
$ssl = true,
$workers = 1,
$ssl_cert = undef,
$ssl_key = undef,
$ssl_chain = undef,
$ssl_ca = undef,
$ssl_crl_path = undef,
$ssl_crl = undef,
$ssl_certs_dir = undef,
$threads = $::os_workers,
$priority = '10',
) {
include ::barbican::params
@ -152,58 +119,6 @@ class barbican::wsgi::apache (
Service['httpd'] -> Keystone_user <| |>
Service['httpd'] -> Keystone_user_role <| |>
## Sanitize parameters
# Ensure there's no trailing '/' except if this is also the only character
$public_path_real = regsubst($public_path, '(^/.*)/$', '\1')
file { $::barbican::params::barbican_wsgi_script_path:
ensure => directory,
owner => 'barbican',
group => 'barbican',
require => Package['httpd'],
}
Package<| tag == 'barbican-api' |> -> File[$::barbican::params::barbican_wsgi_script_path]
$wsgi_files = {
'barbican_wsgi_main' => {
'path' => "${::barbican::params::barbican_wsgi_script_path}/main",
},
}
$wsgi_file_defaults = {
'ensure' => $wsgi_script_ensure,
'owner' => 'barbican',
'group' => 'barbican',
'mode' => '0644',
'require' => [File[$::barbican::params::barbican_wsgi_script_path], Package['barbican-api']],
}
$wsgi_script_source_real = $wsgi_script_source ? {
default => $wsgi_script_source,
undef => $::barbican::params::barbican_wsgi_script_source,
}
case $wsgi_script_ensure {
'link': { $wsgi_file_source = { 'target' => $wsgi_script_source_real } }
default: { $wsgi_file_source = { 'source' => $wsgi_script_source_real } }
}
create_resources('file', $wsgi_files, merge($wsgi_file_defaults, $wsgi_file_source))
$wsgi_daemon_process_options_main = {
user => 'barbican',
group => 'barbican',
processes => $workers,
threads => $threads,
display-name => 'barbican-api',
}
$wsgi_script_aliases_main = hash([$public_path_real,"${::barbican::params::barbican_wsgi_script_path}/main"])
$wsgi_script_aliases_main_real = $wsgi_script_aliases_main
file { $::barbican::params::httpd_config_file:
ensure => present,
content => "#
@ -217,32 +132,28 @@ class barbican::wsgi::apache (
Package<| tag == 'barbican-api' |> -> File[$::barbican::params::httpd_config_file]
File[$::barbican::params::httpd_config_file] ~> Service['httpd']
::apache::vhost { 'barbican_wsgi_main':
ensure => 'present',
servername => $servername,
ip => $bind_host,
port => $public_port,
docroot => $::barbican::params::barbican_wsgi_script_path,
docroot_owner => 'barbican',
docroot_group => 'barbican',
priority => $priority,
ssl => $ssl,
ssl_cert => $ssl_cert,
ssl_key => $ssl_key,
ssl_chain => $ssl_chain,
ssl_ca => $ssl_ca,
ssl_crl_path => $ssl_crl_path,
ssl_crl => $ssl_crl,
ssl_certs_dir => $ssl_certs_dir,
wsgi_daemon_process => 'barbican-api',
wsgi_daemon_process_options => $wsgi_daemon_process_options_main,
wsgi_process_group => 'barbican-api',
wsgi_script_aliases => $wsgi_script_aliases_main_real,
wsgi_application_group => $wsgi_application_group,
wsgi_pass_authorization => $wsgi_pass_authorization,
custom_fragment => $vhost_custom_fragment,
require => File['barbican_wsgi_main'],
access_log_format => $access_log_format,
log_level => 'debug',
::openstacklib::wsgi::apache { 'barbican_wsgi_main':
bind_host => $bind_host,
bind_port => $public_port,
group => 'barbican',
path => $public_path,
priority => $priority,
servername => $servername,
ssl => $ssl,
ssl_ca => $ssl_ca,
ssl_cert => $ssl_cert,
ssl_certs_dir => $ssl_certs_dir,
ssl_chain => $ssl_chain,
ssl_crl => $ssl_crl,
ssl_crl_path => $ssl_crl_path,
ssl_key => $ssl_key,
threads => $threads,
user => 'barbican',
workers => $workers,
wsgi_daemon_process => 'barbican-api',
wsgi_process_group => 'barbican-api',
wsgi_script_dir => $::barbican::params::barbican_wsgi_script_path,
wsgi_script_file => 'main',
wsgi_script_source => $::barbican::params::barbican_wsgi_script_source,
}
}

94
spec/classes/barbican_wsgi_apache_spec.rb
View File

@ -37,73 +37,61 @@ describe 'barbican::wsgi::apache' do
)}
it { is_expected.to contain_file('barbican_wsgi_main').with(
'ensure' => 'file',
'path' => "#{platform_parameters[:wsgi_script_path]}/main",
'owner' => 'barbican',
'group' => 'barbican',
'mode' => '0644',
'require' => [ "File[#{platform_parameters[:wsgi_script_path]}]", "Package[barbican-api]" ],
'ensure' => 'file',
'path' => "#{platform_parameters[:wsgi_script_path]}/main",
'source' => platform_parameters[:wsgi_script_source],
'owner' => 'barbican',
'group' => 'barbican',
'mode' => '0644',
)}
it { is_expected.to contain_file('barbican_wsgi_main').that_requires("File[#{platform_parameters[:wsgi_script_path]}]") }
it { is_expected.to contain_apache__vhost('barbican_wsgi_main').with(
'servername' => 'some.host.tld',
'ip' => nil,
'port' => '9311',
'docroot' => "#{platform_parameters[:wsgi_script_path]}",
'docroot_owner' => 'barbican',
'docroot_group' => 'barbican',
'ssl' => 'true',
'wsgi_daemon_process' => 'barbican-api',
'wsgi_daemon_process_options' => {
'user' => 'barbican',
'group' => 'barbican',
'processes' => '1',
'threads' => '8',
'display-name' => 'barbican-api',
},
'wsgi_process_group' => 'barbican-api',
'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/main" },
'wsgi_application_group' => '%{GLOBAL}',
'wsgi_pass_authorization' => 'On',
'headers' => nil,
'require' => 'File[barbican_wsgi_main]',
'access_log_format' => false,
'servername' => 'some.host.tld',
'ip' => nil,
'port' => '9311',
'docroot' => "#{platform_parameters[:wsgi_script_path]}",
'docroot_owner' => 'barbican',
'docroot_group' => 'barbican',
'ssl' => 'true',
'wsgi_daemon_process' => 'barbican-api',
'wsgi_process_group' => 'barbican-api',
'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/main" },
'require' => 'File[barbican_wsgi_main]',
)}
it { is_expected.to contain_concat("#{platform_parameters[:httpd_ports_file]}") }
it { is_expected.to contain_file(platform_parameters[:httpd_config_file]) }
end
describe 'when overriding default apache logging' do
describe 'when overriding parameters using different ports' do
let :params do
{
:servername => 'dummy.host',
:access_log_format => 'foo',
:servername => 'dummy.host',
:bind_host => '10.42.51.1',
:public_port => 12345,
:ssl => false,
:workers => 37,
}
end
it { is_expected.to contain_apache__vhost('barbican_wsgi_main').with(
'servername' => 'dummy.host',
'access_log_format' => 'foo',
)}
end
describe 'when overriding parameters using symlink and custom file source' do
let :params do
{
:wsgi_script_ensure => 'link',
:wsgi_script_source => '/opt/barbican/httpd/barbican.py',
}
end
it { is_expected.to contain_file('barbican_wsgi_main').with(
'ensure' => 'link',
'path' => "#{platform_parameters[:wsgi_script_path]}/main",
'target' => '/opt/barbican/httpd/barbican.py',
'owner' => 'barbican',
'group' => 'barbican',
'mode' => '0644',
'require' => [ "File[#{platform_parameters[:wsgi_script_path]}]", "Package[barbican-api]" ],
'servername' => 'dummy.host',
'ip' => '10.42.51.1',
'port' => '12345',
'docroot' => "#{platform_parameters[:wsgi_script_path]}",
'docroot_owner' => 'barbican',
'docroot_group' => 'barbican',
'ssl' => 'false',
'wsgi_daemon_process' => 'barbican-api',
'wsgi_process_group' => 'barbican-api',
'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/main" },
'require' => 'File[barbican_wsgi_main]',
)}
it { is_expected.to contain_concat("#{platform_parameters[:httpd_ports_file]}") }
it { is_expected.to contain_file(platform_parameters[:httpd_config_file]) }
end
end
on_supported_os({
@ -123,6 +111,7 @@ describe 'barbican::wsgi::apache' do
:httpd_service_name => 'apache2',
:httpd_ports_file => '/etc/apache2/ports.conf',
:wsgi_script_path => '/usr/lib/cgi-bin/barbican',
:wsgi_script_source => '/usr/lib/python2.7/dist-packages/barbican/api/app.wsgi',
:httpd_config_file => '/etc/apache2/conf-available/barbican-api.conf',
}
when 'RedHat'
@ -130,6 +119,7 @@ describe 'barbican::wsgi::apache' do
:httpd_service_name => 'httpd',
:httpd_ports_file => '/etc/httpd/conf/ports.conf',
:wsgi_script_path => '/var/www/cgi-bin/barbican',
:wsgi_script_source => '/usr/lib/python2.7/site-packages/barbican/api/app.wsgi',
:httpd_config_file => '/etc/httpd/conf.d/barbican-api.conf',
}
end