Merge "Added Dogtag settings for barbican-api"
This commit is contained in:
commit
c7a8f2be78
|
@ -0,0 +1,72 @@
|
|||
# == Class: barbican::plugins::dogtag
|
||||
#
|
||||
# Sets up Barbican API dogtag secret_store and certificate plugin
|
||||
#
|
||||
# === Parameters
|
||||
#
|
||||
# [*dogtag_plugin_pem_path*]
|
||||
# (optional) Path to KRA agent PEM file
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*dogtag_plugin_dogtag_host*]
|
||||
# (optional) Host for the Dogtag server
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*dogtag_plugin_dogtag_port*]
|
||||
# (optional) Host for the Dogtag server
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*dogtag_plugin_nss_db_path*]
|
||||
# (optional) Path to plugin NSS DB
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*dogtag_plugin_nss_password*]
|
||||
# Password for plugin NSS DB
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*dogtag_plugin_simple_cmc_profile*]
|
||||
# (optional) Profile for simple CMC enrollment.
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*dogtag_plugin_ca_expiration_time*]
|
||||
# (optional) Expiration time for the Dogtag CA entry in days
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*dogtag_plugin_plugin_working_dir*]
|
||||
# (optional) Working directory for Dogtag plugin
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
class barbican::plugins::dogtag (
|
||||
$dogtag_plugin_pem_path = $::os_service_default,
|
||||
$dogtag_plugin_dogtag_host = $::os_service_default,
|
||||
$dogtag_plugin_dogtag_port = $::os_service_default,
|
||||
$dogtag_plugin_nss_db_path = $::os_service_default,
|
||||
$dogtag_plugin_nss_password = undef,
|
||||
$dogtag_plugin_simple_cmc_profile = $::os_service_default,
|
||||
$dogtag_plugin_ca_expiration_time = $::os_service_default,
|
||||
$dogtag_plugin_plugin_working_dir = $::os_service_default,
|
||||
) {
|
||||
|
||||
include ::barbican::api
|
||||
|
||||
if $dogtag_plugin_nss_password == undef {
|
||||
fail('dogtag_plugin_nss_password must be defined')
|
||||
}
|
||||
|
||||
package {'dogtag-client':
|
||||
ensure => $::barbican::api::ensure_package,
|
||||
name => $::barbican::params::dogtag_client_package,
|
||||
tag => ['openstack', 'dogtag-client-package']
|
||||
} -> Service['barbican-api']
|
||||
|
||||
barbican_config {
|
||||
'dogtag_plugin/pem_path': value => $dogtag_plugin_pem_path;
|
||||
'dogtag_plugin/dogtag_host': value => $dogtag_plugin_dogtag_host;
|
||||
'dogtag_plugin/dogtag_port': value => $dogtag_plugin_dogtag_port;
|
||||
'dogtag_plugin/nss_db_path': value => $dogtag_plugin_nss_db_path;
|
||||
'dogtag_plugin/nss_password': value => $dogtag_plugin_nss_password;
|
||||
'dogtag_plugin/simple_cmc_profile': value => $dogtag_plugin_simple_cmc_profile;
|
||||
'dogtag_plugin/ca_expiration_time': value => $dogtag_plugin_ca_expiration_time;
|
||||
'dogtag_plugin/plugin_working_dir': value => $dogtag_plugin_plugin_working_dir;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,72 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe 'barbican::plugins::dogtag' do
|
||||
|
||||
let :facts do
|
||||
@default_facts.merge(
|
||||
{
|
||||
:osfamily => 'RedHat',
|
||||
:processorcount => '7',
|
||||
}
|
||||
)
|
||||
end
|
||||
|
||||
let :default_params do
|
||||
{
|
||||
:dogtag_plugin_pem_path => '<SERVICE DEFAULT>',
|
||||
:dogtag_plugin_dogtag_host => '<SERVICE DEFAULT>',
|
||||
:dogtag_plugin_dogtag_port => '<SERVICE DEFAULT>',
|
||||
:dogtag_plugin_nss_db_path => '<SERVICE DEFAULT>',
|
||||
:dogtag_plugin_simple_cmc_profile => '<SERVICE DEFAULT>',
|
||||
:dogtag_plugin_ca_expiration_time => '<SERVICE DEFAULT>',
|
||||
:dogtag_plugin_plugin_working_dir => '<SERVICE DEFAULT>',
|
||||
}
|
||||
end
|
||||
|
||||
[{
|
||||
:dogtag_plugin_nss_password => 'password',
|
||||
},
|
||||
{
|
||||
:dogtag_plugin_pem_path => 'path_to_pem_file',
|
||||
:dogtag_plugin_dogtag_host => 'dogtag_host',
|
||||
:dogtag_plugin_dogtag_port => '1234',
|
||||
:dogtag_plugin_nss_db_path => 'path_to_nss_db',
|
||||
:dogtag_plugin_nss_password => 'password',
|
||||
:dogtag_plugin_simple_cmc_profile => 'caServerCert',
|
||||
:dogtag_plugin_ca_expiration_time => '100',
|
||||
:dogtag_plugin_plugin_working_dir => 'path_to_working_dir',
|
||||
}
|
||||
].each do |param_set|
|
||||
|
||||
describe "when #{param_set == {} ? "using default" : "specifying"} class parameters" do
|
||||
|
||||
let :param_hash do
|
||||
default_params.merge(param_set)
|
||||
end
|
||||
|
||||
let :params do
|
||||
param_set
|
||||
end
|
||||
|
||||
it 'is_expected.to set dogtag parameters' do
|
||||
is_expected.to contain_barbican_config('dogtag_plugin/pem_path')\
|
||||
.with_value(param_hash[:dogtag_plugin_pem_path])
|
||||
is_expected.to contain_barbican_config('dogtag_plugin/dogtag_host')\
|
||||
.with_value(param_hash[:dogtag_plugin_dogtag_host])
|
||||
is_expected.to contain_barbican_config('dogtag_plugin/dogtag_port')\
|
||||
.with_value(param_hash[:dogtag_plugin_dogtag_port])
|
||||
is_expected.to contain_barbican_config('dogtag_plugin/nss_db_path')\
|
||||
.with_value(param_hash[:dogtag_plugin_nss_db_path])
|
||||
is_expected.to contain_barbican_config('dogtag_plugin/nss_password')\
|
||||
.with_value(param_hash[:dogtag_plugin_nss_password])
|
||||
is_expected.to contain_barbican_config('dogtag_plugin/simple_cmc_profile')\
|
||||
.with_value(param_hash[:dogtag_plugin_simple_cmc_profile])
|
||||
is_expected.to contain_barbican_config('dogtag_plugin/ca_expiration_time')\
|
||||
.with_value(param_hash[:dogtag_plugin_ca_expiration_time])
|
||||
is_expected.to contain_barbican_config('dogtag_plugin/plugin_working_dir')\
|
||||
.with_value(param_hash[:dogtag_plugin_plugin_working_dir])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
Loading…
Reference in New Issue