Makes kombu_ssl_* parameters optional when rabbit_use_ssl => true
The kombu_ssl_* parameters should not be required when rabbit_use_ssl => true Rather, rabbit_use_ssl must be set to true if the kombu_ssl_* parameters are used. Change-Id: I7664dda2c66ffb34ceb56ada722574ae0e490f8f Closes-Bug: 1356083
This commit is contained in:
parent
61ace074e3
commit
957c2120d0
|
@ -111,16 +111,17 @@ class ceilometer(
|
|||
|
||||
include ceilometer::params
|
||||
|
||||
if $rabbit_use_ssl {
|
||||
if !$kombu_ssl_ca_certs {
|
||||
fail('The kombu_ssl_ca_certs parameter is required when rabbit_use_ssl is set to true')
|
||||
}
|
||||
if !$kombu_ssl_certfile {
|
||||
fail('The kombu_ssl_certfile parameter is required when rabbit_use_ssl is set to true')
|
||||
}
|
||||
if !$kombu_ssl_keyfile {
|
||||
fail('The kombu_ssl_keyfile parameter is required when rabbit_use_ssl is set to true')
|
||||
}
|
||||
if $kombu_ssl_ca_certs and !$rabbit_use_ssl {
|
||||
fail('The kombu_ssl_ca_certs parameter requires rabbit_use_ssl to be set to true')
|
||||
}
|
||||
if $kombu_ssl_certfile and !$rabbit_use_ssl {
|
||||
fail('The kombu_ssl_certfile parameter requires rabbit_use_ssl to be set to true')
|
||||
}
|
||||
if $kombu_ssl_keyfile and !$rabbit_use_ssl {
|
||||
fail('The kombu_ssl_keyfile parameter requires rabbit_use_ssl to be set to true')
|
||||
}
|
||||
if ($kombu_ssl_certfile and !$kombu_ssl_keyfile) or ($kombu_ssl_keyfile and !$kombu_ssl_certfile) {
|
||||
fail('The kombu_ssl_certfile and kombu_ssl_keyfile parameters must be used together')
|
||||
}
|
||||
|
||||
File {
|
||||
|
@ -189,12 +190,31 @@ class ceilometer(
|
|||
}
|
||||
|
||||
if $rabbit_use_ssl {
|
||||
|
||||
if $kombu_ssl_ca_certs {
|
||||
ceilometer_config { 'DEFAULT/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs; }
|
||||
} else {
|
||||
ceilometer_config { 'DEFAULT/kombu_ssl_ca_certs': ensure => absent; }
|
||||
}
|
||||
|
||||
if $kombu_ssl_certfile or $kombu_ssl_keyfile {
|
||||
ceilometer_config {
|
||||
'DEFAULT/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs;
|
||||
'DEFAULT/kombu_ssl_certfile': value => $kombu_ssl_certfile;
|
||||
'DEFAULT/kombu_ssl_keyfile': value => $kombu_ssl_keyfile;
|
||||
'DEFAULT/kombu_ssl_version': value => $kombu_ssl_version;
|
||||
}
|
||||
} else {
|
||||
ceilometer_config {
|
||||
'DEFAULT/kombu_ssl_certfile': ensure => absent;
|
||||
'DEFAULT/kombu_ssl_keyfile': ensure => absent;
|
||||
}
|
||||
}
|
||||
|
||||
if $kombu_ssl_version {
|
||||
ceilometer_config { 'DEFAULT/kombu_ssl_version': value => $kombu_ssl_version; }
|
||||
} else {
|
||||
ceilometer_config { 'DEFAULT/kombu_ssl_version': ensure => absent; }
|
||||
}
|
||||
|
||||
} else {
|
||||
ceilometer_config {
|
||||
'DEFAULT/kombu_ssl_ca_certs': ensure => absent;
|
||||
|
|
|
@ -227,7 +227,7 @@ describe 'ceilometer' do
|
|||
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_version').with_ensure('absent') }
|
||||
end
|
||||
|
||||
context "with SSL enabled" do
|
||||
context "with SSL enabled with kombu" do
|
||||
before { params.merge!(
|
||||
:rabbit_use_ssl => 'true',
|
||||
:kombu_ssl_ca_certs => '/path/to/ca.crt',
|
||||
|
@ -243,15 +243,33 @@ describe 'ceilometer' do
|
|||
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_version').with_value('TLSv1') }
|
||||
end
|
||||
|
||||
context "with SSL wrongly configured" do
|
||||
context "with SSL enabled without kombu" do
|
||||
before { params.merge!(
|
||||
:rabbit_use_ssl => 'false',
|
||||
:kombu_ssl_certfile => '/path/to/cert.crt',
|
||||
:kombu_ssl_keyfile => '/path/to/cert.key',
|
||||
:kombu_ssl_version => 'TLSv1'
|
||||
:rabbit_use_ssl => 'true'
|
||||
) }
|
||||
|
||||
it_raises 'a Puppet::Error', /The kombu_ssl_ca_certs parameter is required when rabbit_use_ssl is set to true/
|
||||
it { should contain_ceilometer_config('DEFAULT/rabbit_use_ssl').with_value('true') }
|
||||
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_ca_certs').with_ensure('absent') }
|
||||
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_certfile').with_ensure('absent') }
|
||||
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_keyfile').with_ensure('absent') }
|
||||
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_version').with_value('SSLv3') }
|
||||
end
|
||||
|
||||
context "with SSL wrongly configured" do
|
||||
context 'with kombu_ssl_ca_certs parameter' do
|
||||
before { params.merge!(:kombu_ssl_ca_certs => '/path/to/ca.crt') }
|
||||
it_raises 'a Puppet::Error', /The kombu_ssl_ca_certs parameter requires rabbit_use_ssl to be set to true/
|
||||
end
|
||||
|
||||
context 'with kombu_ssl_certfile parameter' do
|
||||
before { params.merge!(:kombu_ssl_certfile => '/path/to/ssl/cert/file') }
|
||||
it_raises 'a Puppet::Error', /The kombu_ssl_certfile parameter requires rabbit_use_ssl to be set to true/
|
||||
end
|
||||
|
||||
context 'with kombu_ssl_keyfile parameter' do
|
||||
before { params.merge!(:kombu_ssl_keyfile => '/path/to/ssl/keyfile') }
|
||||
it_raises 'a Puppet::Error', /The kombu_ssl_keyfile parameter requires rabbit_use_ssl to be set to true/
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue