From c6a7b16567f6e5b64a4764490de42b5ce608feb0 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <kajinamit@oss.nttdata.com>
Date: Wed, 6 Dec 2023 01:53:08 +0900
Subject: [PATCH] Make telemetry_secret actually required

... as is described. This option should be set to an appropriate key
value and the previous default (False) is not suitable for production
use.

Change-Id: Ic54025f2b6c1d023a8458491e3f26dda8adbceb0
---
 manifests/init.pp                                         | 8 ++++----
 spec/classes/ceilometer_agent_service_credentials_spec.rb | 4 ----
 spec/classes/ceilometer_init_spec.rb                      | 3 +--
 3 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index 926fb4eb..db189cce 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -5,6 +5,9 @@
 #
 # === Parameters:
 #
+# [*telemetry_secret*]
+#   (Required)  Secret key for signing messages.
+#
 # [*http_timeout*]
 #   (Optional) Timeout seconds for HTTP requests.
 #   Defaults to $facts['os_service_default']
@@ -14,9 +17,6 @@
 #   the same time.
 #   Defaults to $facts['os_service_default']
 #
-# [*telemetry_secret*]
-#  (Required)  Secret key for signing messages.
-#
 # [*notification_topics*]
 #   (Optional) AMQP topic used for OpenStack notifications (list value)
 #   Defaults to 'notifications'.
@@ -227,9 +227,9 @@
 #   Defaults to $facts['os_service_default'].
 #
 class ceilometer(
+  $telemetry_secret,
   $http_timeout                       = $facts['os_service_default'],
   $max_parallel_requests              = $facts['os_service_default'],
-  $telemetry_secret                   = false,
   $notification_topics                = ['notifications'],
   $notification_driver                = $facts['os_service_default'],
   $package_ensure                     = 'present',
diff --git a/spec/classes/ceilometer_agent_service_credentials_spec.rb b/spec/classes/ceilometer_agent_service_credentials_spec.rb
index 5749c6b1..696a7ab7 100644
--- a/spec/classes/ceilometer_agent_service_credentials_spec.rb
+++ b/spec/classes/ceilometer_agent_service_credentials_spec.rb
@@ -2,10 +2,6 @@ require 'spec_helper'
 
 describe 'ceilometer::agent::service_credentials' do
 
-  let :pre_condition do
-    "class { 'ceilometer': telemetry_secret => 's3cr3t' }"
-  end
-
   let :params do
     { :password => 'password' }
   end
diff --git a/spec/classes/ceilometer_init_spec.rb b/spec/classes/ceilometer_init_spec.rb
index d47f5e55..6ea76ba1 100644
--- a/spec/classes/ceilometer_init_spec.rb
+++ b/spec/classes/ceilometer_init_spec.rb
@@ -74,8 +74,7 @@ describe 'ceilometer' do
     end
 
     it 'configures required telemetry_secret' do
-      is_expected.to contain_ceilometer_config('publisher/telemetry_secret').with_value('metering-s3cr3t')
-      is_expected.to contain_ceilometer_config('publisher/telemetry_secret').with_value( params[:telemetry_secret] ).with_secret(true)
+      is_expected.to contain_ceilometer_config('publisher/telemetry_secret').with_value(params[:telemetry_secret]).with_secret(true)
     end
 
     context 'without the required telemetry_secret' do