define ceph::key.

Provides keyring management. Handles cephkeys (cephx), creating keyring files, injecting keys into the keyring via ceph and ceph-autotool tools. Includes support for multiple keys in the same keyring file (as this is supported by the ceph-authtool tool). Includes rspec system puppet for validation. Change-Id: Ib3c4832ffcff61ab42ae221cdd5a5bfb76ee36c5 Implements: blueprint puppet-ceph#key
2014-03-18 19:03:06 +13:00
parent 1b0c333bd6
commit 2787b2165f
3 changed files with 344 additions and 0 deletions
--- a/spec/defines/ceph_key_spec.rb
+++ b/spec/defines/ceph_key_spec.rb
@@ -0,0 +1,67 @@
+#
+# Copyright (C) 2014 Catalyst IT Limited.
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+#
+# Author: Ricardo Rocha <ricardo@catalyst.net.nz>
+#
+
+require 'spec_helper'
+
+describe 'ceph::key' do
+
+  describe 'Debian Family' do
+
+    let :facts do
+      {
+        :osfamily => 'Debian',
+      }
+    end
+
+    describe "with custom params" do
+
+      let :title do
+        'client.admin'
+      end
+
+      let :params do
+        {
+          :secret  => 'supersecret',
+          :user    => 'nobody',
+          :group   => 'nogroup',
+          :cap_mon => 'allow *',
+          :cap_osd => 'allow rw',
+        }
+      end
+
+      it {
+        should contain_exec('ceph-key-client.admin').with(
+          'command' => "ceph-authtool /etc/ceph/ceph.client.admin.keyring --name 'client.admin' --add-key 'supersecret' --cap mon 'allow *' --cap osd 'allow rw' --cap mds ''"
+        )
+        should contain_file('/etc/ceph/ceph.client.admin.keyring').with(
+          'owner' => 'nobody',
+          'group' => 'nogroup',
+          'mode'  => '0600'
+        )
+      }
+
+    end
+  end
+end
+
+# Local Variables:
+# compile-command: "cd ../.. ;
+#    bundle install ;
+#    bundle exec rake spec
+# "
+# End: