Require nova password
Users should set valid auth options in nova section so that cinder can interact with nova in some operations such as attachment deletion. Make the password parameter required to make users aware of their incomplete settings. Also deprecate the auth_section parameter because now we expect that all auth options are set in the nova section. Change-Id: I0252b341d00e5b2b07ead19a01f98aee68cd7305
This commit is contained in:
Takashi Kajinami
parent
7e0cc4f7d4
commit
2e6f49c1fe
@ -4,6 +4,9 @@
|
||||
#
|
||||
# === Parameters
|
||||
#
|
||||
# [*password*]
|
||||
# (Required) Nova admin password.
|
||||
#
|
||||
# [*region_name*]
|
||||
# (Optional) Name of nova region to use.
|
||||
# Defaults to $facts['os_service_default']
|
||||
@ -48,12 +51,7 @@
|
||||
#
|
||||
# [*auth_type*]
|
||||
# (Optional) Authentication type to load.
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*auth_section*]
|
||||
# (Optional) Config Section from which to load plugin
|
||||
# specific options.
|
||||
# Defaults to $facts['os_service_default']
|
||||
# Defaults to 'password'
|
||||
#
|
||||
# [*auth_url*]
|
||||
# (Optional) Identity service url.
|
||||
@ -67,10 +65,6 @@
|
||||
# (Optional) Nova admin user domain name.
|
||||
# Defaults to 'Default'
|
||||
#
|
||||
# [*password*]
|
||||
# (Optional) Nova admin password.
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*project_name*]
|
||||
# (Optional) Nova admin project name.
|
||||
# Defaults to 'services'
|
||||
@ -83,7 +77,15 @@
|
||||
# (Optional) Scope for system operations
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# DEPRECATED PARAMETERS
|
||||
#
|
||||
# [*auth_section*]
|
||||
# (Optional) Config Section from which to load plugin
|
||||
# specific options.
|
||||
# Defaults to undef
|
||||
#
|
||||
class cinder::nova (
|
||||
$password,
|
||||
$region_name = $facts['os_service_default'],
|
||||
$interface = $facts['os_service_default'],
|
||||
$token_auth_url = $facts['os_service_default'],
|
||||
@ -94,19 +96,23 @@ class cinder::nova (
|
||||
$timeout = $facts['os_service_default'],
|
||||
$collect_timing = $facts['os_service_default'],
|
||||
$split_loggers = $facts['os_service_default'],
|
||||
$auth_type = $facts['os_service_default'],
|
||||
$auth_section = $facts['os_service_default'],
|
||||
$auth_type = 'password',
|
||||
$auth_url = $facts['os_service_default'],
|
||||
$username = 'nova',
|
||||
$user_domain_name = 'Default',
|
||||
$password = $facts['os_service_default'],
|
||||
$project_name = 'services',
|
||||
$project_domain_name = 'Default',
|
||||
$system_scope = $facts['os_service_default'],
|
||||
# DEPRECATED PARAMETERS
|
||||
$auth_section = undef,
|
||||
) {
|
||||
|
||||
include cinder::deps
|
||||
|
||||
if $auth_section {
|
||||
warning('The auth_section parameter has been deprecated.')
|
||||
}
|
||||
|
||||
if is_service_default($system_scope) {
|
||||
$project_name_real = $project_name
|
||||
$project_domain_name_real = $project_domain_name
|
||||
@ -127,7 +133,7 @@ class cinder::nova (
|
||||
'nova/collect_timing': value => $collect_timing;
|
||||
'nova/split_loggers': value => $split_loggers;
|
||||
'nova/auth_type': value => $auth_type;
|
||||
'nova/auth_section': value => $auth_section;
|
||||
'nova/auth_section': value => pick($auth_section, $facts['os_service_default']);
|
||||
'nova/auth_url': value => $auth_url;
|
||||
'nova/username': value => $username;
|
||||
'nova/user_domain_name': value => $user_domain_name;
|
||||
|
||||
@ -0,0 +1,13 @@
|
||||
---
|
||||
upgrade:
|
||||
- |
|
||||
Default value of the ``cinder::nova::auth_type`` parameter has been updated
|
||||
and now the auth_type option is set to ``password`` by default.
|
||||
|
||||
- |
|
||||
The ``cinder::nova::password`` parameter is now required.
|
||||
|
||||
deprecations:
|
||||
- |
|
||||
The ``cinder::nova::auth_section`` parameter has been deprecated and will
|
||||
be removed.
|
||||
@ -2,6 +2,10 @@ require 'spec_helper'
|
||||
|
||||
describe 'cinder::nova' do
|
||||
shared_examples 'cinder::nova' do
|
||||
let :params do
|
||||
{ :password => 'novapass' }
|
||||
end
|
||||
|
||||
context 'with default parameters' do
|
||||
it {
|
||||
is_expected.to contain_cinder_config('nova/region_name').with_value('<SERVICE DEFAULT>')
|
||||
@ -14,12 +18,12 @@ describe 'cinder::nova' do
|
||||
is_expected.to contain_cinder_config('nova/timeout').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_cinder_config('nova/collect_timing').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_cinder_config('nova/split_loggers').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_cinder_config('nova/auth_type').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_cinder_config('nova/auth_type').with_value('password')
|
||||
is_expected.to contain_cinder_config('nova/auth_section').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_cinder_config('nova/auth_url').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_cinder_config('nova/username').with_value('nova')
|
||||
is_expected.to contain_cinder_config('nova/user_domain_name').with_value('Default')
|
||||
is_expected.to contain_cinder_config('nova/password').with_value('<SERVICE DEFAULT>').with_secret(true)
|
||||
is_expected.to contain_cinder_config('nova/password').with_value('novapass').with_secret(true)
|
||||
is_expected.to contain_cinder_config('nova/project_name').with_value('services')
|
||||
is_expected.to contain_cinder_config('nova/project_domain_name').with_value('Default')
|
||||
is_expected.to contain_cinder_config('nova/system_scope').with_value('<SERVICE DEFAULT>')
|
||||
@ -27,8 +31,8 @@ describe 'cinder::nova' do
|
||||
end
|
||||
|
||||
context 'with specified parameters' do
|
||||
let :params do
|
||||
{
|
||||
before :each do
|
||||
params.merge!({
|
||||
:region_name => 'RegionOne',
|
||||
:interface => 'internal',
|
||||
:token_auth_url => 'http://127.0.0.1:5000/v3',
|
||||
@ -39,11 +43,10 @@ describe 'cinder::nova' do
|
||||
:timeout => 30,
|
||||
:collect_timing => true,
|
||||
:split_loggers => true,
|
||||
:auth_type => 'password',
|
||||
:auth_type => 'v3password',
|
||||
:auth_section => 'my_section',
|
||||
:auth_url => 'http://127.0.0.2:5000',
|
||||
:password => 'foo',
|
||||
}
|
||||
})
|
||||
end
|
||||
|
||||
it {
|
||||
@ -57,12 +60,12 @@ describe 'cinder::nova' do
|
||||
is_expected.to contain_cinder_config('nova/timeout').with_value(30)
|
||||
is_expected.to contain_cinder_config('nova/collect_timing').with_value(true)
|
||||
is_expected.to contain_cinder_config('nova/split_loggers').with_value(true)
|
||||
is_expected.to contain_cinder_config('nova/auth_type').with_value('password')
|
||||
is_expected.to contain_cinder_config('nova/auth_type').with_value('v3password')
|
||||
is_expected.to contain_cinder_config('nova/auth_section').with_value('my_section')
|
||||
is_expected.to contain_cinder_config('nova/auth_url').with_value('http://127.0.0.2:5000')
|
||||
is_expected.to contain_cinder_config('nova/username').with_value('nova')
|
||||
is_expected.to contain_cinder_config('nova/user_domain_name').with_value('Default')
|
||||
is_expected.to contain_cinder_config('nova/password').with_value('foo').with_secret(true)
|
||||
is_expected.to contain_cinder_config('nova/password').with_value('novapass').with_secret(true)
|
||||
is_expected.to contain_cinder_config('nova/project_name').with_value('services')
|
||||
is_expected.to contain_cinder_config('nova/project_domain_name').with_value('Default')
|
||||
is_expected.to contain_cinder_config('nova/system_scope').with_value('<SERVICE DEFAULT>')
|
||||
@ -70,10 +73,10 @@ describe 'cinder::nova' do
|
||||
end
|
||||
|
||||
context 'with system_scope set' do
|
||||
let :params do
|
||||
{
|
||||
before :each do
|
||||
params.merge!({
|
||||
:system_scope => 'all'
|
||||
}
|
||||
})
|
||||
end
|
||||
|
||||
it {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user