Expose policy_default_rule
The option has been managed by the underlying puppet-oslo module but has not bee configurable. This introduces the parameter to customize the option. Change-Id: I2382514189617edb9454c3d9e8b5f15de9c96237
This commit is contained in:
parent
af01001c62
commit
7b72e641ff
|
@ -1,6 +1,6 @@
|
|||
# == Class: ec2api::policy
|
||||
# == Class: designate::policy
|
||||
#
|
||||
# Configure the ec2api policies
|
||||
# Configure the designate policies
|
||||
#
|
||||
# === Parameters
|
||||
#
|
||||
|
@ -14,14 +14,14 @@
|
|||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*policies*]
|
||||
# (Optional) Set of policies to configure for ec2api
|
||||
# (Optional) Set of policies to configure for designate
|
||||
# Example :
|
||||
# {
|
||||
# 'ec2api-context_is_admin' => {
|
||||
# 'designate-context_is_admin' => {
|
||||
# 'key' => 'context_is_admin',
|
||||
# 'value' => 'true'
|
||||
# },
|
||||
# 'ec2api-default' => {
|
||||
# 'designate-default' => {
|
||||
# 'key' => 'default',
|
||||
# 'value' => 'rule:admin_or_owner'
|
||||
# }
|
||||
|
@ -29,11 +29,15 @@
|
|||
# Defaults to empty hash.
|
||||
#
|
||||
# [*policy_path*]
|
||||
# (Optional) Path to the ec2api policy.yaml file
|
||||
# Defaults to /etc/ec2api/policy.yaml
|
||||
# (Optional) Path to the designate policy.yaml file
|
||||
# Defaults to /etc/designate/policy.yaml
|
||||
#
|
||||
# [*policy_default_rule*]
|
||||
# (Optional) Default rule. Enforced when a requested rule is not found.
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*policy_dirs*]
|
||||
# (Optional) Path to the ec2api policy folder
|
||||
# (Optional) Path to the designate policy folder
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*purge_config*]
|
||||
|
@ -41,17 +45,18 @@
|
|||
# file.
|
||||
# Defaults to false.
|
||||
#
|
||||
class ec2api::policy (
|
||||
class designate::policy (
|
||||
$enforce_scope = $::os_service_default,
|
||||
$enforce_new_defaults = $::os_service_default,
|
||||
$policies = {},
|
||||
$policy_path = '/etc/ec2api/policy.yaml',
|
||||
$policy_path = '/etc/designate/policy.yaml',
|
||||
$policy_default_rule = $::os_service_default,
|
||||
$policy_dirs = $::os_service_default,
|
||||
$purge_config = false,
|
||||
) {
|
||||
|
||||
include ec2api::deps
|
||||
include ec2api::params
|
||||
include designate::deps
|
||||
include designate::params
|
||||
|
||||
validate_legacy(Hash, 'validate_hash', $policies)
|
||||
|
||||
|
@ -59,17 +64,18 @@ class ec2api::policy (
|
|||
policies => $policies,
|
||||
policy_path => $policy_path,
|
||||
file_user => 'root',
|
||||
file_group => $::ec2api::params::group,
|
||||
file_group => $::designate::params::group,
|
||||
file_format => 'yaml',
|
||||
purge_config => $purge_config,
|
||||
}
|
||||
|
||||
create_resources('openstacklib::policy', { $policy_path => $policy_parameters })
|
||||
|
||||
oslo::policy { 'ec2api_config':
|
||||
oslo::policy { 'designate_config':
|
||||
enforce_scope => $enforce_scope,
|
||||
enforce_new_defaults => $enforce_new_defaults,
|
||||
policy_file => $policy_path,
|
||||
policy_default_rule => $policy_default_rule,
|
||||
policy_dirs => $policy_dirs,
|
||||
}
|
||||
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
The new ``designate::policy::policy_default_rule`` parameter has been added.
|
|
@ -1,15 +1,16 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe 'ec2api::policy' do
|
||||
shared_examples 'ec2api::policy' do
|
||||
describe 'designate::policy' do
|
||||
shared_examples 'designate::policy' do
|
||||
|
||||
context 'setup policy with parameters' do
|
||||
let :params do
|
||||
{
|
||||
:enforce_scope => false,
|
||||
:enforce_new_defaults => false,
|
||||
:policy_path => '/etc/ec2api/policy.yaml',
|
||||
:policy_dirs => '/etc/ec2api/policy.d',
|
||||
:policy_path => '/etc/designate/policy.yaml',
|
||||
:policy_default_rule => 'default',
|
||||
:policy_dirs => '/etc/designate/policy.d',
|
||||
:policies => {
|
||||
'context_is_admin' => {
|
||||
'key' => 'context_is_admin',
|
||||
|
@ -20,24 +21,25 @@ describe 'ec2api::policy' do
|
|||
end
|
||||
|
||||
it 'set up the policies' do
|
||||
is_expected.to contain_openstacklib__policy('/etc/ec2api/policy.yaml').with(
|
||||
is_expected.to contain_openstacklib__policy('/etc/designate/policy.yaml').with(
|
||||
:policies => {
|
||||
'context_is_admin' => {
|
||||
'key' => 'context_is_admin',
|
||||
'value' => 'foo:bar'
|
||||
}
|
||||
},
|
||||
:policy_path => '/etc/ec2api/policy.yaml',
|
||||
:policy_path => '/etc/designate/policy.yaml',
|
||||
:file_user => 'root',
|
||||
:file_group => 'ec2api',
|
||||
:file_group => 'designate',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => false,
|
||||
)
|
||||
is_expected.to contain_oslo__policy('ec2api_config').with(
|
||||
is_expected.to contain_oslo__policy('designate_config').with(
|
||||
:enforce_scope => false,
|
||||
:enforce_new_defaults => false,
|
||||
:policy_file => '/etc/ec2api/policy.yaml',
|
||||
:policy_dirs => '/etc/ec2api/policy.d',
|
||||
:policy_file => '/etc/designate/policy.yaml',
|
||||
:policy_default_rule => 'default',
|
||||
:policy_dirs => '/etc/designate/policy.d',
|
||||
)
|
||||
end
|
||||
end
|
||||
|
@ -47,25 +49,25 @@ describe 'ec2api::policy' do
|
|||
{
|
||||
:enforce_scope => false,
|
||||
:enforce_new_defaults => false,
|
||||
:policy_path => '/etc/ec2api/policy.yaml',
|
||||
:policy_path => '/etc/designate/policy.yaml',
|
||||
:policies => {},
|
||||
:purge_config => true,
|
||||
}
|
||||
end
|
||||
|
||||
it 'set up the policies' do
|
||||
is_expected.to contain_openstacklib__policy('/etc/ec2api/policy.yaml').with(
|
||||
is_expected.to contain_openstacklib__policy('/etc/designate/policy.yaml').with(
|
||||
:policies => {},
|
||||
:policy_path => '/etc/ec2api/policy.yaml',
|
||||
:policy_path => '/etc/designate/policy.yaml',
|
||||
:file_user => 'root',
|
||||
:file_group => 'ec2api',
|
||||
:file_group => 'designate',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => true,
|
||||
)
|
||||
is_expected.to contain_oslo__policy('ec2api_config').with(
|
||||
is_expected.to contain_oslo__policy('designate_config').with(
|
||||
:enforce_scope => false,
|
||||
:enforce_new_defaults => false,
|
||||
:policy_file => '/etc/ec2api/policy.yaml',
|
||||
:policy_file => '/etc/designate/policy.yaml',
|
||||
)
|
||||
end
|
||||
end
|
||||
|
@ -79,7 +81,7 @@ describe 'ec2api::policy' do
|
|||
facts.merge!(OSDefaults.get_facts())
|
||||
end
|
||||
|
||||
it_behaves_like 'ec2api::policy'
|
||||
it_behaves_like 'designate::policy'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue