Use identity_uri and auth_uri by default
Change-Id: I8ef94a18fd24f9572830994bcd005691d2314d66 Closes-Bug: #1528963
This commit is contained in:
parent
5917ed6fb8
commit
148253cd27
|
@ -76,35 +76,13 @@
|
|||
# then region name can be specified.
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*auth_host*]
|
||||
# (optional) DEPRECATED Host running auth service.
|
||||
# Defaults to '127.0.0.1'.
|
||||
#
|
||||
# [*auth_url*]
|
||||
# (optional) DEPRECATED Authentication URL.
|
||||
# Defaults to 'http://localhost:5000/v2.0'.
|
||||
#
|
||||
# [*auth_port*]
|
||||
# (optional) DEPRECATED Port to use for auth service on auth_host.
|
||||
# Defaults to '35357'.
|
||||
#
|
||||
# [*auth_uri*]
|
||||
# (optional) Complete public Identity API endpoint.
|
||||
# Defaults to false.
|
||||
#
|
||||
# [*auth_admin_prefix*]
|
||||
# (optional) DEPRECATED Path part of the auth url.
|
||||
# This allow admin auth URIs like http://auth_host:35357/keystone/admin.
|
||||
# (where '/keystone/admin' is auth_admin_prefix)
|
||||
# Defaults to false for empty. If defined, should be a string with a leading '/' and no trailing '/'.
|
||||
#
|
||||
# [*auth_protocol*]
|
||||
# (optional) DEPRECATED Protocol to use for auth.
|
||||
# Defaults to 'http'.
|
||||
# Defaults to 'http://127.0.0.1:5000/'.
|
||||
#
|
||||
# [*identity_uri*]
|
||||
# (optional) Complete admin Identity API endpoint.
|
||||
# Defaults to: false
|
||||
# Defaults to 'http://127.0.0.1:35357/'.
|
||||
#
|
||||
# [*pipeline*]
|
||||
# (optional) Partial name of a pipeline in your paste configuration file with the
|
||||
|
@ -269,8 +247,8 @@ class glance::api(
|
|||
$delayed_delete = $::os_service_default,
|
||||
$auth_type = 'keystone',
|
||||
$auth_region = $::os_service_default,
|
||||
$auth_uri = false,
|
||||
$identity_uri = false,
|
||||
$auth_uri = 'http://127.0.0.1:5000/',
|
||||
$identity_uri = 'http://127.0.0.1:35357/',
|
||||
$pipeline = 'keystone',
|
||||
$keystone_tenant = 'services',
|
||||
$keystone_user = 'glance',
|
||||
|
@ -302,12 +280,6 @@ class glance::api(
|
|||
$token_cache_time = $::os_service_default,
|
||||
$validate = false,
|
||||
$validation_options = {},
|
||||
# DEPRECATED PARAMETERS
|
||||
$auth_host = '127.0.0.1',
|
||||
$auth_url = 'http://localhost:5000/v2.0',
|
||||
$auth_port = '35357',
|
||||
$auth_admin_prefix = false,
|
||||
$auth_protocol = 'http',
|
||||
) inherits glance {
|
||||
|
||||
include ::glance::policy
|
||||
|
@ -390,61 +362,6 @@ class glance::api(
|
|||
'DEFAULT/registry_port': value => $registry_port;
|
||||
}
|
||||
|
||||
if $identity_uri {
|
||||
glance_api_config { 'keystone_authtoken/identity_uri': value => $identity_uri; }
|
||||
} else {
|
||||
glance_api_config { 'keystone_authtoken/identity_uri': ensure => absent; }
|
||||
}
|
||||
|
||||
if $auth_uri {
|
||||
glance_api_config { 'keystone_authtoken/auth_uri': value => $auth_uri; }
|
||||
} else {
|
||||
glance_api_config { 'keystone_authtoken/auth_uri': value => "${auth_protocol}://${auth_host}:5000/"; }
|
||||
}
|
||||
|
||||
# if both auth_uri and identity_uri are set we skip these deprecated settings entirely
|
||||
if !$auth_uri or !$identity_uri {
|
||||
|
||||
if $auth_host {
|
||||
warning('The auth_host parameter is deprecated. Please use auth_uri and identity_uri instead.')
|
||||
glance_api_config { 'keystone_authtoken/auth_host': value => $auth_host; }
|
||||
} else {
|
||||
glance_api_config { 'keystone_authtoken/auth_host': ensure => absent; }
|
||||
}
|
||||
|
||||
if $auth_port {
|
||||
warning('The auth_port parameter is deprecated. Please use auth_uri and identity_uri instead.')
|
||||
glance_api_config { 'keystone_authtoken/auth_port': value => $auth_port; }
|
||||
} else {
|
||||
glance_api_config { 'keystone_authtoken/auth_port': ensure => absent; }
|
||||
}
|
||||
|
||||
if $auth_protocol {
|
||||
warning('The auth_protocol parameter is deprecated. Please use auth_uri and identity_uri instead.')
|
||||
glance_api_config { 'keystone_authtoken/auth_protocol': value => $auth_protocol; }
|
||||
} else {
|
||||
glance_api_config { 'keystone_authtoken/auth_protocol': ensure => absent; }
|
||||
}
|
||||
|
||||
if $auth_admin_prefix {
|
||||
warning('The auth_admin_prefix parameter is deprecated. Please use auth_uri and identity_uri instead.')
|
||||
validate_re($auth_admin_prefix, '^(/.+[^/])?$')
|
||||
glance_api_config {
|
||||
'keystone_authtoken/auth_admin_prefix': value => $auth_admin_prefix;
|
||||
}
|
||||
} else {
|
||||
glance_api_config { 'keystone_authtoken/auth_admin_prefix': ensure => absent; }
|
||||
}
|
||||
|
||||
} else {
|
||||
glance_api_config {
|
||||
'keystone_authtoken/auth_host': ensure => absent;
|
||||
'keystone_authtoken/auth_port': ensure => absent;
|
||||
'keystone_authtoken/auth_protocol': ensure => absent;
|
||||
'keystone_authtoken/auth_admin_prefix': ensure => absent;
|
||||
}
|
||||
}
|
||||
|
||||
# Set the pipeline, it is allowed to be blank
|
||||
if $pipeline != '' {
|
||||
validate_re($pipeline, '^(\w+([+]\w+)*)*$')
|
||||
|
@ -465,9 +382,11 @@ class glance::api(
|
|||
'keystone_authtoken/admin_password': value => $keystone_password, secret => true;
|
||||
'keystone_authtoken/token_cache_time': value => $token_cache_time;
|
||||
'keystone_authtoken/signing_dir': value => $signing_dir;
|
||||
'keystone_authtoken/auth_uri': value => $auth_uri;
|
||||
'keystone_authtoken/identity_uri': value => $identity_uri;
|
||||
}
|
||||
glance_cache_config {
|
||||
'DEFAULT/auth_url' : value => $auth_url;
|
||||
'DEFAULT/auth_url' : value => $auth_uri;
|
||||
'DEFAULT/admin_tenant_name': value => $keystone_tenant;
|
||||
'DEFAULT/admin_user' : value => $keystone_user;
|
||||
'DEFAULT/admin_password' : value => $keystone_password, secret => true;
|
||||
|
@ -532,7 +451,7 @@ class glance::api(
|
|||
if $validate {
|
||||
$defaults = {
|
||||
'glance-api' => {
|
||||
'command' => "glance --os-auth-url ${auth_url} --os-tenant-name ${keystone_tenant} --os-username ${keystone_user} --os-password ${keystone_password} image-list",
|
||||
'command' => "glance --os-auth-url ${auth_uri} --os-tenant-name ${keystone_tenant} --os-username ${keystone_user} --os-password ${keystone_password} image-list",
|
||||
}
|
||||
}
|
||||
$validation_options_hash = merge ($defaults, $validation_options)
|
||||
|
|
|
@ -71,29 +71,13 @@
|
|||
# [*auth_type*]
|
||||
# (optional) Authentication type. Defaults to 'keystone'.
|
||||
#
|
||||
# [*auth_host*]
|
||||
# (optional) DEPRECATED Address of the admin authentication endpoint.
|
||||
# Defaults to '127.0.0.1'.
|
||||
#
|
||||
# [*auth_port*]
|
||||
# (optional) DEPRECATED Port of the admin authentication endpoint. Defaults to '35357'.
|
||||
#
|
||||
# [*auth_admin_prefix*]
|
||||
# (optional) DEPRECATED path part of the auth url.
|
||||
# This allow admin auth URIs like http://auth_host:35357/keystone/admin.
|
||||
# (where '/keystone/admin' is auth_admin_prefix)
|
||||
# Defaults to false for empty. If defined, should be a string with a leading '/' and no trailing '/'.
|
||||
#
|
||||
# [*auth_protocol*]
|
||||
# (optional) DEPRECATED Protocol to communicate with the admin authentication endpoint.
|
||||
# Defaults to 'http'. Should be 'http' or 'https'.
|
||||
#
|
||||
# [*auth_uri*]
|
||||
# (optional) Complete public Identity API endpoint.
|
||||
# Defaults to 'http://127.0.0.1:5000/'.
|
||||
#
|
||||
# [*identity_uri*]
|
||||
# (optional) Complete admin Identity API endpoint.
|
||||
# Defaults to: false
|
||||
# Defaults to 'http://127.0.0.1:35357/'.
|
||||
#
|
||||
# [*keystone_tenant*]
|
||||
# (optional) administrative tenant name to connect to keystone.
|
||||
|
@ -181,8 +165,8 @@ class glance::registry(
|
|||
$database_retry_interval = undef,
|
||||
$database_max_overflow = undef,
|
||||
$auth_type = 'keystone',
|
||||
$auth_uri = false,
|
||||
$identity_uri = false,
|
||||
$auth_uri = 'http://127.0.0.1:5000/',
|
||||
$identity_uri = 'http://127.0.0.1:35357/',
|
||||
$keystone_tenant = 'services',
|
||||
$keystone_user = 'glance',
|
||||
$pipeline = 'keystone',
|
||||
|
@ -199,11 +183,6 @@ class glance::registry(
|
|||
$os_region_name = 'RegionOne',
|
||||
$signing_dir = $::os_service_default,
|
||||
$token_cache_time = $::os_service_default,
|
||||
# DEPRECATED PARAMETERS
|
||||
$auth_host = '127.0.0.1',
|
||||
$auth_port = '35357',
|
||||
$auth_admin_prefix = false,
|
||||
$auth_protocol = 'http',
|
||||
) inherits glance {
|
||||
|
||||
include ::glance::registry::logging
|
||||
|
@ -241,61 +220,6 @@ class glance::registry(
|
|||
'glance_store/os_region_name': value => $os_region_name;
|
||||
}
|
||||
|
||||
if $identity_uri {
|
||||
glance_registry_config { 'keystone_authtoken/identity_uri': value => $identity_uri; }
|
||||
} else {
|
||||
glance_registry_config { 'keystone_authtoken/identity_uri': ensure => absent; }
|
||||
}
|
||||
|
||||
if $auth_uri {
|
||||
glance_registry_config { 'keystone_authtoken/auth_uri': value => $auth_uri; }
|
||||
} else {
|
||||
glance_registry_config { 'keystone_authtoken/auth_uri': value => "${auth_protocol}://${auth_host}:5000/"; }
|
||||
}
|
||||
|
||||
# if both auth_uri and identity_uri are set we skip these deprecated settings entirely
|
||||
if !$auth_uri or !$identity_uri {
|
||||
|
||||
if $auth_host {
|
||||
warning('The auth_host parameter is deprecated. Please use auth_uri and identity_uri instead.')
|
||||
glance_registry_config { 'keystone_authtoken/auth_host': value => $auth_host; }
|
||||
} else {
|
||||
glance_registry_config { 'keystone_authtoken/auth_host': ensure => absent; }
|
||||
}
|
||||
|
||||
if $auth_port {
|
||||
warning('The auth_port parameter is deprecated. Please use auth_uri and identity_uri instead.')
|
||||
glance_registry_config { 'keystone_authtoken/auth_port': value => $auth_port; }
|
||||
} else {
|
||||
glance_registry_config { 'keystone_authtoken/auth_port': ensure => absent; }
|
||||
}
|
||||
|
||||
if $auth_protocol {
|
||||
warning('The auth_protocol parameter is deprecated. Please use auth_uri and identity_uri instead.')
|
||||
glance_registry_config { 'keystone_authtoken/auth_protocol': value => $auth_protocol; }
|
||||
} else {
|
||||
glance_registry_config { 'keystone_authtoken/auth_protocol': ensure => absent; }
|
||||
}
|
||||
|
||||
if $auth_admin_prefix {
|
||||
warning('The auth_admin_prefix parameter is deprecated. Please use auth_uri and identity_uri instead.')
|
||||
validate_re($auth_admin_prefix, '^(/.+[^/])?$')
|
||||
glance_registry_config {
|
||||
'keystone_authtoken/auth_admin_prefix': value => $auth_admin_prefix;
|
||||
}
|
||||
} else {
|
||||
glance_registry_config { 'keystone_authtoken/auth_admin_prefix': ensure => absent; }
|
||||
}
|
||||
|
||||
} else {
|
||||
glance_registry_config {
|
||||
'keystone_authtoken/auth_host': ensure => absent;
|
||||
'keystone_authtoken/auth_port': ensure => absent;
|
||||
'keystone_authtoken/auth_protocol': ensure => absent;
|
||||
'keystone_authtoken/auth_admin_prefix': ensure => absent;
|
||||
}
|
||||
}
|
||||
|
||||
# Set the pipeline, it is allowed to be blank
|
||||
if $pipeline != '' {
|
||||
validate_re($pipeline, '^(\w+([+]\w+)*)*$')
|
||||
|
@ -316,6 +240,8 @@ class glance::registry(
|
|||
'keystone_authtoken/admin_password': value => $keystone_password, secret => true;
|
||||
'keystone_authtoken/token_cache_time': value => $token_cache_time;
|
||||
'keystone_authtoken/signing_dir': value => $signing_dir;
|
||||
'keystone_authtoken/auth_uri': value => $auth_uri;
|
||||
'keystone_authtoken/identity_uri': value => $identity_uri;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -27,9 +27,6 @@ describe 'glance::api' do
|
|||
:manage_service => true,
|
||||
:backlog => '4096',
|
||||
:workers => '7',
|
||||
:auth_host => '127.0.0.1',
|
||||
:auth_port => '35357',
|
||||
:auth_protocol => 'http',
|
||||
:keystone_tenant => 'services',
|
||||
:keystone_user => 'glance',
|
||||
:keystone_password => 'ChangeMe',
|
||||
|
@ -47,6 +44,8 @@ describe 'glance::api' do
|
|||
:os_region_name => 'RegionOne',
|
||||
:signing_dir => '<SERVICE DEFAULT>',
|
||||
:pipeline => 'keystone',
|
||||
:auth_uri => 'http://127.0.0.1:5000/',
|
||||
:identity_uri => 'http://127.0.0.1:35357/',
|
||||
}
|
||||
end
|
||||
|
||||
|
@ -64,9 +63,6 @@ describe 'glance::api' do
|
|||
:enabled => false,
|
||||
:backlog => '4095',
|
||||
:workers => '5',
|
||||
:auth_host => '127.0.0.2',
|
||||
:auth_port => '35358',
|
||||
:auth_protocol => 'https',
|
||||
:keystone_tenant => 'admin2',
|
||||
:keystone_user => 'admin2',
|
||||
:keystone_password => 'ChangeMe2',
|
||||
|
@ -82,6 +78,8 @@ describe 'glance::api' do
|
|||
:os_region_name => 'RegionOne2',
|
||||
:signing_dir => '/path/to/dir',
|
||||
:pipeline => 'keystone2',
|
||||
:auth_uri => 'http://127.0.0.1:5000/v2.0',
|
||||
:identity_uri => 'http://127.0.0.1:35357/v2.0',
|
||||
}
|
||||
].each do |param_set|
|
||||
|
||||
|
@ -157,22 +155,11 @@ describe 'glance::api' do
|
|||
is_expected.to contain_glance_api_config('DEFAULT/key_file').with_ensure('absent')
|
||||
end
|
||||
|
||||
it 'is_expected.to lay down default auth config' do
|
||||
[
|
||||
'auth_host',
|
||||
'auth_port',
|
||||
'auth_protocol'
|
||||
].each do |config|
|
||||
is_expected.to contain_glance_api_config("keystone_authtoken/#{config}").with_value(param_hash[config.intern])
|
||||
end
|
||||
end
|
||||
it { is_expected.to contain_glance_api_config('keystone_authtoken/auth_admin_prefix').with_ensure('absent') }
|
||||
|
||||
it 'is_expected.to configure itself for keystone if that is the auth_type' do
|
||||
if params[:auth_type] == 'keystone'
|
||||
is_expected.to contain('paste_deploy/flavor').with_value('keystone+cachemanagement')
|
||||
|
||||
['admin_tenant_name', 'admin_user', 'admin_password', 'token_cache_time', 'signing_dir'].each do |config|
|
||||
['admin_tenant_name', 'admin_user', 'admin_password', 'token_cache_time', 'signing_dir', 'auth_uri', 'identity_uri'].each do |config|
|
||||
is_expected.to contain_glance_api_config("keystone_authtoken/#{config}").with_value(param_hash[config.intern])
|
||||
end
|
||||
is_expected.to contain_glance_api_config('keystone_authtoken/admin_password').with_value(param_hash[:keystone_password]).with_secret(true)
|
||||
|
@ -247,38 +234,6 @@ describe 'glance::api' do
|
|||
end
|
||||
end
|
||||
|
||||
describe 'with overriden auth_admin_prefix' do
|
||||
let :params do
|
||||
{
|
||||
:keystone_password => 'ChangeMe',
|
||||
:auth_admin_prefix => '/keystone/main'
|
||||
}
|
||||
end
|
||||
|
||||
it { is_expected.to contain_glance_api_config('keystone_authtoken/auth_admin_prefix').with_value('/keystone/main') }
|
||||
end
|
||||
|
||||
[
|
||||
'/keystone/',
|
||||
'keystone/',
|
||||
'keystone',
|
||||
'/keystone/admin/',
|
||||
'keystone/admin/',
|
||||
'keystone/admin'
|
||||
].each do |auth_admin_prefix|
|
||||
describe "with auth_admin_prefix_containing incorrect value #{auth_admin_prefix}" do
|
||||
let :params do
|
||||
{
|
||||
:keystone_password => 'ChangeMe',
|
||||
:auth_admin_prefix => auth_admin_prefix
|
||||
}
|
||||
end
|
||||
|
||||
it { expect { is_expected.to contain_glance_api_config('filter:authtoken/auth_admin_prefix') }.to\
|
||||
raise_error(Puppet::Error, /validate_re\(\): "#{auth_admin_prefix}" does not match/) }
|
||||
end
|
||||
end
|
||||
|
||||
describe 'with ssl options' do
|
||||
let :params do
|
||||
default_params.merge({
|
||||
|
@ -323,7 +278,7 @@ describe 'glance::api' do
|
|||
:provider => 'shell',
|
||||
:tries => '10',
|
||||
:try_sleep => '2',
|
||||
:command => 'glance --os-auth-url http://localhost:5000/v2.0 --os-tenant-name services --os-username glance --os-password ChangeMe image-list',
|
||||
:command => 'glance --os-auth-url http://127.0.0.1:5000/ --os-tenant-name services --os-username glance --os-password ChangeMe image-list',
|
||||
)}
|
||||
|
||||
it { is_expected.to contain_anchor('create glance-api anchor').with(
|
||||
|
@ -351,47 +306,6 @@ describe 'glance::api' do
|
|||
)}
|
||||
end
|
||||
|
||||
describe 'with identity and auth settings' do
|
||||
let :params do
|
||||
{
|
||||
:keystone_password => 'ChangeMe',
|
||||
}
|
||||
end
|
||||
context 'with custom keystone identity_uri' do
|
||||
let :params do
|
||||
default_params.merge!({
|
||||
:identity_uri => 'https://foo.bar:1234/',
|
||||
})
|
||||
end
|
||||
it 'configures identity_uri' do
|
||||
is_expected.to contain_glance_api_config('keystone_authtoken/identity_uri').with_value("https://foo.bar:1234/");
|
||||
# since only identity_uri is set the deprecated auth parameters is_expected.to
|
||||
# still get set in case they are still in use
|
||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_host').with_value('127.0.0.1');
|
||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_port').with_value('35357');
|
||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_protocol').with_value('http');
|
||||
end
|
||||
end
|
||||
|
||||
context 'with custom keystone identity_uri and auth_uri' do
|
||||
let :params do
|
||||
default_params.merge!({
|
||||
:identity_uri => 'https://foo.bar:35357/',
|
||||
:auth_uri => 'https://foo.bar:5000/v2.0/',
|
||||
})
|
||||
end
|
||||
it 'configures identity_uri' do
|
||||
is_expected.to contain_glance_api_config('keystone_authtoken/identity_uri').with_value("https://foo.bar:35357/");
|
||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_uri').with_value("https://foo.bar:5000/v2.0/");
|
||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_host').with_ensure('absent')
|
||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_port').with_ensure('absent')
|
||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_protocol').with_ensure('absent')
|
||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_admin_prefix').with_ensure('absent')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
describe 'on Debian platforms' do
|
||||
let :facts do
|
||||
@default_facts.merge({
|
||||
|
|
|
@ -21,10 +21,8 @@ describe 'glance::registry' do
|
|||
:enabled => true,
|
||||
:manage_service => true,
|
||||
:auth_type => 'keystone',
|
||||
:auth_host => '127.0.0.1',
|
||||
:auth_port => '35357',
|
||||
:auth_protocol => 'http',
|
||||
:auth_uri => 'http://127.0.0.1:5000/',
|
||||
:identity_uri => 'http://127.0.0.1:35357/',
|
||||
:keystone_tenant => 'services',
|
||||
:keystone_user => 'glance',
|
||||
:keystone_password => 'ChangeMe',
|
||||
|
@ -44,10 +42,8 @@ describe 'glance::registry' do
|
|||
:workers => '5',
|
||||
:enabled => false,
|
||||
:auth_type => 'keystone',
|
||||
:auth_host => '127.0.0.1',
|
||||
:auth_port => '35357',
|
||||
:auth_protocol => 'http',
|
||||
:auth_uri => 'http://127.0.0.1:5000/',
|
||||
:auth_uri => 'http://127.0.0.1:5000/v2.0',
|
||||
:identity_uri => 'http://127.0.0.1:35357/v2.0',
|
||||
:keystone_tenant => 'admin',
|
||||
:keystone_user => 'admin',
|
||||
:keystone_password => 'ChangeMe',
|
||||
|
@ -96,13 +92,11 @@ describe 'glance::registry' do
|
|||
is_expected.to contain_glance_registry_config("DEFAULT/#{config}").with_value(param_hash[config.intern])
|
||||
end
|
||||
[
|
||||
'auth_host',
|
||||
'auth_port',
|
||||
'auth_protocol'
|
||||
'auth_uri',
|
||||
'identity_uri'
|
||||
].each do |config|
|
||||
is_expected.to contain_glance_registry_config("keystone_authtoken/#{config}").with_value(param_hash[config.intern])
|
||||
end
|
||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_admin_prefix').with_ensure('absent')
|
||||
if param_hash[:auth_type] == 'keystone'
|
||||
is_expected.to contain_glance_registry_config("paste_deploy/flavor").with_value('keystone')
|
||||
is_expected.to contain_glance_registry_config("keystone_authtoken/admin_tenant_name").with_value(param_hash[:keystone_tenant])
|
||||
|
@ -188,38 +182,6 @@ describe 'glance::registry' do
|
|||
end
|
||||
end
|
||||
|
||||
describe 'with overriden auth_admin_prefix' do
|
||||
let :params do
|
||||
{
|
||||
:keystone_password => 'ChangeMe',
|
||||
:auth_admin_prefix => '/keystone/main'
|
||||
}
|
||||
end
|
||||
|
||||
it { is_expected.to contain_glance_registry_config('keystone_authtoken/auth_admin_prefix').with_value('/keystone/main') }
|
||||
end
|
||||
|
||||
[
|
||||
'/keystone/',
|
||||
'keystone/',
|
||||
'keystone',
|
||||
'/keystone/admin/',
|
||||
'keystone/admin/',
|
||||
'keystone/admin'
|
||||
].each do |auth_admin_prefix|
|
||||
describe "with auth_admin_prefix_containing incorrect value #{auth_admin_prefix}" do
|
||||
let :params do
|
||||
{
|
||||
:keystone_password => 'ChangeMe',
|
||||
:auth_admin_prefix => auth_admin_prefix
|
||||
}
|
||||
end
|
||||
|
||||
it { expect { is_expected.to contain_glance_registry_config('filter:authtoken/auth_admin_prefix') }.to\
|
||||
raise_error(Puppet::Error, /validate_re\(\): "#{auth_admin_prefix}" does not match/) }
|
||||
end
|
||||
end
|
||||
|
||||
describe 'with ssl options' do
|
||||
let :params do
|
||||
default_params.merge({
|
||||
|
@ -236,47 +198,6 @@ describe 'glance::registry' do
|
|||
end
|
||||
end
|
||||
|
||||
|
||||
describe 'with identity and auth settings' do
|
||||
let :params do
|
||||
{
|
||||
:keystone_password => 'ChangeMe',
|
||||
}
|
||||
end
|
||||
context 'with custom keystone identity_uri' do
|
||||
before do
|
||||
params.merge!({
|
||||
:identity_uri => 'https://foo.bar:1234/',
|
||||
})
|
||||
end
|
||||
it 'configures identity_uri' do
|
||||
is_expected.to contain_glance_registry_config('keystone_authtoken/identity_uri').with_value("https://foo.bar:1234/");
|
||||
# since only auth_uri is set the deprecated auth parameters is_expected.to
|
||||
# still get set in case they are still in use
|
||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_host').with_value('127.0.0.1');
|
||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_port').with_value('35357');
|
||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_protocol').with_value('http');
|
||||
end
|
||||
end
|
||||
|
||||
context 'with custom keystone identity_uri and auth_uri' do
|
||||
before do
|
||||
params.merge!({
|
||||
:identity_uri => 'https://foo.bar:35357/',
|
||||
:auth_uri => 'https://foo.bar:5000/v2.0/',
|
||||
})
|
||||
end
|
||||
it 'configures identity_uri' do
|
||||
is_expected.to contain_glance_registry_config('keystone_authtoken/identity_uri').with_value("https://foo.bar:35357/");
|
||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_uri').with_value("https://foo.bar:5000/v2.0/");
|
||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_host').with_ensure('absent')
|
||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_port').with_ensure('absent')
|
||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_protocol').with_ensure('absent')
|
||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_admin_prefix').with_ensure('absent')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'on Debian platforms' do
|
||||
let :facts do
|
||||
@default_facts.merge({
|
||||
|
|
Loading…
Reference in New Issue