barbican_service_user: Accept system scope credential
This change allows usage of system scope credentials in addition to project scope credentials, to use service user token when accessing Barbican API. Depends-on: https://review.opendev.org/823883 Change-Id: I836f8ca32ed8c3352e05f6ab805b6d8f311c061d
This commit is contained in:
parent
da1bde38a2
commit
24b8c76e19
|
@ -27,6 +27,10 @@
|
||||||
# (Optional) Name of domain for $project_name
|
# (Optional) Name of domain for $project_name
|
||||||
# Defaults to 'Default'
|
# Defaults to 'Default'
|
||||||
#
|
#
|
||||||
|
# [*system_scope*]
|
||||||
|
# (Optional) Scope for system operations.
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
# [*insecure*]
|
# [*insecure*]
|
||||||
# (Optional) If true, explicitly allow TLS without checking server cert
|
# (Optional) If true, explicitly allow TLS without checking server cert
|
||||||
# against any certificate authorities. WARNING: not recommended. Use with
|
# against any certificate authorities. WARNING: not recommended. Use with
|
||||||
|
@ -65,6 +69,7 @@ class glance::key_manager::barbican::service_user(
|
||||||
$project_name = 'services',
|
$project_name = 'services',
|
||||||
$user_domain_name = 'Default',
|
$user_domain_name = 'Default',
|
||||||
$project_domain_name = 'Default',
|
$project_domain_name = 'Default',
|
||||||
|
$system_scope = $::os_service_default,
|
||||||
$insecure = $::os_service_default,
|
$insecure = $::os_service_default,
|
||||||
$auth_type = 'password',
|
$auth_type = 'password',
|
||||||
$auth_version = $::os_service_default,
|
$auth_version = $::os_service_default,
|
||||||
|
@ -83,6 +88,7 @@ class glance::key_manager::barbican::service_user(
|
||||||
project_name => $project_name,
|
project_name => $project_name,
|
||||||
user_domain_name => $user_domain_name,
|
user_domain_name => $user_domain_name,
|
||||||
project_domain_name => $project_domain_name,
|
project_domain_name => $project_domain_name,
|
||||||
|
system_scope => $system_scope,
|
||||||
insecure => $insecure,
|
insecure => $insecure,
|
||||||
auth_type => $auth_type,
|
auth_type => $auth_type,
|
||||||
auth_version => $auth_version,
|
auth_version => $auth_version,
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
The ``glance::key_manager::barbican::service_user`` class now supports
|
||||||
|
the ``system_scope`` parameter.
|
|
@ -16,6 +16,7 @@ describe 'glance::key_manager::barbican::service_user' do
|
||||||
:project_name => 'services',
|
:project_name => 'services',
|
||||||
:user_domain_name => 'Default',
|
:user_domain_name => 'Default',
|
||||||
:project_domain_name => 'Default',
|
:project_domain_name => 'Default',
|
||||||
|
:system_scope => '<SERVICE DEFAULT>',
|
||||||
:insecure => '<SERVICE DEFAULT>',
|
:insecure => '<SERVICE DEFAULT>',
|
||||||
:auth_type => 'password',
|
:auth_type => 'password',
|
||||||
:auth_version => '<SERVICE DEFAULT>',
|
:auth_version => '<SERVICE DEFAULT>',
|
||||||
|
@ -35,6 +36,7 @@ describe 'glance::key_manager::barbican::service_user' do
|
||||||
:project_name => 'alt_services',
|
:project_name => 'alt_services',
|
||||||
:user_domain_name => 'Domain1',
|
:user_domain_name => 'Domain1',
|
||||||
:project_domain_name => 'Domain2',
|
:project_domain_name => 'Domain2',
|
||||||
|
:system_scope => 'all',
|
||||||
:insecure => false,
|
:insecure => false,
|
||||||
:auth_type => 'v3password',
|
:auth_type => 'v3password',
|
||||||
:auth_version => 'v3',
|
:auth_version => 'v3',
|
||||||
|
@ -53,6 +55,7 @@ describe 'glance::key_manager::barbican::service_user' do
|
||||||
:project_name => 'alt_services',
|
:project_name => 'alt_services',
|
||||||
:user_domain_name => 'Domain1',
|
:user_domain_name => 'Domain1',
|
||||||
:project_domain_name => 'Domain2',
|
:project_domain_name => 'Domain2',
|
||||||
|
:system_scope => 'all',
|
||||||
:insecure => false,
|
:insecure => false,
|
||||||
:auth_type => 'v3password',
|
:auth_type => 'v3password',
|
||||||
:auth_version => 'v3',
|
:auth_version => 'v3',
|
||||||
|
|
Loading…
Reference in New Issue