Merge "Add new parameter required for secure RBAC configuration"
This commit is contained in:
commit
4f39c259d2
|
@ -122,6 +122,10 @@
|
||||||
# (optional) CA certificate file to use to verify connecting clients
|
# (optional) CA certificate file to use to verify connecting clients
|
||||||
# Defaults to $::os_service_default
|
# Defaults to $::os_service_default
|
||||||
#
|
#
|
||||||
|
# [*enforce_secure_rbac*]
|
||||||
|
# (optional) Enabled enforcing authorization based on common RBAC personas.
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
# [*enabled_backends*]
|
# [*enabled_backends*]
|
||||||
# (optional) List of Key:Value pairs of store identifier and store type.
|
# (optional) List of Key:Value pairs of store identifier and store type.
|
||||||
# Example: ['swift:swift', 'ceph1:ceph', 'ceph2:ceph']
|
# Example: ['swift:swift', 'ceph1:ceph', 'ceph2:ceph']
|
||||||
|
@ -315,6 +319,7 @@ class glance::api(
|
||||||
$cert_file = $::os_service_default,
|
$cert_file = $::os_service_default,
|
||||||
$key_file = $::os_service_default,
|
$key_file = $::os_service_default,
|
||||||
$ca_file = $::os_service_default,
|
$ca_file = $::os_service_default,
|
||||||
|
$enforce_secure_rbac = $::os_service_default,
|
||||||
$enabled_backends = undef,
|
$enabled_backends = undef,
|
||||||
$default_backend = undef,
|
$default_backend = undef,
|
||||||
$container_formats = $::os_service_default,
|
$container_formats = $::os_service_default,
|
||||||
|
@ -432,6 +437,7 @@ removed in a future realse. Use glance::api::db::database_max_overflow instead')
|
||||||
'DEFAULT/location_strategy': value => $location_strategy;
|
'DEFAULT/location_strategy': value => $location_strategy;
|
||||||
'DEFAULT/scrub_time': value => $scrub_time;
|
'DEFAULT/scrub_time': value => $scrub_time;
|
||||||
'DEFAULT/delayed_delete': value => $delayed_delete;
|
'DEFAULT/delayed_delete': value => $delayed_delete;
|
||||||
|
'DEFAULT/enforce_secure_rbac': value => $enforce_secure_rbac;
|
||||||
'DEFAULT/cache_prefetcher_interval': value => $cache_prefetcher_interval;
|
'DEFAULT/cache_prefetcher_interval': value => $cache_prefetcher_interval;
|
||||||
'DEFAULT/image_cache_dir': value => $image_cache_dir;
|
'DEFAULT/image_cache_dir': value => $image_cache_dir;
|
||||||
'DEFAULT/image_cache_stall_time': value => $image_cache_stall_time;
|
'DEFAULT/image_cache_stall_time': value => $image_cache_stall_time;
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Add ``enforce_secure_rbac`` parameter to enable enforcing authorization
|
||||||
|
based on common RBAC personas.
|
|
@ -23,6 +23,7 @@ describe 'glance::api' do
|
||||||
:purge_config => false,
|
:purge_config => false,
|
||||||
:delayed_delete => '<SERVICE DEFAULT>',
|
:delayed_delete => '<SERVICE DEFAULT>',
|
||||||
:scrub_time => '<SERVICE DEFAULT>',
|
:scrub_time => '<SERVICE DEFAULT>',
|
||||||
|
:enforce_secure_rbac => '<SERVICE DEFAULT>',
|
||||||
:image_cache_dir => '/var/lib/glance/image-cache',
|
:image_cache_dir => '/var/lib/glance/image-cache',
|
||||||
:image_import_plugins => '<SERVICE DEFAULT>',
|
:image_import_plugins => '<SERVICE DEFAULT>',
|
||||||
:image_conversion_output_format => '<SERVICE DEFAULT>',
|
:image_conversion_output_format => '<SERVICE DEFAULT>',
|
||||||
|
@ -65,6 +66,7 @@ describe 'glance::api' do
|
||||||
:location_strategy => 'store_type',
|
:location_strategy => 'store_type',
|
||||||
:delayed_delete => 'true',
|
:delayed_delete => 'true',
|
||||||
:scrub_time => '10',
|
:scrub_time => '10',
|
||||||
|
:enforce_secure_rbac => 'true',
|
||||||
:image_cache_dir => '/tmp/glance',
|
:image_cache_dir => '/tmp/glance',
|
||||||
:image_import_plugins => 'image_conversion',
|
:image_import_plugins => 'image_conversion',
|
||||||
:image_conversion_output_format => 'raw',
|
:image_conversion_output_format => 'raw',
|
||||||
|
@ -125,6 +127,7 @@ describe 'glance::api' do
|
||||||
'location_strategy',
|
'location_strategy',
|
||||||
'delayed_delete',
|
'delayed_delete',
|
||||||
'scrub_time',
|
'scrub_time',
|
||||||
|
'enforce_secure_rbac',
|
||||||
'image_cache_dir',
|
'image_cache_dir',
|
||||||
'image_cache_stall_time',
|
'image_cache_stall_time',
|
||||||
'image_cache_max_size',
|
'image_cache_max_size',
|
||||||
|
|
Loading…
Reference in New Issue