Deprecate auth_uri option
Option auth_uri from group keystone_authtoken is deprecated[1]. Use option www_authenticate_uri from group keystone_authtoken. [1]https://review.openstack.org/#/c/508522/ Change-Id: I081c6f8c791ef7d4dc1d5bf8dfc2676c73e66734 Depends-On: I4c82a63baabd6b9304b302c97cd751a0103d8316 Closes-Bug: #1759098
This commit is contained in:
parent
80c58df276
commit
6b0c3d4855
@ -549,7 +549,7 @@ class glance::api(
|
|||||||
$keystone_project_name = $::glance::api::authtoken::project_name
|
$keystone_project_name = $::glance::api::authtoken::project_name
|
||||||
$keystone_username = $::glance::api::authtoken::username
|
$keystone_username = $::glance::api::authtoken::username
|
||||||
$keystone_password = $::glance::api::authtoken::password
|
$keystone_password = $::glance::api::authtoken::password
|
||||||
$auth_uri = $::glance::api::authtoken::auth_uri
|
$auth_uri = $::glance::api::authtoken::www_authenticate_uri
|
||||||
$defaults = {
|
$defaults = {
|
||||||
'glance-api' => {
|
'glance-api' => {
|
||||||
# lint:ignore:140chars
|
# lint:ignore:140chars
|
||||||
|
@ -42,7 +42,7 @@
|
|||||||
# (Optional) Authentication type to load
|
# (Optional) Authentication type to load
|
||||||
# Defaults to 'password'
|
# Defaults to 'password'
|
||||||
#
|
#
|
||||||
# [*auth_uri*]
|
# [*www_authenticate_uri*]
|
||||||
# (Optional) Complete public Identity API endpoint.
|
# (Optional) Complete public Identity API endpoint.
|
||||||
# Defaults to 'http://127.0.0.1:5000'.
|
# Defaults to 'http://127.0.0.1:5000'.
|
||||||
#
|
#
|
||||||
@ -178,6 +178,12 @@
|
|||||||
# (in seconds). Set to -1 to disable caching completely. Integer value
|
# (in seconds). Set to -1 to disable caching completely. Integer value
|
||||||
# Defaults to $::os_service_default.
|
# Defaults to $::os_service_default.
|
||||||
#
|
#
|
||||||
|
# DEPRECATED PARAMETERS
|
||||||
|
#
|
||||||
|
# [*auth_uri*]
|
||||||
|
# (Optional) Complete public Identity API endpoint.
|
||||||
|
# Defaults to undef
|
||||||
|
#
|
||||||
class glance::api::authtoken(
|
class glance::api::authtoken(
|
||||||
$username = 'glance',
|
$username = 'glance',
|
||||||
$password = $::os_service_default,
|
$password = $::os_service_default,
|
||||||
@ -188,7 +194,7 @@ class glance::api::authtoken(
|
|||||||
$insecure = $::os_service_default,
|
$insecure = $::os_service_default,
|
||||||
$auth_section = $::os_service_default,
|
$auth_section = $::os_service_default,
|
||||||
$auth_type = 'password',
|
$auth_type = 'password',
|
||||||
$auth_uri = 'http://127.0.0.1:5000',
|
$www_authenticate_uri = 'http://127.0.0.1:5000',
|
||||||
$auth_version = $::os_service_default,
|
$auth_version = $::os_service_default,
|
||||||
$cache = $::os_service_default,
|
$cache = $::os_service_default,
|
||||||
$cafile = $::os_service_default,
|
$cafile = $::os_service_default,
|
||||||
@ -213,6 +219,8 @@ class glance::api::authtoken(
|
|||||||
$manage_memcache_package = false,
|
$manage_memcache_package = false,
|
||||||
$region_name = $::os_service_default,
|
$region_name = $::os_service_default,
|
||||||
$token_cache_time = $::os_service_default,
|
$token_cache_time = $::os_service_default,
|
||||||
|
# DEPRECATED PARAMETERS
|
||||||
|
$auth_uri = undef,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
include ::glance::deps
|
include ::glance::deps
|
||||||
@ -221,12 +229,17 @@ class glance::api::authtoken(
|
|||||||
fail('Please set password for Glance service user')
|
fail('Please set password for Glance service user')
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if $auth_uri {
|
||||||
|
warning('The auth_uri parameter is deprecated. Please use www_authenticate_uri instead.')
|
||||||
|
}
|
||||||
|
$www_authenticate_uri_real = pick($auth_uri, $www_authenticate_uri)
|
||||||
|
|
||||||
keystone::resource::authtoken { 'glance_api_config':
|
keystone::resource::authtoken { 'glance_api_config':
|
||||||
username => $username,
|
username => $username,
|
||||||
password => $password,
|
password => $password,
|
||||||
project_name => $project_name,
|
project_name => $project_name,
|
||||||
auth_url => $auth_url,
|
auth_url => $auth_url,
|
||||||
auth_uri => $auth_uri,
|
www_authenticate_uri => $www_authenticate_uri_real,
|
||||||
auth_version => $auth_version,
|
auth_version => $auth_version,
|
||||||
auth_type => $auth_type,
|
auth_type => $auth_type,
|
||||||
auth_section => $auth_section,
|
auth_section => $auth_section,
|
||||||
|
@ -42,7 +42,7 @@
|
|||||||
# (Optional) Authentication type to load
|
# (Optional) Authentication type to load
|
||||||
# Defaults to 'password'.
|
# Defaults to 'password'.
|
||||||
#
|
#
|
||||||
# [*auth_uri*]
|
# [*www_authenticate_uri*]
|
||||||
# (Optional) Complete public Identity API endpoint.
|
# (Optional) Complete public Identity API endpoint.
|
||||||
# Defaults to 'http://127.0.0.1:5000'.
|
# Defaults to 'http://127.0.0.1:5000'.
|
||||||
#
|
#
|
||||||
@ -178,6 +178,12 @@
|
|||||||
# (in seconds). Set to -1 to disable caching completely. Integer value
|
# (in seconds). Set to -1 to disable caching completely. Integer value
|
||||||
# Defaults to $::os_service_default.
|
# Defaults to $::os_service_default.
|
||||||
#
|
#
|
||||||
|
# DEPRECATED PARAMETERS
|
||||||
|
#
|
||||||
|
# [*auth_uri*]
|
||||||
|
# (Optional) Complete public Identity API endpoint.
|
||||||
|
# Defaults to undef
|
||||||
|
#
|
||||||
class glance::registry::authtoken(
|
class glance::registry::authtoken(
|
||||||
$username = 'glance',
|
$username = 'glance',
|
||||||
$password = $::os_service_default,
|
$password = $::os_service_default,
|
||||||
@ -188,7 +194,7 @@ class glance::registry::authtoken(
|
|||||||
$insecure = $::os_service_default,
|
$insecure = $::os_service_default,
|
||||||
$auth_section = $::os_service_default,
|
$auth_section = $::os_service_default,
|
||||||
$auth_type = 'password',
|
$auth_type = 'password',
|
||||||
$auth_uri = 'http://127.0.0.1:5000',
|
$www_authenticate_uri = 'http://127.0.0.1:5000',
|
||||||
$auth_version = $::os_service_default,
|
$auth_version = $::os_service_default,
|
||||||
$cache = $::os_service_default,
|
$cache = $::os_service_default,
|
||||||
$cafile = $::os_service_default,
|
$cafile = $::os_service_default,
|
||||||
@ -213,6 +219,8 @@ class glance::registry::authtoken(
|
|||||||
$manage_memcache_package = false,
|
$manage_memcache_package = false,
|
||||||
$region_name = $::os_service_default,
|
$region_name = $::os_service_default,
|
||||||
$token_cache_time = $::os_service_default,
|
$token_cache_time = $::os_service_default,
|
||||||
|
# DEPRECATED PARAMETERS
|
||||||
|
$auth_uri = undef,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
include ::glance::deps
|
include ::glance::deps
|
||||||
@ -221,12 +229,17 @@ class glance::registry::authtoken(
|
|||||||
fail('Please set password for Glance service user')
|
fail('Please set password for Glance service user')
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if $auth_uri {
|
||||||
|
warning('The auth_uri parameter is deprecated. Please use www_authenticate_uri instead.')
|
||||||
|
}
|
||||||
|
$www_authenticate_uri_real = pick($auth_uri, $www_authenticate_uri)
|
||||||
|
|
||||||
keystone::resource::authtoken { 'glance_registry_config':
|
keystone::resource::authtoken { 'glance_registry_config':
|
||||||
username => $username,
|
username => $username,
|
||||||
password => $password,
|
password => $password,
|
||||||
project_name => $project_name,
|
project_name => $project_name,
|
||||||
auth_url => $auth_url,
|
auth_url => $auth_url,
|
||||||
auth_uri => $auth_uri,
|
www_authenticate_uri => $www_authenticate_uri_real,
|
||||||
auth_version => $auth_version,
|
auth_version => $auth_version,
|
||||||
auth_type => $auth_type,
|
auth_type => $auth_type,
|
||||||
auth_section => $auth_section,
|
auth_section => $auth_section,
|
||||||
|
@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
deprecations:
|
||||||
|
- auth_uri is deprecated and will be removed in a future release.
|
||||||
|
Please use www_authenticate_uri instead.
|
@ -20,7 +20,7 @@ describe 'glance::api::authtoken' do
|
|||||||
is_expected.to contain_glance_api_config('keystone_authtoken/insecure').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_glance_api_config('keystone_authtoken/insecure').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_section').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_glance_api_config('keystone_authtoken/auth_section').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_type').with_value('password')
|
is_expected.to contain_glance_api_config('keystone_authtoken/auth_type').with_value('password')
|
||||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_uri').with_value('http://127.0.0.1:5000')
|
is_expected.to contain_glance_api_config('keystone_authtoken/www_authenticate_uri').with_value('http://127.0.0.1:5000')
|
||||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_version').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_glance_api_config('keystone_authtoken/auth_version').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_glance_api_config('keystone_authtoken/cache').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_glance_api_config('keystone_authtoken/cache').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_glance_api_config('keystone_authtoken/cafile').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_glance_api_config('keystone_authtoken/cafile').with_value('<SERVICE DEFAULT>')
|
||||||
@ -50,7 +50,7 @@ describe 'glance::api::authtoken' do
|
|||||||
context 'when overriding parameters' do
|
context 'when overriding parameters' do
|
||||||
before do
|
before do
|
||||||
params.merge!({
|
params.merge!({
|
||||||
:auth_uri => 'https://10.0.0.1:9999/',
|
:www_authenticate_uri => 'https://10.0.0.1:9999/',
|
||||||
:username => 'myuser',
|
:username => 'myuser',
|
||||||
:password => 'mypasswd',
|
:password => 'mypasswd',
|
||||||
:auth_url => 'http://:127.0.0.1:35357',
|
:auth_url => 'http://:127.0.0.1:35357',
|
||||||
@ -88,7 +88,7 @@ describe 'glance::api::authtoken' do
|
|||||||
end
|
end
|
||||||
|
|
||||||
it 'configure keystone_authtoken' do
|
it 'configure keystone_authtoken' do
|
||||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_uri').with_value('https://10.0.0.1:9999/')
|
is_expected.to contain_glance_api_config('keystone_authtoken/www_authenticate_uri').with_value('https://10.0.0.1:9999/')
|
||||||
is_expected.to contain_glance_api_config('keystone_authtoken/username').with_value(params[:username])
|
is_expected.to contain_glance_api_config('keystone_authtoken/username').with_value(params[:username])
|
||||||
is_expected.to contain_glance_api_config('keystone_authtoken/password').with_value(params[:password]).with_secret(true)
|
is_expected.to contain_glance_api_config('keystone_authtoken/password').with_value(params[:password]).with_secret(true)
|
||||||
is_expected.to contain_glance_api_config('keystone_authtoken/auth_url').with_value(params[:auth_url])
|
is_expected.to contain_glance_api_config('keystone_authtoken/auth_url').with_value(params[:auth_url])
|
||||||
|
@ -20,7 +20,7 @@ describe 'glance::registry::authtoken' do
|
|||||||
is_expected.to contain_glance_registry_config('keystone_authtoken/insecure').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_glance_registry_config('keystone_authtoken/insecure').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_section').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_section').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_type').with_value('password')
|
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_type').with_value('password')
|
||||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_uri').with_value('http://127.0.0.1:5000')
|
is_expected.to contain_glance_registry_config('keystone_authtoken/www_authenticate_uri').with_value('http://127.0.0.1:5000')
|
||||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_version').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_version').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_glance_registry_config('keystone_authtoken/cache').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_glance_registry_config('keystone_authtoken/cache').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_glance_registry_config('keystone_authtoken/cafile').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_glance_registry_config('keystone_authtoken/cafile').with_value('<SERVICE DEFAULT>')
|
||||||
@ -50,7 +50,7 @@ describe 'glance::registry::authtoken' do
|
|||||||
context 'when overriding parameters' do
|
context 'when overriding parameters' do
|
||||||
before do
|
before do
|
||||||
params.merge!({
|
params.merge!({
|
||||||
:auth_uri => 'https://10.0.0.1:9999/',
|
:www_authenticate_uri => 'https://10.0.0.1:9999/',
|
||||||
:username => 'myuser',
|
:username => 'myuser',
|
||||||
:password => 'mypasswd',
|
:password => 'mypasswd',
|
||||||
:auth_url => 'http://:127.0.0.1:35357',
|
:auth_url => 'http://:127.0.0.1:35357',
|
||||||
@ -88,7 +88,7 @@ describe 'glance::registry::authtoken' do
|
|||||||
end
|
end
|
||||||
|
|
||||||
it 'configure keystone_authtoken' do
|
it 'configure keystone_authtoken' do
|
||||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_uri').with_value('https://10.0.0.1:9999/')
|
is_expected.to contain_glance_registry_config('keystone_authtoken/www_authenticate_uri').with_value('https://10.0.0.1:9999/')
|
||||||
is_expected.to contain_glance_registry_config('keystone_authtoken/username').with_value(params[:username])
|
is_expected.to contain_glance_registry_config('keystone_authtoken/username').with_value(params[:username])
|
||||||
is_expected.to contain_glance_registry_config('keystone_authtoken/password').with_value(params[:password]).with_secret(true)
|
is_expected.to contain_glance_registry_config('keystone_authtoken/password').with_value(params[:password]).with_secret(true)
|
||||||
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_url').with_value(params[:auth_url])
|
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_url').with_value(params[:auth_url])
|
||||||
|
Loading…
Reference in New Issue
Block a user