Merge "Configure endpoint for Glance Glare"
This commit is contained in:
commit
9407ebd653
104
manifests/keystone/glare_auth.pp
Normal file
104
manifests/keystone/glare_auth.pp
Normal file
@ -0,0 +1,104 @@
|
||||
# == Class: glance::keystone::glare_auth
|
||||
#
|
||||
# Sets up glare users, service and endpoint for Glance Glare
|
||||
#
|
||||
# == Parameters:
|
||||
#
|
||||
# [*password*]
|
||||
# Password for glare user. Required.
|
||||
#
|
||||
# [*email*]
|
||||
# Email for glance user. Optional. Defaults to 'glare@localhost'.
|
||||
#
|
||||
# [*auth_name*]
|
||||
# Username for glare service. Optional. Defaults to 'glare'.
|
||||
#
|
||||
# [*configure_endpoint*]
|
||||
# Should glare endpoint be configured? Optional. Defaults to 'true'.
|
||||
#
|
||||
# [*configure_user*]
|
||||
# Should the service user be configured? Optional. Defaults to 'true'.
|
||||
#
|
||||
# [*configure_user_role*]
|
||||
# Should the admin role be configured for the service user?
|
||||
# Optional. Defaults to 'true'.
|
||||
#
|
||||
# [*service_name*]
|
||||
# Name of the service. Optional.
|
||||
# Defaults to 'Glance Artifacts'.
|
||||
#
|
||||
# [*service_type*]
|
||||
# Type of service. Optional. Defaults to 'artifact'.
|
||||
#
|
||||
# [*service_description*]
|
||||
# Description for keystone service. Optional. Defaults to 'Glance Artifact Service'.
|
||||
#
|
||||
# [*region*]
|
||||
# Region for endpoint. Optional. Defaults to 'RegionOne'.
|
||||
#
|
||||
# [*tenant*]
|
||||
# Tenant for glare user. Optional. Defaults to 'services'.
|
||||
#
|
||||
# [*public_url*]
|
||||
# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:9494')
|
||||
# This url should *not* contain any trailing '/'.
|
||||
#
|
||||
# [*admin_url*]
|
||||
# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:9494')
|
||||
# This url should *not* contain any trailing '/'.
|
||||
#
|
||||
# [*internal_url*]
|
||||
# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:9494')
|
||||
# This url should *not* contain any trailing '/'.
|
||||
#
|
||||
# === Examples
|
||||
#
|
||||
# class { 'glance::keystone::glare_auth':
|
||||
# public_url => 'https://10.0.0.10:9494',
|
||||
# internal_url => 'https://10.0.0.11:9494',
|
||||
# admin_url => 'https://10.0.0.11:9494',
|
||||
# }
|
||||
#
|
||||
class glance::keystone::glare_auth(
|
||||
$password,
|
||||
$email = 'glare@localhost',
|
||||
$auth_name = 'glare',
|
||||
$configure_endpoint = true,
|
||||
$configure_user = true,
|
||||
$configure_user_role = true,
|
||||
$service_name = 'Glance Artifacts',
|
||||
$service_type = 'artifact',
|
||||
$region = 'RegionOne',
|
||||
$tenant = 'services',
|
||||
$service_description = 'Glance Artifact Service',
|
||||
$public_url = 'http://127.0.0.1:9494',
|
||||
$admin_url = 'http://127.0.0.1:9494',
|
||||
$internal_url = 'http://127.0.0.1:9494',
|
||||
) {
|
||||
|
||||
$real_service_name = pick($service_name, $auth_name)
|
||||
|
||||
if $configure_endpoint {
|
||||
Keystone_endpoint["${region}/${real_service_name}::${service_type}"] ~> Service<| title == 'glance-glare' |>
|
||||
}
|
||||
|
||||
keystone::resource::service_identity { $auth_name:
|
||||
configure_user => $configure_user,
|
||||
configure_user_role => $configure_user_role,
|
||||
configure_endpoint => $configure_endpoint,
|
||||
service_type => $service_type,
|
||||
service_description => $service_description,
|
||||
service_name => $real_service_name,
|
||||
region => $region,
|
||||
password => $password,
|
||||
email => $email,
|
||||
tenant => $tenant,
|
||||
public_url => $public_url,
|
||||
admin_url => $admin_url,
|
||||
internal_url => $internal_url,
|
||||
}
|
||||
|
||||
if $configure_user_role {
|
||||
Keystone_user_role["${auth_name}@${tenant}"] ~> Service<| title == 'glance-glare' |>
|
||||
}
|
||||
}
|
@ -21,6 +21,9 @@ describe 'glance class' do
|
||||
class { '::glance::keystone::auth':
|
||||
password => 'a_big_secret',
|
||||
}
|
||||
class { '::glance::keystone::glare_auth':
|
||||
password => 'a_big_secret',
|
||||
}
|
||||
class { '::glance::api':
|
||||
database_connection => 'mysql+pymysql://glance:a_big_secret@127.0.0.1/glance?charset=utf8',
|
||||
verbose => false,
|
||||
|
172
spec/classes/glance_keystone_glare_auth_spec.rb
Normal file
172
spec/classes/glance_keystone_glare_auth_spec.rb
Normal file
@ -0,0 +1,172 @@
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'glance::keystone::glare_auth' do
|
||||
|
||||
shared_examples_for 'glance::keystone::glare_auth' do
|
||||
describe 'with defaults' do
|
||||
|
||||
let :params do
|
||||
{:password => 'pass'}
|
||||
end
|
||||
|
||||
it { is_expected.to contain_keystone_user('glare').with(
|
||||
:ensure => 'present',
|
||||
:password => 'pass'
|
||||
)}
|
||||
|
||||
it { is_expected.to contain_keystone_user_role('glare@services').with(
|
||||
:ensure => 'present',
|
||||
:roles => ['admin']
|
||||
) }
|
||||
|
||||
it { is_expected.to contain_keystone_service('Glance Artifacts::artifact').with(
|
||||
:ensure => 'present',
|
||||
:description => 'Glance Artifact Service'
|
||||
) }
|
||||
|
||||
it { is_expected.to contain_keystone_endpoint('RegionOne/Glance Artifacts::artifact').with(
|
||||
:ensure => 'present',
|
||||
:public_url => 'http://127.0.0.1:9494',
|
||||
:admin_url => 'http://127.0.0.1:9494',
|
||||
:internal_url => 'http://127.0.0.1:9494'
|
||||
)}
|
||||
|
||||
end
|
||||
|
||||
describe 'when auth_type, password, and service_type are overridden' do
|
||||
|
||||
let :params do
|
||||
{
|
||||
:auth_name => 'glarey',
|
||||
:password => 'password',
|
||||
:service_type => 'glarey'
|
||||
}
|
||||
end
|
||||
|
||||
it { is_expected.to contain_keystone_user('glarey').with(
|
||||
:ensure => 'present',
|
||||
:password => 'password'
|
||||
)}
|
||||
|
||||
it { is_expected.to contain_keystone_user_role('glarey@services').with(
|
||||
:ensure => 'present',
|
||||
:roles => ['admin']
|
||||
) }
|
||||
|
||||
it { is_expected.to contain_keystone_service('Glance Artifacts::glarey').with(
|
||||
:ensure => 'present',
|
||||
:description => 'Glance Artifact Service'
|
||||
) }
|
||||
|
||||
end
|
||||
|
||||
describe 'when overriding endpoint URLs' do
|
||||
let :params do
|
||||
{ :password => 'passw0rd',
|
||||
:region => 'RegionTwo',
|
||||
:public_url => 'https://10.10.10.10:82/v2',
|
||||
:internal_url => 'https://10.10.10.11:82/v2',
|
||||
:admin_url => 'https://10.10.10.12:82/v2' }
|
||||
end
|
||||
|
||||
it { is_expected.to contain_keystone_endpoint('RegionTwo/Glance Artifacts::artifact').with(
|
||||
:ensure => 'present',
|
||||
:public_url => 'https://10.10.10.10:82/v2',
|
||||
:internal_url => 'https://10.10.10.11:82/v2',
|
||||
:admin_url => 'https://10.10.10.12:82/v2'
|
||||
) }
|
||||
end
|
||||
|
||||
describe 'when endpoint is not set' do
|
||||
|
||||
let :params do
|
||||
{
|
||||
:configure_endpoint => false,
|
||||
:password => 'pass',
|
||||
}
|
||||
end
|
||||
|
||||
it { is_expected.to_not contain_keystone_endpoint('RegionOne/Glance Artifacts::artifact') }
|
||||
end
|
||||
|
||||
describe 'when disabling user configuration' do
|
||||
let :params do
|
||||
{
|
||||
:configure_user => false,
|
||||
:password => 'pass',
|
||||
}
|
||||
end
|
||||
|
||||
it { is_expected.to_not contain_keystone_user('glare') }
|
||||
|
||||
it { is_expected.to contain_keystone_user_role('glare@services') }
|
||||
|
||||
it { is_expected.to contain_keystone_service('Glance Artifacts::artifact').with(
|
||||
:ensure => 'present',
|
||||
:description => 'Glance Artifact Service'
|
||||
) }
|
||||
end
|
||||
|
||||
describe 'when disabling user and user role configuration' do
|
||||
let :params do
|
||||
{
|
||||
:configure_user => false,
|
||||
:configure_user_role => false,
|
||||
:password => 'pass',
|
||||
}
|
||||
end
|
||||
|
||||
it { is_expected.to_not contain_keystone_user('glare') }
|
||||
|
||||
it { is_expected.to_not contain_keystone_user_role('glare@services') }
|
||||
|
||||
it { is_expected.to contain_keystone_service('Glance Artifacts::artifact').with(
|
||||
:ensure => 'present',
|
||||
:description => 'Glance Artifact Service'
|
||||
) }
|
||||
end
|
||||
|
||||
describe 'when configuring glance-glare and the keystone endpoint' do
|
||||
let :pre_condition do
|
||||
"class { 'glance::glare': keystone_password => 'test' }"
|
||||
end
|
||||
|
||||
let :params do
|
||||
{
|
||||
:password => 'test',
|
||||
:configure_endpoint => true
|
||||
}
|
||||
end
|
||||
|
||||
it { is_expected.to contain_keystone_endpoint('RegionOne/Glance Artifacts::artifact').with_notify(["Service[glance-glare]"]) }
|
||||
end
|
||||
|
||||
describe 'when overriding service name' do
|
||||
|
||||
let :params do
|
||||
{
|
||||
:service_name => 'glance_service',
|
||||
:password => 'pass'
|
||||
}
|
||||
end
|
||||
|
||||
it { is_expected.to contain_keystone_user('glare') }
|
||||
it { is_expected.to contain_keystone_user_role('glare@services') }
|
||||
it { is_expected.to contain_keystone_service('glance_service::artifact') }
|
||||
it { is_expected.to contain_keystone_endpoint('RegionOne/glance_service::artifact') }
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
:supported_os => OSDefaults.get_supported_os
|
||||
}).each do |os,facts|
|
||||
context "on #{os}" do
|
||||
let (:facts) do
|
||||
facts.merge!(OSDefaults.get_facts())
|
||||
end
|
||||
|
||||
it_configures 'glance::keystone::glare_auth'
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue
Block a user