Merge "Configure endpoint for Glance Glare"

This commit is contained in:
Jenkins 2016-03-24 00:11:40 +00:00 committed by Gerrit Code Review
commit 9407ebd653
3 changed files with 279 additions and 0 deletions

View File

@ -0,0 +1,104 @@
# == Class: glance::keystone::glare_auth
#
# Sets up glare users, service and endpoint for Glance Glare
#
# == Parameters:
#
# [*password*]
# Password for glare user. Required.
#
# [*email*]
# Email for glance user. Optional. Defaults to 'glare@localhost'.
#
# [*auth_name*]
# Username for glare service. Optional. Defaults to 'glare'.
#
# [*configure_endpoint*]
# Should glare endpoint be configured? Optional. Defaults to 'true'.
#
# [*configure_user*]
# Should the service user be configured? Optional. Defaults to 'true'.
#
# [*configure_user_role*]
# Should the admin role be configured for the service user?
# Optional. Defaults to 'true'.
#
# [*service_name*]
# Name of the service. Optional.
# Defaults to 'Glance Artifacts'.
#
# [*service_type*]
# Type of service. Optional. Defaults to 'artifact'.
#
# [*service_description*]
# Description for keystone service. Optional. Defaults to 'Glance Artifact Service'.
#
# [*region*]
# Region for endpoint. Optional. Defaults to 'RegionOne'.
#
# [*tenant*]
# Tenant for glare user. Optional. Defaults to 'services'.
#
# [*public_url*]
# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:9494')
# This url should *not* contain any trailing '/'.
#
# [*admin_url*]
# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:9494')
# This url should *not* contain any trailing '/'.
#
# [*internal_url*]
# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:9494')
# This url should *not* contain any trailing '/'.
#
# === Examples
#
# class { 'glance::keystone::glare_auth':
# public_url => 'https://10.0.0.10:9494',
# internal_url => 'https://10.0.0.11:9494',
# admin_url => 'https://10.0.0.11:9494',
# }
#
class glance::keystone::glare_auth(
$password,
$email = 'glare@localhost',
$auth_name = 'glare',
$configure_endpoint = true,
$configure_user = true,
$configure_user_role = true,
$service_name = 'Glance Artifacts',
$service_type = 'artifact',
$region = 'RegionOne',
$tenant = 'services',
$service_description = 'Glance Artifact Service',
$public_url = 'http://127.0.0.1:9494',
$admin_url = 'http://127.0.0.1:9494',
$internal_url = 'http://127.0.0.1:9494',
) {
$real_service_name = pick($service_name, $auth_name)
if $configure_endpoint {
Keystone_endpoint["${region}/${real_service_name}::${service_type}"] ~> Service<| title == 'glance-glare' |>
}
keystone::resource::service_identity { $auth_name:
configure_user => $configure_user,
configure_user_role => $configure_user_role,
configure_endpoint => $configure_endpoint,
service_type => $service_type,
service_description => $service_description,
service_name => $real_service_name,
region => $region,
password => $password,
email => $email,
tenant => $tenant,
public_url => $public_url,
admin_url => $admin_url,
internal_url => $internal_url,
}
if $configure_user_role {
Keystone_user_role["${auth_name}@${tenant}"] ~> Service<| title == 'glance-glare' |>
}
}

View File

@ -21,6 +21,9 @@ describe 'glance class' do
class { '::glance::keystone::auth':
password => 'a_big_secret',
}
class { '::glance::keystone::glare_auth':
password => 'a_big_secret',
}
class { '::glance::api':
database_connection => 'mysql+pymysql://glance:a_big_secret@127.0.0.1/glance?charset=utf8',
verbose => false,

View File

@ -0,0 +1,172 @@
require 'spec_helper'
describe 'glance::keystone::glare_auth' do
shared_examples_for 'glance::keystone::glare_auth' do
describe 'with defaults' do
let :params do
{:password => 'pass'}
end
it { is_expected.to contain_keystone_user('glare').with(
:ensure => 'present',
:password => 'pass'
)}
it { is_expected.to contain_keystone_user_role('glare@services').with(
:ensure => 'present',
:roles => ['admin']
) }
it { is_expected.to contain_keystone_service('Glance Artifacts::artifact').with(
:ensure => 'present',
:description => 'Glance Artifact Service'
) }
it { is_expected.to contain_keystone_endpoint('RegionOne/Glance Artifacts::artifact').with(
:ensure => 'present',
:public_url => 'http://127.0.0.1:9494',
:admin_url => 'http://127.0.0.1:9494',
:internal_url => 'http://127.0.0.1:9494'
)}
end
describe 'when auth_type, password, and service_type are overridden' do
let :params do
{
:auth_name => 'glarey',
:password => 'password',
:service_type => 'glarey'
}
end
it { is_expected.to contain_keystone_user('glarey').with(
:ensure => 'present',
:password => 'password'
)}
it { is_expected.to contain_keystone_user_role('glarey@services').with(
:ensure => 'present',
:roles => ['admin']
) }
it { is_expected.to contain_keystone_service('Glance Artifacts::glarey').with(
:ensure => 'present',
:description => 'Glance Artifact Service'
) }
end
describe 'when overriding endpoint URLs' do
let :params do
{ :password => 'passw0rd',
:region => 'RegionTwo',
:public_url => 'https://10.10.10.10:82/v2',
:internal_url => 'https://10.10.10.11:82/v2',
:admin_url => 'https://10.10.10.12:82/v2' }
end
it { is_expected.to contain_keystone_endpoint('RegionTwo/Glance Artifacts::artifact').with(
:ensure => 'present',
:public_url => 'https://10.10.10.10:82/v2',
:internal_url => 'https://10.10.10.11:82/v2',
:admin_url => 'https://10.10.10.12:82/v2'
) }
end
describe 'when endpoint is not set' do
let :params do
{
:configure_endpoint => false,
:password => 'pass',
}
end
it { is_expected.to_not contain_keystone_endpoint('RegionOne/Glance Artifacts::artifact') }
end
describe 'when disabling user configuration' do
let :params do
{
:configure_user => false,
:password => 'pass',
}
end
it { is_expected.to_not contain_keystone_user('glare') }
it { is_expected.to contain_keystone_user_role('glare@services') }
it { is_expected.to contain_keystone_service('Glance Artifacts::artifact').with(
:ensure => 'present',
:description => 'Glance Artifact Service'
) }
end
describe 'when disabling user and user role configuration' do
let :params do
{
:configure_user => false,
:configure_user_role => false,
:password => 'pass',
}
end
it { is_expected.to_not contain_keystone_user('glare') }
it { is_expected.to_not contain_keystone_user_role('glare@services') }
it { is_expected.to contain_keystone_service('Glance Artifacts::artifact').with(
:ensure => 'present',
:description => 'Glance Artifact Service'
) }
end
describe 'when configuring glance-glare and the keystone endpoint' do
let :pre_condition do
"class { 'glance::glare': keystone_password => 'test' }"
end
let :params do
{
:password => 'test',
:configure_endpoint => true
}
end
it { is_expected.to contain_keystone_endpoint('RegionOne/Glance Artifacts::artifact').with_notify(["Service[glance-glare]"]) }
end
describe 'when overriding service name' do
let :params do
{
:service_name => 'glance_service',
:password => 'pass'
}
end
it { is_expected.to contain_keystone_user('glare') }
it { is_expected.to contain_keystone_user_role('glare@services') }
it { is_expected.to contain_keystone_service('glance_service::artifact') }
it { is_expected.to contain_keystone_endpoint('RegionOne/glance_service::artifact') }
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
it_configures 'glance::keystone::glare_auth'
end
end
end