Improve heat::keystone::domain

- change resource names so that autorequire works - enable to skip Keystone resource management Change-Id: I9078be31f26e454e0686debcefa070721767a581
2015-10-27 15:46:34 +01:00 · 2015-10-27 15:46:34 +01:00 · e7c472d053
commit e7c472d053
parent aede7c5c91
2 changed files with 47 additions and 18 deletions
--- a/manifests/keystone/domain.pp
+++ b/manifests/keystone/domain.pp
@ -22,6 +22,14 @@
 #   can already manage it.
 #   Defaults to 'true'.
 #
+# [*manage_user*]
+#   Whether manage or not the user creation.
+#   Defaults to 'true'.
+#
+# [*manage_role*]
+#   Whether manage or not the user role creation.
+#   Defaults to 'true'.
+#
 # === Deprecated Parameters
 #
 # [*auth_url*]
@ -42,6 +50,8 @@ class heat::keystone::domain (
  $domain_admin_email = 'heat_admin@localhost',
  $domain_password    = 'changeme',
  $manage_domain      = true,
+  $manage_user        = true,
+  $manage_role        = true,
  # DEPRECATED PARAMETERS
  $auth_url           = undef,
  $keystone_admin     = undef,
@ -66,23 +76,24 @@ class heat::keystone::domain (
  }

  if $manage_domain {
-    ensure_resource('keystone_domain', 'heat_domain', {
+    ensure_resource('keystone_domain', $domain_name, {
      'ensure'  => 'present',
      'enabled' => true,
-      'name'    => $domain_name
    })
  }
-  ensure_resource('keystone_user', 'heat_domain_admin', {
-    'ensure'   => 'present',
-    'enabled'  => true,
-    'name'     => $domain_admin,
-    'email'    => $domain_admin_email,
-    'password' => $domain_password,
-    'domain'   => $domain_name,
-  })
-  ensure_resource('keystone_user_role', "${domain_admin}::${domain_name}@::${domain_name}", {
-    'roles' => ['admin'],
-  })
+  if $manage_user {
+    ensure_resource('keystone_user', "${domain_admin}::${domain_name}", {
+      'ensure'   => 'present',
+      'enabled'  => true,
+      'email'    => $domain_admin_email,
+      'password' => $domain_password,
+    })
+  }
+  if $manage_role {
+    ensure_resource('keystone_user_role', "${domain_admin}::${domain_name}@::${domain_name}", {
+      'roles' => ['admin'],
+    })
+  }

  heat_config {
    'DEFAULT/stack_domain_admin':          value => $domain_admin;
--- a/spec/classes/heat_keystone_domain_spec.rb
+++ b/spec/classes/heat_keystone_domain_spec.rb
@ -19,21 +19,19 @@ describe 'heat::keystone::domain' do
    end

    it 'should create keystone domain' do
-      is_expected.to contain_keystone_domain('heat_domain').with(
+      is_expected.to contain_keystone_domain(params[:domain_name]).with(
        :ensure  => 'present',
        :enabled => 'true',
        :name    => params[:domain_name]
      )

-      is_expected.to contain_keystone_user('heat_domain_admin').with(
+      is_expected.to contain_keystone_user("#{params[:domain_admin]}::#{params[:domain_name]}").with(
        :ensure   => 'present',
        :enabled  => 'true',
-        :name     => params[:domain_admin],
        :email    => params[:domain_admin_email],
        :password => params[:domain_password],
-        :domain   => params[:domain_name],
      )
-      is_expected.to contain_keystone_user_role('heat_admin::heat@::heat').with(
+      is_expected.to contain_keystone_user_role("#{params[:domain_admin]}::#{params[:domain_name]}@::#{params[:domain_name]}").with(
        :roles => ['admin'],
      )
    end
@ -47,6 +45,26 @@ describe 'heat::keystone::domain' do

      it { is_expected.to_not contain_keystone_domain('heat_domain') }
    end
+
+    context 'when not managing the user creation' do
+      before do
+        params.merge!(
+          :manage_user => false
+        )
+      end
+
+      it { is_expected.to_not contain_keystone_user("#{params[:domain_admin]}::#{params[:domain_name]}") }
+    end
+
+    context 'when not managing the user role creation' do
+      before do
+        params.merge!(
+          :manage_role => false
+        )
+      end
+
+      it { is_expected.to_not contain_keystone_user_role("#{params[:domain_admin]}::#{params[:domain_name]}@::#{params[:domain_name]}") }
+    end
  end