OPENSTACK_KEYSTONE_BACKEND should be configurable
In local_settings.py.erb, OPENSTACK_KEYSTONE_BACKEND is hardcoded. We needed a new parameter in the module in order to change this to be configurable. Change-Id: I3f0859cd0e73012f444191797afc076beb68d7e9 Closes-Bug: #1575227
This commit is contained in:
parent
8c593974bf
commit
7385841442
|
@ -109,6 +109,16 @@
|
|||
# 'enable_backup': Boolean to enable or disable Cinders's backup feature.
|
||||
# Defaults to False.
|
||||
#
|
||||
# [*keystone_options*]
|
||||
# (optional) A hash of parameters to enable features specific to
|
||||
# Keystone. These include:
|
||||
# 'name': String
|
||||
# 'can_edit_user': Boolean
|
||||
# 'can_edit_group': Boolean
|
||||
# 'can_edit_project': Boolean
|
||||
# 'can_edit_domain': Boolean
|
||||
# 'can_edit_role': Boolean
|
||||
#
|
||||
# [*neutron_options*]
|
||||
# (optional) A hash of parameters to enable features specific to
|
||||
# Neutron. These include:
|
||||
|
@ -330,6 +340,7 @@ class horizon(
|
|||
$compress_offline = true,
|
||||
$hypervisor_options = {},
|
||||
$cinder_options = {},
|
||||
$keystone_options = {},
|
||||
$neutron_options = {},
|
||||
$file_upload_temp_dir = '/tmp',
|
||||
$policy_files_path = undef,
|
||||
|
@ -386,6 +397,18 @@ class horizon(
|
|||
'enable_backup' => false,
|
||||
}
|
||||
|
||||
# Default options for the OPENSTACK_KEYSTONE_BACKEND section. These will
|
||||
# be merged with user-provided options when the local_settings.py.erb
|
||||
# template is interpolated.
|
||||
$keystone_defaults = {
|
||||
'name' => 'native',
|
||||
'can_edit_user' => true,
|
||||
'can_edit_group' => true,
|
||||
'can_edit_project' => true,
|
||||
'can_edit_domain' => true,
|
||||
'can_edit_role' => true,
|
||||
}
|
||||
|
||||
# Default options for the OPENSTACK_NEUTRON_NETWORK section. These will
|
||||
# be merged with user-provided options when the local_settings.py.erb
|
||||
# template is interpolated.
|
||||
|
@ -404,6 +427,7 @@ class horizon(
|
|||
|
||||
$hypervisor_options_real = merge($hypervisor_defaults,$hypervisor_options)
|
||||
$cinder_options_real = merge($cinder_defaults,$cinder_options)
|
||||
$keystone_options_real = merge($keystone_defaults, $keystone_options)
|
||||
$neutron_options_real = merge($neutron_defaults,$neutron_options)
|
||||
validate_hash($api_versions)
|
||||
|
||||
|
|
|
@ -106,6 +106,7 @@ describe 'horizon' do
|
|||
:compress_offline => false,
|
||||
:hypervisor_options => {'can_set_mount_point' => false, 'can_set_password' => true },
|
||||
:cinder_options => {'enable_backup' => true },
|
||||
:keystone_options => {'name' => 'native', 'can_edit_user' => true, 'can_edit_group' => true, 'can_edit_project' => true, 'can_edit_domain' => false, 'can_edit_role' => false},
|
||||
:neutron_options => {'enable_lb' => true, 'enable_firewall' => true, 'enable_quotas' => false, 'enable_security_group' => false, 'enable_vpn' => true,
|
||||
'enable_distributed_router' => false, 'enable_ha_router' => false, 'profile_support' => 'cisco',
|
||||
'supported_provider_types' => ['flat', 'vxlan'], 'supported_vnic_types' => ['*'], 'default_ipv4_subnet_pool_label' => 'None', },
|
||||
|
@ -144,6 +145,14 @@ describe 'horizon' do
|
|||
'OPENSTACK_KEYSTONE_URL = "https://keystone.example.com:4682"',
|
||||
'OPENSTACK_KEYSTONE_DEFAULT_ROLE = "SwiftOperator"',
|
||||
'OPENSTACK_SSL_NO_VERIFY = True',
|
||||
"OPENSTACK_KEYSTONE_BACKEND = {",
|
||||
" 'name': 'native',",
|
||||
" 'can_edit_user': True,",
|
||||
" 'can_edit_group': True,",
|
||||
" 'can_edit_project': True,",
|
||||
" 'can_edit_domain': False,",
|
||||
" 'can_edit_role': False,",
|
||||
"}",
|
||||
" 'can_set_mount_point': False,",
|
||||
" 'can_set_password': True,",
|
||||
" 'enable_backup': True,",
|
||||
|
|
|
@ -12,7 +12,7 @@ end
|
|||
|
||||
def verify_concat_fragment_contents(subject, title, expected_lines)
|
||||
content = subject.resource('concat::fragment', title).send(:parameters)[:content]
|
||||
expect(content.split("\n") & expected_lines).to eq(expected_lines)
|
||||
expect(expected_lines & content.split("\n")).to eq(expected_lines)
|
||||
end
|
||||
|
||||
at_exit { RSpec::Puppet::Coverage.report! }
|
||||
|
|
|
@ -269,14 +269,19 @@ OPENSTACK_SSL_NO_VERIFY = True
|
|||
# can_edit_user to False and name to 'ldap'.
|
||||
#
|
||||
# TODO(tres): Remove these once Keystone has an API to identify auth backend.
|
||||
<% if @keystone_options_real.kind_of?(Hash) %>
|
||||
OPENSTACK_KEYSTONE_BACKEND = {
|
||||
'name': 'native',
|
||||
'can_edit_user': True,
|
||||
'can_edit_group': True,
|
||||
'can_edit_project': True,
|
||||
'can_edit_domain': True,
|
||||
'can_edit_role': True,
|
||||
<% @keystone_options_real.sort.each do |opt_name,opt_val| -%>
|
||||
<%- if opt_val == true or opt_val == false -%>
|
||||
'<%= opt_name -%>': <%= opt_val.to_s.capitalize -%>,
|
||||
<%- elsif opt_val == 'None' -%>
|
||||
'<%= opt_name -%>': None,
|
||||
<%- else -%>
|
||||
'<%= opt_name -%>': '<%= opt_val -%>',
|
||||
<%-end-%>
|
||||
<% end -%>
|
||||
}
|
||||
<% end -%>
|
||||
|
||||
# Setting this to True, will add a new "Retrieve Password" action on instance,
|
||||
# allowing Admin session password retrieval/decryption.
|
||||
|
|
Loading…
Reference in New Issue