Allow customizing policy files
Horizon requires policy files placed in its own config directory to enable/disable some features according to policy rules. This change introduces capability to manage contents of each policy files so that users can inject customized rules. Change-Id: Id82f6fd416c0f563b181af66f541c850128a5778
This commit is contained in:
parent
8cbc78dcf4
commit
7b96a0bf1c
@ -33,11 +33,16 @@
|
||||
# (optional) Concurrency to retrieve response from template generator.
|
||||
# Defualts to 2
|
||||
#
|
||||
# [*policies*]
|
||||
# (optional) Set of policies to configure.
|
||||
# Defaults to undef
|
||||
#
|
||||
class horizon::dashboards::heat(
|
||||
$enable_user_pass = true,
|
||||
$policy_file = 'heat_policy.yaml',
|
||||
$template_generator_api_timeout = 60,
|
||||
$template_generator_api_parallel = 2,
|
||||
$policies = undef,
|
||||
) {
|
||||
|
||||
include horizon::deps
|
||||
@ -81,4 +86,19 @@ class horizon::dashboards::heat(
|
||||
content => template('horizon/_1699_orchestration_settings.py.erb'),
|
||||
order => '50',
|
||||
}
|
||||
|
||||
if $policies != undef {
|
||||
# The horizon::policy class should be included so that some common
|
||||
# parameters about policy management can be picked here
|
||||
if !defined(Class[horizon::policy]){
|
||||
fail('The horizon::policy class should be include in advance to customize policies')
|
||||
}
|
||||
|
||||
horizon::policy::base { $policy_file_real:
|
||||
policies => $policies,
|
||||
file_mode => $::horizon::policy::file_mode,
|
||||
file_format => $::horizon::policy::file_format,
|
||||
purge_config => $::horizon::policy::purge_config,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -32,9 +32,14 @@
|
||||
# 'enable_public_shares': Boolean
|
||||
# 'enabled_share_protocols': Array
|
||||
#
|
||||
# [*policies*]
|
||||
# (optional) Set of policies to configure.
|
||||
# Defaults to undef
|
||||
#
|
||||
class horizon::dashboards::manila(
|
||||
$policy_file = 'manila_policy.yaml',
|
||||
$manila_options = {}
|
||||
$manila_options = {},
|
||||
$policies = undef,
|
||||
) {
|
||||
|
||||
include horizon::deps
|
||||
@ -90,4 +95,19 @@ class horizon::dashboards::manila(
|
||||
content => template('horizon/_90_manila_shares.py.erb'),
|
||||
order => '50',
|
||||
}
|
||||
|
||||
if $policies != undef {
|
||||
# The horizon::policy class should be included so that some common
|
||||
# parameters about policy management can be picked here
|
||||
if !defined(Class[horizon::policy]){
|
||||
fail('The horizon::policy class should be include in advance to customize policies')
|
||||
}
|
||||
|
||||
horizon::policy::base { $policy_file_real:
|
||||
policies => $policies,
|
||||
file_mode => $::horizon::policy::file_mode,
|
||||
file_format => $::horizon::policy::file_format,
|
||||
purge_config => $::horizon::policy::purge_config,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -21,8 +21,13 @@
|
||||
# (optional) Local copy of service policy files.
|
||||
# Defaults to 'octavia_policy.yaml'
|
||||
#
|
||||
# [*policies*]
|
||||
# (optional) Set of policies to configure.
|
||||
# Defaults to undef
|
||||
#
|
||||
class horizon::dashboards::octavia(
|
||||
$policy_file = 'octavia_policy.yaml',
|
||||
$policies = undef,
|
||||
) {
|
||||
|
||||
include horizon::deps
|
||||
@ -65,4 +70,19 @@ class horizon::dashboards::octavia(
|
||||
content => template('horizon/_1499_load_balancer_settings.py.erb'),
|
||||
order => '50',
|
||||
}
|
||||
|
||||
if $policies != undef {
|
||||
# The horizon::policy class should be included so that some common
|
||||
# parameters about policy management can be picked here
|
||||
if !defined(Class[horizon::policy]){
|
||||
fail('The horizon::policy class should be include in advance to customize policies')
|
||||
}
|
||||
|
||||
horizon::policy::base { $policy_file_real:
|
||||
policies => $policies,
|
||||
file_mode => $::horizon::policy::file_mode,
|
||||
file_format => $::horizon::policy::file_format,
|
||||
purge_config => $::horizon::policy::purge_config,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -36,6 +36,11 @@ class horizon::deps {
|
||||
-> Service<| title == 'httpd' |>
|
||||
~> anchor { 'horizon::service::end': }
|
||||
|
||||
# policy config should occur in the config block
|
||||
Anchor['horizon::config::begin']
|
||||
-> Openstacklib::Policy<||>
|
||||
~> Anchor['horizon::config::end']
|
||||
|
||||
# Installation or config changes will always restart services.
|
||||
Anchor['horizon::install::end'] ~> Anchor['horizon::service::begin']
|
||||
Anchor['horizon::config::end'] ~> Anchor['horizon::service::begin']
|
||||
|
@ -706,6 +706,13 @@ and usage of a quoted value is deprecated.')
|
||||
$neutron_options_real = merge($neutron_defaults,$neutron_options)
|
||||
$instance_options_real = merge($instance_defaults,$instance_options)
|
||||
|
||||
if $policy_files_path != undef {
|
||||
validate_legacy(String, 'validate_string', $policy_files_path)
|
||||
$policy_files_path_real = $policy_files_path
|
||||
} else {
|
||||
$policy_files_path_real = $::horizon::params::policy_dir
|
||||
}
|
||||
|
||||
validate_legacy(Hash, 'validate_hash', $api_versions)
|
||||
validate_legacy(Enum['on', 'off'], 'validate_re', $password_autocomplete, [['^on$', '^off$']])
|
||||
validate_legacy(Enum['legacy', 'angular'], 'validate_re', $images_panel, [['^legacy$', '^angular$']])
|
||||
|
@ -14,6 +14,7 @@ class horizon::params {
|
||||
$config_dir = '/etc/openstack-dashboard'
|
||||
$conf_d_dir = '/etc/openstack-dashboard/local_settings.d'
|
||||
$config_file = '/etc/openstack-dashboard/local_settings'
|
||||
$policy_dir = '/etc/openstack-dashboard'
|
||||
$httpd_config_file = '/etc/httpd/conf.d/openstack-dashboard.conf'
|
||||
$httpd_listen_config_file = '/etc/httpd/conf/httpd.conf'
|
||||
$root_url = '/dashboard'
|
||||
@ -29,6 +30,7 @@ class horizon::params {
|
||||
$config_dir = '/etc/openstack-dashboard'
|
||||
$conf_d_dir = '/etc/openstack-dashboard/local_settings.d'
|
||||
$config_file = '/etc/openstack-dashboard/local_settings.py'
|
||||
$policy_dir = undef
|
||||
$httpd_listen_config_file = '/etc/apache2/ports.conf'
|
||||
$root_url = '/horizon'
|
||||
$static_path = '/var/lib'
|
||||
|
83
manifests/policy.pp
Normal file
83
manifests/policy.pp
Normal file
@ -0,0 +1,83 @@
|
||||
# == Class horizon::policy
|
||||
#
|
||||
# Manage policy files for Horizon
|
||||
#
|
||||
# == Parameters
|
||||
#
|
||||
# [*file_mode*]
|
||||
# (Optional) Permission mode for the policy file.
|
||||
# Defaults to '0640'
|
||||
#
|
||||
# [*file_format*]
|
||||
# (Optional) Format for file contents.
|
||||
# Defaults to 'yaml'.
|
||||
#
|
||||
# [*purge_config*]
|
||||
# (Optional) Whether to set only the specified policy rules in the policy
|
||||
# file.
|
||||
# Defaults to false.
|
||||
#
|
||||
# [*cinder_policies*]
|
||||
# (Optional) Set of cinder policies to configure.
|
||||
# Defaults to {}
|
||||
#
|
||||
# [*glance_policies*]
|
||||
# (Optional) Set of glance policies to configure.
|
||||
# Defaults to {}
|
||||
#
|
||||
# [*keystone_policies*]
|
||||
# (Optional) Set of keystone policies to configure.
|
||||
# Defaults to {}
|
||||
#
|
||||
# [*neutron_policies*]
|
||||
# (Optional) Set of neutron policies to configure.
|
||||
# Defaults to {}
|
||||
#
|
||||
# [*nova_policies*]
|
||||
# (Optional) Set of nova policies to configure.
|
||||
# Defaults to {}
|
||||
#
|
||||
class horizon::policy(
|
||||
# common parameters
|
||||
$file_mode = '0640',
|
||||
$file_format = 'yaml',
|
||||
$purge_config = false,
|
||||
# service specific parameters
|
||||
$cinder_policies = {},
|
||||
$glance_policies = {},
|
||||
$keystone_policies = {},
|
||||
$neutron_policies = {},
|
||||
$nova_policies = {},
|
||||
) {
|
||||
include horizon::deps
|
||||
|
||||
if !defined(Class[horizon]){
|
||||
fail('The horizon class should be included in advance')
|
||||
}
|
||||
|
||||
$policy_files = pick($::horizon::policy_files, {})
|
||||
$policy_files_default = {
|
||||
'identity' => 'keystone_policy.yaml',
|
||||
'compute' => 'nova_policy.yaml',
|
||||
'volume' => 'cinder_policy.yaml',
|
||||
'image' => 'glance_policy.yaml',
|
||||
'network' => 'neutron_policy.yaml',
|
||||
}
|
||||
$policy_files_real = merge($policy_files_default, $policy_files)
|
||||
|
||||
$policy_resources = {
|
||||
$policy_files_real['volume'] => { 'policies' => $cinder_policies },
|
||||
$policy_files_real['image'] => { 'policies' => $glance_policies },
|
||||
$policy_files_real['identity'] => { 'policies' => $keystone_policies },
|
||||
$policy_files_real['network'] => { 'policies' => $neutron_policies },
|
||||
$policy_files_real['compute'] => { 'policies' => $nova_policies },
|
||||
}
|
||||
|
||||
$policy_defaults = {
|
||||
'file_mode' => $file_mode,
|
||||
'file_format' => $file_format,
|
||||
'purge_config' => $purge_config
|
||||
}
|
||||
|
||||
create_resources('horizon::policy::base', $policy_resources, $policy_defaults)
|
||||
}
|
59
manifests/policy/base.pp
Normal file
59
manifests/policy/base.pp
Normal file
@ -0,0 +1,59 @@
|
||||
# == Define horizon::policy::base
|
||||
#
|
||||
# Manage a policy file for Horizon
|
||||
#
|
||||
# == Parameters
|
||||
#
|
||||
# [*policy_file*]
|
||||
# (Optional) Name to the policy file.
|
||||
# Defaults to $name
|
||||
#
|
||||
# [*policies*]
|
||||
# (Optional) Set of policies to configure
|
||||
#
|
||||
# [*file_mode*]
|
||||
# (Optional) Permission mode for the policy file
|
||||
# Defaults to '0640'
|
||||
#
|
||||
# [*file_format*]
|
||||
# (Optional) Format for file contents. Valid values
|
||||
# Defaults to 'yaml'.
|
||||
#
|
||||
# [*purge_config*]
|
||||
# (Optional) Whether to set only the specified policy rules in the policy
|
||||
# file.
|
||||
# Defaults to false.
|
||||
#
|
||||
define horizon::policy::base(
|
||||
$policy_file = $name,
|
||||
$policies = {},
|
||||
$file_mode = '0640',
|
||||
$file_format = 'yaml',
|
||||
$purge_config = false,
|
||||
) {
|
||||
include horizon::deps
|
||||
include horizon::params
|
||||
|
||||
validate_legacy(String, 'validate_string', $policy_file)
|
||||
|
||||
if !defined(Class[horizon]){
|
||||
fail('The horizon class should be included in advance')
|
||||
}
|
||||
|
||||
$policy_files_path = $::horizon::policy_files_path_real
|
||||
if ! $policy_files_path {
|
||||
# In Ubuntu/Debian, the default policies files are located in source
|
||||
# directories, and the path should be updated to more appropriate path
|
||||
# like /etc.
|
||||
fail('Please set the horizon::policy_files_path parameter to customize policies')
|
||||
}
|
||||
|
||||
openstacklib::policy { "${policy_files_path}/${policy_file}" :
|
||||
policies => $policies,
|
||||
file_user => $::horizon::params::wsgi_user,
|
||||
file_group => $::horizon::params::wsgi_group,
|
||||
file_mode => $file_mode,
|
||||
file_format => $file_format,
|
||||
purge_config => $purge_config
|
||||
}
|
||||
}
|
19
releasenotes/notes/policy-05bec63b1ab26902.yaml
Normal file
19
releasenotes/notes/policy-05bec63b1ab26902.yaml
Normal file
@ -0,0 +1,19 @@
|
||||
---
|
||||
features:
|
||||
- |
|
||||
The new ``horizon::policy`` class has been added. This class can be used
|
||||
to manage policy rules for the following services.
|
||||
|
||||
- ``cinder``
|
||||
- ``glance``
|
||||
- ``keystone``
|
||||
- ``neutron``
|
||||
- ``nova``
|
||||
|
||||
- |
|
||||
The new ``policies`` parameter has been added to the following classes,
|
||||
to allow customizing policiy rules for additional services.
|
||||
|
||||
- ``horizon::dashboards::heat``
|
||||
- ``horizon::dashboards::octavia``
|
||||
- ``horizon::dashboards::manila``
|
@ -91,6 +91,52 @@ eos
|
||||
context 'without the horizon class defined' do
|
||||
it { should raise_error(Puppet::Error) }
|
||||
end
|
||||
|
||||
context 'with policy customization' do
|
||||
let(:pre_condition) do
|
||||
<<-eos
|
||||
class { 'horizon':
|
||||
secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0',
|
||||
policy_files_path => '/etc/openstack-dashboard',
|
||||
}
|
||||
class { 'horizon::policy': }
|
||||
eos
|
||||
end
|
||||
|
||||
before do
|
||||
params.merge!({
|
||||
:policies => {}
|
||||
})
|
||||
end
|
||||
|
||||
it 'configures policy' do
|
||||
is_expected.to contain_horizon__policy__base('heat_policy.yaml').with(
|
||||
:policies => {},
|
||||
:file_mode => '0640',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => false,
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with policy customization but without the horizon::policy class' do
|
||||
let(:pre_condition) do
|
||||
<<-eos
|
||||
class { 'horizon':
|
||||
secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0',
|
||||
policy_files_path => '/etc/openstack-dashboard',
|
||||
}
|
||||
eos
|
||||
end
|
||||
|
||||
before do
|
||||
params.merge!({
|
||||
:policies => {}
|
||||
})
|
||||
end
|
||||
|
||||
it { should raise_error(Puppet::Error) }
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
|
@ -46,6 +46,52 @@ eos
|
||||
context 'without the horizon class defined' do
|
||||
it { should raise_error(Puppet::Error) }
|
||||
end
|
||||
|
||||
context 'with policy customization' do
|
||||
let(:pre_condition) do
|
||||
<<-eos
|
||||
class { 'horizon':
|
||||
secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0',
|
||||
policy_files_path => '/etc/openstack-dashboard',
|
||||
}
|
||||
class { 'horizon::policy': }
|
||||
eos
|
||||
end
|
||||
|
||||
before do
|
||||
params.merge!({
|
||||
:policies => {}
|
||||
})
|
||||
end
|
||||
|
||||
it 'configures policy' do
|
||||
is_expected.to contain_horizon__policy__base('manila_policy.yaml').with(
|
||||
:policies => {},
|
||||
:file_mode => '0640',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => false,
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with policy customization but without the horizon::policy class' do
|
||||
let(:pre_condition) do
|
||||
<<-eos
|
||||
class { 'horizon':
|
||||
secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0',
|
||||
policy_files_path => '/etc/openstack-dashboard',
|
||||
}
|
||||
eos
|
||||
end
|
||||
|
||||
before do
|
||||
params.merge!({
|
||||
:policies => {}
|
||||
})
|
||||
end
|
||||
|
||||
it { should raise_error(Puppet::Error) }
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
|
@ -37,6 +37,52 @@ eos
|
||||
context 'without the horizon class defined' do
|
||||
it { should raise_error(Puppet::Error) }
|
||||
end
|
||||
|
||||
context 'with policy customization' do
|
||||
let(:pre_condition) do
|
||||
<<-eos
|
||||
class { 'horizon':
|
||||
secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0',
|
||||
policy_files_path => '/etc/openstack-dashboard',
|
||||
}
|
||||
class { 'horizon::policy': }
|
||||
eos
|
||||
end
|
||||
|
||||
before do
|
||||
params.merge!({
|
||||
:policies => {}
|
||||
})
|
||||
end
|
||||
|
||||
it 'configures policy' do
|
||||
is_expected.to contain_horizon__policy__base('octavia_policy.yaml').with(
|
||||
:policies => {},
|
||||
:file_mode => '0640',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => false,
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with policy customization but without the horizon::policy class' do
|
||||
let(:pre_condition) do
|
||||
<<-eos
|
||||
class { 'horizon':
|
||||
secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0',
|
||||
policy_files_path => '/etc/openstack-dashboard',
|
||||
}
|
||||
eos
|
||||
end
|
||||
|
||||
before do
|
||||
params.merge!({
|
||||
:policies => {}
|
||||
})
|
||||
end
|
||||
|
||||
it { should raise_error(Puppet::Error) }
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
|
120
spec/classes/horizon_policy_spec.rb
Normal file
120
spec/classes/horizon_policy_spec.rb
Normal file
@ -0,0 +1,120 @@
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'horizon::policy' do
|
||||
|
||||
let :params do
|
||||
{}
|
||||
end
|
||||
|
||||
shared_examples_for 'horizon::policy' do
|
||||
|
||||
context 'with default parameters' do
|
||||
let(:pre_condition) do
|
||||
<<-eos
|
||||
class { 'horizon':
|
||||
secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0',
|
||||
policy_files_path => '/etc/openstack-dashboard'
|
||||
}
|
||||
eos
|
||||
end
|
||||
|
||||
it 'configures defaults' do
|
||||
is_expected.to contain_horizon__policy__base('cinder_policy.yaml').with(
|
||||
:file_mode => '0640',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => false,
|
||||
)
|
||||
is_expected.to contain_horizon__policy__base('glance_policy.yaml').with(
|
||||
:file_mode => '0640',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => false,
|
||||
)
|
||||
is_expected.to contain_horizon__policy__base('keystone_policy.yaml').with(
|
||||
:file_mode => '0640',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => false,
|
||||
)
|
||||
is_expected.to contain_horizon__policy__base('neutron_policy.yaml').with(
|
||||
:file_mode => '0640',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => false,
|
||||
)
|
||||
is_expected.to contain_horizon__policy__base('nova_policy.yaml').with(
|
||||
:file_mode => '0640',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => false,
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with parameters' do
|
||||
let(:pre_condition) do
|
||||
<<-eos
|
||||
class { 'horizon':
|
||||
secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0',
|
||||
policy_files_path => '/opt/openstack-dashboard',
|
||||
policy_files => {
|
||||
'identity' => 'keystone.yaml',
|
||||
'compute' => 'nova.yaml',
|
||||
'volume' => 'cinder.yaml',
|
||||
'image' => 'glance.yaml',
|
||||
'network' => 'neutron.yaml'
|
||||
}
|
||||
}
|
||||
eos
|
||||
end
|
||||
|
||||
let :params do
|
||||
{
|
||||
:file_mode => '0644',
|
||||
:purge_config => true,
|
||||
}
|
||||
end
|
||||
|
||||
it 'configures defaults' do
|
||||
is_expected.to contain_horizon__policy__base('cinder.yaml').with(
|
||||
:file_mode => '0644',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => true,
|
||||
)
|
||||
is_expected.to contain_horizon__policy__base('glance.yaml').with(
|
||||
:file_mode => '0644',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => true,
|
||||
)
|
||||
is_expected.to contain_horizon__policy__base('keystone.yaml').with(
|
||||
:file_mode => '0644',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => true,
|
||||
)
|
||||
is_expected.to contain_horizon__policy__base('neutron.yaml').with(
|
||||
:file_mode => '0644',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => true,
|
||||
)
|
||||
is_expected.to contain_horizon__policy__base('nova.yaml').with(
|
||||
:file_mode => '0644',
|
||||
:file_format => 'yaml',
|
||||
:purge_config => true,
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'without the horizon class defined' do
|
||||
it { should raise_error(Puppet::Error) }
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
:supported_os => OSDefaults.get_supported_os
|
||||
}).each do |os,facts|
|
||||
context "on #{os}" do
|
||||
let (:facts) do
|
||||
facts.merge!(OSDefaults.get_facts())
|
||||
end
|
||||
|
||||
it_behaves_like 'horizon::policy'
|
||||
end
|
||||
end
|
||||
|
||||
end
|
88
spec/defines/horizon_policy_base_spec.rb
Normal file
88
spec/defines/horizon_policy_base_spec.rb
Normal file
@ -0,0 +1,88 @@
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'horizon::policy::base' do
|
||||
let (:title) { 'keystone_policy.yaml' }
|
||||
|
||||
shared_examples 'horizon::policy::base' do
|
||||
context 'with default' do
|
||||
let :pre_condition do
|
||||
<<-eos
|
||||
class { 'horizon':
|
||||
secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0',
|
||||
policy_files_path => '/etc/openstack-dashboard'
|
||||
}
|
||||
eos
|
||||
end
|
||||
|
||||
let :params do
|
||||
{}
|
||||
end
|
||||
|
||||
it 'should configure defaults' do
|
||||
is_expected.to contain_openstacklib__policy('/etc/openstack-dashboard/keystone_policy.yaml').with(
|
||||
:policies => {},
|
||||
:file_user => platform_params[:wsgi_user],
|
||||
:file_group => platform_params[:wsgi_group],
|
||||
:file_mode => '0640',
|
||||
:purge_config => false,
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with parameters' do
|
||||
let :pre_condition do
|
||||
<<-eos
|
||||
class { 'horizon':
|
||||
secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0',
|
||||
policy_files_path => '/opt/openstack-dashboard'
|
||||
}
|
||||
eos
|
||||
end
|
||||
|
||||
let :params do
|
||||
{
|
||||
:file_mode => '0644',
|
||||
:purge_config => true,
|
||||
}
|
||||
end
|
||||
|
||||
it 'should configure defaults' do
|
||||
is_expected.to contain_openstacklib__policy('/opt/openstack-dashboard/keystone_policy.yaml').with(
|
||||
:policies => {},
|
||||
:file_user => platform_params[:wsgi_user],
|
||||
:file_group => platform_params[:wsgi_group],
|
||||
:file_mode => '0644',
|
||||
:purge_config => true,
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'without the horizon class defined' do
|
||||
it { should raise_error(Puppet::Error) }
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
:supported_os => OSDefaults.get_supported_os
|
||||
}).each do |os,facts|
|
||||
context "on #{os}" do
|
||||
let (:facts) do
|
||||
facts.merge!(OSDefaults.get_facts())
|
||||
end
|
||||
|
||||
let (:platform_params) do
|
||||
case facts[:osfamily]
|
||||
when 'Debian'
|
||||
{ :wsgi_user => 'horizon',
|
||||
:wsgi_group => 'horizon' }
|
||||
when 'RedHat'
|
||||
{ :wsgi_user => 'apache',
|
||||
:wsgi_group => 'apache' }
|
||||
end
|
||||
end
|
||||
|
||||
it_behaves_like 'horizon::policy::base'
|
||||
end
|
||||
end
|
||||
|
||||
end
|
@ -672,10 +672,8 @@ DEFAULT_THEME = '<%= @default_theme %>'
|
||||
|
||||
# Path to directory containing policy.json files
|
||||
#POLICY_FILES_PATH = os.path.join(ROOT_PATH, "conf")
|
||||
<% if !(@policy_files_path.nil?) %>
|
||||
POLICY_FILES_PATH = '<%= @policy_files_path %>'
|
||||
<% elsif @osfamily == 'RedHat' %>
|
||||
POLICY_FILES_PATH = '/etc/openstack-dashboard'
|
||||
<% if !(@policy_files_path_real.nil?) -%>
|
||||
POLICY_FILES_PATH = '<%= @policy_files_path_real %>'
|
||||
<% end -%>
|
||||
|
||||
# Map of local copy of service policy files.
|
||||
|
Loading…
x
Reference in New Issue
Block a user