From 0ef5303d0511eb27f078b4082e36c23e04bbe9c8 Mon Sep 17 00:00:00 2001
From: ramishra <ramishra@redhat.com>
Date: Wed, 28 Jul 2021 10:56:41 +0530
Subject: [PATCH] Add separate manifest for configuring json-rpc

When using json-rpc transport rather than the default 'oslo',
this section need to be configured for both ironic-api and
ironic-conductor.

Though rpc_transport parameter was added with change[1], the
underlying configuration needed to enable json-rpc has not
been added.

[1] https://review.opendev.org/c/openstack/puppet-ironic/+/659053

Change-Id: Ic770798955482f038f06f920747d76f5f6dfc619
---
 manifests/json_rpc.pp                         | 110 ++++++++++++++++++
 .../json-rpc-manifest-db95d2162857c54a.yaml   |   5 +
 spec/classes/ironic_json_rpc_spec.rb          |  88 ++++++++++++++
 3 files changed, 203 insertions(+)
 create mode 100644 manifests/json_rpc.pp
 create mode 100644 releasenotes/notes/json-rpc-manifest-db95d2162857c54a.yaml
 create mode 100644 spec/classes/ironic_json_rpc_spec.rb

diff --git a/manifests/json_rpc.pp b/manifests/json_rpc.pp
new file mode 100644
index 00000000..fc729045
--- /dev/null
+++ b/manifests/json_rpc.pp
@@ -0,0 +1,110 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: ironic::json_rpc
+#
+# Configure parameters for json_rpc
+#
+# === Parameters
+#
+# [*auth_strategy*]
+#   (optional) Authentication strategy used by JSON RPC.
+#   Defaults to 'keystone'
+#
+# [*http_basic_auth_user_file*]
+#   (optional) Path to Apache format user authentication file used when
+#   using auth_strategy=http_basic.
+#   Defaults to $::os_service_default
+#
+# [*host_ip*]
+#   (optional) The IP address or hostname on which JSON RPC will listen.
+#   Defaults to $::os_service_default
+#
+# [*port*]
+#   (optional) The port to use for JSON RPC'.
+#   Defaults to $::os_service_default
+#
+# [*use_ssl*]
+#   (optional) Whether to use TLS for JSON RPC'.
+#   Defaults to false
+#
+# [*auth_type*]
+#   (optional) The authentication plugin to use when connecting to json_rpc.
+#   Defaults to 'password'
+#
+# [*auth_url*]
+#   (optional) The address of the keystone api endpoint.
+#   Defaults to $::os_service_default
+#
+# [*project_name*]
+#   (optional) The Keystone project name.
+#   Defaults to 'service'
+#
+# [*username*]
+#   (optional) The admin username for ironic to connect to json_rpc.
+#   Defaults to 'ironic'.
+#
+# [*password*]
+#   (optional) The admin password for ironic to connect to json_rpc.
+#   Defaults to $::os_service_default
+#
+# [*user_domain_name*]
+#   (optional) The name of user's domain (required for Identity V3).
+#   Defaults to 'Default'
+#
+# [*project_domain_name*]
+#   (optional) The name of project's domain (required for Identity V3).
+#   Defaults to 'Default'
+#
+# [*region_name*]
+#   (optional) Region name for connecting to swift in admin context
+#   through the OpenStack Identity service.
+#   Defaults to $::os_service_default
+#
+# [*endpoint_override*]
+#   (optional) The endpoint URL for requests for this client
+#   Defaults to $::os_service_default
+#
+class ironic::json_rpc (
+  $auth_strategy             = 'keystone',
+  $http_basic_auth_user_file = $::os_service_default,
+  $host_ip                   = $::os_service_default,
+  $port                      = $::os_service_default,
+  $use_ssl                   = false,
+  $auth_type                 = 'password',
+  $auth_url                  = $::os_service_default,
+  $project_name              = 'service',
+  $username                  = 'ironic',
+  $password                  = $::os_service_default,
+  $user_domain_name          = 'Default',
+  $project_domain_name       = 'Default',
+  $endpoint_override         = $::os_service_default,
+  $region_name               = $::os_service_default,
+) {
+
+  ironic_config {
+    'json_rpc/auth_strategy':             value => $auth_strategy;
+    'json_rpc/http_basic_auth_user_file': value => $http_basic_auth_user_file;
+    'json_rpc/host_ip':                   value => $host_ip;
+    'json_rpc/port':                      value => $port;
+    'json_rpc/use_ssl':                   value => $use_ssl;
+    'json_rpc/auth_type':                 value => $auth_type;
+    'json_rpc/username':                  value => $username;
+    'json_rpc/password':                  value => $password, secret => true;
+    'json_rpc/auth_url':                  value => $auth_url;
+    'json_rpc/project_name':              value => $project_name;
+    'json_rpc/user_domain_name':          value => $user_domain_name;
+    'json_rpc/project_domain_name':       value => $project_domain_name;
+    'json_rpc/endpoint_override':         value => $endpoint_override;
+    'json_rpc/region_name':               value => $region_name;
+  }
+}
diff --git a/releasenotes/notes/json-rpc-manifest-db95d2162857c54a.yaml b/releasenotes/notes/json-rpc-manifest-db95d2162857c54a.yaml
new file mode 100644
index 00000000..86e07bd4
--- /dev/null
+++ b/releasenotes/notes/json-rpc-manifest-db95d2162857c54a.yaml
@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    New class ``ironic::json_rpc`` to set parameters for configuring json-rpc
+    has been added. Please set credentials for json-rpc using this class.
diff --git a/spec/classes/ironic_json_rpc_spec.rb b/spec/classes/ironic_json_rpc_spec.rb
new file mode 100644
index 00000000..e3fee5d1
--- /dev/null
+++ b/spec/classes/ironic_json_rpc_spec.rb
@@ -0,0 +1,88 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# Unit tests for ironic::json_rpc
+#
+
+require 'spec_helper'
+
+describe 'ironic::json_rpc' do
+
+  let :default_params do
+    { :auth_strategy => 'keystone',
+      :auth_type     => 'password',
+      :project_name  => 'service',
+      :use_ssl       => false,
+      :username      => 'ironic',
+    }
+  end
+
+  let :params do
+    {}
+  end
+
+  shared_examples_for 'ironic json_rpc configuration' do
+    let :p do
+      default_params.merge(params)
+    end
+
+    it 'configures ironic.conf' do
+      is_expected.to contain_ironic_config('json_rpc/auth_strategy').with_value(p[:auth_strategy])
+      is_expected.to contain_ironic_config('json_rpc/http_basic_auth_user_file').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_ironic_config('json_rpc/host_ip').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_ironic_config('json_rpc/port').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_ironic_config('json_rpc/use_ssl').with_value(p[:use_ssl])
+      is_expected.to contain_ironic_config('json_rpc/auth_type').with_value(p[:auth_type])
+      is_expected.to contain_ironic_config('json_rpc/auth_url').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_ironic_config('json_rpc/project_name').with_value(p[:project_name])
+      is_expected.to contain_ironic_config('json_rpc/username').with_value(p[:username])
+      is_expected.to contain_ironic_config('json_rpc/password').with_value('<SERVICE DEFAULT>').with_secret(true)
+      is_expected.to contain_ironic_config('json_rpc/user_domain_name').with_value('Default')
+      is_expected.to contain_ironic_config('json_rpc/project_domain_name').with_value('Default')
+      is_expected.to contain_ironic_config('json_rpc/endpoint_override').with_value('<SERVICE DEFAULT>')
+    end
+
+    context 'when overriding parameters' do
+      before :each do
+        params.merge!(
+          :auth_strategy     => 'http_basic',
+          :auth_type         => 'http_basic',
+          :endpoint_override => 'http://example.com',
+          :username          => 'admin',
+          :password          => 'pa$$w0rd',
+        )
+      end
+
+      it 'should replace default parameter with new value' do
+        is_expected.to contain_ironic_config('json_rpc/auth_strategy').with_value(p[:auth_strategy])
+        is_expected.to contain_ironic_config('json_rpc/auth_type').with_value(p[:auth_type])
+        is_expected.to contain_ironic_config('json_rpc/username').with_value(p[:username])
+        is_expected.to contain_ironic_config('json_rpc/password').with_value(p[:password]).with_secret(true)
+        is_expected.to contain_ironic_config('json_rpc/endpoint_override').with_value(p[:endpoint_override])
+      end
+    end
+
+  end
+
+  on_supported_os({
+    :supported_os => OSDefaults.get_supported_os
+  }).each do |os,facts|
+    context "on #{os}" do
+      let (:facts) do
+        facts.merge!(OSDefaults.get_facts())
+      end
+
+      it_behaves_like 'ironic json_rpc configuration'
+    end
+  end
+
+end