policy.json: Allow one to manage them from the puppet module
This commit allow a deployer to manage the policies via this module It relies on augeas to change only the policy needed. The init takes a hash of policies and apply them. Change-Id: I8bd71a740294394009b2ad581121a9999956b5d0
This commit is contained in:
parent
1c50fa5c9b
commit
a8b26db75a
|
@ -90,8 +90,10 @@ class ironic::api (
|
|||
) {
|
||||
|
||||
include ironic::params
|
||||
include ironic::policy
|
||||
|
||||
Ironic_config<||> ~> Service['ironic-api']
|
||||
Class['ironic::policy'] ~> Service['ironic-api']
|
||||
|
||||
# Configure ironic.conf
|
||||
ironic_config {
|
||||
|
@ -102,6 +104,7 @@ class ironic::api (
|
|||
|
||||
# Install package
|
||||
if $::ironic::params::api_package {
|
||||
Package['ironic-api'] -> Class['ironic::policy']
|
||||
Package['ironic-api'] -> Service['ironic-api']
|
||||
Package['ironic-api'] -> Ironic_config<||>
|
||||
package { 'ironic-api':
|
||||
|
|
|
@ -0,0 +1,29 @@
|
|||
# == Class: ironic::policy
|
||||
#
|
||||
# Configure the ironic policies
|
||||
#
|
||||
# === Parameters
|
||||
#
|
||||
# [*policies*]
|
||||
# (optional) Set of policies to configure for ironic
|
||||
# Example : { 'ironic-context_is_admin' => {'context_is_admin' => 'true'}, 'ironic-default' => {'default' => 'rule:admin_or_owner'} }
|
||||
# Defaults to empty hash.
|
||||
#
|
||||
# [*policy_path*]
|
||||
# (optional) Path to the ironic policy.json file
|
||||
# Defaults to /etc/ironic/policy.json
|
||||
#
|
||||
class ironic::policy (
|
||||
$policies = {},
|
||||
$policy_path = '/etc/ironic/policy.json',
|
||||
) {
|
||||
|
||||
validate_hash($policies)
|
||||
|
||||
Openstacklib::Policy::Base {
|
||||
file_path => $policy_path,
|
||||
}
|
||||
|
||||
create_resources('openstacklib::policy::base', $policies)
|
||||
|
||||
}
|
|
@ -42,6 +42,7 @@ describe 'ironic::api' do
|
|||
end
|
||||
|
||||
it { should contain_class('ironic::params') }
|
||||
it { should contain_class('ironic::policy') }
|
||||
|
||||
it 'installs ironic api package' do
|
||||
if platform_params.has_key?(:api_package)
|
||||
|
|
|
@ -0,0 +1,41 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe 'ironic::policy' do
|
||||
|
||||
shared_examples_for 'ironic policies' do
|
||||
let :params do
|
||||
{
|
||||
:policy_path => '/etc/ironic/policy.json',
|
||||
:policies => {
|
||||
'context_is_admin' => {
|
||||
'key' => 'context_is_admin',
|
||||
'value' => 'foo:bar'
|
||||
}
|
||||
}
|
||||
}
|
||||
end
|
||||
|
||||
it 'set up the policies' do
|
||||
should contain_openstacklib__policy__base('context_is_admin').with({
|
||||
:key => 'context_is_admin',
|
||||
:value => 'foo:bar'
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
context 'on Debian platforms' do
|
||||
let :facts do
|
||||
{ :osfamily => 'Debian' }
|
||||
end
|
||||
|
||||
it_configures 'ironic policies'
|
||||
end
|
||||
|
||||
context 'on RedHat platforms' do
|
||||
let :facts do
|
||||
{ :osfamily => 'RedHat' }
|
||||
end
|
||||
|
||||
it_configures 'ironic policies'
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue