openstack/puppet-ironic
Code Issues Proposed changes

Merge "Add service role by default"

Browse Source
This commit is contained in:
Zuul
2025-10-13 15:30:40 +00:00
committed by Gerrit Code Review
parent 72f7d2397e 11eebb61f6
commit a8ca69c082
5 changed files with 19 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
manifests/keystone/auth.pp
View File

@@ -38,7 +38,7 @@
#
# [*roles*]
# (Optional) List of roles assigned to ironic user
# Defaults to ['admin']
# Defaults to ['admin', 'service']
#
# [*system_scope*]
# (Optional) Scope for system operations.
@@ -108,7 +108,7 @@ class ironic::keystone::auth (
String[1] $auth_name = 'ironic',
String[1] $email = 'ironic@localhost',
String[1] $tenant = 'services',
Array[String[1]] $roles = ['admin'],
Array[String[1]] $roles = ['admin', 'service'],
String[1] $system_scope = 'all',
Array[String[1]] $system_roles = [],
Boolean $configure_endpoint = true,

4
manifests/keystone/auth_inspector.pp
View File

@@ -35,7 +35,7 @@
#
# [*roles*]
# (Optional) List of roles assigned to ironic user.
# Defaults to ['admin']
# Defaults to ['admin', 'service']
#
# [*system_scope*]
# (Optional) Scope for system operations.
@@ -99,7 +99,7 @@ class ironic::keystone::auth_inspector (
String[1] $auth_name = 'ironic-inspector',
String[1] $email = 'ironic-inspector@localhost',
String[1] $tenant = 'services',
Array[String[1]] $roles = ['admin'],
Array[String[1]] $roles = ['admin', 'service'],
String[1] $system_scope = 'all',
Array[String[1]] $system_roles = [],
Boolean $configure_endpoint = true,

9
releasenotes/notes/service-role-6da29ab24deb789f.yaml Normal file
View File

@@ -0,0 +1,9 @@
---
features:
- |
The ``ironic::keystone::auth`` class now adds the ``service`` role by
default. Set the ``roles`` parameter not to add the role.
- |
The ``ironic::keystone::auth_inspector`` class now adds the ``service``
role by default. Set the ``roles`` parameter not to add the role.

6
spec/classes/ironic_keystone_auth_inspector_spec.rb
View File

@@ -41,7 +41,7 @@ describe 'ironic::keystone::auth_inspector' do
:password => 'ironic-inspector_password',
:email => 'ironic-inspector@localhost',
:tenant => 'services',
:roles => ['admin'],
:roles => ['admin', 'service'],
:system_scope => 'all',
:system_roles => [],
:public_url => 'http://127.0.0.1:5050',
@@ -56,7 +56,7 @@ describe 'ironic::keystone::auth_inspector' do
:auth_name => 'alt_ironic-inspector',
:email => 'alt_ironic-inspector@alt_localhost',
:tenant => 'alt_service',
:roles => ['admin', 'service'],
:roles => ['admin'],
:system_scope => 'alt_all',
:system_roles => ['admin', 'member', 'reader'],
:configure_endpoint => false,
@@ -85,7 +85,7 @@ describe 'ironic::keystone::auth_inspector' do
:password => 'ironic-inspector_password',
:email => 'alt_ironic-inspector@alt_localhost',
:tenant => 'alt_service',
:roles => ['admin', 'service'],
:roles => ['admin'],
:system_scope => 'alt_all',
:system_roles => ['admin', 'member', 'reader'],
:public_url => 'https://10.10.10.10:80',

6
spec/classes/ironic_keystone_auth_spec.rb
View File

@@ -40,7 +40,7 @@ describe 'ironic::keystone::auth' do
:password => 'ironic_password',
:email => 'ironic@localhost',
:tenant => 'services',
:roles => ['admin'],
:roles => ['admin', 'service'],
:system_scope => 'all',
:system_roles => [],
:public_url => 'http://127.0.0.1:6385',
@@ -55,7 +55,7 @@ describe 'ironic::keystone::auth' do
:auth_name => 'alt_ironic',
:email => 'alt_ironic@alt_localhost',
:tenant => 'alt_service',
:roles => ['admin', 'service'],
:roles => ['admin'],
:system_scope => 'alt_all',
:system_roles => ['admin', 'member', 'reader'],
:configure_endpoint => false,
@@ -84,7 +84,7 @@ describe 'ironic::keystone::auth' do
:password => 'ironic_password',
:email => 'alt_ironic@alt_localhost',
:tenant => 'alt_service',
:roles => ['admin', 'service'],
:roles => ['admin'],
:system_scope => 'alt_all',
:system_roles => ['admin', 'member', 'reader'],
:public_url => 'https://10.10.10.10:80',