openstack
/
puppet-keystone
Code Issues Proposed changes

federation: Use $::os_service_default by default 

... instead of undef, so that the parameters are cleared.

Change-Id: Ia3eb890e787648623ce60c7fe07cbc7ebd2b85a8
This commit is contained in:
Takashi Kajinami 2022-05-09 08:49:48 +09:00
parent afc28df75d
commit 0f826646c6
2 changed files with 28 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
manifests/federation.pp
View File

@ -7,27 +7,22 @@
# This setting ensures that keystone only sends token data back to trusted # This setting ensures that keystone only sends token data back to trusted
# servers. This is performed as a precaution, specifically to prevent man-in- # servers. This is performed as a precaution, specifically to prevent man-in-
# the-middle (MITM) attacks. # the-middle (MITM) attacks.
# Defaults to undef # Defaults to $::os_service_default
# #
# [*remote_id_attribute*] # [*remote_id_attribute*]
# (Optional) Value to be used to obtain the entity ID of the Identity # (Optional) Value to be used to obtain the entity ID of the Identity
# Provider from the environment. # Provider from the environment.
# Defaults to undef # Defaults to $::os_service_default
# #
class keystone::federation ( class keystone::federation (
$trusted_dashboards = undef, $trusted_dashboards = $::os_service_default,
$remote_id_attribute = undef, $remote_id_attribute = $::os_service_default,
) { ) {
include keystone::deps include keystone::deps
keystone_config { keystone_config {
'federation/trusted_dashboard': value => any2array($trusted_dashboards); 'federation/trusted_dashboard': value => $trusted_dashboards;
} 'federation/remote_id_attribute': value => $remote_id_attribute;
if $remote_id_attribute {
keystone_config {
'federation/remote_id_attribute': value => $remote_id_attribute;
}
} }
} }

35
spec/classes/keystone_federation_spec.rb
View File

@ -8,10 +8,27 @@ describe 'keystone::federation' do
EOS EOS
end end
let :params do shared_examples_for 'keystone::federation' do
{ :trusted_dashboards => ['http://dashboard.example.com'], context 'with defaults' do
:remote_id_attribute => 'test_attribute', it 'should configure federation options' do
} is_expected.to contain_keystone_config('federation/trusted_dashboard').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('federation/remote_id_attribute').with_value('<SERVICE DEFAULT>')
end
end
context 'with optional parameters' do
let :params do
{
:trusted_dashboards => ['http://dashboard.example.com'],
:remote_id_attribute => 'test_attribute',
}
end
it 'should configure federation options' do
is_expected.to contain_keystone_config('federation/trusted_dashboard').with_value(['http://dashboard.example.com'])
is_expected.to contain_keystone_config('federation/remote_id_attribute').with_value('test_attribute')
end
end
end end
on_supported_os({ on_supported_os({
@ -20,14 +37,6 @@ describe 'keystone::federation' do
facts.merge!(OSDefaults.get_facts({})) facts.merge!(OSDefaults.get_facts({}))
end end
context 'with optional parameters' do it_behaves_like 'keystone::federation'
it 'should set federation/trusted_dashboard' do
is_expected.to contain_keystone_config('federation/trusted_dashboard').with_value(['http://dashboard.example.com'])
end
it 'should set federation/remote_id_attribute' do
is_expected.to contain_keystone_config('federation/remote_id_attribute').with_value('test_attribute')
end
end
end end
end end