federation: Use $::os_service_default by default
... instead of undef, so that the parameters are cleared. Change-Id: Ia3eb890e787648623ce60c7fe07cbc7ebd2b85a8
This commit is contained in:
parent
afc28df75d
commit
0f826646c6
|
@ -7,27 +7,22 @@
|
||||||
# This setting ensures that keystone only sends token data back to trusted
|
# This setting ensures that keystone only sends token data back to trusted
|
||||||
# servers. This is performed as a precaution, specifically to prevent man-in-
|
# servers. This is performed as a precaution, specifically to prevent man-in-
|
||||||
# the-middle (MITM) attacks.
|
# the-middle (MITM) attacks.
|
||||||
# Defaults to undef
|
# Defaults to $::os_service_default
|
||||||
#
|
#
|
||||||
# [*remote_id_attribute*]
|
# [*remote_id_attribute*]
|
||||||
# (Optional) Value to be used to obtain the entity ID of the Identity
|
# (Optional) Value to be used to obtain the entity ID of the Identity
|
||||||
# Provider from the environment.
|
# Provider from the environment.
|
||||||
# Defaults to undef
|
# Defaults to $::os_service_default
|
||||||
#
|
#
|
||||||
class keystone::federation (
|
class keystone::federation (
|
||||||
$trusted_dashboards = undef,
|
$trusted_dashboards = $::os_service_default,
|
||||||
$remote_id_attribute = undef,
|
$remote_id_attribute = $::os_service_default,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
include keystone::deps
|
include keystone::deps
|
||||||
|
|
||||||
keystone_config {
|
keystone_config {
|
||||||
'federation/trusted_dashboard': value => any2array($trusted_dashboards);
|
'federation/trusted_dashboard': value => $trusted_dashboards;
|
||||||
}
|
'federation/remote_id_attribute': value => $remote_id_attribute;
|
||||||
|
|
||||||
if $remote_id_attribute {
|
|
||||||
keystone_config {
|
|
||||||
'federation/remote_id_attribute': value => $remote_id_attribute;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,10 +8,27 @@ describe 'keystone::federation' do
|
||||||
EOS
|
EOS
|
||||||
end
|
end
|
||||||
|
|
||||||
let :params do
|
shared_examples_for 'keystone::federation' do
|
||||||
{ :trusted_dashboards => ['http://dashboard.example.com'],
|
context 'with defaults' do
|
||||||
:remote_id_attribute => 'test_attribute',
|
it 'should configure federation options' do
|
||||||
}
|
is_expected.to contain_keystone_config('federation/trusted_dashboard').with_value('<SERVICE DEFAULT>')
|
||||||
|
is_expected.to contain_keystone_config('federation/remote_id_attribute').with_value('<SERVICE DEFAULT>')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with optional parameters' do
|
||||||
|
let :params do
|
||||||
|
{
|
||||||
|
:trusted_dashboards => ['http://dashboard.example.com'],
|
||||||
|
:remote_id_attribute => 'test_attribute',
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'should configure federation options' do
|
||||||
|
is_expected.to contain_keystone_config('federation/trusted_dashboard').with_value(['http://dashboard.example.com'])
|
||||||
|
is_expected.to contain_keystone_config('federation/remote_id_attribute').with_value('test_attribute')
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
on_supported_os({
|
on_supported_os({
|
||||||
|
@ -20,14 +37,6 @@ describe 'keystone::federation' do
|
||||||
facts.merge!(OSDefaults.get_facts({}))
|
facts.merge!(OSDefaults.get_facts({}))
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'with optional parameters' do
|
it_behaves_like 'keystone::federation'
|
||||||
it 'should set federation/trusted_dashboard' do
|
|
||||||
is_expected.to contain_keystone_config('federation/trusted_dashboard').with_value(['http://dashboard.example.com'])
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'should set federation/remote_id_attribute' do
|
|
||||||
is_expected.to contain_keystone_config('federation/remote_id_attribute').with_value('test_attribute')
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue