LDAP: add support to configure credential driver

Like it's the case for 'identity', add the support to configure 'credential' driver. Closes-bug: #1238103 Change-Id: I9949dcb863c23461ce5fbe5e741d09a6a77eea9a
2015-04-14 18:02:42 -04:00 · 2015-04-14 18:02:42 -04:00 · 120b20bf07
parent feacfd4251
commit 120b20bf07
2 changed files with 14 additions and 0 deletions
--- a/manifests/ldap.pp
+++ b/manifests/ldap.pp
@ -311,6 +311,10 @@
 #   Identity backend driver. (string value)
 #   Defaults to 'undef'
 #
+# [*credential_driver*]
+#   Credential backend driver. (string value)
+#   Defaults to 'undef'
+#
 # [*assignment_driver*]
 #   Assignment backend driver. (string value)
 #   Defaults to 'undef'
@ -469,6 +473,7 @@ class keystone::ldap(
  $tls_req_cert                        = undef,
  $identity_driver                     = undef,
  $assignment_driver                   = undef,
+  $credential_driver                   = undef,
  $use_pool                            = false,
  $pool_size                           = 10,
  $pool_retry_max                      = 3,
@ -677,6 +682,12 @@ class keystone::ldap(
      }
  }

+  if ($credential_driver != undef) {
+      if ! ($credential_driver =~ /^keystone.credential.backends.*Credential$/) {
+          fail('credential driver should be of the form \'keystone.credential.backends.*Credential\'')
+      }
+  }
+
  if ($tls_cacertdir != undef) {
    file { $tls_cacertdir:
      ensure => directory
@ -762,6 +773,7 @@ class keystone::ldap(
    'ldap/auth_pool_size':                       value => $auth_pool_size;
    'ldap/auth_pool_connection_lifetime':        value => $auth_pool_connection_lifetime;
    'identity/driver':                           value => $identity_driver;
+    'credential/driver':                         value => $credential_driver;
    'assignment/driver':                         value => $assignment_driver;
  }
 }
--- a/spec/classes/keystone_ldap_spec.rb
+++ b/spec/classes/keystone_ldap_spec.rb
@ -73,6 +73,7 @@ describe 'keystone::ldap' do
        :tls_cacertfile => '/etc/ssl/certs/ca-certificates.crt',
        :tls_req_cert => 'demand',
        :identity_driver => 'keystone.identity.backends.ldap.Identity',
+        :credential_driver => 'keystone.credential.backends.ldap.Credential',
        :assignment_driver => 'keystone.assignment.backends.ldap.Assignment',
        :use_pool => 'True',
        :pool_size => 20,
@ -182,6 +183,7 @@ describe 'keystone::ldap' do

      # drivers
      is_expected.to contain_keystone_config('identity/driver').with_value('keystone.identity.backends.ldap.Identity')
+      is_expected.to contain_keystone_config('credential/driver').with_value('keystone.credential.backends.ldap.Credential')
      is_expected.to contain_keystone_config('assignment/driver').with_value('keystone.assignment.backends.ldap.Assignment')
    end
  end