Browse Source

Merge "Add support for service_type in authtoken config"

changes/64/745264/1
Zuul 1 week ago
committed by Gerrit Code Review
parent
commit
3184e2079d
3 changed files with 17 additions and 0 deletions
  1. +7
    -0
      manifests/resource/authtoken.pp
  2. +7
    -0
      releasenotes/notes/add-authtoken-service_type-parameter-cab05db2d977f232.yaml
  3. +3
    -0
      spec/defines/keystone_resource_authtoken_spec.rb

+ 7
- 0
manifests/resource/authtoken.pp View File

@@ -212,6 +212,11 @@
# true/false
# Defaults to $::os_service_default.
#
# [*service_type*]
# (Optional) The name or type of the service as it appears in the service
# catalog. This is used to validate tokens that have restricted access rules.
# Defaults to $::os_service_default.
#
# [*interface*]
# (Optional) Interface to use for the Identity API endpoint. Valid values are
# "public", "internal" or "admin".
@@ -253,6 +258,7 @@ define keystone::resource::authtoken(
$manage_memcache_package = false,
$service_token_roles = $::os_service_default,
$service_token_roles_required = $::os_service_default,
$service_type = $::os_service_default,
$interface = $::os_service_default,
) {

@@ -327,6 +333,7 @@ define keystone::resource::authtoken(
'keystone_authtoken/insecure' => {'value' => $insecure},
'keystone_authtoken/service_token_roles' => {'value' => $service_token_roles},
'keystone_authtoken/service_token_roles_required' => {'value' => $service_token_roles_required},
'keystone_authtoken/service_type' => {'value' => $service_type},
'keystone_authtoken/interface' => {'value' => $interface},
}



+ 7
- 0
releasenotes/notes/add-authtoken-service_type-parameter-cab05db2d977f232.yaml View File

@@ -0,0 +1,7 @@
---
features:
- |
Added the service_type parameter to keystone::resource::authtoken resource.
This value should be set to the name or type of the service as it appears
in the service catalog. This is used to validate tokens that have
restricted access rules.

+ 3
- 0
spec/defines/keystone_resource_authtoken_spec.rb View File

@@ -47,6 +47,7 @@ describe 'keystone::resource::authtoken' do
is_expected.to contain_keystone_config('keystone_authtoken/region_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('keystone_authtoken/service_token_roles').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('keystone_authtoken/service_token_roles_required').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('keystone_authtoken/service_type').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('keystone_authtoken/token_cache_time').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('keystone_authtoken/interface').with_value('<SERVICE DEFAULT>')
end
@@ -79,6 +80,7 @@ describe 'keystone::resource::authtoken' do
:region_name => 'MyRegion',
:service_token_roles => 'service',
:service_token_roles_required => false,
:service_type => 'identity',
:token_cache_time => '20',
:interface => 'internal',
})
@@ -116,6 +118,7 @@ describe 'keystone::resource::authtoken' do
is_expected.to contain_keystone_config('keystone_authtoken/region_name').with_value(params[:region_name])
is_expected.to contain_keystone_config('keystone_authtoken/service_token_roles').with_value(params[:service_token_roles])
is_expected.to contain_keystone_config('keystone_authtoken/service_token_roles_required').with_value(params[:service_token_roles_required])
is_expected.to contain_keystone_config('keystone_authtoken/service_type').with_value(params[:service_type])
is_expected.to contain_keystone_config('keystone_authtoken/token_cache_time').with_value(params[:token_cache_time])
is_expected.to contain_keystone_config('keystone_authtoken/interface').with_value(params[:interface])
end


Loading…
Cancel
Save