Deprecate allow_insecure_clients option
The allow_insecure_clients has been deprecated[1]. [1]https://review.opendev.org/#/c/417629/ Change-Id: I1b1d1722bb56ed78436eaa9fd5b0c6b4718c7306 Closes-Bug: #1902158
This commit is contained in:
parent
a8a89d9e85
commit
3eb8b2bb15
|
@ -28,14 +28,16 @@
|
||||||
# (Optional) Password for decrypting ssl_key_file (if encrypted)
|
# (Optional) Password for decrypting ssl_key_file (if encrypted)
|
||||||
# Defaults to $::os_service_default.
|
# Defaults to $::os_service_default.
|
||||||
#
|
#
|
||||||
# [*amqp_allow_insecure_clients*]
|
|
||||||
# (Optional) Accept clients using either SSL or plain TCP
|
|
||||||
# Defaults to $::os_service_default.
|
|
||||||
#
|
|
||||||
# [*amqp_sasl_mechanisms*]
|
# [*amqp_sasl_mechanisms*]
|
||||||
# (Optional) Space separated list of acceptable SASL mechanisms
|
# (Optional) Space separated list of acceptable SASL mechanisms
|
||||||
# Defaults to $::os_service_default.
|
# Defaults to $::os_service_default.
|
||||||
#
|
#
|
||||||
|
# DEPRECATED PARAMETERS
|
||||||
|
#
|
||||||
|
# [*amqp_allow_insecure_clients*]
|
||||||
|
# (Optional) Accept clients using either SSL or plain TCP
|
||||||
|
# Defaults to undef.
|
||||||
|
#
|
||||||
class keystone::messaging::amqp(
|
class keystone::messaging::amqp(
|
||||||
$amqp_pre_settled = $::os_service_default,
|
$amqp_pre_settled = $::os_service_default,
|
||||||
$amqp_idle_timeout = $::os_service_default,
|
$amqp_idle_timeout = $::os_service_default,
|
||||||
|
@ -43,21 +45,26 @@ class keystone::messaging::amqp(
|
||||||
$amqp_ssl_cert_file = $::os_service_default,
|
$amqp_ssl_cert_file = $::os_service_default,
|
||||||
$amqp_ssl_key_file = $::os_service_default,
|
$amqp_ssl_key_file = $::os_service_default,
|
||||||
$amqp_ssl_key_password = $::os_service_default,
|
$amqp_ssl_key_password = $::os_service_default,
|
||||||
$amqp_allow_insecure_clients = $::os_service_default,
|
|
||||||
$amqp_sasl_mechanisms = $::os_service_default,
|
$amqp_sasl_mechanisms = $::os_service_default,
|
||||||
|
# DEPRECATED PARAMETERS
|
||||||
|
$amqp_allow_insecure_clients = undef,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
include keystone::deps
|
include keystone::deps
|
||||||
|
|
||||||
|
if $amqp_allow_insecure_clients != undef {
|
||||||
|
warning('The amqp_allow_insecure_clients parameter is deprecated and \
|
||||||
|
will be removed in a future release.')
|
||||||
|
}
|
||||||
|
|
||||||
oslo::messaging::amqp { 'keystone_config':
|
oslo::messaging::amqp { 'keystone_config':
|
||||||
pre_settled => $amqp_pre_settled,
|
pre_settled => $amqp_pre_settled,
|
||||||
idle_timeout => $amqp_idle_timeout,
|
idle_timeout => $amqp_idle_timeout,
|
||||||
ssl_ca_file => $amqp_ssl_ca_file,
|
ssl_ca_file => $amqp_ssl_ca_file,
|
||||||
ssl_cert_file => $amqp_ssl_cert_file,
|
ssl_cert_file => $amqp_ssl_cert_file,
|
||||||
ssl_key_file => $amqp_ssl_key_file,
|
ssl_key_file => $amqp_ssl_key_file,
|
||||||
ssl_key_password => $amqp_ssl_key_password,
|
ssl_key_password => $amqp_ssl_key_password,
|
||||||
allow_insecure_clients => $amqp_allow_insecure_clients,
|
sasl_mechanisms => $amqp_sasl_mechanisms,
|
||||||
sasl_mechanisms => $amqp_sasl_mechanisms,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
deprecations:
|
||||||
|
- allow_insecure_clients option is now deprecated for removal, the
|
||||||
|
parameter has no effect.
|
|
@ -10,7 +10,6 @@ describe 'keystone::messaging::amqp' do
|
||||||
'amqp_ssl_cert_file' => '<SERVICE DEFAULT>',
|
'amqp_ssl_cert_file' => '<SERVICE DEFAULT>',
|
||||||
'amqp_ssl_key_file' => '<SERVICE DEFAULT>',
|
'amqp_ssl_key_file' => '<SERVICE DEFAULT>',
|
||||||
'amqp_ssl_key_password' => '<SERVICE DEFAULT>',
|
'amqp_ssl_key_password' => '<SERVICE DEFAULT>',
|
||||||
'amqp_allow_insecure_clients' => '<SERVICE DEFAULT>',
|
|
||||||
'amqp_sasl_mechanisms' => '<SERVICE DEFAULT>',
|
'amqp_sasl_mechanisms' => '<SERVICE DEFAULT>',
|
||||||
)}
|
)}
|
||||||
|
|
||||||
|
@ -19,7 +18,6 @@ describe 'keystone::messaging::amqp' do
|
||||||
{
|
{
|
||||||
:amqp_pre_settled => ['rpc-cast','rpc-reply','notify'],
|
:amqp_pre_settled => ['rpc-cast','rpc-reply','notify'],
|
||||||
:amqp_idle_timeout => '100',
|
:amqp_idle_timeout => '100',
|
||||||
:amqp_allow_insecure_clients => 'yes',
|
|
||||||
:amqp_sasl_mechanisms => 'ANONYMOUS DIGEST-MD5 EXTERNAL PLAIN',
|
:amqp_sasl_mechanisms => 'ANONYMOUS DIGEST-MD5 EXTERNAL PLAIN',
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
@ -27,7 +25,6 @@ describe 'keystone::messaging::amqp' do
|
||||||
it { is_expected.to contain_class('keystone::messaging::amqp').with(
|
it { is_expected.to contain_class('keystone::messaging::amqp').with(
|
||||||
'amqp_pre_settled' => ['rpc-cast','rpc-reply','notify'],
|
'amqp_pre_settled' => ['rpc-cast','rpc-reply','notify'],
|
||||||
'amqp_idle_timeout' => '100',
|
'amqp_idle_timeout' => '100',
|
||||||
'amqp_allow_insecure_clients' => 'yes',
|
|
||||||
'amqp_sasl_mechanisms' => 'ANONYMOUS DIGEST-MD5 EXTERNAL PLAIN',
|
'amqp_sasl_mechanisms' => 'ANONYMOUS DIGEST-MD5 EXTERNAL PLAIN',
|
||||||
)}
|
)}
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue