Deprecate allow_insecure_clients option
The allow_insecure_clients has been deprecated[1]. [1]https://review.opendev.org/#/c/417629/ Change-Id: I1b1d1722bb56ed78436eaa9fd5b0c6b4718c7306 Closes-Bug: #1902158
This commit is contained in:
parent
a8a89d9e85
commit
3eb8b2bb15
|
@ -28,14 +28,16 @@
|
|||
# (Optional) Password for decrypting ssl_key_file (if encrypted)
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*amqp_allow_insecure_clients*]
|
||||
# (Optional) Accept clients using either SSL or plain TCP
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*amqp_sasl_mechanisms*]
|
||||
# (Optional) Space separated list of acceptable SASL mechanisms
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# DEPRECATED PARAMETERS
|
||||
#
|
||||
# [*amqp_allow_insecure_clients*]
|
||||
# (Optional) Accept clients using either SSL or plain TCP
|
||||
# Defaults to undef.
|
||||
#
|
||||
class keystone::messaging::amqp(
|
||||
$amqp_pre_settled = $::os_service_default,
|
||||
$amqp_idle_timeout = $::os_service_default,
|
||||
|
@ -43,21 +45,26 @@ class keystone::messaging::amqp(
|
|||
$amqp_ssl_cert_file = $::os_service_default,
|
||||
$amqp_ssl_key_file = $::os_service_default,
|
||||
$amqp_ssl_key_password = $::os_service_default,
|
||||
$amqp_allow_insecure_clients = $::os_service_default,
|
||||
$amqp_sasl_mechanisms = $::os_service_default,
|
||||
# DEPRECATED PARAMETERS
|
||||
$amqp_allow_insecure_clients = undef,
|
||||
) {
|
||||
|
||||
include keystone::deps
|
||||
|
||||
if $amqp_allow_insecure_clients != undef {
|
||||
warning('The amqp_allow_insecure_clients parameter is deprecated and \
|
||||
will be removed in a future release.')
|
||||
}
|
||||
|
||||
oslo::messaging::amqp { 'keystone_config':
|
||||
pre_settled => $amqp_pre_settled,
|
||||
idle_timeout => $amqp_idle_timeout,
|
||||
ssl_ca_file => $amqp_ssl_ca_file,
|
||||
ssl_cert_file => $amqp_ssl_cert_file,
|
||||
ssl_key_file => $amqp_ssl_key_file,
|
||||
ssl_key_password => $amqp_ssl_key_password,
|
||||
allow_insecure_clients => $amqp_allow_insecure_clients,
|
||||
sasl_mechanisms => $amqp_sasl_mechanisms,
|
||||
pre_settled => $amqp_pre_settled,
|
||||
idle_timeout => $amqp_idle_timeout,
|
||||
ssl_ca_file => $amqp_ssl_ca_file,
|
||||
ssl_cert_file => $amqp_ssl_cert_file,
|
||||
ssl_key_file => $amqp_ssl_key_file,
|
||||
ssl_key_password => $amqp_ssl_key_password,
|
||||
sasl_mechanisms => $amqp_sasl_mechanisms,
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
deprecations:
|
||||
- allow_insecure_clients option is now deprecated for removal, the
|
||||
parameter has no effect.
|
|
@ -10,7 +10,6 @@ describe 'keystone::messaging::amqp' do
|
|||
'amqp_ssl_cert_file' => '<SERVICE DEFAULT>',
|
||||
'amqp_ssl_key_file' => '<SERVICE DEFAULT>',
|
||||
'amqp_ssl_key_password' => '<SERVICE DEFAULT>',
|
||||
'amqp_allow_insecure_clients' => '<SERVICE DEFAULT>',
|
||||
'amqp_sasl_mechanisms' => '<SERVICE DEFAULT>',
|
||||
)}
|
||||
|
||||
|
@ -19,7 +18,6 @@ describe 'keystone::messaging::amqp' do
|
|||
{
|
||||
:amqp_pre_settled => ['rpc-cast','rpc-reply','notify'],
|
||||
:amqp_idle_timeout => '100',
|
||||
:amqp_allow_insecure_clients => 'yes',
|
||||
:amqp_sasl_mechanisms => 'ANONYMOUS DIGEST-MD5 EXTERNAL PLAIN',
|
||||
}
|
||||
end
|
||||
|
@ -27,7 +25,6 @@ describe 'keystone::messaging::amqp' do
|
|||
it { is_expected.to contain_class('keystone::messaging::amqp').with(
|
||||
'amqp_pre_settled' => ['rpc-cast','rpc-reply','notify'],
|
||||
'amqp_idle_timeout' => '100',
|
||||
'amqp_allow_insecure_clients' => 'yes',
|
||||
'amqp_sasl_mechanisms' => 'ANONYMOUS DIGEST-MD5 EXTERNAL PLAIN',
|
||||
)}
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue