Merge "federation: Use $::os_service_default by default"
This commit is contained in:
commit
506cf7f9f6
|
@ -7,27 +7,22 @@
|
|||
# This setting ensures that keystone only sends token data back to trusted
|
||||
# servers. This is performed as a precaution, specifically to prevent man-in-
|
||||
# the-middle (MITM) attacks.
|
||||
# Defaults to undef
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*remote_id_attribute*]
|
||||
# (Optional) Value to be used to obtain the entity ID of the Identity
|
||||
# Provider from the environment.
|
||||
# Defaults to undef
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
class keystone::federation (
|
||||
$trusted_dashboards = undef,
|
||||
$remote_id_attribute = undef,
|
||||
$trusted_dashboards = $::os_service_default,
|
||||
$remote_id_attribute = $::os_service_default,
|
||||
) {
|
||||
|
||||
include keystone::deps
|
||||
|
||||
keystone_config {
|
||||
'federation/trusted_dashboard': value => any2array($trusted_dashboards);
|
||||
}
|
||||
|
||||
if $remote_id_attribute {
|
||||
keystone_config {
|
||||
'federation/remote_id_attribute': value => $remote_id_attribute;
|
||||
}
|
||||
'federation/trusted_dashboard': value => $trusted_dashboards;
|
||||
'federation/remote_id_attribute': value => $remote_id_attribute;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -8,10 +8,27 @@ describe 'keystone::federation' do
|
|||
EOS
|
||||
end
|
||||
|
||||
let :params do
|
||||
{ :trusted_dashboards => ['http://dashboard.example.com'],
|
||||
:remote_id_attribute => 'test_attribute',
|
||||
}
|
||||
shared_examples_for 'keystone::federation' do
|
||||
context 'with defaults' do
|
||||
it 'should configure federation options' do
|
||||
is_expected.to contain_keystone_config('federation/trusted_dashboard').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_keystone_config('federation/remote_id_attribute').with_value('<SERVICE DEFAULT>')
|
||||
end
|
||||
end
|
||||
|
||||
context 'with optional parameters' do
|
||||
let :params do
|
||||
{
|
||||
:trusted_dashboards => ['http://dashboard.example.com'],
|
||||
:remote_id_attribute => 'test_attribute',
|
||||
}
|
||||
end
|
||||
|
||||
it 'should configure federation options' do
|
||||
is_expected.to contain_keystone_config('federation/trusted_dashboard').with_value(['http://dashboard.example.com'])
|
||||
is_expected.to contain_keystone_config('federation/remote_id_attribute').with_value('test_attribute')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
|
@ -20,14 +37,6 @@ describe 'keystone::federation' do
|
|||
facts.merge!(OSDefaults.get_facts({}))
|
||||
end
|
||||
|
||||
context 'with optional parameters' do
|
||||
it 'should set federation/trusted_dashboard' do
|
||||
is_expected.to contain_keystone_config('federation/trusted_dashboard').with_value(['http://dashboard.example.com'])
|
||||
end
|
||||
|
||||
it 'should set federation/remote_id_attribute' do
|
||||
is_expected.to contain_keystone_config('federation/remote_id_attribute').with_value('test_attribute')
|
||||
end
|
||||
end
|
||||
it_behaves_like 'keystone::federation'
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue