Merge "Simplify validations of domain specific backends"
This commit is contained in:
Zuul
@@ -709,35 +709,21 @@ class keystone(
|
||||
if $using_domain_config {
|
||||
validate_legacy(Stdlib::Compat::Absolute_path, 'validate_absolute_path', $domain_config_directory)
|
||||
|
||||
# Better than ensure resource. We don't want to conflict with any
|
||||
# user definition even if they don't match exactly our parameters.
|
||||
# The error catching mechanism in the provider will remind them if
|
||||
# they did something silly, like defining a file rather than a
|
||||
# directory. For the permission it's their choice.
|
||||
if (!defined(File[$domain_config_directory])) {
|
||||
file { $domain_config_directory:
|
||||
ensure => directory,
|
||||
owner => $keystone_user,
|
||||
group => $keystone_group,
|
||||
mode => '0750',
|
||||
require => Anchor['keystone::install::end'],
|
||||
}
|
||||
if $manage_service {
|
||||
File[$domain_config_directory] ~> Service[$service_name]
|
||||
}
|
||||
file { $domain_config_directory:
|
||||
ensure => directory,
|
||||
owner => $keystone_user,
|
||||
group => $keystone_group,
|
||||
mode => '0750',
|
||||
require => Anchor['keystone::install::end'],
|
||||
}
|
||||
|
||||
if $manage_service {
|
||||
File[$domain_config_directory] ~> Service[$service_name]
|
||||
}
|
||||
|
||||
keystone_config {
|
||||
'identity/domain_specific_drivers_enabled': value => true;
|
||||
'identity/domain_config_dir': value => $domain_config_directory;
|
||||
}
|
||||
# Here we want the creation to fail if the user has created those
|
||||
# resources with different values. That means that the user
|
||||
# wrongly uses using_domain_config parameter.
|
||||
ensure_resource(
|
||||
'keystone_config',
|
||||
'identity/domain_specific_drivers_enabled',
|
||||
{'value' => true}
|
||||
)
|
||||
ensure_resource(
|
||||
'keystone_config',
|
||||
'identity/domain_config_dir',
|
||||
{'value' => $domain_config_directory}
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -305,25 +305,12 @@ define keystone::ldap_backend(
|
||||
validate_legacy(Boolean, 'validate_bool', $manage_packages)
|
||||
validate_legacy(Boolean, 'validate_bool', $create_domain_entry)
|
||||
|
||||
$domain_enabled = getparam(Keystone_config['identity/domain_specific_drivers_enabled'], 'value')
|
||||
$domain_dir_enabled = getparam(Keystone_config['identity/domain_config_dir'], 'value')
|
||||
$err_msg = "You should add \"using_domain_config => true\" parameter to your Keystone class, \
|
||||
got \"${domain_enabled}\" for identity/domain_specific_drivers_enabled \
|
||||
and \"${domain_dir_enabled}\" for identity/domain_config_dir"
|
||||
|
||||
if(bool2num($domain_enabled) == 0) {
|
||||
fail($err_msg)
|
||||
if !defined(Class[keystone]) {
|
||||
fail('The keystone class should be included before this class')
|
||||
}
|
||||
|
||||
validate_legacy(Pattern[/^\/.+/], 'validate_re', $domain_dir_enabled, [$err_msg])
|
||||
|
||||
if (!defined(File[$domain_dir_enabled])) {
|
||||
ensure_resource('file', $domain_dir_enabled, {
|
||||
ensure => directory,
|
||||
owner => $::keystone::params::user,
|
||||
group => $::keystone::params::group,
|
||||
mode => '0750',
|
||||
})
|
||||
if ! $::keystone::using_domain_config {
|
||||
fail('Domain specific drivers are not enabled. Set keystone::using_domain_config to true.')
|
||||
}
|
||||
|
||||
$domain = $name
|
||||
|
||||
@@ -7,14 +7,9 @@ describe 'keystone::ldap_backend' do
|
||||
let(:title) { 'Default' }
|
||||
let(:pre_condition) do
|
||||
<<-EOM
|
||||
exec { 'restart_keystone':
|
||||
path => ['/usr/sbin', '/usr/bin', '/sbin', '/bin/'],
|
||||
command => "service ${service_name_real} restart",
|
||||
refreshonly => true,
|
||||
class { 'keystone':
|
||||
using_domain_config => true
|
||||
}
|
||||
keystone_config {'identity/domain_specific_drivers_enabled': value => true}
|
||||
keystone_config {'identity/domain_config_dir': value => '/etc/keystone/domains'}
|
||||
file {'/etc/keystone/keystone.conf': ensure => present }
|
||||
EOM
|
||||
end
|
||||
|
||||
@@ -170,9 +165,9 @@ describe 'keystone::ldap_backend' do
|
||||
end
|
||||
let(:pre_condition) do
|
||||
<<-EOM
|
||||
keystone_config {'identity/domain_specific_drivers_enabled': value => true}
|
||||
keystone_config {'identity/domain_config_dir': value => '/etc/keystone/domains'}
|
||||
file {'/etc/keystone/keystone.conf': ensure => present }
|
||||
class { 'keystone':
|
||||
using_domain_config => true
|
||||
}
|
||||
EOM
|
||||
end
|
||||
it 'should use the domain from the title' do
|
||||
@@ -183,22 +178,10 @@ describe 'keystone::ldap_backend' do
|
||||
|
||||
context 'checks' do
|
||||
let(:title) { 'domain' }
|
||||
context 'Missing identity/domain_specific_drivers_enabled' do
|
||||
context 'with domain specific drivers disabled' do
|
||||
let(:pre_condition) do
|
||||
<<-EOM
|
||||
keystone_config {'identity/domain_config_dir': value => '/etc/keystone/domains'}
|
||||
file {'/etc/keystone/keystone.conf': ensure => present }
|
||||
EOM
|
||||
end
|
||||
|
||||
it { should raise_error(Puppet::Error) }
|
||||
end
|
||||
|
||||
context 'Missing identity/domain_config_dir' do
|
||||
let(:pre_condition) do
|
||||
<<-EOM
|
||||
keystone_config {'identity/domain_specific_drivers_enabled': value => true}
|
||||
file {'/etc/keystone/keystone.conf': ensure => present }
|
||||
class { 'keystone': }
|
||||
EOM
|
||||
end
|
||||
|
||||
|
||||
Reference in New Issue
Block a user