openstack
/
puppet-keystone
Code Issues Proposed changes

Convert to rspec-puppet-facts and cleanup docs/testing 

This converts some more testing to rspec-puppet-facts
so there is only these three missing now until done:

* keystone_init_spec.rb
* keystone_federation_identity_provider_spec.rb
* keystone_ldap_spec.rb

Also does cleanup of some formatting for documentation
and testing specs.

Change-Id: Ifd74aa8cedf630d98f9e12ab276300409a68eecd
This commit is contained in:
Tobias Urdin 2020-02-03 23:17:58 +01:00
parent bc1ff1d7cb
commit 7def56f92f
25 changed files with 288 additions and 376 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
manifests/cron/fernet_rotate.pp
View File

@ -19,43 +19,49 @@
#
# === Parameters
#
# [*ensure*]
# (optional) Defaults to present.
# Valid values are present, absent.
# [*ensure*]
# (Optional) Valid values are present, absent.
# Defaults to 'present'
#
# [*minute*]
# (optional) Defaults to '1'.
# [*minute*]
# (Optional) Minute.
# Defaults to '1'
#
# [*hour*]
# (optional) Defaults to '0'.
# [*hour*]
# (Optional) Hour.
# Defaults to '0'
#
# [*monthday*]
# (optional) Defaults to '*'.
# [*monthday*]
# (Optional) Day of month.
# Defaults to '*'
#
# [*month*]
# (optional) Defaults to '*'.
# [*month*]
# (Optional) Month.
# Defaults to '*'.
#
# [*weekday*]
# (optional) Defaults to '*'.
# [*weekday*]
# (Optional) Day of week.
# Defaults to '*'
#
# [*maxdelay*]
# (optional) Seconds. Defaults to 0. Should be a positive integer.
# Induces a random delay before running the cronjob to avoid running all
# cron jobs at the same time on all hosts this job is configured.
# [*maxdelay*]
# (Optional) Max random delay, should be a positive integer.
# Induces a random delay before running the cronjob to avoid running all
# cron jobs at the same time on all hosts this job is configured.
# Defaults to 0
#
# [*user*]
# (optional) Defaults to 'keystone'.
# Allow to run the crontab on behalf any user.
# [*user*]
# (Optional) Allow to run the crontab on behalf any user.
# Defaults to 'keystone'
#
class keystone::cron::fernet_rotate (
$ensure = present,
$minute = 1,
$hour = 0,
$monthday = '*',
$month = '*',
$weekday = '*',
$maxdelay = 0,
$user = 'keystone',
$ensure = present,
$minute = 1,
$hour = 0,
$monthday = '*',
$month = '*',
$weekday = '*',
$maxdelay = 0,
$user = 'keystone',
) {
include keystone::deps

52
manifests/cron/token_flush.pp
View File

@ -21,37 +21,43 @@
#
# === Parameters
#
# [*ensure*]
# (optional) Defaults to present.
# Valid values are present, absent.
# [*ensure*]
# (Optional) Valid values are present, absent.
# Defaults to 'present'
#
# [*minute*]
# (optional) Defaults to '1'.
# [*minute*]
# (Optional) Minute.
# Defaults to '1'
#
# [*hour*]
# (optional) Defaults to *.
# [*hour*]
# (Optional) Hour.
# Defaults to *
#
# [*monthday*]
# (optional) Defaults to '*'.
# [*monthday*]
# (Optional) Day of month.
# Defaults to '*'
#
# [*month*]
# (optional) Defaults to '*'.
# [*month*]
# (Optional) Month.
# Defaults to '*'
#
# [*weekday*]
# (optional) Defaults to '*'.
# [*weekday*]
# (Optional) Day of week.
# Defaults to '*'
#
# [*maxdelay*]
# (optional) Seconds. Defaults to 0. Should be a positive integer.
# Induces a random delay before running the cronjob to avoid running all
# cron jobs at the same time on all hosts this job is configured.
# [*maxdelay*]
# (Optional) Max random delay in seconds. Should be a positive integer.
# Induces a random delay before running the cronjob to avoid running all
# cron jobs at the same time on all hosts this job is configured.
# Defaults to 0
#
# [*destination*]
# (optional) Path to file to which rows should be archived
# Defaults to '/var/log/keystone/keystone-tokenflush.log'.
# [*destination*]
# (Optional) Path to file to which rows should be archived
# Defaults to '/var/log/keystone/keystone-tokenflush.log'
#
# [*user*]
# (optional) Defaults to 'keystone'.
# Allow to run the crontab on behalf any user.
# [*user*]
# (Optional) Allow to run the crontab on behalf any user.
# Defaults to 'keystone'
#
class keystone::cron::token_flush (
$ensure = present,

2
manifests/db.pp
View File

@ -1,4 +1,4 @@
# class: keystone::db
# Class: keystone::db
#
# Configure the Keystone database
#

8
manifests/federation.pp
View File

@ -1,22 +1,24 @@
# == class: keystone::federation
# == Class: keystone::federation
#
# == Parameters
#
# [*trusted_dashboards*]
# (optional) URL list of trusted horizon servers.
# (Optional) URL list of trusted horizon servers.
# This setting ensures that keystone only sends token data back to trusted
# servers. This is performed as a precaution, specifically to prevent man-in-
# the-middle (MITM) attacks.
# Defaults to undef
#
# [*remote_id_attribute*]
# (optional) Value to be used to obtain the entity ID of the Identity
# (Optional) Value to be used to obtain the entity ID of the Identity
# Provider from the environment.
# Defaults to undef
#
class keystone::federation (
$trusted_dashboards = undef,
$remote_id_attribute = undef,
) {
include keystone::deps
keystone_config {

2
manifests/federation/identity_provider.pp
View File

@ -1,4 +1,4 @@
# == class: keystone::federation::identity_provider
# == Class: keystone::federation::identity_provider
#
# == Parameters
#

2
manifests/federation/mellon.pp
View File

@ -1,4 +1,4 @@
# == class: keystone::federation::mellon
# == Class: keystone::federation::mellon
#
# == Parameters
#

2
manifests/federation/openidc.pp
View File

@ -1,4 +1,4 @@
# == class: keystone::federation::openidc [70/1473]
# == Class: keystone::federation::openidc
#
# == Parameters
#

2
manifests/federation/shibboleth.pp
View File

@ -1,4 +1,4 @@
# == class: keystone::federation::shibboleth
# == Class: keystone::federation::shibboleth
#
# == Parameters
#

6
manifests/ldap.pp
View File

@ -1,8 +1,8 @@
# == class: keystone::ldap
# == Class: keystone::ldap
#
# Implements ldap configuration for keystone.
#
# === parameters:
# === Parameters:
#
# [*url*]
# URL for connecting to the LDAP server. (string value)
@ -354,8 +354,6 @@
# LDAP support packages.
# Defaults to true.
#
# == Dependencies
# == Examples
# == Authors
#
# Dan Bode dan@puppetlabs.com

47
manifests/security_compliance.pp
View File

@ -1,58 +1,59 @@
# == class: keystone::security_compliance
# == Class: keystone::security_compliance
#
# Security compliance features for keystone, specifically to satisfy
# Payment Card Industry - Data Security Standard (PCI-DSS) v3.1 requirements.
#
# === parameters:
# === Parameters:
#
# [*change_password_upon_first_use*]
# Enabling this option requires users to change their password when the user
# is created, or upon administrative reset. (Boolean value)
# (Optional) Enabling this option requires users to change their password
# when the user is created, or upon administrative reset. (Boolean value)
# Defaults to $::os_service_default
#
# [*disable_user_account_days_inactive*]
# The maximum number of days a user can go without authenticating before
# being considered "inactive" and automatically disabled (locked). (Integer
# value)
# (Optional) The maximum number of days a user can go without authenticating
# before being considered "inactive" and automatically disabled (locked).
# (Integer value)
# Defaults to $::os_service_default
#
# [*lockout_duration*]
# The number of seconds a user account will be locked when the maximum number
# of failed authentication attempts (as specified by `[security_compliance]
# lockout_failure_attempts`) is exceeded. (Integer value)
# (Optional) The number of seconds a user account will be locked when the
# maximum number of failed authentication attempts (as specified by
# `[security_compliance] lockout_failure_attempts`) is exceeded.
# (Integer value)
# Defaults to $::os_service_default
#
# [*lockout_failure_attempts*]
# The maximum number of times that a user can fail to authenticate before the
# user account is locked for the number of seconds specified by
# (Optional) The maximum number of times that a user can fail to authenticate
# before the user account is locked for the number of seconds specified by
# `[security_compliance] lockout_duration`. (Integer value)
# Defaults to $::os_service_default
#
# [*minimum_password_age*]
# The number of days that a password must be used before the user can change
# it. This prevents users from changing their passwords immediately in order
# to wipe out their password history and reuse an old password. (Integer
# value)
# (Optional) The number of days that a password must be used before the user
# can change it. This prevents users from changing their passwords immediately
# in order to wipe out their password history and reuse an old password.
# (Integer value)
# Defaults to $::os_service_default
#
# [*password_expires_days*]
# The number of days for which a password will be considered valid before
# requiring it to be changed. (Integer value)
# (Optional) The number of days for which a password will be considered valid
# before requiring it to be changed. (Integer value)
# Defaults to $::os_service_default
#
# [*password_regex*]
# The regular expression used to validate password strength requirements. By
# default, the regular expression will match any password. (String value)
# (Optional) The regular expression used to validate password strength requirements.
# By default, the regular expression will match any password. (String value)
# Defaults to $::os_service_default
#
# [*password_regex_description*]
# Describe your password regular expression here in language for humans.
# (Optional) Describe your password regular expression here in language for humans.
# (String value)
# Defaults to $::os_service_default
#
# [*unique_last_password_count*]
# This controls the number of previous user password iterations to keep in
# history, in order to enforce that newly created passwords are unique.
# (Optional) This controls the number of previous user password iterations to keep
# in history, in order to enforce that newly created passwords are unique.
# (Integer value)
# Defaults to $::os_service_default
#

6
spec/classes/keystone_config_spec.rb
View File

@ -9,7 +9,7 @@ describe 'keystone::config' do
}
end
shared_examples_for 'keystone_config' do
shared_examples 'keystone_config' do
let :params do
{ :keystone_config => config_hash }
end
@ -24,14 +24,14 @@ describe 'keystone::config' do
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
it_configures 'keystone_config'
it_behaves_like 'keystone_config'
end
end
end

8
spec/classes/keystone_cors_spec.rb
View File

@ -1,8 +1,7 @@
require 'spec_helper'
describe 'keystone::cors' do
shared_examples_for 'keystone cors' do
shared_examples 'keystone::cors' do
it 'configure cors default params' do
is_expected.to contain_keystone_config('cors/allowed_origin').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('cors/allow_credentials').with_value('<SERVICE DEFAULT>')
@ -35,15 +34,14 @@ describe 'keystone::cors' do
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
it_configures 'keystone cors'
it_behaves_like 'keystone::cors'
end
end
end

115
spec/classes/keystone_cron_fernet_rotate_spec.rb
View File

@ -1,105 +1,66 @@
require 'spec_helper'
describe 'keystone::cron::fernet_rotate' do
let :facts do
OSDefaults.get_facts({ :osfamily => 'Debian' })
end
let :params do
{ :ensure => 'present',
:minute => 1,
:hour => 0,
:monthday => '*',
:month => '*',
:weekday => '*',
:maxdelay => 0,
}
end
describe 'with default parameters' do
it 'configures a cron' do
is_expected.to contain_cron('keystone-manage fernet_rotate').with(
:ensure => params[:ensure],
:command => "keystone-manage fernet_rotate",
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystone',
:minute => params[:minute],
:hour => params[:hour],
:monthday => params[:monthday],
:month => params[:month],
:weekday => params[:weekday],
:require => 'Anchor[keystone::service::end]',
)
end
end
describe 'when specifying a maxdelay param' do
before :each do
params.merge!(
:maxdelay => 600
)
end
it 'configures a cron with delay' do
is_expected.to contain_cron('keystone-manage fernet_rotate').with(
:ensure => params[:ensure],
:command => "sleep `expr ${RANDOM} \\% #{params[:maxdelay]}`; keystone-manage fernet_rotate",
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystone',
:minute => params[:minute],
:hour => params[:hour],
:monthday => params[:monthday],
:month => params[:month],
:weekday => params[:weekday],
:require => 'Anchor[keystone::service::end]',
)
end
end
describe 'when specifying a user param' do
shared_examples 'keystone::cron::fernet_rotate' do
let :params do
{
:user => 'keystonecustom'
}
{}
end
it 'configures a cron with delay' do
is_expected.to contain_cron('keystone-manage fernet_rotate').with(
context 'with default parameters' do
it { is_expected.to contain_class('keystone::deps') }
it { is_expected.to contain_cron('keystone-manage fernet_rotate').with(
:ensure => 'present',
:command => 'keystone-manage fernet_rotate',
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystonecustom',
:user => 'keystone',
:minute => 1,
:hour => 0,
:monthday => '*',
:month => '*',
:weekday => '*',
:require => 'Anchor[keystone::service::end]',
)
end
end
describe 'when disabling cron job' do
before :each do
params.merge!(
:ensure => 'absent'
)
)}
end
it 'configures a cron with delay' do
is_expected.to contain_cron('keystone-manage fernet_rotate').with(
context 'with overridden params' do
before do
params.merge!( :ensure => 'absent',
:minute => 13,
:hour => 1,
:monthday => 3,
:month => 4,
:weekday => 2,
:maxdelay => 600,
:user => 'nobody' )
end
it { is_expected.to contain_class('keystone::deps') }
it { is_expected.to contain_cron('keystone-manage fernet_rotate').with(
:ensure => params[:ensure],
:command => "keystone-manage fernet_rotate",
:command => "sleep `expr ${RANDOM} \\% #{params[:maxdelay]}`; keystone-manage fernet_rotate",
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystone',
:user => params[:user],
:minute => params[:minute],
:hour => params[:hour],
:monthday => params[:monthday],
:month => params[:month],
:weekday => params[:weekday],
:require => 'Anchor[keystone::service::end]',
)
)}
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts({}))
end
it_behaves_like 'keystone::cron::fernet_rotate'
end
end
end

114
spec/classes/keystone_cron_token_flush_spec.rb
View File

@ -1,105 +1,67 @@
require 'spec_helper'
describe 'keystone::cron::token_flush' do
let :facts do
@default_facts.merge({ :osfamily => 'Debian' })
end
let :params do
{ :ensure => 'present',
:minute => 1,
:hour => '*',
:monthday => '*',
:month => '*',
:weekday => '*',
:maxdelay => 0,
:destination => '/var/log/keystone/keystone-tokenflush.log' }
{}
end
describe 'with default parameters' do
it 'configures a cron' do
is_expected.to contain_cron('keystone-manage token_flush').with(
:ensure => params[:ensure],
:command => "keystone-manage token_flush >>#{params[:destination]} 2>&1",
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystone',
:minute => params[:minute],
:hour => params[:hour],
:monthday => params[:monthday],
:month => params[:month],
:weekday => params[:weekday],
:require => 'Anchor[keystone::install::end]',
)
end
end
shared_examples 'keystone::cron::token_flush' do
context 'with default parameters' do
it { is_expected.to contain_class('keystone::deps') }
describe 'when specifying a maxdelay param' do
before :each do
params.merge!(
:maxdelay => 600
)
end
it 'configures a cron with delay' do
is_expected.to contain_cron('keystone-manage token_flush').with(
:ensure => params[:ensure],
:command => "sleep `expr ${RANDOM} \\% #{params[:maxdelay]}`; keystone-manage token_flush >>#{params[:destination]} 2>&1",
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystone',
:minute => params[:minute],
:hour => params[:hour],
:monthday => params[:monthday],
:month => params[:month],
:weekday => params[:weekday],
:require => 'Anchor[keystone::install::end]',
)
end
end
describe 'when specifying a user param' do
let :params do
{
:user => 'keystonecustom'
}
end
it 'configures a cron with delay' do
is_expected.to contain_cron('keystone-manage token_flush').with(
it { is_expected.to contain_cron('keystone-manage token_flush').with(
:ensure => 'present',
:command => 'keystone-manage token_flush >>/var/log/keystone/keystone-tokenflush.log 2>&1',
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystonecustom',
:user => 'keystone',
:minute => 1,
:hour => '*',
:monthday => '*',
:month => '*',
:weekday => '*',
:require => 'Anchor[keystone::install::end]',
)
end
end
describe 'when disabling cron job' do
before :each do
params.merge!(
:ensure => 'absent'
)
)}
end
it 'configures a cron with delay' do
is_expected.to contain_cron('keystone-manage token_flush').with(
context 'with overriden params' do
before do
params.merge!( :ensure => 'absent',
:minute => 13,
:hour => 23,
:monthday => 3,
:month => 4,
:weekday => 2,
:maxdelay => 600,
:destination => '/tmp/tokenflush.log',
:user => 'nobody' )
end
it { is_expected.to contain_class('keystone::deps') }
it { is_expected.to contain_cron('keystone-manage token_flush').with(
:ensure => params[:ensure],
:command => "keystone-manage token_flush >>#{params[:destination]} 2>&1",
:command => "sleep `expr ${RANDOM} \\% #{params[:maxdelay]}`; keystone-manage token_flush >>#{params[:destination]} 2>&1",
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystone',
:user => params[:user],
:minute => params[:minute],
:hour => params[:hour],
:monthday => params[:monthday],
:month => params[:month],
:weekday => params[:weekday],
:require => 'Anchor[keystone::install::end]',
)
)}
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts({}))
end
it_behaves_like 'keystone::cron::token_flush'
end
end
end

125
spec/classes/keystone_db_mysql_spec.rb
View File

@ -1,95 +1,62 @@
require 'spec_helper'
describe 'keystone::db::mysql' do
let :pre_condition do
[
'include mysql::server',
'include keystone::db::sync'
]
end
let :facts do
@default_facts.merge({
:osfamily => 'Debian',
:os => { :name => 'Debian', :family => 'Debian', :release => { :major => '8', :minor => '0' } },
})
end
let :params do
{
:password => 'keystone_default_password',
}
{}
end
describe 'with only required params' do
it { is_expected.to contain_openstacklib__db__mysql('keystone').with(
:user => 'keystone',
:password_hash => '*B552157B14BCEDDCEAA06767A012F31BDAA9CE3D',
:dbname => 'keystone',
:host => '127.0.0.1',
:charset => 'utf8',
:collate => 'utf8_general_ci',
)}
end
shared_examples 'keystone::db::mysql' do
context 'with required params' do
before do
params.merge!( :password => 'keystone_default_password' )
end
describe "overriding allowed_hosts param to array" do
let :params do
{
:password => 'keystonepass',
:allowed_hosts => ['127.0.0.1','%']
}
it { is_expected.to contain_class('keystone::deps') }
it { is_expected.to contain_openstacklib__db__mysql('keystone').with(
:user => 'keystone',
:password_hash => '*B552157B14BCEDDCEAA06767A012F31BDAA9CE3D',
:dbname => 'keystone',
:host => '127.0.0.1',
:charset => 'utf8',
:collate => 'utf8_general_ci',
)}
end
it { is_expected.to contain_openstacklib__db__mysql('keystone').with(
:user => 'keystone',
:password_hash => '*706BFA85E15D0C1D8467D0D81D784F6A04CE4ABB',
:dbname => 'keystone',
:host => '127.0.0.1',
:charset => 'utf8',
:collate => 'utf8_general_ci',
:allowed_hosts => ['127.0.0.1','%'],
)}
context 'with overriden params' do
before do
params.merge!( :password => 'keystonepass',
:dbname => 'keystonedb',
:user => 'keystoneuser',
:host => '1.2.3.4',
:charset => 'latin2',
:collate => 'latin2_general_ci',
:allowed_hosts => '4.3.2.1' )
end
end
describe "overriding allowed_hosts param to string" do
let :params do
{
:password => 'keystonepass2',
:allowed_hosts => '192.168.1.1'
}
it { is_expected.to contain_class('keystone::deps') }
it { is_expected.to contain_openstacklib__db__mysql('keystone').with(
:user => 'keystoneuser',
:password_hash => '*706BFA85E15D0C1D8467D0D81D784F6A04CE4ABB',
:dbname => 'keystonedb',
:host => '1.2.3.4',
:charset => 'latin2',
:collate => 'latin2_general_ci',
:allowed_hosts => '4.3.2.1',
)}
end
it { is_expected.to contain_openstacklib__db__mysql('keystone').with(
:user => 'keystone',
:password_hash => '*47651CDAAB340A79CC838378072877FFFBF0B239',
:dbname => 'keystone',
:host => '127.0.0.1',
:charset => 'utf8',
:collate => 'utf8_general_ci',
:allowed_hosts => '192.168.1.1',
)}
end
describe "overriding allowed_hosts param equals to host param " do
let :params do
{
:password => 'keystonepass2',
:allowed_hosts => '127.0.0.1'
}
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
it_behaves_like 'keystone::db::mysql'
end
it { is_expected.to contain_openstacklib__db__mysql('keystone').with(
:user => 'keystone',
:password_hash => '*47651CDAAB340A79CC838378072877FFFBF0B239',
:dbname => 'keystone',
:host => '127.0.0.1',
:charset => 'utf8',
:collate => 'utf8_general_ci',
:allowed_hosts => '127.0.0.1',
)}
end
end

12
spec/classes/keystone_db_postgresql_spec.rb
View File

@ -1,10 +1,11 @@
require 'spec_helper'
describe 'keystone::db::postgresql' do
shared_examples_for 'keystone::db::postgresql' do
shared_examples 'keystone::db::postgresql' do
let :req_params do
{ :password => 'pw' }
{
:password => 'pw',
}
end
let :pre_condition do
@ -25,7 +26,7 @@ describe 'keystone::db::postgresql' do
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
@ -35,8 +36,7 @@ describe 'keystone::db::postgresql' do
}))
end
it_configures 'keystone::db::postgresql'
it_behaves_like 'keystone::db::postgresql'
end
end
end

9
spec/classes/keystone_db_sync_spec.rb
View File

@ -1,9 +1,7 @@
require 'spec_helper'
describe 'keystone::db::sync' do
shared_examples_for 'keystone-dbsync' do
shared_examples 'keystone::db::sync' do
describe 'with only required params' do
it {
is_expected.to contain_exec('keystone-manage db_sync').with(
@ -51,15 +49,14 @@ describe 'keystone::db::sync' do
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
it_configures 'keystone-dbsync'
it_behaves_like 'keystone::db::sync'
end
end
end

37
spec/classes/keystone_deps_spec.rb
View File

@ -1,17 +1,32 @@
require 'spec_helper'
describe 'keystone::deps' do
shared_examples 'keystone::deps' do
context 'with default params' do
it {
is_expected.to contain_anchor('keystone::install::begin')
is_expected.to contain_anchor('keystone::install::end')
is_expected.to contain_anchor('keystone::config::begin')
is_expected.to contain_anchor('keystone::config::end')
is_expected.to contain_anchor('keystone::db::begin')
is_expected.to contain_anchor('keystone::db::end')
is_expected.to contain_anchor('keystone::dbsync::begin')
is_expected.to contain_anchor('keystone::dbsync::end')
is_expected.to contain_anchor('keystone::service::begin')
is_expected.to contain_anchor('keystone::service::end')
}
end
end
it 'set up the anchors' do
is_expected.to contain_anchor('keystone::install::begin')
is_expected.to contain_anchor('keystone::install::end')
is_expected.to contain_anchor('keystone::config::begin')
is_expected.to contain_anchor('keystone::config::end')
is_expected.to contain_anchor('keystone::db::begin')
is_expected.to contain_anchor('keystone::db::end')
is_expected.to contain_anchor('keystone::dbsync::begin')
is_expected.to contain_anchor('keystone::dbsync::end')
is_expected.to contain_anchor('keystone::service::begin')
is_expected.to contain_anchor('keystone::service::end')
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
it_behaves_like 'keystone::deps'
end
end
end

2
spec/classes/keystone_federation_identity_provider_spec.rb
View File

@ -30,7 +30,7 @@ describe 'keystone::federation::identity_provider' do
:idp_contact_type => 'other' }
end
shared_examples_for 'keystone federation identity provider' do
shared_examples 'keystone federation identity provider' do
it { is_expected.to contain_class('keystone::params') }

2
spec/classes/keystone_federation_mellon_spec.rb
View File

@ -83,7 +83,7 @@ describe 'keystone::federation::mellon' do
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do

22
spec/classes/keystone_init_spec.rb
View File

@ -93,7 +93,7 @@ describe 'keystone' do
httpd_params = {'service_name' => 'httpd'}.merge(default_params)
shared_examples_for 'core keystone examples' do |param_hash|
shared_examples 'core keystone examples' do |param_hash|
it { is_expected.to contain_class('keystone::logging') }
it { is_expected.to contain_class('keystone::params') }
it { is_expected.to contain_class('keystone::policy') }
@ -205,7 +205,7 @@ describe 'keystone' do
param_hash
end
it_configures 'core keystone examples', param_hash
it_behaves_like 'core keystone examples', param_hash
it { is_expected.to contain_service('keystone').with(
'ensure' => (param_hash['manage_service'] && param_hash['enabled']) ? 'running' : 'stopped',
@ -220,7 +220,7 @@ describe 'keystone' do
end
end
shared_examples_for "when using default class parameters for httpd on Debian" do
shared_examples "when using default class parameters for httpd on Debian" do
let :params do
httpd_params
end
@ -229,7 +229,7 @@ describe 'keystone' do
'include keystone::wsgi::apache'
end
it_configures 'core keystone examples', httpd_params
it_behaves_like 'core keystone examples', httpd_params
it do
expect {
@ -242,7 +242,7 @@ describe 'keystone' do
) }
end
shared_examples_for "when using default class parameters for httpd on RedHat" do
shared_examples "when using default class parameters for httpd on RedHat" do
let :params do
httpd_params
end
@ -251,7 +251,7 @@ describe 'keystone' do
'include keystone::wsgi::apache'
end
it_configures 'core keystone examples', httpd_params
it_behaves_like 'core keystone examples', httpd_params
it do
expect {
@ -898,7 +898,7 @@ describe 'keystone' do
)}
end
shared_examples_for "when configuring default domain" do
shared_examples "when configuring default domain" do
describe 'with default domain and eventlet service is managed and enabled' do
let :params do
default_params.merge({
@ -951,8 +951,8 @@ describe 'keystone' do
}
end
it_configures 'when using default class parameters for httpd on RedHat'
it_configures 'when configuring default domain'
it_behaves_like 'when using default class parameters for httpd on RedHat'
it_behaves_like 'when configuring default domain'
end
context 'on Debian platforms' do
@ -972,8 +972,8 @@ describe 'keystone' do
}
end
it_configures 'when using default class parameters for httpd on Debian'
it_configures 'when configuring default domain'
it_behaves_like 'when using default class parameters for httpd on Debian'
it_behaves_like 'when configuring default domain'
end
describe "when configuring using_domain_config" do

8
spec/classes/keystone_logging_spec.rb
View File

@ -34,7 +34,7 @@ describe 'keystone::logging' do
}
end
shared_examples_for 'keystone-logging' do
shared_examples 'keystone-logging' do
context 'with basic logging options and default settings' do
it_behaves_like 'basic default logging settings'
@ -85,7 +85,7 @@ describe 'keystone::logging' do
end
end
shared_examples_for 'logging params set' do
shared_examples 'logging params set' do
it 'enables logging params' do
is_expected.to contain_oslo__log('keystone_config').with(
:logging_context_format_string =>
@ -107,7 +107,7 @@ describe 'keystone::logging' do
end
end
shared_examples_for 'logging params unset' do
shared_examples 'logging params unset' do
[ :logging_context_format_string, :logging_default_format_string,
:logging_debug_format_suffix, :logging_exception_prefix,
:log_config_append, :publish_errors,
@ -119,7 +119,7 @@ describe 'keystone::logging' do
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do

6
spec/classes/keystone_messaging_amqp_spec.rb
View File

@ -2,7 +2,7 @@ require 'spec_helper'
describe 'keystone::messaging::amqp' do
shared_examples_for 'keystone messaging amqp' do
shared_examples 'keystone messaging amqp' do
it { is_expected.to contain_class('keystone::messaging::amqp').with(
'amqp_pre_settled' => ['<SERVICE DEFAULT>'],
'amqp_idle_timeout' => '<SERVICE DEFAULT>',
@ -53,14 +53,14 @@ describe 'keystone::messaging::amqp' do
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
it_configures 'keystone messaging amqp'
it_behaves_like 'keystone messaging amqp'
end
end

7
spec/classes/keystone_policy_spec.rb
View File

@ -1,8 +1,7 @@
require 'spec_helper'
describe 'keystone::policy' do
shared_examples_for 'keystone policies' do
shared_examples 'keystone::policy' do
let :params do
{
:policy_path => '/etc/keystone/policy.json',
@ -29,14 +28,14 @@ describe 'keystone::policy' do
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
it_configures 'keystone policies'
it_behaves_like 'keystone::policy'
end
end
end

6
spec/classes/keystone_security_compliance_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper'
describe 'keystone::security_compliance' do
shared_examples_for 'keystone security_compliance' do
shared_examples 'keystone security_compliance' do
it 'should configure security compliance defaults' do
is_expected.to contain_keystone_config('security_compliance/change_password_upon_first_use').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('security_compliance/disable_user_account_days_inactive').with_value('<SERVICE DEFAULT>')
@ -43,14 +43,14 @@ describe 'keystone::security_compliance' do
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
it_configures 'keystone security_compliance'
it_behaves_like 'keystone security_compliance'
end
end
end