openstack
/
puppet-keystone
Code Issues Proposed changes

Convert to rspec-puppet-facts and cleanup docs/testing 

This converts some more testing to rspec-puppet-facts
so there is only these three missing now until done:

* keystone_init_spec.rb
* keystone_federation_identity_provider_spec.rb
* keystone_ldap_spec.rb

Also does cleanup of some formatting for documentation
and testing specs.

Change-Id: Ifd74aa8cedf630d98f9e12ab276300409a68eecd
This commit is contained in:
Tobias Urdin 2020-02-03 23:17:58 +01:00
parent bc1ff1d7cb
commit 7def56f92f
25 changed files with 288 additions and 376 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
manifests/cron/fernet_rotate.pp
View File

@ -19,43 +19,49 @@
# #
# === Parameters # === Parameters
# #
# [*ensure*] # [*ensure*]
# (optional) Defaults to present. # (Optional) Valid values are present, absent.
# Valid values are present, absent. # Defaults to 'present'
# #
# [*minute*] # [*minute*]
# (optional) Defaults to '1'. # (Optional) Minute.
# Defaults to '1'
# #
# [*hour*] # [*hour*]
# (optional) Defaults to '0'. # (Optional) Hour.
# Defaults to '0'
# #
# [*monthday*] # [*monthday*]
# (optional) Defaults to '*'. # (Optional) Day of month.
# Defaults to '*'
# #
# [*month*] # [*month*]
# (optional) Defaults to '*'. # (Optional) Month.
# Defaults to '*'.
# #
# [*weekday*] # [*weekday*]
# (optional) Defaults to '*'. # (Optional) Day of week.
# Defaults to '*'
# #
# [*maxdelay*] # [*maxdelay*]
# (optional) Seconds. Defaults to 0. Should be a positive integer. # (Optional) Max random delay, should be a positive integer.
# Induces a random delay before running the cronjob to avoid running all # Induces a random delay before running the cronjob to avoid running all
# cron jobs at the same time on all hosts this job is configured. # cron jobs at the same time on all hosts this job is configured.
# Defaults to 0
# #
# [*user*] # [*user*]
# (optional) Defaults to 'keystone'. # (Optional) Allow to run the crontab on behalf any user.
# Allow to run the crontab on behalf any user. # Defaults to 'keystone'
# #
class keystone::cron::fernet_rotate ( class keystone::cron::fernet_rotate (
$ensure = present, $ensure = present,
$minute = 1, $minute = 1,
$hour = 0, $hour = 0,
$monthday = '*', $monthday = '*',
$month = '*', $month = '*',
$weekday = '*', $weekday = '*',
$maxdelay = 0, $maxdelay = 0,
$user = 'keystone', $user = 'keystone',
) { ) {
include keystone::deps include keystone::deps

52
manifests/cron/token_flush.pp
View File

@ -21,37 +21,43 @@
# #
# === Parameters # === Parameters
# #
# [*ensure*] # [*ensure*]
# (optional) Defaults to present. # (Optional) Valid values are present, absent.
# Valid values are present, absent. # Defaults to 'present'
# #
# [*minute*] # [*minute*]
# (optional) Defaults to '1'. # (Optional) Minute.
# Defaults to '1'
# #
# [*hour*] # [*hour*]
# (optional) Defaults to *. # (Optional) Hour.
# Defaults to *
# #
# [*monthday*] # [*monthday*]
# (optional) Defaults to '*'. # (Optional) Day of month.
# Defaults to '*'
# #
# [*month*] # [*month*]
# (optional) Defaults to '*'. # (Optional) Month.
# Defaults to '*'
# #
# [*weekday*] # [*weekday*]
# (optional) Defaults to '*'. # (Optional) Day of week.
# Defaults to '*'
# #
# [*maxdelay*] # [*maxdelay*]
# (optional) Seconds. Defaults to 0. Should be a positive integer. # (Optional) Max random delay in seconds. Should be a positive integer.
# Induces a random delay before running the cronjob to avoid running all # Induces a random delay before running the cronjob to avoid running all
# cron jobs at the same time on all hosts this job is configured. # cron jobs at the same time on all hosts this job is configured.
# Defaults to 0
# #
# [*destination*] # [*destination*]
# (optional) Path to file to which rows should be archived # (Optional) Path to file to which rows should be archived
# Defaults to '/var/log/keystone/keystone-tokenflush.log'. # Defaults to '/var/log/keystone/keystone-tokenflush.log'
# #
# [*user*] # [*user*]
# (optional) Defaults to 'keystone'. # (Optional) Allow to run the crontab on behalf any user.
# Allow to run the crontab on behalf any user. # Defaults to 'keystone'
# #
class keystone::cron::token_flush ( class keystone::cron::token_flush (
$ensure = present, $ensure = present,

2
manifests/db.pp
View File

@ -1,4 +1,4 @@
# class: keystone::db # Class: keystone::db
# #
# Configure the Keystone database # Configure the Keystone database
# #

8
manifests/federation.pp
View File

@ -1,22 +1,24 @@
# == class: keystone::federation # == Class: keystone::federation
# #
# == Parameters # == Parameters
# #
# [*trusted_dashboards*] # [*trusted_dashboards*]
# (optional) URL list of trusted horizon servers. # (Optional) URL list of trusted horizon servers.
# This setting ensures that keystone only sends token data back to trusted # This setting ensures that keystone only sends token data back to trusted
# servers. This is performed as a precaution, specifically to prevent man-in- # servers. This is performed as a precaution, specifically to prevent man-in-
# the-middle (MITM) attacks. # the-middle (MITM) attacks.
# Defaults to undef # Defaults to undef
# #
# [*remote_id_attribute*] # [*remote_id_attribute*]
# (optional) Value to be used to obtain the entity ID of the Identity # (Optional) Value to be used to obtain the entity ID of the Identity
# Provider from the environment. # Provider from the environment.
# Defaults to undef
# #
class keystone::federation ( class keystone::federation (
$trusted_dashboards = undef, $trusted_dashboards = undef,
$remote_id_attribute = undef, $remote_id_attribute = undef,
) { ) {
include keystone::deps include keystone::deps
keystone_config { keystone_config {

2
manifests/federation/identity_provider.pp
View File

@ -1,4 +1,4 @@
# == class: keystone::federation::identity_provider # == Class: keystone::federation::identity_provider
# #
# == Parameters # == Parameters
# #

2
manifests/federation/mellon.pp
View File

@ -1,4 +1,4 @@
# == class: keystone::federation::mellon # == Class: keystone::federation::mellon
# #
# == Parameters # == Parameters
# #

2
manifests/federation/openidc.pp
View File

@ -1,4 +1,4 @@
# == class: keystone::federation::openidc [70/1473] # == Class: keystone::federation::openidc
# #
# == Parameters # == Parameters
# #

2
manifests/federation/shibboleth.pp
View File

@ -1,4 +1,4 @@
# == class: keystone::federation::shibboleth # == Class: keystone::federation::shibboleth
# #
# == Parameters # == Parameters
# #

6
manifests/ldap.pp
View File

@ -1,8 +1,8 @@
# == class: keystone::ldap # == Class: keystone::ldap
# #
# Implements ldap configuration for keystone. # Implements ldap configuration for keystone.
# #
# === parameters: # === Parameters:
# #
# [*url*] # [*url*]
# URL for connecting to the LDAP server. (string value) # URL for connecting to the LDAP server. (string value)
@ -354,8 +354,6 @@
# LDAP support packages. # LDAP support packages.
# Defaults to true. # Defaults to true.
# #
# == Dependencies
# == Examples
# == Authors # == Authors
# #
# Dan Bode dan@puppetlabs.com # Dan Bode dan@puppetlabs.com

47
manifests/security_compliance.pp
View File

@ -1,58 +1,59 @@
# == class: keystone::security_compliance # == Class: keystone::security_compliance
# #
# Security compliance features for keystone, specifically to satisfy # Security compliance features for keystone, specifically to satisfy
# Payment Card Industry - Data Security Standard (PCI-DSS) v3.1 requirements. # Payment Card Industry - Data Security Standard (PCI-DSS) v3.1 requirements.
# #
# === parameters: # === Parameters:
# #
# [*change_password_upon_first_use*] # [*change_password_upon_first_use*]
# Enabling this option requires users to change their password when the user # (Optional) Enabling this option requires users to change their password
# is created, or upon administrative reset. (Boolean value) # when the user is created, or upon administrative reset. (Boolean value)
# Defaults to $::os_service_default # Defaults to $::os_service_default
# #
# [*disable_user_account_days_inactive*] # [*disable_user_account_days_inactive*]
# The maximum number of days a user can go without authenticating before # (Optional) The maximum number of days a user can go without authenticating
# being considered "inactive" and automatically disabled (locked). (Integer # before being considered "inactive" and automatically disabled (locked).
# value) # (Integer value)
# Defaults to $::os_service_default # Defaults to $::os_service_default
# #
# [*lockout_duration*] # [*lockout_duration*]
# The number of seconds a user account will be locked when the maximum number # (Optional) The number of seconds a user account will be locked when the
# of failed authentication attempts (as specified by `[security_compliance] # maximum number of failed authentication attempts (as specified by
# lockout_failure_attempts`) is exceeded. (Integer value) # `[security_compliance] lockout_failure_attempts`) is exceeded.
# (Integer value)
# Defaults to $::os_service_default # Defaults to $::os_service_default
# #
# [*lockout_failure_attempts*] # [*lockout_failure_attempts*]
# The maximum number of times that a user can fail to authenticate before the # (Optional) The maximum number of times that a user can fail to authenticate
# user account is locked for the number of seconds specified by # before the user account is locked for the number of seconds specified by
# `[security_compliance] lockout_duration`. (Integer value) # `[security_compliance] lockout_duration`. (Integer value)
# Defaults to $::os_service_default # Defaults to $::os_service_default
# #
# [*minimum_password_age*] # [*minimum_password_age*]
# The number of days that a password must be used before the user can change # (Optional) The number of days that a password must be used before the user
# it. This prevents users from changing their passwords immediately in order # can change it. This prevents users from changing their passwords immediately
# to wipe out their password history and reuse an old password. (Integer # in order to wipe out their password history and reuse an old password.
# value) # (Integer value)
# Defaults to $::os_service_default # Defaults to $::os_service_default
# #
# [*password_expires_days*] # [*password_expires_days*]
# The number of days for which a password will be considered valid before # (Optional) The number of days for which a password will be considered valid
# requiring it to be changed. (Integer value) # before requiring it to be changed. (Integer value)
# Defaults to $::os_service_default # Defaults to $::os_service_default
# #
# [*password_regex*] # [*password_regex*]
# The regular expression used to validate password strength requirements. By # (Optional) The regular expression used to validate password strength requirements.
# default, the regular expression will match any password. (String value) # By default, the regular expression will match any password. (String value)
# Defaults to $::os_service_default # Defaults to $::os_service_default
# #
# [*password_regex_description*] # [*password_regex_description*]
# Describe your password regular expression here in language for humans. # (Optional) Describe your password regular expression here in language for humans.
# (String value) # (String value)
# Defaults to $::os_service_default # Defaults to $::os_service_default
# #
# [*unique_last_password_count*] # [*unique_last_password_count*]
# This controls the number of previous user password iterations to keep in # (Optional) This controls the number of previous user password iterations to keep
# history, in order to enforce that newly created passwords are unique. # in history, in order to enforce that newly created passwords are unique.
# (Integer value) # (Integer value)
# Defaults to $::os_service_default # Defaults to $::os_service_default
# #

6
spec/classes/keystone_config_spec.rb
View File

@ -9,7 +9,7 @@ describe 'keystone::config' do
} }
end end
shared_examples_for 'keystone_config' do shared_examples 'keystone_config' do
let :params do let :params do
{ :keystone_config => config_hash } { :keystone_config => config_hash }
end end
@ -24,14 +24,14 @@ describe 'keystone::config' do
end end
on_supported_os({ on_supported_os({
:supported_os => OSDefaults.get_supported_os :supported_os => OSDefaults.get_supported_os
}).each do |os,facts| }).each do |os,facts|
context "on #{os}" do context "on #{os}" do
let (:facts) do let (:facts) do
facts.merge!(OSDefaults.get_facts()) facts.merge!(OSDefaults.get_facts())
end end
it_configures 'keystone_config' it_behaves_like 'keystone_config'
end end
end end
end end

8
spec/classes/keystone_cors_spec.rb
View File

@ -1,8 +1,7 @@
require 'spec_helper' require 'spec_helper'
describe 'keystone::cors' do describe 'keystone::cors' do
shared_examples 'keystone::cors' do
shared_examples_for 'keystone cors' do
it 'configure cors default params' do it 'configure cors default params' do
is_expected.to contain_keystone_config('cors/allowed_origin').with_value('<SERVICE DEFAULT>') is_expected.to contain_keystone_config('cors/allowed_origin').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('cors/allow_credentials').with_value('<SERVICE DEFAULT>') is_expected.to contain_keystone_config('cors/allow_credentials').with_value('<SERVICE DEFAULT>')
@ -35,15 +34,14 @@ describe 'keystone::cors' do
end end
on_supported_os({ on_supported_os({
:supported_os => OSDefaults.get_supported_os :supported_os => OSDefaults.get_supported_os
}).each do |os,facts| }).each do |os,facts|
context "on #{os}" do context "on #{os}" do
let (:facts) do let (:facts) do
facts.merge!(OSDefaults.get_facts()) facts.merge!(OSDefaults.get_facts())
end end
it_configures 'keystone cors' it_behaves_like 'keystone::cors'
end end
end end
end end

115
spec/classes/keystone_cron_fernet_rotate_spec.rb
View File

@ -1,105 +1,66 @@
require 'spec_helper' require 'spec_helper'
describe 'keystone::cron::fernet_rotate' do describe 'keystone::cron::fernet_rotate' do
shared_examples 'keystone::cron::fernet_rotate' do
let :facts do
OSDefaults.get_facts({ :osfamily => 'Debian' })
end
let :params do
{ :ensure => 'present',
:minute => 1,
:hour => 0,
:monthday => '*',
:month => '*',
:weekday => '*',
:maxdelay => 0,
}
end
describe 'with default parameters' do
it 'configures a cron' do
is_expected.to contain_cron('keystone-manage fernet_rotate').with(
:ensure => params[:ensure],
:command => "keystone-manage fernet_rotate",
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystone',
:minute => params[:minute],
:hour => params[:hour],
:monthday => params[:monthday],
:month => params[:month],
:weekday => params[:weekday],
:require => 'Anchor[keystone::service::end]',
)
end
end
describe 'when specifying a maxdelay param' do
before :each do
params.merge!(
:maxdelay => 600
)
end
it 'configures a cron with delay' do
is_expected.to contain_cron('keystone-manage fernet_rotate').with(
:ensure => params[:ensure],
:command => "sleep `expr ${RANDOM} \\% #{params[:maxdelay]}`; keystone-manage fernet_rotate",
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystone',
:minute => params[:minute],
:hour => params[:hour],
:monthday => params[:monthday],
:month => params[:month],
:weekday => params[:weekday],
:require => 'Anchor[keystone::service::end]',
)
end
end
describe 'when specifying a user param' do
let :params do let :params do
{ {}
:user => 'keystonecustom'
}
end end
it 'configures a cron with delay' do context 'with default parameters' do
is_expected.to contain_cron('keystone-manage fernet_rotate').with( it { is_expected.to contain_class('keystone::deps') }
it { is_expected.to contain_cron('keystone-manage fernet_rotate').with(
:ensure => 'present', :ensure => 'present',
:command => 'keystone-manage fernet_rotate', :command => 'keystone-manage fernet_rotate',
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystonecustom', :user => 'keystone',
:minute => 1, :minute => 1,
:hour => 0, :hour => 0,
:monthday => '*', :monthday => '*',
:month => '*', :month => '*',
:weekday => '*', :weekday => '*',
:require => 'Anchor[keystone::service::end]', :require => 'Anchor[keystone::service::end]',
) )}
end
end
describe 'when disabling cron job' do
before :each do
params.merge!(
:ensure => 'absent'
)
end end
it 'configures a cron with delay' do context 'with overridden params' do
is_expected.to contain_cron('keystone-manage fernet_rotate').with( before do
params.merge!( :ensure => 'absent',
:minute => 13,
:hour => 1,
:monthday => 3,
:month => 4,
:weekday => 2,
:maxdelay => 600,
:user => 'nobody' )
end
it { is_expected.to contain_class('keystone::deps') }
it { is_expected.to contain_cron('keystone-manage fernet_rotate').with(
:ensure => params[:ensure], :ensure => params[:ensure],
:command => "keystone-manage fernet_rotate", :command => "sleep `expr ${RANDOM} \\% #{params[:maxdelay]}`; keystone-manage fernet_rotate",
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystone', :user => params[:user],
:minute => params[:minute], :minute => params[:minute],
:hour => params[:hour], :hour => params[:hour],
:monthday => params[:monthday], :monthday => params[:monthday],
:month => params[:month], :month => params[:month],
:weekday => params[:weekday], :weekday => params[:weekday],
:require => 'Anchor[keystone::service::end]', :require => 'Anchor[keystone::service::end]',
) )}
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts({}))
end
it_behaves_like 'keystone::cron::fernet_rotate'
end end
end end
end end

114
spec/classes/keystone_cron_token_flush_spec.rb
View File

@ -1,105 +1,67 @@
require 'spec_helper' require 'spec_helper'
describe 'keystone::cron::token_flush' do describe 'keystone::cron::token_flush' do
let :facts do
@default_facts.merge({ :osfamily => 'Debian' })
end
let :params do let :params do
{ :ensure => 'present', {}
:minute => 1,
:hour => '*',
:monthday => '*',
:month => '*',
:weekday => '*',
:maxdelay => 0,
:destination => '/var/log/keystone/keystone-tokenflush.log' }
end end
describe 'with default parameters' do shared_examples 'keystone::cron::token_flush' do
it 'configures a cron' do context 'with default parameters' do
is_expected.to contain_cron('keystone-manage token_flush').with( it { is_expected.to contain_class('keystone::deps') }
:ensure => params[:ensure],
:command => "keystone-manage token_flush >>#{params[:destination]} 2>&1",
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystone',
:minute => params[:minute],
:hour => params[:hour],
:monthday => params[:monthday],
:month => params[:month],
:weekday => params[:weekday],
:require => 'Anchor[keystone::install::end]',
)
end
end
describe 'when specifying a maxdelay param' do it { is_expected.to contain_cron('keystone-manage token_flush').with(
before :each do
params.merge!(
:maxdelay => 600
)
end
it 'configures a cron with delay' do
is_expected.to contain_cron('keystone-manage token_flush').with(
:ensure => params[:ensure],
:command => "sleep `expr ${RANDOM} \\% #{params[:maxdelay]}`; keystone-manage token_flush >>#{params[:destination]} 2>&1",
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystone',
:minute => params[:minute],
:hour => params[:hour],
:monthday => params[:monthday],
:month => params[:month],
:weekday => params[:weekday],
:require => 'Anchor[keystone::install::end]',
)
end
end
describe 'when specifying a user param' do
let :params do
{
:user => 'keystonecustom'
}
end
it 'configures a cron with delay' do
is_expected.to contain_cron('keystone-manage token_flush').with(
:ensure => 'present', :ensure => 'present',
:command => 'keystone-manage token_flush >>/var/log/keystone/keystone-tokenflush.log 2>&1', :command => 'keystone-manage token_flush >>/var/log/keystone/keystone-tokenflush.log 2>&1',
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystonecustom', :user => 'keystone',
:minute => 1, :minute => 1,
:hour => '*', :hour => '*',
:monthday => '*', :monthday => '*',
:month => '*', :month => '*',
:weekday => '*', :weekday => '*',
:require => 'Anchor[keystone::install::end]', :require => 'Anchor[keystone::install::end]',
) )}
end
end
describe 'when disabling cron job' do
before :each do
params.merge!(
:ensure => 'absent'
)
end end
it 'configures a cron with delay' do context 'with overriden params' do
is_expected.to contain_cron('keystone-manage token_flush').with( before do
params.merge!( :ensure => 'absent',
:minute => 13,
:hour => 23,
:monthday => 3,
:month => 4,
:weekday => 2,
:maxdelay => 600,
:destination => '/tmp/tokenflush.log',
:user => 'nobody' )
end
it { is_expected.to contain_class('keystone::deps') }
it { is_expected.to contain_cron('keystone-manage token_flush').with(
:ensure => params[:ensure], :ensure => params[:ensure],
:command => "keystone-manage token_flush >>#{params[:destination]} 2>&1", :command => "sleep `expr ${RANDOM} \\% #{params[:maxdelay]}`; keystone-manage token_flush >>#{params[:destination]} 2>&1",
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
:user => 'keystone', :user => params[:user],
:minute => params[:minute], :minute => params[:minute],
:hour => params[:hour], :hour => params[:hour],
:monthday => params[:monthday], :monthday => params[:monthday],
:month => params[:month], :month => params[:month],
:weekday => params[:weekday], :weekday => params[:weekday],
:require => 'Anchor[keystone::install::end]', :require => 'Anchor[keystone::install::end]',
) )}
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts({}))
end
it_behaves_like 'keystone::cron::token_flush'
end end
end end
end end

125
spec/classes/keystone_db_mysql_spec.rb
View File

@ -1,95 +1,62 @@
require 'spec_helper' require 'spec_helper'
describe 'keystone::db::mysql' do describe 'keystone::db::mysql' do
let :pre_condition do
[
'include mysql::server',
'include keystone::db::sync'
]
end
let :facts do
@default_facts.merge({
:osfamily => 'Debian',
:os => { :name => 'Debian', :family => 'Debian', :release => { :major => '8', :minor => '0' } },
})
end
let :params do let :params do
{ {}
:password => 'keystone_default_password',
}
end end
describe 'with only required params' do shared_examples 'keystone::db::mysql' do
it { is_expected.to contain_openstacklib__db__mysql('keystone').with( context 'with required params' do
:user => 'keystone', before do
:password_hash => '*B552157B14BCEDDCEAA06767A012F31BDAA9CE3D', params.merge!( :password => 'keystone_default_password' )
:dbname => 'keystone', end
:host => '127.0.0.1',
:charset => 'utf8',
:collate => 'utf8_general_ci',
)}
end
describe "overriding allowed_hosts param to array" do it { is_expected.to contain_class('keystone::deps') }
let :params do
{ it { is_expected.to contain_openstacklib__db__mysql('keystone').with(
:password => 'keystonepass', :user => 'keystone',
:allowed_hosts => ['127.0.0.1','%'] :password_hash => '*B552157B14BCEDDCEAA06767A012F31BDAA9CE3D',
} :dbname => 'keystone',
:host => '127.0.0.1',
:charset => 'utf8',
:collate => 'utf8_general_ci',
)}
end end
it { is_expected.to contain_openstacklib__db__mysql('keystone').with( context 'with overriden params' do
:user => 'keystone', before do
:password_hash => '*706BFA85E15D0C1D8467D0D81D784F6A04CE4ABB', params.merge!( :password => 'keystonepass',
:dbname => 'keystone', :dbname => 'keystonedb',
:host => '127.0.0.1', :user => 'keystoneuser',
:charset => 'utf8', :host => '1.2.3.4',
:collate => 'utf8_general_ci', :charset => 'latin2',
:allowed_hosts => ['127.0.0.1','%'], :collate => 'latin2_general_ci',
)} :allowed_hosts => '4.3.2.1' )
end
end it { is_expected.to contain_class('keystone::deps') }
describe "overriding allowed_hosts param to string" do
let :params do it { is_expected.to contain_openstacklib__db__mysql('keystone').with(
{ :user => 'keystoneuser',
:password => 'keystonepass2', :password_hash => '*706BFA85E15D0C1D8467D0D81D784F6A04CE4ABB',
:allowed_hosts => '192.168.1.1' :dbname => 'keystonedb',
} :host => '1.2.3.4',
:charset => 'latin2',
:collate => 'latin2_general_ci',
:allowed_hosts => '4.3.2.1',
)}
end end
it { is_expected.to contain_openstacklib__db__mysql('keystone').with(
:user => 'keystone',
:password_hash => '*47651CDAAB340A79CC838378072877FFFBF0B239',
:dbname => 'keystone',
:host => '127.0.0.1',
:charset => 'utf8',
:collate => 'utf8_general_ci',
:allowed_hosts => '192.168.1.1',
)}
end end
describe "overriding allowed_hosts param equals to host param " do on_supported_os({
let :params do :supported_os => OSDefaults.get_supported_os
{ }).each do |os,facts|
:password => 'keystonepass2', context "on #{os}" do
:allowed_hosts => '127.0.0.1' let (:facts) do
} facts.merge!(OSDefaults.get_facts())
end
it_behaves_like 'keystone::db::mysql'
end end
it { is_expected.to contain_openstacklib__db__mysql('keystone').with(
:user => 'keystone',
:password_hash => '*47651CDAAB340A79CC838378072877FFFBF0B239',
:dbname => 'keystone',
:host => '127.0.0.1',
:charset => 'utf8',
:collate => 'utf8_general_ci',
:allowed_hosts => '127.0.0.1',
)}
end end
end end

12
spec/classes/keystone_db_postgresql_spec.rb
View File

@ -1,10 +1,11 @@
require 'spec_helper' require 'spec_helper'
describe 'keystone::db::postgresql' do describe 'keystone::db::postgresql' do
shared_examples 'keystone::db::postgresql' do
shared_examples_for 'keystone::db::postgresql' do
let :req_params do let :req_params do
{ :password => 'pw' } {
:password => 'pw',
}
end end
let :pre_condition do let :pre_condition do
@ -25,7 +26,7 @@ describe 'keystone::db::postgresql' do
end end
on_supported_os({ on_supported_os({
:supported_os => OSDefaults.get_supported_os :supported_os => OSDefaults.get_supported_os
}).each do |os,facts| }).each do |os,facts|
context "on #{os}" do context "on #{os}" do
let (:facts) do let (:facts) do
@ -35,8 +36,7 @@ describe 'keystone::db::postgresql' do
})) }))
end end
it_configures 'keystone::db::postgresql' it_behaves_like 'keystone::db::postgresql'
end end
end end
end end

9
spec/classes/keystone_db_sync_spec.rb
View File

@ -1,9 +1,7 @@
require 'spec_helper' require 'spec_helper'
describe 'keystone::db::sync' do describe 'keystone::db::sync' do
shared_examples 'keystone::db::sync' do
shared_examples_for 'keystone-dbsync' do
describe 'with only required params' do describe 'with only required params' do
it { it {
is_expected.to contain_exec('keystone-manage db_sync').with( is_expected.to contain_exec('keystone-manage db_sync').with(
@ -51,15 +49,14 @@ describe 'keystone::db::sync' do
end end
on_supported_os({ on_supported_os({
:supported_os => OSDefaults.get_supported_os :supported_os => OSDefaults.get_supported_os
}).each do |os,facts| }).each do |os,facts|
context "on #{os}" do context "on #{os}" do
let (:facts) do let (:facts) do
facts.merge!(OSDefaults.get_facts()) facts.merge!(OSDefaults.get_facts())
end end
it_configures 'keystone-dbsync' it_behaves_like 'keystone::db::sync'
end end
end end
end end

37
spec/classes/keystone_deps_spec.rb
View File

@ -1,17 +1,32 @@
require 'spec_helper' require 'spec_helper'
describe 'keystone::deps' do describe 'keystone::deps' do
shared_examples 'keystone::deps' do
context 'with default params' do
it {
is_expected.to contain_anchor('keystone::install::begin')
is_expected.to contain_anchor('keystone::install::end')
is_expected.to contain_anchor('keystone::config::begin')
is_expected.to contain_anchor('keystone::config::end')
is_expected.to contain_anchor('keystone::db::begin')
is_expected.to contain_anchor('keystone::db::end')
is_expected.to contain_anchor('keystone::dbsync::begin')
is_expected.to contain_anchor('keystone::dbsync::end')
is_expected.to contain_anchor('keystone::service::begin')
is_expected.to contain_anchor('keystone::service::end')
}
end
end
it 'set up the anchors' do on_supported_os({
is_expected.to contain_anchor('keystone::install::begin') :supported_os => OSDefaults.get_supported_os
is_expected.to contain_anchor('keystone::install::end') }).each do |os,facts|
is_expected.to contain_anchor('keystone::config::begin') context "on #{os}" do
is_expected.to contain_anchor('keystone::config::end') let (:facts) do
is_expected.to contain_anchor('keystone::db::begin') facts.merge!(OSDefaults.get_facts())
is_expected.to contain_anchor('keystone::db::end') end
is_expected.to contain_anchor('keystone::dbsync::begin')
is_expected.to contain_anchor('keystone::dbsync::end') it_behaves_like 'keystone::deps'
is_expected.to contain_anchor('keystone::service::begin') end
is_expected.to contain_anchor('keystone::service::end')
end end
end end

2
spec/classes/keystone_federation_identity_provider_spec.rb
View File

@ -30,7 +30,7 @@ describe 'keystone::federation::identity_provider' do
:idp_contact_type => 'other' } :idp_contact_type => 'other' }
end end
shared_examples_for 'keystone federation identity provider' do shared_examples 'keystone federation identity provider' do
it { is_expected.to contain_class('keystone::params') } it { is_expected.to contain_class('keystone::params') }

2
spec/classes/keystone_federation_mellon_spec.rb
View File

@ -83,7 +83,7 @@ describe 'keystone::federation::mellon' do
end end
on_supported_os({ on_supported_os({
:supported_os => OSDefaults.get_supported_os :supported_os => OSDefaults.get_supported_os
}).each do |os,facts| }).each do |os,facts|
context "on #{os}" do context "on #{os}" do
let (:facts) do let (:facts) do

22
spec/classes/keystone_init_spec.rb
View File

@ -93,7 +93,7 @@ describe 'keystone' do
httpd_params = {'service_name' => 'httpd'}.merge(default_params) httpd_params = {'service_name' => 'httpd'}.merge(default_params)
shared_examples_for 'core keystone examples' do |param_hash| shared_examples 'core keystone examples' do |param_hash|
it { is_expected.to contain_class('keystone::logging') } it { is_expected.to contain_class('keystone::logging') }
it { is_expected.to contain_class('keystone::params') } it { is_expected.to contain_class('keystone::params') }
it { is_expected.to contain_class('keystone::policy') } it { is_expected.to contain_class('keystone::policy') }
@ -205,7 +205,7 @@ describe 'keystone' do
param_hash param_hash
end end
it_configures 'core keystone examples', param_hash it_behaves_like 'core keystone examples', param_hash
it { is_expected.to contain_service('keystone').with( it { is_expected.to contain_service('keystone').with(
'ensure' => (param_hash['manage_service'] && param_hash['enabled']) ? 'running' : 'stopped', 'ensure' => (param_hash['manage_service'] && param_hash['enabled']) ? 'running' : 'stopped',
@ -220,7 +220,7 @@ describe 'keystone' do
end end
end end
shared_examples_for "when using default class parameters for httpd on Debian" do shared_examples "when using default class parameters for httpd on Debian" do
let :params do let :params do
httpd_params httpd_params
end end
@ -229,7 +229,7 @@ describe 'keystone' do
'include keystone::wsgi::apache' 'include keystone::wsgi::apache'
end end
it_configures 'core keystone examples', httpd_params it_behaves_like 'core keystone examples', httpd_params
it do it do
expect { expect {
@ -242,7 +242,7 @@ describe 'keystone' do
) } ) }
end end
shared_examples_for "when using default class parameters for httpd on RedHat" do shared_examples "when using default class parameters for httpd on RedHat" do
let :params do let :params do
httpd_params httpd_params
end end
@ -251,7 +251,7 @@ describe 'keystone' do
'include keystone::wsgi::apache' 'include keystone::wsgi::apache'
end end
it_configures 'core keystone examples', httpd_params it_behaves_like 'core keystone examples', httpd_params
it do it do
expect { expect {
@ -898,7 +898,7 @@ describe 'keystone' do
)} )}
end end
shared_examples_for "when configuring default domain" do shared_examples "when configuring default domain" do
describe 'with default domain and eventlet service is managed and enabled' do describe 'with default domain and eventlet service is managed and enabled' do
let :params do let :params do
default_params.merge({ default_params.merge({
@ -951,8 +951,8 @@ describe 'keystone' do
} }
end end
it_configures 'when using default class parameters for httpd on RedHat' it_behaves_like 'when using default class parameters for httpd on RedHat'
it_configures 'when configuring default domain' it_behaves_like 'when configuring default domain'
end end
context 'on Debian platforms' do context 'on Debian platforms' do
@ -972,8 +972,8 @@ describe 'keystone' do
} }
end end
it_configures 'when using default class parameters for httpd on Debian' it_behaves_like 'when using default class parameters for httpd on Debian'
it_configures 'when configuring default domain' it_behaves_like 'when configuring default domain'
end end
describe "when configuring using_domain_config" do describe "when configuring using_domain_config" do

8
spec/classes/keystone_logging_spec.rb
View File

@ -34,7 +34,7 @@ describe 'keystone::logging' do
} }
end end
shared_examples_for 'keystone-logging' do shared_examples 'keystone-logging' do
context 'with basic logging options and default settings' do context 'with basic logging options and default settings' do
it_behaves_like 'basic default logging settings' it_behaves_like 'basic default logging settings'
@ -85,7 +85,7 @@ describe 'keystone::logging' do
end end
end end
shared_examples_for 'logging params set' do shared_examples 'logging params set' do
it 'enables logging params' do it 'enables logging params' do
is_expected.to contain_oslo__log('keystone_config').with( is_expected.to contain_oslo__log('keystone_config').with(
:logging_context_format_string => :logging_context_format_string =>
@ -107,7 +107,7 @@ describe 'keystone::logging' do
end end
end end
shared_examples_for 'logging params unset' do shared_examples 'logging params unset' do
[ :logging_context_format_string, :logging_default_format_string, [ :logging_context_format_string, :logging_default_format_string,
:logging_debug_format_suffix, :logging_exception_prefix, :logging_debug_format_suffix, :logging_exception_prefix,
:log_config_append, :publish_errors, :log_config_append, :publish_errors,
@ -119,7 +119,7 @@ describe 'keystone::logging' do
end end
on_supported_os({ on_supported_os({
:supported_os => OSDefaults.get_supported_os :supported_os => OSDefaults.get_supported_os
}).each do |os,facts| }).each do |os,facts|
context "on #{os}" do context "on #{os}" do
let (:facts) do let (:facts) do

6
spec/classes/keystone_messaging_amqp_spec.rb
View File

@ -2,7 +2,7 @@ require 'spec_helper'
describe 'keystone::messaging::amqp' do describe 'keystone::messaging::amqp' do
shared_examples_for 'keystone messaging amqp' do shared_examples 'keystone messaging amqp' do
it { is_expected.to contain_class('keystone::messaging::amqp').with( it { is_expected.to contain_class('keystone::messaging::amqp').with(
'amqp_pre_settled' => ['<SERVICE DEFAULT>'], 'amqp_pre_settled' => ['<SERVICE DEFAULT>'],
'amqp_idle_timeout' => '<SERVICE DEFAULT>', 'amqp_idle_timeout' => '<SERVICE DEFAULT>',
@ -53,14 +53,14 @@ describe 'keystone::messaging::amqp' do
end end
on_supported_os({ on_supported_os({
:supported_os => OSDefaults.get_supported_os :supported_os => OSDefaults.get_supported_os
}).each do |os,facts| }).each do |os,facts|
context "on #{os}" do context "on #{os}" do
let (:facts) do let (:facts) do
facts.merge!(OSDefaults.get_facts()) facts.merge!(OSDefaults.get_facts())
end end
it_configures 'keystone messaging amqp' it_behaves_like 'keystone messaging amqp'
end end
end end

7
spec/classes/keystone_policy_spec.rb
View File

@ -1,8 +1,7 @@
require 'spec_helper' require 'spec_helper'
describe 'keystone::policy' do describe 'keystone::policy' do
shared_examples 'keystone::policy' do
shared_examples_for 'keystone policies' do
let :params do let :params do
{ {
:policy_path => '/etc/keystone/policy.json', :policy_path => '/etc/keystone/policy.json',
@ -29,14 +28,14 @@ describe 'keystone::policy' do
end end
on_supported_os({ on_supported_os({
:supported_os => OSDefaults.get_supported_os :supported_os => OSDefaults.get_supported_os
}).each do |os,facts| }).each do |os,facts|
context "on #{os}" do context "on #{os}" do
let (:facts) do let (:facts) do
facts.merge!(OSDefaults.get_facts()) facts.merge!(OSDefaults.get_facts())
end end
it_configures 'keystone policies' it_behaves_like 'keystone::policy'
end end
end end
end end

6
spec/classes/keystone_security_compliance_spec.rb
View File

@ -1,7 +1,7 @@
require 'spec_helper' require 'spec_helper'
describe 'keystone::security_compliance' do describe 'keystone::security_compliance' do
shared_examples_for 'keystone security_compliance' do shared_examples 'keystone security_compliance' do
it 'should configure security compliance defaults' do it 'should configure security compliance defaults' do
is_expected.to contain_keystone_config('security_compliance/change_password_upon_first_use').with_value('<SERVICE DEFAULT>') is_expected.to contain_keystone_config('security_compliance/change_password_upon_first_use').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('security_compliance/disable_user_account_days_inactive').with_value('<SERVICE DEFAULT>') is_expected.to contain_keystone_config('security_compliance/disable_user_account_days_inactive').with_value('<SERVICE DEFAULT>')
@ -43,14 +43,14 @@ describe 'keystone::security_compliance' do
end end
on_supported_os({ on_supported_os({
:supported_os => OSDefaults.get_supported_os :supported_os => OSDefaults.get_supported_os
}).each do |os,facts| }).each do |os,facts|
context "on #{os}" do context "on #{os}" do
let (:facts) do let (:facts) do
facts.merge!(OSDefaults.get_facts()) facts.merge!(OSDefaults.get_facts())
end end
it_configures 'keystone security_compliance' it_behaves_like 'keystone security_compliance'
end end
end end
end end